$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7c128a18-fe39-4c85-9076-3ff17462d555.roa File: 7c128a18-fe39-4c85-9076-3ff17462d555.roa (raw, json) Hash identifier: 7ZJmkMnF6E+PgNeqegyV/7MkBsQnjjbzguXHjrl18lY= Subject key identifier: 6F:88:C0:6C:D9:27:B3:2C:F0:1F:D3:FC:DB:FB:01:FE:64:56:16:7D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 474CF43D56AE17BCEA32D1D810DC1BF139DAB3E0 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7c128a18-fe39-4c85-9076-3ff17462d555.roa Signing time: Mon 11 May 2026 00:10:23 +0000 ROA not before: Mon 11 May 2026 00:10:23 +0000 ROA not after: Sun 09 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:b000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:4c:f4:3d:56:ae:17:bc:ea:32:d1:d8:10:dc:1b:f1:39:da:b3:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 11 00:10:23 2026 GMT Not After : Aug 9 23:59:59 2026 GMT Subject: serialNumber=e4a550eea4a234de0220d3eabfd589abd011bde35c5a2e7996ae4f78017a5a25, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:d6:65:2b:36:15:34:70:b7:ac:62:65:93:78: be:3d:ca:c2:0d:83:fc:05:85:40:d3:93:4c:31:0a: 13:a9:26:56:a8:0d:b3:de:34:17:58:80:18:87:7b: ca:5c:31:40:7c:92:39:a8:6c:ee:bf:9a:74:89:29: a2:cd:dd:99:27:1c:84:13:89:b3:0f:55:4e:52:67: 33:80:ad:50:b8:e4:e0:1a:b9:7f:de:7c:01:9b:b7: 4c:99:9b:2d:36:9b:30:9f:ae:86:94:27:db:b6:cd: 64:38:69:52:84:9f:93:56:2f:eb:be:b5:ec:a6:fb: b2:55:11:21:66:df:37:00:0d:8d:46:24:89:6d:e8: e9:bb:d0:36:c3:e6:35:e2:6d:e5:84:fe:a2:fd:81: 0a:90:e4:fe:01:37:61:97:cd:74:ac:56:ed:7a:c4: 26:95:a4:ca:2b:68:88:24:6d:43:32:d6:a6:d9:8e: 93:b5:17:19:db:ec:42:96:a9:c5:50:19:de:1b:51: 0f:5d:50:dd:cd:b4:86:e1:68:62:a5:e1:e4:1f:4d: 67:c0:1b:e6:d2:f9:5c:18:da:13:0a:2d:eb:62:5d: 3e:2c:17:1d:5d:f9:40:3e:a0:3b:9f:27:ef:55:b1: ac:e6:75:19:c1:e9:7d:bb:75:5e:01:a6:2d:7f:05: 78:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:88:C0:6C:D9:27:B3:2C:F0:1F:D3:FC:DB:FB:01:FE:64:56:16:7D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7c128a18-fe39-4c85-9076-3ff17462d555.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:b000::/40 Signature Algorithm: sha256WithRSAEncryption 75:a7:44:ed:de:24:df:4d:af:7d:43:f1:dc:47:0d:75:1b:d0: 53:51:e7:06:86:ce:35:62:d6:a3:ce:4f:6e:f8:f7:61:ee:4d: 7f:3e:ba:72:d8:14:1f:b8:69:8c:6a:e4:b9:75:e6:5e:27:cd: 6f:bd:a8:e4:de:ed:6f:55:09:2f:6e:b9:25:5e:1f:c6:fe:b1: 73:65:91:f0:64:11:1c:8c:7e:f2:e6:8d:4b:58:16:9b:04:83: e8:4e:1b:db:52:75:90:f5:15:85:bb:6a:f9:76:e7:fe:8f:22: 70:25:b1:a7:7a:1f:80:61:15:c5:9d:c5:d2:8a:c7:f8:9f:f4: 98:d6:71:04:43:36:53:ae:51:06:ce:33:13:53:bb:b7:12:7d: 4a:6d:7c:6e:a1:ce:c3:77:89:18:d3:6e:3c:ae:8b:54:91:99: af:de:48:ee:61:ad:88:db:c8:eb:73:89:2e:60:6c:54:ca:4f: 28:3c:77:33:ec:c2:cc:ba:9c:e0:93:0f:bc:8c:1a:78:cc:39: f5:9c:81:41:b0:07:4d:00:90:ee:a2:92:c6:07:7b:29:74:d5: 3d:23:d7:62:7d:30:07:d5:ed:27:a7:c6:9c:33:3c:ea:a9:91: 8b:f8:f9:b7:f3:d9:ed:e7:9b:b4:6d:bc:ea:05:5f:cf:60:96: 44:fd:56:6d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUR0z0PVauF7zqMtHYENwb8Tnas+AwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMTAwMTAyM1oX DTI2MDgwOTIzNTk1OVowejFJMEcGA1UEBRNAZTRhNTUwZWVhNGEyMzRkZTAyMjBk M2VhYmZkNTg5YWJkMDExYmRlMzVjNWEyZTc5OTZhZTRmNzgwMTdhNWEyNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNZlKzYVNHC3rGJlk3i+PcrCDYP8 BYVA05NMMQoTqSZWqA2z3jQXWIAYh3vKXDFAfJI5qGzuv5p0iSmizd2ZJxyEE4mz D1VOUmczgK1QuOTgGrl/3nwBm7dMmZstNpswn66GlCfbts1kOGlShJ+TVi/rvrXs pvuyVREhZt83AA2NRiSJbejpu9A2w+Y14m3lhP6i/YEKkOT+ATdhl810rFbtesQm laTKK2iIJG1DMtam2Y6TtRcZ2+xClqnFUBneG1EPXVDdzbSG4WhipeHkH01nwBvm 0vlcGNoTCi3rYl0+LBcdXflAPqA7nyfvVbGs5nUZwel9u3VeAaYtfwV4AwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFG+IwGzZJ7Ms8B/T/Nv7Af5kVhZ9MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzdjMTI4YTE4LWZlMzktNGM4NS05MDc2LTNmZjE3NDYyZDU1NS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9rAwDQYJKoZIhvcNAQELBQADggEBAHWnRO3eJN9Nr31D8dxH DXUb0FNR5waGzjVi1qPOT27492HuTX8+unLYFB+4aYxq5Ll15l4nzW+9qOTe7W9V CS9uuSVeH8b+sXNlkfBkERyMfvLmjUtYFpsEg+hOG9tSdZD1FYW7avl25/6PInAl sad6H4BhFcWdxdKKx/if9JjWcQRDNlOuUQbOMxNTu7cSfUptfG6hzsN3iRjTbjyu i1SRma/eSO5hrYjbyOtziS5gbFTKTyg8dzPswsy6nOCTD7yMGnjMOfWcgUGwB00A kO6iksYHeyl01T0j12J9MAfV7SenxpwzPOqpkYv4+bfz2e3nm7RtvOoFX89glkT9 Vm0= -----END CERTIFICATE-----Generated at Wed May 13 00:08:03 2026 by rpki-client