$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9021aef9-c76a-41c7-9ff8-dd9ea326340d.roa File: 9021aef9-c76a-41c7-9ff8-dd9ea326340d.roa (raw, json) Hash identifier: Nvysq+KpPEIiB7tv0rD14yxxeLWqJQ1xIxSXSZ/rQjc= Subject key identifier: 90:60:3F:9A:E1:F5:57:08:65:2E:D1:A3:1F:9B:77:09:63:75:07:06 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4C92AA42E9312F581B9422409B12BB4E85E0910A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9021aef9-c76a-41c7-9ff8-dd9ea326340d.roa Signing time: Mon 11 May 2026 00:21:10 +0000 ROA not before: Mon 11 May 2026 00:21:10 +0000 ROA not after: Sun 09 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:2800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:92:aa:42:e9:31:2f:58:1b:94:22:40:9b:12:bb:4e:85:e0:91:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 11 00:21:10 2026 GMT Not After : Aug 9 23:59:59 2026 GMT Subject: serialNumber=632a3cd18fced75898267eb04a2f05204d5fb6efcc2d37c08e2c95085cc5dd84, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:f6:3f:38:28:26:7d:d3:0d:f7:d6:3a:50:f8: 8f:f6:43:f9:43:40:3e:83:24:f4:da:35:df:c2:b9: 61:85:87:46:bb:ec:8a:85:8e:da:dc:c0:41:70:8e: af:21:48:db:49:94:40:45:36:c9:86:c0:ec:e7:2e: c7:a2:2a:e8:fb:da:ec:7c:03:4b:2a:1b:d7:3c:ac: b2:c0:bd:e5:31:2a:e8:d9:77:87:34:5e:3b:e1:c8: fd:f9:11:bc:c3:fb:76:82:10:92:ad:88:18:f3:71: dc:84:53:7b:73:95:a6:e5:10:d9:b5:a3:e6:7a:db: 2e:f0:af:20:5e:51:73:13:3e:ad:20:6c:c8:97:5b: f8:d6:24:e7:34:d0:6d:b7:2d:9d:24:22:2c:c9:1e: da:2d:bb:74:a0:bb:ae:7c:17:2c:e7:a9:17:b4:24: 0d:33:6f:65:66:19:18:51:e8:e8:24:38:89:4d:d2: bb:be:14:54:74:12:37:8c:a6:fe:2b:f6:0c:45:49: 28:16:30:3a:da:24:60:97:bf:58:4f:ab:cb:ca:ce: 38:1b:37:cf:cb:3d:1a:ca:99:d4:c2:79:8c:95:f5: 1c:29:50:e5:d4:e0:b4:0a:05:e7:63:15:a7:3d:46: f8:59:0e:57:4b:94:1c:a1:fa:ff:77:11:6e:90:79: 6a:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:60:3F:9A:E1:F5:57:08:65:2E:D1:A3:1F:9B:77:09:63:75:07:06 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9021aef9-c76a-41c7-9ff8-dd9ea326340d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:2800::/40 Signature Algorithm: sha256WithRSAEncryption 87:f7:35:9d:09:7a:50:49:0b:af:a7:1e:29:8e:41:4f:26:40: 42:bf:93:7f:49:70:6f:62:e7:cd:47:61:59:04:4b:f4:a0:e2: 97:d3:3a:0a:6e:d3:9d:a4:52:23:5d:e8:bf:d6:e6:c7:dc:18: 80:ab:0c:04:c3:c5:3f:2d:62:46:85:07:b8:25:ba:0d:44:9a: f1:08:03:cc:dd:95:bb:d3:11:35:d0:ac:ab:d2:a0:5f:bd:8d: 44:b6:50:e8:74:12:e0:6c:66:5b:9f:5b:33:a5:7d:d7:c1:8e: c1:53:70:0c:fb:3e:d9:06:b4:dd:39:e7:0c:e3:18:fe:d3:25: 0b:7f:38:a5:62:d8:b2:1b:17:6a:9d:48:a2:bd:61:d7:c1:5e: 0c:59:5d:6a:45:35:d0:d3:7f:27:e0:e9:18:0a:d7:19:e4:e7: 9e:16:27:15:f1:da:2b:b6:d2:bb:55:92:49:d1:79:64:8c:f5: b3:d9:bb:6c:b0:1a:4f:db:37:4b:17:7f:3d:0d:7a:a9:ac:68: fa:a4:10:c3:7b:e3:67:7d:4d:fa:71:6c:98:7d:a6:c5:53:b2: 69:aa:90:7f:79:08:9d:8e:94:41:0b:03:db:b0:1b:fd:56:c8: e6:49:e6:4a:d0:95:7f:c9:68:6e:fc:ec:d7:b0:04:ef:cd:2e: bc:cf:38:c0 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUTJKqQukxL1gblCJAmxK7ToXgkQowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMTAwMjExMFoX DTI2MDgwOTIzNTk1OVowejFJMEcGA1UEBRNANjMyYTNjZDE4ZmNlZDc1ODk4MjY3 ZWIwNGEyZjA1MjA0ZDVmYjZlZmNjMmQzN2MwOGUyYzk1MDg1Y2M1ZGQ4NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPY/OCgmfdMN99Y6UPiP9kP5Q0A+ gyT02jXfwrlhhYdGu+yKhY7a3MBBcI6vIUjbSZRARTbJhsDs5y7Hoiro+9rsfANL KhvXPKyywL3lMSro2XeHNF474cj9+RG8w/t2ghCSrYgY83HchFN7c5Wm5RDZtaPm etsu8K8gXlFzEz6tIGzIl1v41iTnNNBtty2dJCIsyR7aLbt0oLuufBcs56kXtCQN M29lZhkYUejoJDiJTdK7vhRUdBI3jKb+K/YMRUkoFjA62iRgl79YT6vLys44GzfP yz0aypnUwnmMlfUcKVDl1OC0CgXnYxWnPUb4WQ5XS5Qcofr/dxFukHlqDwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJBgP5rh9VcIZS7Rox+bdwljdQcGMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzkwMjFhZWY5LWM3NmEtNDFjNy05ZmY4LWRkOWVhMzI2MzQwZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYSgwDQYJKoZIhvcNAQELBQADggEBAIf3NZ0JelBJC6+nHimO QU8mQEK/k39JcG9i581HYVkES/Sg4pfTOgpu052kUiNd6L/W5sfcGICrDATDxT8t YkaFB7glug1EmvEIA8zdlbvTETXQrKvSoF+9jUS2UOh0EuBsZlufWzOlfdfBjsFT cAz7PtkGtN055wzjGP7TJQt/OKVi2LIbF2qdSKK9YdfBXgxZXWpFNdDTfyfg6RgK 1xnk554WJxXx2iu20rtVkknReWSM9bPZu2ywGk/bN0sXfz0NeqmsaPqkEMN742d9 TfpxbJh9psVTsmmqkH95CJ2OlEELA9uwG/1WyOZJ5krQlX/JaG787NewBO/NLrzP OMA= -----END CERTIFICATE-----Generated at Tue May 12 23:37:51 2026 by rpki-client