$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9066b298-522a-482d-91c6-4b7ad82c743d.roa File: 9066b298-522a-482d-91c6-4b7ad82c743d.roa (raw, json) Hash identifier: hZlcv1iXtuY9oPIYnEks1tUUH+NLz3XAarV8VZcpfDY= Subject key identifier: 5B:35:7F:5A:F4:9F:1E:75:EE:07:9D:1C:44:E8:17:C0:B9:DF:5E:EF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 599982BD8F0AD0B84ACF6FBAE31E926729612872 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9066b298-522a-482d-91c6-4b7ad82c743d.roa Signing time: Tue 12 May 2026 00:00:11 +0000 ROA not before: Tue 12 May 2026 00:00:11 +0000 ROA not after: Mon 10 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:99:82:bd:8f:0a:d0:b8:4a:cf:6f:ba:e3:1e:92:67:29:61:28:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 12 00:00:11 2026 GMT Not After : Aug 10 23:59:59 2026 GMT Subject: serialNumber=3ee10fb1479912deee6c38c214d20e506c9bc63a7f1be0316da7bf1be695e317, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:72:92:8d:c0:13:44:25:31:e8:a1:ee:eb:06: d6:b2:d8:2b:ca:dc:da:5f:65:88:23:9d:2e:54:26: 52:73:e7:ed:b2:e9:03:f7:df:4d:3f:ad:ef:b9:72: f8:ac:70:dd:5c:02:3e:be:f6:ab:b0:c3:c6:ba:ba: 05:ac:0b:b0:56:6f:ab:83:f2:42:35:fc:a5:41:81: 86:b0:83:72:46:3d:58:3a:db:93:f3:8b:80:29:81: 82:37:ba:83:9c:40:71:56:f2:4f:c9:80:56:68:13: a6:de:20:a1:cd:3f:03:b0:3e:3d:3a:32:e0:aa:98: 5e:3b:15:d2:f2:7c:86:2b:08:2d:3a:5f:61:d6:de: 71:fb:97:41:76:0d:4d:16:c0:ad:39:bf:fc:7b:88: 86:6e:79:b9:53:c9:6b:38:a7:41:5b:0e:6c:01:81: 52:34:9e:9a:14:d9:54:05:7d:63:99:5f:44:11:f0: 4c:ca:8a:c8:df:94:2f:3b:ca:a2:a9:33:0e:6d:ea: 47:57:5b:9e:16:05:c3:3d:fb:f8:99:9f:ea:91:4b: 74:8a:e5:a0:7c:cb:a7:eb:ad:dd:1d:32:3e:f6:2c: cb:27:5b:f1:3b:a2:2a:a4:17:99:70:0e:50:5d:7b: 1a:aa:4d:3c:99:4c:95:25:2d:a3:a4:d6:47:c8:a4: a0:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:35:7F:5A:F4:9F:1E:75:EE:07:9D:1C:44:E8:17:C0:B9:DF:5E:EF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9066b298-522a-482d-91c6-4b7ad82c743d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:800::/40 Signature Algorithm: sha256WithRSAEncryption 67:f1:39:7e:3a:a8:03:24:28:68:5d:66:a9:f1:54:9f:67:a3: 26:13:01:4f:5d:30:55:ec:c4:cc:40:91:72:b9:8f:43:d4:35: 12:79:d1:e2:77:63:ee:6f:56:89:bf:82:7b:54:9e:eb:74:0b: 17:e4:4d:1c:7f:44:b5:4f:33:eb:73:49:7c:4d:9e:60:cd:1f: 40:37:e6:3a:6d:56:84:2a:e1:58:3f:80:3c:bb:e2:bb:76:c1: ae:5a:63:ba:34:ef:c6:2b:0a:0c:fe:95:8a:e7:b1:22:b5:0a: 3a:03:6e:23:b0:cf:9a:a2:5f:dc:94:05:57:5a:5a:a9:b9:dd: 66:3d:a7:ee:91:6b:e4:8d:b1:81:6b:3f:63:fe:4f:af:4a:7c: a0:86:b1:55:55:b0:45:5d:e5:bf:ea:61:b5:ca:7c:a1:a7:57: 26:13:33:cc:10:ff:d2:10:f2:95:44:13:e8:ac:03:72:1d:75: 95:7a:e4:fa:7b:13:24:23:5a:32:4b:d1:7c:3e:0d:50:f9:9b: f8:a0:10:fc:d1:98:15:ba:37:1c:8b:56:52:ba:98:8c:be:55: 5d:1d:af:5e:a7:62:ac:68:9f:68:9a:bd:54:9f:42:49:bb:a5: dc:6a:45:47:77:f5:01:f5:56:23:a2:54:d4:b1:2d:dd:a8:ad: ea:4e:a3:f2 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUWZmCvY8K0LhKz2+64x6SZylhKHIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMjAwMDAxMVoX DTI2MDgxMDIzNTk1OVowejFJMEcGA1UEBRNAM2VlMTBmYjE0Nzk5MTJkZWVlNmMz OGMyMTRkMjBlNTA2YzliYzYzYTdmMWJlMDMxNmRhN2JmMWJlNjk1ZTMxNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2XKSjcATRCUx6KHu6wbWstgrytza X2WII50uVCZSc+ftsukD999NP63vuXL4rHDdXAI+vvarsMPGuroFrAuwVm+rg/JC NfylQYGGsINyRj1YOtuT84uAKYGCN7qDnEBxVvJPyYBWaBOm3iChzT8DsD49OjLg qpheOxXS8nyGKwgtOl9h1t5x+5dBdg1NFsCtOb/8e4iGbnm5U8lrOKdBWw5sAYFS NJ6aFNlUBX1jmV9EEfBMyorI35QvO8qiqTMObepHV1ueFgXDPfv4mZ/qkUt0iuWg fMun663dHTI+9izLJ1vxO6IqpBeZcA5QXXsaqk08mUyVJS2jpNZHyKSgxwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFFs1f1r0nx517gedHEToF8C5317vMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzkwNjZiMjk4LTUyMmEtNDgyZC05MWM2LTRiN2FkODJjNzQzZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYQgwDQYJKoZIhvcNAQELBQADggEBAGfxOX46qAMkKGhdZqnx VJ9noyYTAU9dMFXsxMxAkXK5j0PUNRJ50eJ3Y+5vVom/gntUnut0CxfkTRx/RLVP M+tzSXxNnmDNH0A35jptVoQq4Vg/gDy74rt2wa5aY7o078YrCgz+lYrnsSK1CjoD biOwz5qiX9yUBVdaWqm53WY9p+6Ra+SNsYFrP2P+T69KfKCGsVVVsEVd5b/qYbXK fKGnVyYTM8wQ/9IQ8pVEE+isA3IddZV65Pp7EyQjWjJL0Xw+DVD5m/igEPzRmBW6 NxyLVlK6mIy+VV0dr16nYqxon2iavVSfQkm7pdxqRUd39QH1ViOiVNSxLd2orepO o/I= -----END CERTIFICATE-----Generated at Wed May 13 00:22:01 2026 by rpki-client