$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ac8aea04-9afb-482f-82f7-e5e61b79d804.roa File: ac8aea04-9afb-482f-82f7-e5e61b79d804.roa (raw, json) Hash identifier: +fhbNl2rAsJx0AOq8GeJzxlZtfvJZBAXoUPyXHkuSQ0= Subject key identifier: 94:59:A4:CD:9C:2A:CA:38:22:7A:3E:F2:AF:11:E8:E3:66:62:AB:BC Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 73466A159792613E6B74358A5E23F19DED0A88BA Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ac8aea04-9afb-482f-82f7-e5e61b79d804.roa Signing time: Tue 12 May 2026 00:00:20 +0000 ROA not before: Tue 12 May 2026 00:00:20 +0000 ROA not after: Mon 10 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daa0:a800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:46:6a:15:97:92:61:3e:6b:74:35:8a:5e:23:f1:9d:ed:0a:88:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 12 00:00:20 2026 GMT Not After : Aug 10 23:59:59 2026 GMT Subject: serialNumber=fd36fffc64817a6f2e245f76090693684885c43f53c698d6c8db6d1777f94a3f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:59:39:de:28:85:4b:b4:e9:12:47:07:e8:2f: 3c:cf:80:72:bf:03:b8:40:6c:3e:7d:4a:bd:76:d1: 97:8f:7f:45:1b:3f:38:d8:98:be:85:ee:6c:83:e4: 86:d5:6b:e4:7b:d2:b4:35:6f:06:13:76:c4:02:39: 18:9b:20:9d:1e:1e:64:4a:67:61:45:63:c6:ce:80: 5e:53:cc:a5:55:08:3f:5e:6a:ed:30:c3:8d:3a:84: 91:df:d9:8a:5c:02:60:52:6c:5f:d5:47:f1:f0:8f: 6e:5f:0f:f0:b1:90:a1:35:e3:51:30:60:98:93:09: ac:1f:ac:00:b4:e7:81:be:ec:e9:4a:c8:03:9c:c0: 2e:a2:aa:ac:1c:64:85:1b:3e:ef:42:e8:61:63:0b: 47:0f:61:3e:33:cd:a0:88:e0:14:64:18:64:15:ad: fc:15:4c:19:5c:b7:cb:fe:f1:ba:18:be:91:d6:1e: 3c:58:65:71:69:ef:40:6c:53:b6:15:10:00:b8:2e: 1c:82:6b:7c:a0:a2:0b:f3:43:75:59:7c:91:08:9b: c5:b5:a1:ab:77:00:ea:6b:b3:a9:c1:20:84:96:2e: 4d:55:08:e4:d5:a5:39:44:26:db:06:76:d2:25:9d: ad:19:11:20:0d:bb:e0:3c:a6:89:37:c0:9f:0e:1c: a2:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:59:A4:CD:9C:2A:CA:38:22:7A:3E:F2:AF:11:E8:E3:66:62:AB:BC X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ac8aea04-9afb-482f-82f7-e5e61b79d804.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daa0:a800::/40 Signature Algorithm: sha256WithRSAEncryption 83:35:a0:a5:25:88:10:06:f3:90:24:53:cf:72:cc:1c:e8:d4: 1a:5b:09:2b:ab:fd:29:fe:5c:c6:d4:55:66:85:81:d8:62:f6: 20:0d:af:ac:99:3d:e1:39:69:4d:83:5f:2a:34:f0:21:1a:dc: e6:59:78:d4:5d:f7:27:d7:13:39:35:7a:fe:70:30:63:96:e9: 7b:5f:75:a2:8d:13:28:74:35:cb:b2:be:1d:03:03:11:2f:ed: 2d:be:46:c0:86:9b:98:42:36:aa:be:08:cb:96:92:f8:4c:4d: d0:93:f6:52:b1:ef:71:54:61:ed:5a:ab:06:af:04:1e:ae:16: cc:92:b4:2a:3f:50:c6:9c:53:59:54:91:2f:59:81:11:26:d6: 20:e1:99:ab:10:07:fe:f8:86:ac:7f:df:0a:c7:59:49:c1:11: bb:ec:28:c5:4a:e4:d3:d0:a5:29:92:40:ab:fb:73:70:2a:78: 39:0d:d1:8e:08:ba:12:ce:9d:2f:8a:87:f7:eb:cb:98:ce:a2: 9f:bd:5f:6b:b9:bf:85:ad:58:80:21:96:1b:d9:79:61:b2:a8: 4e:f7:8e:db:c6:82:95:eb:35:91:e7:f2:06:a7:1e:5b:26:1f: a3:4c:0a:6f:22:ee:d6:fc:be:82:7a:36:24:03:1c:b6:07:45: 84:a6:64:21 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUc0ZqFZeSYT5rdDWKXiPxne0KiLowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMjAwMDAyMFoX DTI2MDgxMDIzNTk1OVowejFJMEcGA1UEBRNAZmQzNmZmZmM2NDgxN2E2ZjJlMjQ1 Zjc2MDkwNjkzNjg0ODg1YzQzZjUzYzY5OGQ2YzhkYjZkMTc3N2Y5NGEzZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulk53iiFS7TpEkcH6C88z4ByvwO4 QGw+fUq9dtGXj39FGz842Ji+he5sg+SG1Wvke9K0NW8GE3bEAjkYmyCdHh5kSmdh RWPGzoBeU8ylVQg/XmrtMMONOoSR39mKXAJgUmxf1Ufx8I9uXw/wsZChNeNRMGCY kwmsH6wAtOeBvuzpSsgDnMAuoqqsHGSFGz7vQuhhYwtHD2E+M82giOAUZBhkFa38 FUwZXLfL/vG6GL6R1h48WGVxae9AbFO2FRAAuC4cgmt8oKIL80N1WXyRCJvFtaGr dwDqa7OpwSCEli5NVQjk1aU5RCbbBnbSJZ2tGREgDbvgPKaJN8CfDhyioQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJRZpM2cKso4Ino+8q8R6ONmYqu8MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FjOGFlYTA0LTlhZmItNDgyZi04MmY3LWU1ZTYxYjc5ZDgwNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaoKgwDQYJKoZIhvcNAQELBQADggEBAIM1oKUliBAG85AkU89y zBzo1BpbCSur/Sn+XMbUVWaFgdhi9iANr6yZPeE5aU2DXyo08CEa3OZZeNRd9yfX Ezk1ev5wMGOW6XtfdaKNEyh0Ncuyvh0DAxEv7S2+RsCGm5hCNqq+CMuWkvhMTdCT 9lKx73FUYe1aqwavBB6uFsyStCo/UMacU1lUkS9ZgREm1iDhmasQB/74hqx/3wrH WUnBEbvsKMVK5NPQpSmSQKv7c3AqeDkN0Y4IuhLOnS+Kh/fry5jOop+9X2u5v4Wt WIAhlhvZeWGyqE73jtvGgpXrNZHn8ganHlsmH6NMCm8i7tb8voJ6NiQDHLYHRYSm ZCE= -----END CERTIFICATE-----Generated at Wed May 13 00:25:39 2026 by rpki-client