$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6ee8dd2d-118b-4944-8dc4-dc7103368204.roa File: 6ee8dd2d-118b-4944-8dc4-dc7103368204.roa (raw, json) Hash identifier: xN2thQiyAz5i/CmhdZSXQjIu79ZDXqUJHXGABzmFG8M= Subject key identifier: 50:44:59:C9:84:E7:01:41:2F:33:5C:54:EC:10:CC:31:9A:FF:A4:9D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 66643DDA88A352CA7A09795BBD0FA2A9F658FE74 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6ee8dd2d-118b-4944-8dc4-dc7103368204.roa Signing time: Mon 04 May 2026 00:00:10 +0000 ROA not before: Mon 04 May 2026 00:00:10 +0000 ROA not after: Sun 02 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:a000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:64:3d:da:88:a3:52:ca:7a:09:79:5b:bd:0f:a2:a9:f6:58:fe:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 4 00:00:10 2026 GMT Not After : Aug 2 23:59:59 2026 GMT Subject: serialNumber=1b4e211f3ed25880466800b6ccce796f3c14a5a77e0aba9dae7f3f4355b06a6e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:17:a9:22:27:d8:5e:ea:74:d9:f7:21:93:d1: 6d:10:6b:45:cb:bc:a4:21:7f:47:ff:8a:37:db:b0: 77:0d:a8:06:b5:04:32:36:19:12:c4:0a:c5:96:f8: e5:07:7d:86:9e:7b:78:eb:c7:23:21:52:67:52:37: f0:7d:da:b5:c5:74:30:8e:88:74:ac:0d:10:ef:d4: c9:84:6c:55:d8:07:63:c4:72:7f:3a:81:30:c1:74: b1:56:31:39:60:1c:25:d9:d9:e9:25:69:47:fe:4f: 0d:ce:b1:6a:b9:fc:49:14:3b:60:cd:91:f5:04:16: c3:85:ea:da:eb:83:c3:58:36:33:41:24:24:49:24: 13:35:1b:bd:4c:b7:4e:c9:24:31:b5:ce:4b:f5:59: 28:73:ae:24:cb:b4:5c:99:c7:3d:8b:a2:13:a8:e6: 37:2d:5f:d3:8f:af:e1:8a:95:be:6e:8f:72:50:27: 2c:60:4a:77:37:42:42:2c:66:e0:06:26:ae:72:e0: b6:75:30:5b:e6:4c:0f:11:40:17:45:3a:03:b2:4c: d1:18:1e:d7:c2:d4:6d:a3:89:96:89:50:e7:73:db: 8d:0e:46:4e:19:c8:25:a4:a9:8d:9b:08:72:98:59: 1d:17:75:25:47:c9:e7:81:45:5a:0d:f9:b4:95:c3: 0b:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:44:59:C9:84:E7:01:41:2F:33:5C:54:EC:10:CC:31:9A:FF:A4:9D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6ee8dd2d-118b-4944-8dc4-dc7103368204.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:a000::/40 Signature Algorithm: sha256WithRSAEncryption a0:1b:cd:fc:1f:c6:a4:00:15:6f:a3:f3:79:53:ed:3c:d1:98: 5e:20:57:4e:30:4b:64:72:39:68:66:e3:42:ee:46:3b:8f:46: de:46:e5:0b:88:bf:ed:fc:2c:f4:03:6a:1e:8c:b1:40:7d:3a: 27:5c:3f:cf:43:3e:79:93:ed:11:da:6c:80:ed:6f:c5:ba:06: a7:29:69:d7:d8:da:ed:42:dd:a7:5c:48:cc:35:f8:c9:f7:d2: e8:b7:37:ac:5a:3d:86:64:bf:ed:6e:a2:e9:f1:60:57:dd:dc: 6b:8e:c9:d6:42:08:70:f9:c6:53:c9:31:4a:cc:23:b4:22:9a: 21:c7:b1:bd:af:99:61:40:bc:82:7f:4a:00:0d:84:5c:82:ad: 1e:05:8a:14:d1:f9:7d:ef:2f:fe:1c:80:8b:29:78:5f:f2:ed: da:1a:19:19:b7:eb:85:4b:7c:e9:17:b8:b8:7c:c8:8c:2e:ff: 6b:1d:f4:92:47:f7:d3:e6:cd:61:8d:9a:a9:42:09:77:85:49: 81:86:78:8d:76:77:04:0e:fe:6b:1d:17:42:ee:22:4d:4f:25: 41:ab:fa:d2:31:d6:74:1f:a2:37:02:79:77:21:2c:02:79:6d: a4:61:5b:dd:9e:14:cb:d7:b6:af:40:09:5a:09:a6:75:3c:dc: 0a:1b:43:5a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUZmQ92oijUsp6CXlbvQ+iqfZY/nQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwNDAwMDAxMFoX DTI2MDgwMjIzNTk1OVowejFJMEcGA1UEBRNAMWI0ZTIxMWYzZWQyNTg4MDQ2Njgw MGI2Y2NjZTc5NmYzYzE0YTVhNzdlMGFiYTlkYWU3ZjNmNDM1NWIwNmE2ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhepIifYXup02fchk9FtEGtFy7yk IX9H/4o327B3DagGtQQyNhkSxArFlvjlB32Gnnt468cjIVJnUjfwfdq1xXQwjoh0 rA0Q79TJhGxV2AdjxHJ/OoEwwXSxVjE5YBwl2dnpJWlH/k8NzrFqufxJFDtgzZH1 BBbDhera64PDWDYzQSQkSSQTNRu9TLdOySQxtc5L9Vkoc64ky7Rcmcc9i6ITqOY3 LV/Tj6/hipW+bo9yUCcsYEp3N0JCLGbgBiaucuC2dTBb5kwPEUAXRToDskzRGB7X wtRto4mWiVDnc9uNDkZOGcglpKmNmwhymFkdF3UlR8nngUVaDfm0lcMLvwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFFBEWcmE5wFBLzNcVOwQzDGa/6SdMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzZlZThkZDJkLTExOGItNDk0NC04ZGM0LWRjNzEwMzM2ODIwNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9qAwDQYJKoZIhvcNAQELBQADggEBAKAbzfwfxqQAFW+j83lT 7TzRmF4gV04wS2RyOWhm40LuRjuPRt5G5QuIv+38LPQDah6MsUB9OidcP89DPnmT 7RHabIDtb8W6BqcpadfY2u1C3adcSMw1+Mn30ui3N6xaPYZkv+1uounxYFfd3GuO ydZCCHD5xlPJMUrMI7QimiHHsb2vmWFAvIJ/SgANhFyCrR4FihTR+X3vL/4cgIsp eF/y7doaGRm364VLfOkXuLh8yIwu/2sd9JJH99PmzWGNmqlCCXeFSYGGeI12dwQO /msdF0LuIk1PJUGr+tIx1nQfojcCeXchLAJ5baRhW92eFMvXtq9ACVoJpnU83Aob Q1o= -----END CERTIFICATE-----Generated at Tue May 12 23:43:12 2026 by rpki-client