$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/996cc3b8-0df0-4f17-97f0-d59aa845427c.roa File: 996cc3b8-0df0-4f17-97f0-d59aa845427c.roa (raw, json) Hash identifier: ZvPVYHvW7wzzVw8SutMkwtyfSrzMcfJsThJGXvl7WC8= Subject key identifier: 2C:64:AC:83:91:E6:CA:68:FE:85:39:CD:F6:BE:F0:65:D6:37:82:18 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7251B03320135C8707F6D6C9DC2357F5F0A4AC52 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/996cc3b8-0df0-4f17-97f0-d59aa845427c.roa Signing time: Mon 27 Apr 2026 00:00:12 +0000 ROA not before: Mon 27 Apr 2026 00:00:12 +0000 ROA not after: Sun 26 Jul 2026 23:59:59 +0000 asID: 14618 IP address blocks: 2406:da00:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:51:b0:33:20:13:5c:87:07:f6:d6:c9:dc:23:57:f5:f0:a4:ac:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 27 00:00:12 2026 GMT Not After : Jul 26 23:59:59 2026 GMT Subject: serialNumber=8d88ddf5040fa7a6077293f1cf197f2e01e8c6e387d7e4242e911abeb05b3c6a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:e4:55:50:63:d2:3d:9e:a2:6e:e9:22:17:67: b2:5e:37:cc:8f:fe:e4:e3:72:bf:78:95:6a:17:2c: af:0a:a7:4d:4e:0b:1d:50:72:d2:87:26:48:b9:6e: 40:c1:2a:48:9f:61:16:4d:68:9b:fb:0e:af:6b:56: aa:ec:ee:c0:0e:3a:43:fc:b0:a8:21:ce:e0:ae:6a: 3f:46:48:7f:67:f5:6f:9a:5a:e8:79:b9:7f:2b:4f: aa:14:e3:04:a1:4e:f6:30:c3:f0:bc:e7:b3:56:cd: c7:9d:7a:0e:04:93:19:cd:59:9d:c3:7d:92:1e:e9: 7f:ee:8f:4d:f7:96:54:c7:ae:54:8b:65:bf:9c:fd: bc:e2:9c:46:40:b2:0b:fe:30:96:5e:b3:da:8b:fb: 38:4d:66:a8:be:25:fa:53:4a:f0:42:fe:5b:49:d1: cf:cb:30:f3:5e:ce:cf:ae:22:d7:69:d8:89:b9:1e: 00:ef:43:ed:8c:41:09:10:ed:fe:7b:21:5d:ba:e1: 4e:41:44:7c:35:30:7b:c1:13:98:1f:ce:a9:12:b8: f8:96:1f:ef:81:d4:f6:d5:2d:3c:c5:f5:40:ef:37: 69:ed:11:3b:39:4d:23:05:35:40:74:db:af:c0:04: 01:47:2d:09:6c:d3:d8:47:26:0d:af:37:67:c4:97: 68:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:64:AC:83:91:E6:CA:68:FE:85:39:CD:F6:BE:F0:65:D6:37:82:18 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/996cc3b8-0df0-4f17-97f0-d59aa845427c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:ff00::/48 Signature Algorithm: sha256WithRSAEncryption 7b:3d:60:5c:15:d7:6a:36:08:2e:79:45:fa:30:ff:0e:cc:7f: 1f:7a:38:41:73:f6:64:c3:51:5c:b1:06:67:32:c0:16:65:65: 06:1e:a8:48:05:5f:2d:be:a3:57:d2:81:ce:61:1d:cb:b8:67: 86:1c:e3:6b:29:f2:46:f3:e1:13:47:b1:ed:ca:e3:99:06:fd: d9:6c:88:2f:7e:20:00:2f:93:2e:fc:92:13:c7:67:87:1e:2b: d6:2a:68:3d:0e:20:16:c9:07:16:ae:03:85:07:af:bc:b8:7b: 94:b8:07:3a:f7:a5:b3:93:76:ca:e5:2b:d0:6c:3f:77:b9:42: 5a:9e:d0:76:25:1a:b5:d4:ce:59:33:fc:2d:46:3a:a3:6e:69: ce:99:97:c6:bc:2e:d2:4b:d1:f5:00:f9:95:86:85:d1:25:be: a3:db:09:d5:01:be:2e:e4:75:06:21:97:2f:98:08:66:59:88: 44:f8:36:eb:b4:49:a7:a7:30:7c:8b:fd:f2:1b:9d:06:b1:4b: f6:ec:ad:1c:7b:d5:d8:3b:28:b5:5c:c9:2f:7e:78:65:9c:70: a5:75:3c:66:2a:4f:ea:21:9e:67:1d:8f:d3:26:4d:97:ed:82: b5:47:9a:ee:ee:ba:67:bc:37:e2:c1:f7:97:0e:92:8e:70:81: 1c:72:43:f0 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUclGwMyATXIcH9tbJ3CNX9fCkrFIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDQyNzAwMDAxMloX DTI2MDcyNjIzNTk1OVowejFJMEcGA1UEBRNAOGQ4OGRkZjUwNDBmYTdhNjA3NzI5 M2YxY2YxOTdmMmUwMWU4YzZlMzg3ZDdlNDI0MmU5MTFhYmViMDViM2M2YTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxuRVUGPSPZ6ibukiF2eyXjfMj/7k 43K/eJVqFyyvCqdNTgsdUHLShyZIuW5AwSpIn2EWTWib+w6va1aq7O7ADjpD/LCo Ic7grmo/Rkh/Z/Vvmlroebl/K0+qFOMEoU72MMPwvOezVs3HnXoOBJMZzVmdw32S Hul/7o9N95ZUx65Ui2W/nP284pxGQLIL/jCWXrPai/s4TWaoviX6U0rwQv5bSdHP yzDzXs7PriLXadiJuR4A70PtjEEJEO3+eyFduuFOQUR8NTB7wROYH86pErj4lh/v gdT21S08xfVA7zdp7RE7OU0jBTVAdNuvwAQBRy0JbNPYRyYNrzdnxJdokQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFCxkrIOR5spo/oU5zfa+8GXWN4IYMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzk5NmNjM2I4LTBkZjAtNGYxNy05N2YwLWQ1OWFhODQ1NDI3Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAP8AMA0GCSqGSIb3DQEBCwUAA4IBAQB7PWBcFddqNggueUX6 MP8OzH8fejhBc/Zkw1FcsQZnMsAWZWUGHqhIBV8tvqNX0oHOYR3LuGeGHONrKfJG 8+ETR7HtyuOZBv3ZbIgvfiAAL5Mu/JITx2eHHivWKmg9DiAWyQcWrgOFB6+8uHuU uAc696Wzk3bK5SvQbD93uUJantB2JRq11M5ZM/wtRjqjbmnOmZfGvC7SS9H1APmV hoXRJb6j2wnVAb4u5HUGIZcvmAhmWYhE+DbrtEmnpzB8i/3yG50GsUv27K0ce9XY Oyi1XMkvfnhlnHCldTxmKk/qIZ5nHY/TJk2X7YK1R5ru7rpnvDfiwfeXDpKOcIEc ckPw -----END CERTIFICATE-----Generated at Tue May 12 23:05:26 2026 by rpki-client