$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5a7e1628-c7f2-442f-84e3-ed0ed8d86421.roa File: 5a7e1628-c7f2-442f-84e3-ed0ed8d86421.roa (raw, json) Hash identifier: ysYbUesMQ6OW3sJMgPas0ex8nfPwrn+CR7akyY4z/h0= Subject key identifier: C6:DE:60:2C:30:19:6E:52:A9:5A:AE:D2:BA:8B:C6:2B:E2:64:B0:75 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 034D20438EEE8F73DBE364144E7C5154E81DDB23 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5a7e1628-c7f2-442f-84e3-ed0ed8d86421.roa Signing time: Tue 05 May 2026 00:00:11 +0000 ROA not before: Tue 05 May 2026 00:00:11 +0000 ROA not after: Mon 03 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf4:c800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:4d:20:43:8e:ee:8f:73:db:e3:64:14:4e:7c:51:54:e8:1d:db:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 5 00:00:11 2026 GMT Not After : Aug 3 23:59:59 2026 GMT Subject: serialNumber=f3b55e758dc96281e275d38fb14498e43948e54898a7fc9c79933f1545de6ad2, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:b0:8d:77:11:cc:d4:3a:2f:b6:f4:d4:ae:53: 20:ea:89:12:91:80:51:68:2c:10:3a:f2:c5:7f:c2: dd:43:28:dc:31:42:17:0e:8d:87:4d:89:d2:9a:6f: 0c:a5:ff:48:ea:d5:62:8d:fa:b3:94:af:ae:f7:73: 02:c1:47:a3:8b:1f:0e:0d:c5:49:30:a4:69:c6:1b: 93:e2:65:0b:29:36:87:75:37:5c:15:2b:22:e8:67: fe:6d:85:1d:c3:e7:c2:58:28:0f:ca:e0:b6:60:27: c4:45:a3:7a:e1:bc:1b:93:58:e9:ee:bb:ad:0c:0f: 7b:3f:41:5d:1d:2a:2f:bf:39:96:b9:73:70:97:1a: 66:59:42:6a:71:81:ab:fa:db:08:fc:5c:71:14:05: 6b:b1:65:fc:2e:32:74:10:db:4e:aa:aa:0e:d5:48: d0:8a:02:a1:fd:8c:8d:a6:e4:90:74:3c:cf:02:c4: bc:d6:c3:d0:9f:a5:c0:a6:e7:c5:be:44:47:4a:f0: db:a6:5b:21:51:a4:dd:0b:67:f6:88:56:35:8c:e5: 29:71:66:9d:f6:21:ae:32:d3:39:3c:04:81:aa:2f: a0:04:02:65:f6:2f:3c:05:85:73:db:53:b4:fa:b8: b1:cc:a2:b5:7f:5f:9e:0d:7d:af:8b:e1:13:dd:f3: e7:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:DE:60:2C:30:19:6E:52:A9:5A:AE:D2:BA:8B:C6:2B:E2:64:B0:75 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5a7e1628-c7f2-442f-84e3-ed0ed8d86421.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:c800::/40 Signature Algorithm: sha256WithRSAEncryption 3d:ef:47:0c:31:57:db:90:e0:db:80:a0:4c:08:dd:ab:f5:f7: ed:69:09:3b:1d:f7:c7:59:b7:16:d9:ba:56:4d:69:bf:7f:44: 1a:ca:c9:35:10:c9:ab:78:5d:23:ae:b1:fc:59:07:9f:22:2b: 4f:c3:ba:57:7e:b2:b7:dc:cf:b8:8b:0d:63:82:84:00:e0:32: 4c:0c:c7:5d:77:db:dc:94:1f:09:bf:60:e2:10:ce:3e:af:71: 31:6f:12:31:2e:08:4c:0c:d5:83:49:4c:ae:e2:a6:3e:60:1a: 51:d9:2d:d3:c6:dd:7f:22:b2:6b:2c:48:ee:ae:40:3f:ad:66: b6:52:db:14:e2:2d:84:c6:33:e1:e3:cb:46:7b:c3:a5:c2:1e: 75:68:4c:5e:ae:25:88:36:1c:6b:b6:33:37:8e:14:20:8d:1b: 71:8f:c1:e1:49:61:55:a9:de:06:e0:2b:5f:4f:4f:4b:28:85: 1e:c0:32:23:59:47:e6:d2:40:09:db:44:61:19:43:70:c5:24: cb:9f:53:58:20:4b:94:2c:a1:4d:c3:4e:e0:3b:c4:79:73:c5: 41:6c:71:07:44:b9:a6:29:00:29:1e:78:25:8b:b9:ab:e4:8c: 39:ec:dc:d4:a9:1f:f7:d8:4f:d7:39:c7:96:bc:a6:c5:4f:1c: d8:8a:1e:20 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUA00gQ47uj3Pb42QUTnxRVOgd2yMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwNTAwMDAxMVoX DTI2MDgwMzIzNTk1OVowejFJMEcGA1UEBRNAZjNiNTVlNzU4ZGM5NjI4MWUyNzVk MzhmYjE0NDk4ZTQzOTQ4ZTU0ODk4YTdmYzljNzk5MzNmMTU0NWRlNmFkMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1LCNdxHM1DovtvTUrlMg6okSkYBR aCwQOvLFf8LdQyjcMUIXDo2HTYnSmm8Mpf9I6tVijfqzlK+u93MCwUejix8ODcVJ MKRpxhuT4mULKTaHdTdcFSsi6Gf+bYUdw+fCWCgPyuC2YCfERaN64bwbk1jp7rut DA97P0FdHSovvzmWuXNwlxpmWUJqcYGr+tsI/FxxFAVrsWX8LjJ0ENtOqqoO1UjQ igKh/YyNpuSQdDzPAsS81sPQn6XApufFvkRHSvDbplshUaTdC2f2iFY1jOUpcWad 9iGuMtM5PASBqi+gBAJl9i88BYVz21O0+rixzKK1f1+eDX2vi+ET3fPn9QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMbeYCwwGW5SqVqu0rqLxiviZLB1MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzVhN2UxNjI4LWM3ZjItNDQyZi04NGUzLWVkMGVkOGQ4NjQyMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9MgwDQYJKoZIhvcNAQELBQADggEBAD3vRwwxV9uQ4NuAoEwI 3av19+1pCTsd98dZtxbZulZNab9/RBrKyTUQyat4XSOusfxZB58iK0/Duld+srfc z7iLDWOChADgMkwMx11329yUHwm/YOIQzj6vcTFvEjEuCEwM1YNJTK7ipj5gGlHZ LdPG3X8ismssSO6uQD+tZrZS2xTiLYTGM+Hjy0Z7w6XCHnVoTF6uJYg2HGu2MzeO FCCNG3GPweFJYVWp3gbgK19PT0sohR7AMiNZR+bSQAnbRGEZQ3DFJMufU1ggS5Qs oU3DTuA7xHlzxUFscQdEuaYpACkeeCWLuavkjDns3NSpH/fYT9c5x5a8psVPHNiK HiA= -----END CERTIFICATE-----Generated at Wed May 13 00:42:44 2026 by rpki-client