$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/57e5a746-78cb-4122-b964-f449ba6f6e5f.roa File: 57e5a746-78cb-4122-b964-f449ba6f6e5f.roa (raw, json) Hash identifier: Yx8coOJ/mm1q3uv7OpVHTLdEt/ypvb8I0CAc+yBB1Sc= Subject key identifier: C8:DA:CC:DD:C8:0E:1E:10:17:EB:D8:CD:C1:B5:BC:C1:30:17:F2:AF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0C4679D542482C836F6A8D65F0597C04BFA2D4D7 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/57e5a746-78cb-4122-b964-f449ba6f6e5f.roa Signing time: Tue 12 May 2026 00:10:09 +0000 ROA not before: Tue 12 May 2026 00:10:09 +0000 ROA not after: Mon 10 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:a000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:46:79:d5:42:48:2c:83:6f:6a:8d:65:f0:59:7c:04:bf:a2:d4:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 12 00:10:09 2026 GMT Not After : Aug 10 23:59:59 2026 GMT Subject: serialNumber=4d7449c5edde4249270c156703501a914810806fe8de66194db51b7d0634dd71, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:58:08:a5:a8:4e:83:3c:04:71:fa:6d:98:d9: ed:8d:28:c4:9f:96:d7:1b:c3:7d:b2:63:79:cb:b9: 8e:5b:c8:0c:71:8b:1a:2a:36:4d:ee:e2:cc:fd:47: 26:bc:58:9f:a1:f0:aa:7c:69:62:12:ad:a9:c9:eb: 80:4a:79:2f:2f:7c:d7:e4:3f:44:c9:97:8a:1f:a9: 51:11:a0:e6:90:33:c2:9b:e9:92:74:b7:18:8a:5e: 60:0b:1a:62:2f:a9:52:6c:d6:0a:14:39:bb:74:f9: 22:24:e9:36:22:7e:b9:93:d7:d2:6f:b5:07:0f:e4: de:d2:c1:26:c4:6c:37:6d:c5:02:29:d0:ff:7a:3c: 6b:e2:e7:8c:d2:13:17:4f:e5:84:f9:0f:4d:e1:51: 5d:62:30:e9:3d:43:7a:1c:95:c5:fc:67:f8:1f:3a: e1:17:3e:18:59:d0:e6:4f:fb:91:27:d8:8f:3f:06: 2c:56:33:b9:bb:95:a6:e6:c8:65:b7:f8:48:c1:21: 52:d8:ae:fb:2c:4f:fc:56:0e:b5:99:0a:f3:ea:39: ee:c8:95:07:8f:19:61:bc:3e:48:15:5a:17:47:fa: 12:40:16:8d:22:54:a9:6b:57:48:42:d7:43:99:2c: 47:4b:20:d3:e5:ca:9f:de:9a:7c:63:53:21:c2:2c: 01:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:DA:CC:DD:C8:0E:1E:10:17:EB:D8:CD:C1:B5:BC:C1:30:17:F2:AF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/57e5a746-78cb-4122-b964-f449ba6f6e5f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:a000::/40 Signature Algorithm: sha256WithRSAEncryption 1b:07:ee:b9:77:a5:e9:73:b0:c6:f6:9c:4f:b1:c0:8b:4f:ee: f6:4c:10:16:d5:e5:8c:24:92:7b:a2:f7:45:eb:05:11:4e:bb: 4a:72:e0:23:ef:e2:4b:75:ed:8e:f8:a4:64:dd:eb:56:af:9e: 41:9f:2f:59:02:28:12:20:c3:60:72:3c:e5:55:69:85:9d:f0: 41:08:17:e4:63:ea:bd:28:d9:8b:f6:17:17:cd:05:9a:a0:37: 3f:d8:a3:5f:0e:62:1a:71:29:e7:21:94:0b:79:91:3c:99:30: d7:6b:0f:3b:7d:8d:fc:4e:a6:d6:a9:72:17:c9:b9:81:f1:f4: 0f:b7:d5:0d:f3:c4:5d:46:fc:09:df:d3:5f:f2:b5:a1:92:ff: 0f:a2:b7:8b:09:13:c6:88:2d:07:0d:c4:69:df:1c:79:1e:c3: 75:6b:22:90:5f:5d:7f:70:36:7c:72:ab:d8:77:42:02:58:c3: a0:0e:36:d8:28:d6:47:70:b9:20:62:8d:a0:9c:f7:57:4e:ba: a4:ff:1b:2d:57:59:d8:15:92:3f:c8:f8:6a:33:8f:52:50:7f: b8:3d:1d:11:d8:62:a5:0b:47:f6:8e:1d:93:8f:73:48:39:68: 5a:89:0c:24:a9:dd:62:55:f1:c3:13:94:98:41:21:ea:79:32: cd:0f:bd:55 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUDEZ51UJILINvao1l8Fl8BL+i1NcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMjAwMTAwOVoX DTI2MDgxMDIzNTk1OVowejFJMEcGA1UEBRNANGQ3NDQ5YzVlZGRlNDI0OTI3MGMx NTY3MDM1MDFhOTE0ODEwODA2ZmU4ZGU2NjE5NGRiNTFiN2QwNjM0ZGQ3MTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFgIpahOgzwEcfptmNntjSjEn5bX G8N9smN5y7mOW8gMcYsaKjZN7uLM/UcmvFifofCqfGliEq2pyeuASnkvL3zX5D9E yZeKH6lREaDmkDPCm+mSdLcYil5gCxpiL6lSbNYKFDm7dPkiJOk2In65k9fSb7UH D+Te0sEmxGw3bcUCKdD/ejxr4ueM0hMXT+WE+Q9N4VFdYjDpPUN6HJXF/Gf4Hzrh Fz4YWdDmT/uRJ9iPPwYsVjO5u5Wm5shlt/hIwSFS2K77LE/8Vg61mQrz6jnuyJUH jxlhvD5IFVoXR/oSQBaNIlSpa1dIQtdDmSxHSyDT5cqf3pp8Y1MhwiwBiQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMjazN3IDh4QF+vYzcG1vMEwF/KvMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU3ZTVhNzQ2LTc4Y2ItNDEyMi1iOTY0LWY0NDliYTZmNmU1Zi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaOKAwDQYJKoZIhvcNAQELBQADggEBABsH7rl3pelzsMb2nE+x wItP7vZMEBbV5Ywkknui90XrBRFOu0py4CPv4kt17Y74pGTd61avnkGfL1kCKBIg w2ByPOVVaYWd8EEIF+Rj6r0o2Yv2FxfNBZqgNz/Yo18OYhpxKechlAt5kTyZMNdr Dzt9jfxOptapchfJuYHx9A+31Q3zxF1G/Anf01/ytaGS/w+it4sJE8aILQcNxGnf HHkew3VrIpBfXX9wNnxyq9h3QgJYw6AONtgo1kdwuSBijaCc91dOuqT/Gy1XWdgV kj/I+Gozj1JQf7g9HRHYYqULR/aOHZOPc0g5aFqJDCSp3WJV8cMTlJhBIep5Ms0P vVU= -----END CERTIFICATE-----Generated at Wed May 13 00:53:39 2026 by rpki-client