$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5c30dddf-9f6e-495d-8005-1d32fd6005a0.roa File: 5c30dddf-9f6e-495d-8005-1d32fd6005a0.roa (raw, json) Hash identifier: clWR1uXShVuMTdW1SXOl8LlW5cA4caPFhtWM6y/Rbg0= Subject key identifier: CE:75:92:EC:A1:53:2A:51:D4:26:6C:5F:56:04:72:F8:03:CB:81:C0 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7CEDC889652BDC5EF18273BF8E7C5A763817731E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5c30dddf-9f6e-495d-8005-1d32fd6005a0.roa Signing time: Sat 09 May 2026 00:01:34 +0000 ROA not before: Sat 09 May 2026 00:01:34 +0000 ROA not after: Fri 07 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:4840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:ed:c8:89:65:2b:dc:5e:f1:82:73:bf:8e:7c:5a:76:38:17:73:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 9 00:01:34 2026 GMT Not After : Aug 7 23:59:59 2026 GMT Subject: serialNumber=0452704e003d001d29f1b9ae4dadaa0da46bf1e85746e88d3117b6edbee6e597, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:8c:65:87:94:11:7b:1b:5f:d7:33:65:6a:f8: db:72:bf:f0:b4:8c:52:d4:36:35:fd:74:ef:fa:5c: 59:7e:21:ea:ab:31:61:52:d1:3b:9d:13:fc:53:ad: a1:5a:e6:f9:82:87:7f:46:3c:4f:42:45:be:46:80: 73:7f:d9:6e:ef:44:7d:0b:b6:09:e1:c2:18:64:42: de:4f:60:14:71:21:c5:bc:f4:a3:22:fa:35:cb:bb: 62:a2:12:37:04:cf:24:2f:4f:17:72:26:21:68:f1: 46:66:86:fa:69:31:53:e2:a1:02:d8:c1:06:e8:ba: 2e:08:6d:40:d6:de:9b:5f:10:1d:21:70:43:4c:e8: fb:f8:4d:74:0d:da:4f:85:d5:fc:6e:a8:7a:07:ec: 5a:14:11:ca:19:e9:d6:5d:c4:3c:99:82:5d:31:da: f4:66:53:99:52:72:86:85:f8:88:7b:9e:02:4a:28: 22:d0:8e:db:cc:14:36:48:86:d9:39:3f:22:48:24: b4:20:39:34:a8:69:da:93:13:b7:8c:23:b4:04:7d: d8:54:99:dd:15:25:93:ef:ec:ec:ff:6a:6d:4e:26: 62:03:cf:31:85:0e:44:22:fb:0d:65:7a:bf:c6:8d: 44:0e:53:3b:ef:0e:a5:c6:a5:59:93:03:85:f7:c9: 43:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:75:92:EC:A1:53:2A:51:D4:26:6C:5F:56:04:72:F8:03:CB:81:C0 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5c30dddf-9f6e-495d-8005-1d32fd6005a0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:4840::/48 Signature Algorithm: sha256WithRSAEncryption 43:98:ce:6d:2c:9f:e2:52:25:38:2c:13:d4:3b:0c:af:12:5e: 17:68:a5:03:f2:38:06:e7:5b:08:fb:1e:f1:30:87:db:ea:2c: 43:7d:44:3c:d6:48:67:04:29:4f:7b:bb:31:a8:88:ca:7c:75: 02:3c:c7:7e:19:d5:d6:ba:c9:b2:ad:c5:35:15:c7:ee:55:7d: e3:26:40:a9:d4:4d:7c:31:0c:d6:fb:5a:25:20:18:ba:6a:cd: 2a:29:79:1e:21:45:17:6d:24:ed:79:f0:a2:c5:2e:d3:7b:ad: 43:e5:90:71:a3:15:32:59:02:20:b3:a3:6a:4d:36:3a:b3:6f: 44:bf:55:a6:4c:5c:6b:9b:fc:b6:00:8d:f4:4b:ac:19:c1:b6: c0:e1:42:66:f2:48:e7:fa:27:f4:42:46:cc:dc:92:ba:6a:a3: 68:fe:b3:c5:50:59:d7:da:18:f6:2f:c6:0e:a7:f1:f7:c6:f5: ae:41:d1:1a:08:35:04:42:4b:79:cf:9e:db:ac:4c:4f:b0:4e: 4b:6d:86:c5:90:ef:4b:1a:14:03:8c:75:ce:84:a2:d6:bb:f5: a3:8b:9d:3b:bb:6b:2d:98:7c:47:bc:8c:39:b9:88:d6:bd:be: 0e:be:e0:ba:e6:63:52:61:0a:1c:ba:70:fc:bd:54:dc:95:86: bf:59:29:95 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUfO3IiWUr3F7xgnO/jnxadjgXcx4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwOTAwMDEzNFoX DTI2MDgwNzIzNTk1OVowejFJMEcGA1UEBRNAMDQ1MjcwNGUwMDNkMDAxZDI5ZjFi OWFlNGRhZGFhMGRhNDZiZjFlODU3NDZlODhkMzExN2I2ZWRiZWU2ZTU5NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA14xlh5QRextf1zNlavjbcr/wtIxS 1DY1/XTv+lxZfiHqqzFhUtE7nRP8U62hWub5god/RjxPQkW+RoBzf9lu70R9C7YJ 4cIYZELeT2AUcSHFvPSjIvo1y7tiohI3BM8kL08XciYhaPFGZob6aTFT4qEC2MEG 6LouCG1A1t6bXxAdIXBDTOj7+E10DdpPhdX8bqh6B+xaFBHKGenWXcQ8mYJdMdr0 ZlOZUnKGhfiIe54CSigi0I7bzBQ2SIbZOT8iSCS0IDk0qGnakxO3jCO0BH3YVJnd FSWT7+zs/2ptTiZiA88xhQ5EIvsNZXq/xo1EDlM77w6lxqVZkwOF98lDJQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFM51kuyhUypR1CZsX1YEcvgDy4HAMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzVjMzBkZGRmLTlmNmUtNDk1ZC04MDA1LTFkMzJmZDYwMDVhMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaOEhAMA0GCSqGSIb3DQEBCwUAA4IBAQBDmM5tLJ/iUiU4LBPU OwyvEl4XaKUD8jgG51sI+x7xMIfb6ixDfUQ81khnBClPe7sxqIjKfHUCPMd+GdXW usmyrcU1FcfuVX3jJkCp1E18MQzW+1olIBi6as0qKXkeIUUXbSTtefCixS7Te61D 5ZBxoxUyWQIgs6NqTTY6s29Ev1WmTFxrm/y2AI30S6wZwbbA4UJm8kjn+if0QkbM 3JK6aqNo/rPFUFnX2hj2L8YOp/H3xvWuQdEaCDUEQkt5z57brExPsE5LbYbFkO9L GhQDjHXOhKLWu/Wji507u2stmHxHvIw5uYjWvb4OvuC65mNSYQocunD8vVTclYa/ WSmV -----END CERTIFICATE-----Generated at Tue May 12 23:43:01 2026 by rpki-client