$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b3ed934e-b507-4d1e-8108-d901f3b37b6d.roa File: b3ed934e-b507-4d1e-8108-d901f3b37b6d.roa (raw, json) Hash identifier: sWA4AUGDj+GBqQnkncA/76+k5eY75O5x2okdQ3uw69g= Subject key identifier: 47:E7:51:C5:01:8B:11:FE:A4:11:B2:DB:60:09:80:8E:FB:28:A0:F9 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 11A70A74DA406D34A1C7435623CCA0F762CE8315 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b3ed934e-b507-4d1e-8108-d901f3b37b6d.roa Signing time: Tue 12 May 2026 00:11:06 +0000 ROA not before: Tue 12 May 2026 00:11:06 +0000 ROA not after: Mon 10 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:1000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:a7:0a:74:da:40:6d:34:a1:c7:43:56:23:cc:a0:f7:62:ce:83:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 12 00:11:06 2026 GMT Not After : Aug 10 23:59:59 2026 GMT Subject: serialNumber=002a599e6d6f9499508ca9c0c9fa74960bcaca2ba61f8ed63252964efc406b65, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:b5:f1:b0:0e:89:2a:92:cd:db:2c:80:23:04: 85:2d:c3:04:8a:11:9e:e9:eb:16:59:e3:5b:49:a3: ab:33:7c:65:ed:80:15:db:1d:4e:87:ee:90:2a:d4: 3a:b6:f4:57:8e:8e:8c:a2:a5:a9:d0:9a:3c:07:25: fa:21:37:0c:94:8f:81:f5:b2:f8:c5:2d:22:5d:1b: b2:4c:0d:80:d2:19:99:42:70:4d:82:8c:d7:39:55: 30:60:67:58:bc:5a:29:3b:48:a2:9e:89:fe:ac:50: d1:0a:bb:d9:88:30:ac:de:02:3b:f8:05:a1:05:9c: 6e:31:5d:f2:4e:6e:ae:3b:1a:f5:13:dc:2b:58:53: d5:70:2f:95:7a:eb:91:67:2a:ca:8c:a8:e0:9c:29: d6:8a:b3:44:6a:4a:83:80:01:a6:a3:16:ea:91:7d: 8e:e9:e9:23:a0:7c:ca:71:62:59:c8:49:37:11:76: 64:a2:a1:a0:e9:87:95:88:fa:0f:48:88:d5:63:20: cd:0d:e0:c7:a6:ba:9e:01:82:2a:f5:11:40:53:4c: 9c:99:18:6e:90:eb:5b:c0:fb:54:8f:cc:10:34:71: b5:6a:22:be:9b:bc:45:44:69:ee:6e:64:0a:96:80: d1:07:6d:7b:cf:b8:5a:21:37:28:79:ee:07:9f:66: a1:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:E7:51:C5:01:8B:11:FE:A4:11:B2:DB:60:09:80:8E:FB:28:A0:F9 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b3ed934e-b507-4d1e-8108-d901f3b37b6d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:1000::/40 Signature Algorithm: sha256WithRSAEncryption a7:dc:eb:1f:44:e2:1c:42:6f:06:21:97:28:ef:d3:e8:be:6c: b7:28:40:b5:d8:20:35:0f:d9:3e:f4:a7:f0:3e:5c:67:5f:c1: 09:f2:9b:20:48:d6:fc:a3:21:fa:48:d8:62:07:cc:22:8c:f0: 81:1f:0a:62:7f:e7:67:09:d6:88:92:97:fa:bb:07:8b:3b:29: e7:36:28:98:93:fc:22:42:4b:0e:c8:5d:4b:6a:ef:ef:e1:c3: 43:ea:54:6f:ff:41:ef:9c:5d:ce:3d:18:3f:22:a6:bd:21:6a: 80:33:dd:31:b2:94:14:1d:13:21:67:be:79:58:0f:98:c5:fa: 77:e5:67:cf:2f:71:93:dc:c2:25:40:b1:a6:ca:60:52:dd:0b: b4:ac:9e:54:c8:36:f4:be:16:06:6d:d0:13:ba:74:53:e9:94: 46:c6:b2:ae:bf:e3:0f:c3:a9:fb:52:dc:b8:e7:40:74:5e:cf: e0:d3:2c:00:d6:31:20:e1:e2:e6:cf:58:e1:96:af:2b:aa:8d: f0:d4:8d:f1:5e:58:1b:8d:ed:2b:d5:d2:be:52:59:45:28:bd: 17:07:6c:a0:43:76:64:44:c9:1b:9d:d7:7a:4d:d7:d7:4a:ef: 63:85:be:df:75:49:d9:ed:74:0d:c0:ea:b0:49:b1:15:41:c2: 9d:b3:0e:f5 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUEacKdNpAbTShx0NWI8yg92LOgxUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMjAwMTEwNloX DTI2MDgxMDIzNTk1OVowejFJMEcGA1UEBRNAMDAyYTU5OWU2ZDZmOTQ5OTUwOGNh OWMwYzlmYTc0OTYwYmNhY2EyYmE2MWY4ZWQ2MzI1Mjk2NGVmYzQwNmI2NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA77XxsA6JKpLN2yyAIwSFLcMEihGe 6esWWeNbSaOrM3xl7YAV2x1Oh+6QKtQ6tvRXjo6MoqWp0Jo8ByX6ITcMlI+B9bL4 xS0iXRuyTA2A0hmZQnBNgozXOVUwYGdYvFopO0iinon+rFDRCrvZiDCs3gI7+AWh BZxuMV3yTm6uOxr1E9wrWFPVcC+VeuuRZyrKjKjgnCnWirNEakqDgAGmoxbqkX2O 6ekjoHzKcWJZyEk3EXZkoqGg6YeViPoPSIjVYyDNDeDHprqeAYIq9RFAU0ycmRhu kOtbwPtUj8wQNHG1aiK+m7xFRGnubmQKloDRB217z7haITcoee4Hn2ahhQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEfnUcUBixH+pBGy22AJgI77KKD5MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2IzZWQ5MzRlLWI1MDctNGQxZS04MTA4LWQ5MDFmM2IzN2I2ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/xAwDQYJKoZIhvcNAQELBQADggEBAKfc6x9E4hxCbwYhlyjv 0+i+bLcoQLXYIDUP2T70p/A+XGdfwQnymyBI1vyjIfpI2GIHzCKM8IEfCmJ/52cJ 1oiSl/q7B4s7Kec2KJiT/CJCSw7IXUtq7+/hw0PqVG//Qe+cXc49GD8ipr0haoAz 3TGylBQdEyFnvnlYD5jF+nflZ88vcZPcwiVAsabKYFLdC7SsnlTINvS+FgZt0BO6 dFPplEbGsq6/4w/DqftS3LjnQHRez+DTLADWMSDh4ubPWOGWryuqjfDUjfFeWBuN 7SvV0r5SWUUovRcHbKBDdmREyRud13pN19dK72OFvt91SdntdA3A6rBJsRVBwp2z DvU= -----END CERTIFICATE-----Generated at Tue May 12 23:37:37 2026 by rpki-client