$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/982d87a7-4e0b-42ab-a73f-f497b43a2a36.roa File: 982d87a7-4e0b-42ab-a73f-f497b43a2a36.roa (raw, json) Hash identifier: ucSLliOIrEgyOoaGTcMLCVBISMP/JxiaiLwGg4KTG3Y= Subject key identifier: 81:82:26:C0:CE:89:04:2B:FF:F8:83:49:9B:7F:9F:2E:A6:20:20:BC Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2FF799D1E92F9F787A075FD49885639B7E4B43D9 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/982d87a7-4e0b-42ab-a73f-f497b43a2a36.roa Signing time: Tue 05 May 2026 00:01:15 +0000 ROA not before: Tue 05 May 2026 00:01:15 +0000 ROA not after: Mon 03 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab9:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:f7:99:d1:e9:2f:9f:78:7a:07:5f:d4:98:85:63:9b:7e:4b:43:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 5 00:01:15 2026 GMT Not After : Aug 3 23:59:59 2026 GMT Subject: serialNumber=1bf001a1d59343c1f90f7193554ff88533c64cd4f7a8cb0ab7eb22aefb48fc85, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:ad:c9:24:46:3c:bf:54:08:e8:bf:fd:1d:f3: 47:c3:d4:f1:41:a1:d1:45:36:96:cc:b8:19:86:df: 21:09:75:4b:19:22:81:c1:48:38:31:41:1c:b8:10: 85:e5:54:01:20:fe:16:a6:a9:16:bc:96:a3:04:ef: 1d:eb:6c:56:f0:26:53:73:e0:88:4f:be:9c:29:7f: 2c:22:4d:5b:46:bb:d4:b8:88:ec:f1:bd:28:b2:f1: e7:f8:40:d1:f7:51:9e:21:be:3a:70:c9:66:ac:2c: 15:eb:c7:fb:f0:9b:e6:59:80:29:b3:78:25:e8:ca: 33:f7:28:22:41:ad:a1:7a:bb:99:19:e2:47:e2:98: e6:5f:00:72:de:0c:32:0c:05:c2:dd:68:8f:66:58: 1c:7e:23:08:73:05:d0:66:30:4b:33:fa:03:ce:ef: 5b:a0:d3:c6:c0:9b:1e:02:b3:cc:f1:18:64:c2:96: 49:71:5d:f3:52:3a:d7:62:c9:06:32:98:59:27:e9: b0:69:af:68:bf:18:da:8d:0d:b3:74:83:1e:22:66: fb:0a:af:b4:0c:1a:18:7a:e7:76:9a:e9:2f:a2:63: d0:c3:66:a8:b1:07:fd:cf:a7:c6:4e:a3:65:0d:35: 6b:f5:22:7c:ed:36:e7:bf:1c:92:e3:85:7f:41:ed: f2:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:82:26:C0:CE:89:04:2B:FF:F8:83:49:9B:7F:9F:2E:A6:20:20:BC X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/982d87a7-4e0b-42ab-a73f-f497b43a2a36.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:800::/40 Signature Algorithm: sha256WithRSAEncryption 86:67:98:f8:73:6a:90:71:1e:ca:a8:e6:8c:f8:71:be:69:51: c2:1f:7b:ac:2c:ca:b9:de:63:66:1d:8f:66:e6:4b:9f:37:5c: d3:42:73:6d:99:61:49:0b:f1:9f:54:97:2d:f1:b1:4a:66:2a: 91:ae:0a:96:0c:4d:70:66:ca:21:af:3f:6b:84:3f:b4:88:41: a6:25:2a:bd:f1:af:07:66:01:d5:da:f9:2b:49:25:3d:c0:a5: 50:5d:2f:8f:7e:b8:0b:d0:59:3f:63:72:43:b9:fa:5a:4d:92: 14:0a:65:ae:92:73:4e:14:44:08:6a:eb:5d:1f:1c:e0:04:a7: 17:cf:1a:cf:75:36:25:1a:d3:c3:9b:5b:65:01:ed:0a:e2:e9: 24:d2:b5:c0:d4:76:0b:4c:1b:15:d5:f1:d5:a8:f2:04:31:b2: 79:87:30:8b:ab:dc:7f:23:79:35:3b:4e:9d:5d:53:be:d2:8a: c7:af:6e:a9:fe:60:0a:00:40:87:3e:d4:1e:0c:73:54:80:90: d8:43:af:a0:55:0e:50:46:8c:b5:9d:70:f8:99:d9:e4:58:22: 44:20:1a:0e:a6:1e:87:cd:9c:68:6d:0d:93:fc:95:f0:48:95: 11:d4:8e:9b:95:d3:a9:00:14:aa:39:cb:1f:8d:58:3e:98:fc: 76:df:06:5b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUL/eZ0ekvn3h6B1/UmIVjm35LQ9kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwNTAwMDExNVoX DTI2MDgwMzIzNTk1OVowejFJMEcGA1UEBRNAMWJmMDAxYTFkNTkzNDNjMWY5MGY3 MTkzNTU0ZmY4ODUzM2M2NGNkNGY3YThjYjBhYjdlYjIyYWVmYjQ4ZmM4NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn63JJEY8v1QI6L/9HfNHw9TxQaHR RTaWzLgZht8hCXVLGSKBwUg4MUEcuBCF5VQBIP4WpqkWvJajBO8d62xW8CZTc+CI T76cKX8sIk1bRrvUuIjs8b0osvHn+EDR91GeIb46cMlmrCwV68f78JvmWYAps3gl 6Moz9ygiQa2heruZGeJH4pjmXwBy3gwyDAXC3WiPZlgcfiMIcwXQZjBLM/oDzu9b oNPGwJseArPM8RhkwpZJcV3zUjrXYskGMphZJ+mwaa9ovxjajQ2zdIMeImb7Cq+0 DBoYeud2mukvomPQw2aosQf9z6fGTqNlDTVr9SJ87TbnvxyS44V/Qe3yKwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIGCJsDOiQQr//iDSZt/ny6mICC8MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzk4MmQ4N2E3LTRlMGItNDJhYi1hNzNmLWY0OTdiNDNhMmEzNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauQgwDQYJKoZIhvcNAQELBQADggEBAIZnmPhzapBxHsqo5oz4 cb5pUcIfe6wsyrneY2Ydj2bmS583XNNCc22ZYUkL8Z9Uly3xsUpmKpGuCpYMTXBm yiGvP2uEP7SIQaYlKr3xrwdmAdXa+StJJT3ApVBdL49+uAvQWT9jckO5+lpNkhQK Za6Sc04URAhq610fHOAEpxfPGs91NiUa08ObW2UB7Qri6STStcDUdgtMGxXV8dWo 8gQxsnmHMIur3H8jeTU7Tp1dU77Sisevbqn+YAoAQIc+1B4Mc1SAkNhDr6BVDlBG jLWdcPiZ2eRYIkQgGg6mHofNnGhtDZP8lfBIlRHUjpuV06kAFKo5yx+NWD6Y/Hbf Bls= -----END CERTIFICATE-----Generated at Tue May 12 23:47:26 2026 by rpki-client