$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9d18bad7-c208-4d5e-bb74-4babc2efa60b.roa File: 9d18bad7-c208-4d5e-bb74-4babc2efa60b.roa (raw, json) Hash identifier: al1KFGf21OM9ocrNeLVWm3GeJnR9BUqou+BTyhnoTZA= Subject key identifier: 01:03:B1:8B:03:58:59:FD:37:0B:7D:4C:9A:FE:81:42:16:F9:70:71 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 59182216490078546DA6E27F041A7174E4E66974 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9d18bad7-c208-4d5e-bb74-4babc2efa60b.roa Signing time: Tue 12 May 2026 00:01:35 +0000 ROA not before: Tue 12 May 2026 00:01:35 +0000 ROA not after: Mon 10 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:18:22:16:49:00:78:54:6d:a6:e2:7f:04:1a:71:74:e4:e6:69:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 12 00:01:35 2026 GMT Not After : Aug 10 23:59:59 2026 GMT Subject: serialNumber=4f65d520e2820bb33e0c54f29fcdcec0e0a7c3731e0fb8ca57de19da445d8b7f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:b2:b8:3c:a3:4b:c7:49:62:f5:d1:a1:3d:79: d8:01:05:17:aa:35:1d:18:4b:1e:46:9f:a4:5f:33: 11:7f:8f:46:34:4f:39:db:11:86:2c:52:78:ef:8f: 86:c0:3d:87:b4:ec:13:6a:50:0a:2e:25:19:3b:aa: 82:46:5b:b9:35:d8:53:53:1a:45:26:39:5f:d0:d1: cc:0d:79:72:e9:48:9d:a7:a3:ba:f5:54:e1:a0:d9: 0f:06:1a:fd:a9:e4:f6:15:bd:d6:29:be:74:5e:9b: e9:4e:8b:26:04:0a:54:87:c1:31:16:77:0c:da:20: 34:36:e3:c8:90:45:be:5e:c8:39:66:04:ef:a6:ff: 99:d6:db:5f:f6:70:4d:6a:05:c6:89:9e:26:f7:83: 8d:d8:4e:ff:23:8a:21:16:25:35:82:70:c4:28:8e: 32:10:bd:33:94:17:22:97:f0:df:56:9f:87:63:df: 6a:41:1b:55:7a:c7:87:10:e4:1a:f4:b8:77:f4:9b: 58:bd:71:5a:28:2d:1e:f8:ce:34:73:ab:98:06:f6: 8e:6f:77:0f:45:7e:81:f8:64:b0:49:e4:d4:70:d7: 62:18:e3:c1:fd:b9:69:0d:88:45:00:df:3a:56:ce: f0:2b:74:76:3a:13:9d:2b:21:22:50:9a:01:9c:db: 16:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:03:B1:8B:03:58:59:FD:37:0B:7D:4C:9A:FE:81:42:16:F9:70:71 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9d18bad7-c208-4d5e-bb74-4babc2efa60b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:a000::/40 Signature Algorithm: sha256WithRSAEncryption 0e:68:65:8e:b7:69:e6:ed:1b:95:1b:e3:1e:8e:70:07:7f:e5: df:98:0d:2d:f6:8f:5d:bc:d3:d7:7d:6f:90:1e:b5:ec:9d:0a: 2f:33:12:be:62:ad:bf:02:bd:a6:3e:fb:fc:27:ad:ef:4f:4a: 4d:03:e9:df:3e:df:02:df:0c:e3:42:20:55:9a:98:85:b7:a0: fe:00:da:4e:67:b4:05:0c:6d:b3:5a:b4:17:b1:52:d1:59:bf: e6:51:7f:86:44:55:50:18:b5:1b:45:77:b4:55:9b:d6:e6:76: 62:bf:5f:ff:92:10:42:2a:32:da:59:af:63:f1:a0:bf:f7:48: c0:b8:e1:fe:33:f4:47:6f:fa:e0:64:53:dd:3f:96:77:d7:6e: 8a:1b:dc:8f:3c:00:54:26:b6:5e:f2:6e:da:80:6c:02:77:59: 29:ed:2e:bb:1e:5c:99:a2:7c:ea:51:2e:69:67:fd:68:5f:cc: be:4e:0b:e7:12:f4:a4:ab:ff:85:e7:6b:22:77:0b:bc:0d:52: 74:17:30:7f:08:55:fc:1b:07:a1:3f:a0:cc:5c:0d:5e:77:0a: e8:09:89:46:8d:0b:05:38:9d:02:a4:ba:dd:bf:f1:e7:cd:1e: 0c:6e:f8:5c:5b:76:87:c4:b0:a7:98:ad:ed:b6:3b:77:92:2e: 5b:e6:c6:66 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUWRgiFkkAeFRtpuJ/BBpxdOTmaXQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMjAwMDEzNVoX DTI2MDgxMDIzNTk1OVowejFJMEcGA1UEBRNANGY2NWQ1MjBlMjgyMGJiMzNlMGM1 NGYyOWZjZGNlYzBlMGE3YzM3MzFlMGZiOGNhNTdkZTE5ZGE0NDVkOGI3ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7LK4PKNLx0li9dGhPXnYAQUXqjUd GEseRp+kXzMRf49GNE852xGGLFJ474+GwD2HtOwTalAKLiUZO6qCRlu5NdhTUxpF Jjlf0NHMDXly6Uidp6O69VThoNkPBhr9qeT2Fb3WKb50XpvpTosmBApUh8ExFncM 2iA0NuPIkEW+Xsg5ZgTvpv+Z1ttf9nBNagXGiZ4m94ON2E7/I4ohFiU1gnDEKI4y EL0zlBcil/DfVp+HY99qQRtVeseHEOQa9Lh39JtYvXFaKC0e+M40c6uYBvaOb3cP RX6B+GSwSeTUcNdiGOPB/blpDYhFAN86Vs7wK3R2OhOdKyEiUJoBnNsW8wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAEDsYsDWFn9Nwt9TJr+gUIW+XBxMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzlkMThiYWQ3LWMyMDgtNGQ1ZS1iYjc0LTRiYWJjMmVmYTYwYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+6AwDQYJKoZIhvcNAQELBQADggEBAA5oZY63aebtG5Ub4x6O cAd/5d+YDS32j12809d9b5AeteydCi8zEr5irb8CvaY++/wnre9PSk0D6d8+3wLf DONCIFWamIW3oP4A2k5ntAUMbbNatBexUtFZv+ZRf4ZEVVAYtRtFd7RVm9bmdmK/ X/+SEEIqMtpZr2PxoL/3SMC44f4z9Edv+uBkU90/lnfXboob3I88AFQmtl7ybtqA bAJ3WSntLrseXJmifOpRLmln/WhfzL5OC+cS9KSr/4XnayJ3C7wNUnQXMH8IVfwb B6E/oMxcDV53CugJiUaNCwU4nQKkut2/8efNHgxu+FxbdofEsKeYre22O3eSLlvm xmY= -----END CERTIFICATE-----Generated at Tue May 12 23:39:12 2026 by rpki-client