$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/85858219-71cc-46f9-9c59-e75c9c1f8098.roa File: 85858219-71cc-46f9-9c59-e75c9c1f8098.roa (raw, json) Hash identifier: zOQxIwwzRdQEQFnBRO81B883Bp5n15/PjykoTjlrH8k= Subject key identifier: AA:E2:1C:45:4B:5C:58:4D:A9:B5:49:D1:81:BE:A0:94:E4:5E:D2:71 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 45568A365685E590C631E3F93696BF42B62C5A56 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/85858219-71cc-46f9-9c59-e75c9c1f8098.roa Signing time: Mon 11 May 2026 00:30:32 +0000 ROA not before: Mon 11 May 2026 00:30:32 +0000 ROA not after: Sun 09 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:c800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:56:8a:36:56:85:e5:90:c6:31:e3:f9:36:96:bf:42:b6:2c:5a:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 11 00:30:32 2026 GMT Not After : Aug 9 23:59:59 2026 GMT Subject: serialNumber=eaeb8ae064df1e723683683732da47dfe60d110e03cfd1bcf4df813336fcbd0a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:0b:18:4d:bc:86:4b:20:96:0e:c1:8a:99:26: 3a:2b:f2:87:0f:1a:9e:03:76:b4:ab:01:12:26:d8: 14:6c:cf:fc:04:cf:3a:b7:a8:7f:e7:e0:ca:53:03: 18:a7:64:ba:20:05:77:b1:1e:70:f7:7f:2b:7e:f6: ef:28:34:9c:42:fd:5b:22:b1:30:5c:3d:fd:5d:f9: e2:27:1d:13:68:39:c6:6e:9e:84:45:08:a3:03:f8: 2f:22:d8:99:43:ca:dc:39:47:12:ec:4d:e5:d4:57: 98:d7:87:93:7a:30:ea:47:9d:7d:d6:fd:5b:a4:a4: bb:3a:b8:46:88:4e:c0:66:ae:fd:d4:a6:cc:2f:b7: bf:0e:61:75:19:df:25:e0:d7:bd:6c:97:dc:d7:53: ed:de:70:86:cf:31:5a:a1:0c:44:7a:70:65:7a:f1: d7:61:01:8a:30:76:10:77:99:f0:24:2b:41:4e:d3: 65:0c:6b:4a:33:d2:6d:64:60:1e:17:45:0e:74:96: 30:16:49:49:ef:ac:c6:92:ba:cc:4f:8d:86:f6:39: b5:cc:23:24:0a:7c:0c:a4:65:a9:91:4b:03:1f:2b: 51:17:a9:cd:f7:9e:05:d8:67:39:56:b8:b4:a1:b4: 01:41:43:97:2e:c5:26:4e:d9:c4:38:2d:a9:e2:53: 9b:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:E2:1C:45:4B:5C:58:4D:A9:B5:49:D1:81:BE:A0:94:E4:5E:D2:71 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/85858219-71cc-46f9-9c59-e75c9c1f8098.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:c800::/40 Signature Algorithm: sha256WithRSAEncryption 7a:89:08:47:89:a7:63:5e:33:33:94:e3:28:c4:2f:9e:ce:8f: 36:2d:45:df:54:34:40:45:38:3f:dd:cf:af:4e:fa:3c:49:23: 07:ce:40:8e:15:fc:14:88:9b:4b:d3:06:0e:54:bc:75:6b:d0: 21:4d:f5:50:bd:9b:a0:00:49:c6:e8:f4:56:bf:38:7a:e7:71: 68:c7:08:47:49:77:66:e9:b0:6d:98:f0:8f:85:6d:a1:c1:ac: 38:ce:a6:ed:16:f7:c5:3f:5b:3b:5d:25:80:cc:15:c1:e1:3e: ef:f8:ca:83:b4:b1:15:03:0c:53:e7:43:a3:14:2d:a4:ad:2f: c9:83:24:52:30:e0:33:0e:a7:73:c5:ad:85:74:ae:ec:4c:7e: a7:57:59:7f:3c:5d:8d:91:31:3b:2b:f3:e8:e3:78:2c:26:75: e8:64:01:88:ba:f3:9f:ae:47:8a:fe:78:38:a7:dc:21:48:77: 69:ec:f5:bc:7d:27:da:2d:fd:f1:8c:76:7a:6e:b7:79:7f:cc: b4:69:09:74:3d:74:1e:32:8f:12:b0:57:d8:98:e4:52:3c:a1: 6c:87:fd:de:50:21:46:d4:80:d2:73:e2:ad:9d:3a:32:be:b2: 8c:5b:e3:f3:8a:f2:fb:97:d1:fd:dc:51:71:88:3b:6b:af:bd: c3:1a:36:b5 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIURVaKNlaF5ZDGMeP5Npa/QrYsWlYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMTAwMzAzMloX DTI2MDgwOTIzNTk1OVowejFJMEcGA1UEBRNAZWFlYjhhZTA2NGRmMWU3MjM2ODM2 ODM3MzJkYTQ3ZGZlNjBkMTEwZTAzY2ZkMWJjZjRkZjgxMzMzNmZjYmQwYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAsYTbyGSyCWDsGKmSY6K/KHDxqe A3a0qwESJtgUbM/8BM86t6h/5+DKUwMYp2S6IAV3sR5w938rfvbvKDScQv1bIrEw XD39XfniJx0TaDnGbp6ERQijA/gvItiZQ8rcOUcS7E3l1FeY14eTejDqR5191v1b pKS7OrhGiE7AZq791KbML7e/DmF1Gd8l4Ne9bJfc11Pt3nCGzzFaoQxEenBlevHX YQGKMHYQd5nwJCtBTtNlDGtKM9JtZGAeF0UOdJYwFklJ76zGkrrMT42G9jm1zCMk CnwMpGWpkUsDHytRF6nN954F2Gc5Vri0obQBQUOXLsUmTtnEOC2p4lObXwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKriHEVLXFhNqbVJ0YG+oJTkXtJxMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg1ODU4MjE5LTcxY2MtNDZmOS05YzU5LWU3NWM5YzFmODA5OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaAMgwDQYJKoZIhvcNAQELBQADggEBAHqJCEeJp2NeMzOU4yjE L57OjzYtRd9UNEBFOD/dz69O+jxJIwfOQI4V/BSIm0vTBg5UvHVr0CFN9VC9m6AA Scbo9Fa/OHrncWjHCEdJd2bpsG2Y8I+FbaHBrDjOpu0W98U/WztdJYDMFcHhPu/4 yoO0sRUDDFPnQ6MULaStL8mDJFIw4DMOp3PFrYV0ruxMfqdXWX88XY2RMTsr8+jj eCwmdehkAYi685+uR4r+eDin3CFId2ns9bx9J9ot/fGMdnput3l/zLRpCXQ9dB4y jxKwV9iY5FI8oWyH/d5QIUbUgNJz4q2dOjK+soxb4/OK8vuX0f3cUXGIO2uvvcMa NrU= -----END CERTIFICATE-----Generated at Wed May 13 00:07:20 2026 by rpki-client