$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4da79414-b08e-4f29-b46c-426f062e3a53.roa File: 4da79414-b08e-4f29-b46c-426f062e3a53.roa (raw, json) Hash identifier: gp17djzZEtfSUiTLuNbZwEz9ThfmDPmFkRgoq1Q1/00= Subject key identifier: D3:F0:75:C4:92:87:92:3D:24:B1:50:49:BF:58:19:75:36:24:00:E9 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 27F431022E1DA523D4A4113A6B36B7894DB52CB6 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4da79414-b08e-4f29-b46c-426f062e3a53.roa Signing time: Tue 12 May 2026 00:01:37 +0000 ROA not before: Tue 12 May 2026 00:01:37 +0000 ROA not after: Mon 10 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf8:a800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:f4:31:02:2e:1d:a5:23:d4:a4:11:3a:6b:36:b7:89:4d:b5:2c:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 12 00:01:37 2026 GMT Not After : Aug 10 23:59:59 2026 GMT Subject: serialNumber=2a0ecfe3f2359692774125e81bb93f492c98a8838978bd52c77803f589b2acd4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:2b:bb:7a:0e:8b:d3:49:11:4d:ac:46:de:87: ab:4f:96:1f:28:03:5c:2d:6d:80:a8:55:88:c5:18: 4e:2b:67:4e:30:ca:36:51:d2:b4:af:a1:da:91:de: a3:b8:d1:38:87:8c:f8:a5:d3:2c:78:9c:31:2a:a3: 91:51:f8:4c:19:01:45:4d:92:ba:5a:f6:bb:88:51: 68:3d:56:61:b6:b8:32:c3:27:c8:c1:bf:ac:5a:dd: c8:53:09:52:9d:9f:14:0d:b4:3b:9e:ea:29:c1:8f: 88:38:3a:8d:e0:48:30:5f:f7:aa:29:bc:35:cf:15: 2f:7b:7e:94:0d:e0:23:01:e3:c8:51:8a:29:d4:bc: a7:9f:1c:74:56:66:79:7c:0c:14:68:0c:b7:aa:65: ff:be:a9:a6:04:71:57:dc:d9:0a:2e:83:74:34:52: 0b:84:74:87:af:3f:cd:58:57:b6:ed:ad:d5:b9:60: 3b:96:2c:16:af:aa:cc:e2:9b:80:f1:4f:ac:48:92: 6c:40:b3:ea:d3:1f:4b:52:22:2c:78:b6:ec:5a:51: eb:75:a2:e2:3a:bc:74:fd:25:f4:a1:d4:36:65:bd: 7f:91:f6:e9:6c:72:90:cd:74:a2:4a:00:6d:e9:34: 45:07:8b:c8:f7:69:d4:0a:6e:88:1c:f3:27:2e:16: 95:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:F0:75:C4:92:87:92:3D:24:B1:50:49:BF:58:19:75:36:24:00:E9 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4da79414-b08e-4f29-b46c-426f062e3a53.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf8:a800::/40 Signature Algorithm: sha256WithRSAEncryption 87:11:08:82:7b:14:d2:46:01:ee:ee:d6:1a:7f:13:d8:67:10: 2c:e8:b1:f5:61:bc:68:6e:a4:ee:56:3b:2e:12:3e:56:de:39: 14:7b:d1:fa:38:82:5b:de:16:f4:ed:0c:39:47:7c:a2:11:f2: d5:d6:7d:3f:1f:89:a5:7e:11:e8:78:25:52:da:6f:f1:61:df: 63:c3:18:a3:59:0b:ba:0e:b4:fd:d0:94:b4:b1:b1:79:28:af: 49:5a:4a:e4:cc:57:2f:47:e3:1d:f3:e2:4c:41:35:9e:05:db: 0b:e2:e0:de:4d:e8:e9:4c:ae:fa:3f:a6:eb:e2:f0:50:33:05: a6:61:81:be:c3:89:20:26:59:cd:d3:1a:9c:88:8a:24:4e:c9: 39:aa:a4:5b:20:52:66:c0:d4:d9:b0:8c:3a:96:ea:90:4d:21: 46:63:70:58:57:6d:29:be:09:4a:e9:67:f1:80:a3:29:e7:bd: d7:75:fb:c6:83:83:5a:0b:99:7a:99:82:4b:5f:05:13:60:5d: c5:56:a7:02:4e:b0:a1:fd:0d:61:15:46:ee:90:3e:1e:56:1a: a0:05:1c:fd:41:a6:50:41:a5:a6:c6:79:9e:8e:88:20:d1:e2: 9e:4d:56:57:05:13:f8:50:f9:e0:ba:74:ae:40:95:71:68:94: f1:38:4a:9b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJ/QxAi4dpSPUpBE6aza3iU21LLYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMjAwMDEzN1oX DTI2MDgxMDIzNTk1OVowejFJMEcGA1UEBRNAMmEwZWNmZTNmMjM1OTY5Mjc3NDEy NWU4MWJiOTNmNDkyYzk4YTg4Mzg5NzhiZDUyYzc3ODAzZjU4OWIyYWNkNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCu7eg6L00kRTaxG3oerT5YfKANc LW2AqFWIxRhOK2dOMMo2UdK0r6Hakd6juNE4h4z4pdMseJwxKqORUfhMGQFFTZK6 Wva7iFFoPVZhtrgywyfIwb+sWt3IUwlSnZ8UDbQ7nuopwY+IODqN4EgwX/eqKbw1 zxUve36UDeAjAePIUYop1Lynnxx0VmZ5fAwUaAy3qmX/vqmmBHFX3NkKLoN0NFIL hHSHrz/NWFe27a3VuWA7liwWr6rM4puA8U+sSJJsQLPq0x9LUiIseLbsWlHrdaLi Orx0/SX0odQ2Zb1/kfbpbHKQzXSiSgBt6TRFB4vI92nUCm6IHPMnLhaVfwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNPwdcSSh5I9JLFQSb9YGXU2JADpMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRkYTc5NDE0LWIwOGUtNGYyOS1iNDZjLTQyNmYwNjJlM2E1My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+KgwDQYJKoZIhvcNAQELBQADggEBAIcRCIJ7FNJGAe7u1hp/ E9hnECzosfVhvGhupO5WOy4SPlbeORR70fo4glveFvTtDDlHfKIR8tXWfT8fiaV+ Eeh4JVLab/Fh32PDGKNZC7oOtP3QlLSxsXkor0laSuTMVy9H4x3z4kxBNZ4F2wvi 4N5N6OlMrvo/puvi8FAzBaZhgb7DiSAmWc3TGpyIiiROyTmqpFsgUmbA1NmwjDqW 6pBNIUZjcFhXbSm+CUrpZ/GAoynnvdd1+8aDg1oLmXqZgktfBRNgXcVWpwJOsKH9 DWEVRu6QPh5WGqAFHP1BplBBpabGeZ6OiCDR4p5NVlcFE/hQ+eC6dK5AlXFolPE4 Sps= -----END CERTIFICATE-----Generated at Tue May 12 23:30:45 2026 by rpki-client