$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4c10d3b9-c357-4dde-9e35-8b451ebe7bad.roa File: 4c10d3b9-c357-4dde-9e35-8b451ebe7bad.roa (raw, json) Hash identifier: k4kU5SLw6nx3usTyyxIQJR80YJj01x6JJK//XLRhAPs= Subject key identifier: AD:A2:C2:B6:61:DF:94:23:A4:F3:6D:E2:07:F5:7A:5C:B8:22:14:52 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0A0BAA74EA4EC88FF2692486294B7770860E9B0A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4c10d3b9-c357-4dde-9e35-8b451ebe7bad.roa Signing time: Wed 06 May 2026 00:00:11 +0000 ROA not before: Wed 06 May 2026 00:00:11 +0000 ROA not after: Tue 04 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:1000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:0b:aa:74:ea:4e:c8:8f:f2:69:24:86:29:4b:77:70:86:0e:9b:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 6 00:00:11 2026 GMT Not After : Aug 4 23:59:59 2026 GMT Subject: serialNumber=78ca5f8dc35a527cf021a692ff939e8ad063fe6b23e0572905035c2d461ba44b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:19:08:19:11:45:e1:8a:ef:db:87:71:69:1a: 49:77:35:54:45:4b:87:6f:90:b6:b7:e1:18:9b:87: c3:f0:0d:e8:07:bc:09:c4:17:40:38:4e:4b:5f:0c: 53:40:c5:e0:18:14:3e:65:d8:6f:8c:de:42:c8:6a: 0c:e8:ef:71:0a:4e:51:38:0a:81:80:b6:e6:70:41: f4:c9:8f:1b:5c:ca:f2:d4:33:b4:92:ac:b3:7f:c7: d8:58:94:74:33:6c:66:f2:f0:7c:9a:44:b9:aa:f5: 62:6b:0c:5b:87:fa:1c:d9:71:e6:61:ba:d7:f4:a7: 06:ac:ea:bd:2b:51:b0:b9:a9:ad:53:97:a7:24:1e: dd:b9:8f:05:1d:ed:e9:ec:cf:e4:d3:99:d5:c1:1a: 2c:f4:3e:ef:0c:4e:87:1a:c3:94:f7:96:5c:b4:1d: 73:c5:9e:c8:c4:47:70:f4:2f:6c:4a:98:c2:a1:30: 11:b6:8c:78:94:56:ba:ce:41:2f:48:57:25:06:9f: b8:fa:31:0b:68:cf:99:7e:9a:e2:b8:45:c1:4b:d1: 93:91:5a:57:ec:b8:90:fc:48:be:6d:7a:30:73:42: ea:12:6d:f6:d2:45:86:62:2f:96:26:b8:71:88:57: 5c:05:c6:3d:d5:85:0d:b4:62:df:b6:6f:50:14:ee: 0b:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:A2:C2:B6:61:DF:94:23:A4:F3:6D:E2:07:F5:7A:5C:B8:22:14:52 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4c10d3b9-c357-4dde-9e35-8b451ebe7bad.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:1000::/40 Signature Algorithm: sha256WithRSAEncryption 78:d8:af:42:e9:7b:71:54:64:09:7e:d8:49:f2:8e:4d:99:72: 00:7c:d5:37:e9:b0:49:05:78:3d:ee:be:d7:6b:81:cf:03:a5: 85:c0:44:5d:73:55:39:6d:0a:43:57:6d:4a:8e:a5:36:e5:6a: f8:45:12:22:ae:16:8f:21:08:8b:cd:44:2f:22:1c:a2:8e:93: 24:3c:71:5b:50:c0:bf:d7:84:54:c4:d3:d5:8b:01:34:33:54: e9:22:c2:e3:17:24:10:a9:32:30:3b:a1:86:60:4e:75:4a:f0: b1:ac:25:91:1e:d3:95:88:27:83:de:d3:5d:b5:8b:5c:2f:85: 58:51:fe:3a:8e:5e:71:a1:ab:0b:cd:d6:e9:58:f0:04:4e:4e: 8a:08:bc:40:ba:c4:41:bc:d1:8d:ce:e8:31:ee:17:53:b2:fa: ff:04:55:e8:5a:03:41:d5:32:2c:95:19:41:1b:06:f0:de:79: 1e:30:d8:04:a0:1a:ff:32:41:7c:67:b1:bb:d0:e9:d2:07:e2: d8:3f:6e:61:12:d4:65:69:9d:3d:48:c3:e0:a2:a4:67:c8:82: e5:11:8b:02:20:41:7d:ad:05:29:70:ca:16:e4:8f:e1:6f:a3: 35:1c:83:bb:95:c6:41:65:da:89:c0:bf:62:cf:31:a2:4c:83: eb:19:6d:5a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUCguqdOpOyI/yaSSGKUt3cIYOmwowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwNjAwMDAxMVoX DTI2MDgwNDIzNTk1OVowejFJMEcGA1UEBRNANzhjYTVmOGRjMzVhNTI3Y2YwMjFh NjkyZmY5MzllOGFkMDYzZmU2YjIzZTA1NzI5MDUwMzVjMmQ0NjFiYTQ0YjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhkIGRFF4Yrv24dxaRpJdzVURUuH b5C2t+EYm4fD8A3oB7wJxBdAOE5LXwxTQMXgGBQ+ZdhvjN5CyGoM6O9xCk5ROAqB gLbmcEH0yY8bXMry1DO0kqyzf8fYWJR0M2xm8vB8mkS5qvViawxbh/oc2XHmYbrX 9KcGrOq9K1GwuamtU5enJB7duY8FHe3p7M/k05nVwRos9D7vDE6HGsOU95ZctB1z xZ7IxEdw9C9sSpjCoTARtox4lFa6zkEvSFclBp+4+jELaM+ZfpriuEXBS9GTkVpX 7LiQ/Ei+bXowc0LqEm320kWGYi+WJrhxiFdcBcY91YUNtGLftm9QFO4LRwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFK2iwrZh35QjpPNt4gf1ely4IhRSMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRjMTBkM2I5LWMzNTctNGRkZS05ZTM1LThiNDUxZWJlN2JhZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9hAwDQYJKoZIhvcNAQELBQADggEBAHjYr0Lpe3FUZAl+2Eny jk2ZcgB81TfpsEkFeD3uvtdrgc8DpYXARF1zVTltCkNXbUqOpTblavhFEiKuFo8h CIvNRC8iHKKOkyQ8cVtQwL/XhFTE09WLATQzVOkiwuMXJBCpMjA7oYZgTnVK8LGs JZEe05WIJ4Pe0121i1wvhVhR/jqOXnGhqwvN1ulY8AROTooIvEC6xEG80Y3O6DHu F1Oy+v8EVehaA0HVMiyVGUEbBvDeeR4w2ASgGv8yQXxnsbvQ6dIH4tg/bmES1GVp nT1Iw+CipGfIguURiwIgQX2tBSlwyhbkj+FvozUcg7uVxkFl2onAv2LPMaJMg+sZ bVo= -----END CERTIFICATE-----Generated at Wed May 13 00:37:37 2026 by rpki-client