$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8b7cd613-3f52-4755-9c7b-f7e5f07b4ff6.roa File: 8b7cd613-3f52-4755-9c7b-f7e5f07b4ff6.roa (raw, json) Hash identifier: dKp20BnXimbUcFhcVsumjOwisLhG66l1XBAkfyagh8o= Subject key identifier: CF:A1:E3:2F:19:F6:F5:1B:29:0E:CC:CA:1C:85:6E:DC:2B:1E:77:54 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1DBDAFD08AB726E805D891F48DBC7D44D6240DFE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8b7cd613-3f52-4755-9c7b-f7e5f07b4ff6.roa Signing time: Sat 02 May 2026 00:01:12 +0000 ROA not before: Sat 02 May 2026 00:01:12 +0000 ROA not after: Fri 31 Jul 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daea:4840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:bd:af:d0:8a:b7:26:e8:05:d8:91:f4:8d:bc:7d:44:d6:24:0d:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 2 00:01:12 2026 GMT Not After : Jul 31 23:59:59 2026 GMT Subject: serialNumber=7142ed3b6bb573fa7a0c48af6f0941a0089c25260d454bf10293ac99eac78161, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:4e:0e:7b:55:a3:18:3d:7d:67:8a:07:b2:56: 3d:01:c1:f2:ef:74:a2:f9:51:a8:e6:84:2f:2c:c2: 61:9e:37:8d:5f:38:eb:14:87:ad:05:ea:53:9f:ba: 79:96:01:7e:49:36:59:6a:9e:5d:d9:26:6e:67:de: 53:40:76:09:60:88:f8:30:4d:28:d9:57:9f:6b:c4: ca:59:f4:06:de:4c:2c:2b:b2:9a:9a:cc:47:44:ab: d9:7d:fe:57:40:f8:7c:32:59:06:65:3e:d5:03:5c: 36:6c:99:8c:70:de:c4:21:de:c3:b9:15:41:b6:20: 25:a8:3c:f1:f2:70:43:be:6b:76:85:0b:1d:21:cf: 56:ba:08:c1:48:94:e0:ff:16:ec:4a:6d:87:1b:d7: cc:de:99:a2:ef:3b:e9:46:f8:5a:c0:1a:9a:79:88: b9:c9:61:ed:c0:9c:b0:25:03:2d:e6:55:59:17:b1: ea:04:16:06:bd:a1:42:e5:05:18:16:ab:b2:9a:5b: f2:81:b7:ea:3e:45:41:58:a9:59:d5:87:25:e3:5e: 8d:d7:a9:dd:cc:67:82:99:31:0a:e9:d6:ea:1f:7d: fb:c0:c3:67:17:38:ee:2c:8a:fb:c1:f8:8b:30:65: e3:0b:4c:3b:97:b1:08:24:27:98:c0:14:45:52:9c: 59:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:A1:E3:2F:19:F6:F5:1B:29:0E:CC:CA:1C:85:6E:DC:2B:1E:77:54 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8b7cd613-3f52-4755-9c7b-f7e5f07b4ff6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daea:4840::/48 Signature Algorithm: sha256WithRSAEncryption 5f:c1:be:30:05:2f:92:f2:d5:d6:e3:c3:a9:b6:38:a6:9c:36: 3d:51:ea:21:9c:e2:64:e7:5e:59:8e:2d:a8:1a:42:c8:e5:f0: d0:8c:b1:f3:a0:0a:a9:37:7c:c0:9d:69:24:ca:80:d8:35:48: c0:60:ca:9a:3e:dd:a8:7a:e6:30:51:00:66:e4:db:a3:3c:16: 28:ce:52:84:7d:d8:1f:ca:ab:bd:8f:62:79:18:07:a7:94:d7: 9c:72:28:af:6e:f6:cf:16:a6:8b:69:4b:5a:74:73:7d:88:a9: 51:39:1e:bf:e0:99:30:90:ef:76:ec:32:62:57:cb:36:26:d7: d8:29:be:25:90:1b:e5:b7:0a:27:3a:95:b9:75:6d:4c:99:8f: 00:43:73:0f:1d:9e:71:45:6f:5c:8e:c9:da:72:d4:18:5d:23: 5d:1b:6b:29:4f:98:6e:eb:04:0a:b0:d8:82:5f:9c:6c:f9:ad: 50:c3:e4:6a:02:ab:71:5a:32:f8:bc:ec:90:0d:3d:c9:2d:f5: 3c:59:8b:79:8c:c0:47:55:c9:85:75:a2:0e:75:28:07:9e:01: 17:fd:f3:af:30:e4:01:e6:15:7b:e0:63:26:fd:9f:3d:e2:60: c9:9e:10:b6:ac:cb:6d:51:48:01:f9:c6:24:dd:cf:7c:fb:6a: 0a:3c:1f:f0 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUHb2v0Iq3JugF2JH0jbx9RNYkDf4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwMjAwMDExMloX DTI2MDczMTIzNTk1OVowejFJMEcGA1UEBRNANzE0MmVkM2I2YmI1NzNmYTdhMGM0 OGFmNmYwOTQxYTAwODljMjUyNjBkNDU0YmYxMDI5M2FjOTllYWM3ODE2MTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzk4Oe1WjGD19Z4oHslY9AcHy73Si +VGo5oQvLMJhnjeNXzjrFIetBepTn7p5lgF+STZZap5d2SZuZ95TQHYJYIj4ME0o 2Vefa8TKWfQG3kwsK7KamsxHRKvZff5XQPh8MlkGZT7VA1w2bJmMcN7EId7DuRVB tiAlqDzx8nBDvmt2hQsdIc9WugjBSJTg/xbsSm2HG9fM3pmi7zvpRvhawBqaeYi5 yWHtwJywJQMt5lVZF7HqBBYGvaFC5QUYFquymlvygbfqPkVBWKlZ1Ycl416N16nd zGeCmTEK6dbqH337wMNnFzjuLIr7wfiLMGXjC0w7l7EIJCeYwBRFUpxZXwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFM+h4y8Z9vUbKQ7MyhyFbtwrHndUMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhiN2NkNjEzLTNmNTItNDc1NS05YzdiLWY3ZTVmMDdiNGZmNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba6khAMA0GCSqGSIb3DQEBCwUAA4IBAQBfwb4wBS+S8tXW48Op tjimnDY9UeohnOJk515Zji2oGkLI5fDQjLHzoAqpN3zAnWkkyoDYNUjAYMqaPt2o euYwUQBm5NujPBYozlKEfdgfyqu9j2J5GAenlNecciivbvbPFqaLaUtadHN9iKlR OR6/4JkwkO927DJiV8s2JtfYKb4lkBvltwonOpW5dW1MmY8AQ3MPHZ5xRW9cjsna ctQYXSNdG2spT5hu6wQKsNiCX5xs+a1Qw+RqAqtxWjL4vOyQDT3JLfU8WYt5jMBH VcmFdaIOdSgHngEX/fOvMOQB5hV74GMm/Z894mDJnhC2rMttUUgB+cYk3c98+2oK PB/w -----END CERTIFICATE-----Generated at Wed May 13 00:47:04 2026 by rpki-client