$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ba66f204-ef53-4c25-92d8-95b5c7db0e2f.roa File: ba66f204-ef53-4c25-92d8-95b5c7db0e2f.roa (raw, json) Hash identifier: xEWCR6L5OnGi2n4PB0sz0YDJSOfN4eMKs6s1iHxpH3U= Subject key identifier: AC:6B:22:B8:F0:85:28:23:6A:63:C7:BE:7F:A2:80:3D:5D:29:9B:58 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 21BDE66B5AA0C1FEC37E617015401F00F585EB11 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ba66f204-ef53-4c25-92d8-95b5c7db0e2f.roa Signing time: Mon 11 May 2026 00:21:16 +0000 ROA not before: Mon 11 May 2026 00:21:16 +0000 ROA not after: Sun 09 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:1040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:bd:e6:6b:5a:a0:c1:fe:c3:7e:61:70:15:40:1f:00:f5:85:eb:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 11 00:21:16 2026 GMT Not After : Aug 9 23:59:59 2026 GMT Subject: serialNumber=c838932627dcf69285ba169dc03fbb861c20183224ac1589e1634339c55cd71f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:30:a6:e2:2a:95:19:97:6c:ef:f4:71:d0:88: e8:1b:53:1f:67:a3:86:95:28:5d:ee:29:f5:91:95: 87:65:b7:3e:2e:23:e8:dd:ed:3b:c2:00:b1:93:2d: ac:b2:46:59:01:11:b0:07:5c:3d:2b:ce:96:03:89: b4:7f:d8:af:48:3b:c5:f7:d0:db:78:53:6d:36:7b: 9f:d6:50:d9:a1:26:45:76:01:20:34:f4:f6:ff:96: fb:0e:b9:88:2e:ed:0a:ad:40:20:b6:98:1a:a4:f8: 81:f3:04:89:c7:e3:59:85:77:f9:23:c7:d1:e5:45: e7:41:07:b2:6d:56:9a:a1:d5:18:d7:ab:a8:77:a4: 9e:86:32:93:76:73:61:ba:ed:51:c9:88:f1:0b:c1: ca:92:91:05:a7:13:ac:38:48:2c:d4:ab:51:68:33: 5d:b3:74:2f:38:c4:6d:53:80:ba:46:c8:b4:13:23: e9:11:72:c7:cf:13:15:95:40:ac:f4:80:81:db:37: 59:53:38:1d:12:e6:e7:49:03:ee:8d:92:7b:7d:ab: 12:40:c4:5c:31:ec:c1:c7:ca:d7:06:79:27:d6:58: 87:0c:25:83:d6:7f:8e:97:6d:62:96:52:74:d4:0f: c0:42:89:ac:42:33:78:8f:5d:8c:9b:0e:43:e1:f6: ea:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:6B:22:B8:F0:85:28:23:6A:63:C7:BE:7F:A2:80:3D:5D:29:9B:58 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ba66f204-ef53-4c25-92d8-95b5c7db0e2f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:1040::/48 Signature Algorithm: sha256WithRSAEncryption 60:f3:d7:2a:d0:e8:28:db:69:87:55:ac:2d:09:eb:e9:de:da: 27:00:8b:fe:43:25:89:95:f6:b0:71:27:57:3e:a9:3d:e2:e8: 7a:69:03:21:fb:c5:5f:24:70:83:f0:43:44:ec:04:30:f0:4c: 57:34:99:9b:e4:31:28:fe:75:01:3b:ea:34:97:03:08:dc:d5: 95:1b:4b:44:33:98:3e:fe:2e:79:d2:e0:13:97:7c:14:2a:eb: 06:63:4f:fc:51:42:11:f0:1e:56:99:6c:77:39:f3:61:d1:ee: b4:83:40:ae:af:ac:63:77:e3:0e:b0:41:3c:5e:d5:68:c6:7c: 62:28:1d:7b:44:ee:21:72:26:97:66:bf:9e:55:b8:7d:d6:07: 0a:ee:43:91:a9:02:4f:50:99:72:8f:8c:f7:44:3b:00:fa:19: 3b:5b:50:7e:4d:80:58:e7:4c:54:08:ee:19:88:14:71:ec:e7: 6d:8a:d4:da:e4:16:5c:4b:95:9d:bf:ef:bd:f3:ae:d5:3c:c2: 2f:c0:de:cf:db:b4:df:90:cc:57:14:22:b0:d8:d8:49:17:6a: 86:01:d6:d3:40:56:4b:88:60:84:73:2a:6c:18:08:48:29:91: bf:a1:3f:02:ee:d8:56:c5:ae:05:4c:ce:d2:ad:6f:2d:3c:bf: 37:64:4f:b0 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUIb3ma1qgwf7DfmFwFUAfAPWF6xEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMTAwMjExNloX DTI2MDgwOTIzNTk1OVowejFJMEcGA1UEBRNAYzgzODkzMjYyN2RjZjY5Mjg1YmEx NjlkYzAzZmJiODYxYzIwMTgzMjI0YWMxNTg5ZTE2MzQzMzljNTVjZDcxZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDCm4iqVGZds7/Rx0IjoG1MfZ6OG lShd7in1kZWHZbc+LiPo3e07wgCxky2sskZZARGwB1w9K86WA4m0f9ivSDvF99Db eFNtNnuf1lDZoSZFdgEgNPT2/5b7DrmILu0KrUAgtpgapPiB8wSJx+NZhXf5I8fR 5UXnQQeybVaaodUY16uod6SehjKTdnNhuu1RyYjxC8HKkpEFpxOsOEgs1KtRaDNd s3QvOMRtU4C6Rsi0EyPpEXLHzxMVlUCs9ICB2zdZUzgdEubnSQPujZJ7fasSQMRc MezBx8rXBnkn1liHDCWD1n+Ol21illJ01A/AQomsQjN4j12Mmw5D4fbqHQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFKxrIrjwhSgjamPHvn+igD1dKZtYMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JhNjZmMjA0LWVmNTMtNGMyNS05MmQ4LTk1YjVjN2RiMGUyZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/xBAMA0GCSqGSIb3DQEBCwUAA4IBAQBg89cq0Ogo22mHVawt Cevp3tonAIv+QyWJlfawcSdXPqk94uh6aQMh+8VfJHCD8ENE7AQw8ExXNJmb5DEo /nUBO+o0lwMI3NWVG0tEM5g+/i550uATl3wUKusGY0/8UUIR8B5WmWx3OfNh0e60 g0Cur6xjd+MOsEE8XtVoxnxiKB17RO4hciaXZr+eVbh91gcK7kORqQJPUJlyj4z3 RDsA+hk7W1B+TYBY50xUCO4ZiBRx7OdtitTa5BZcS5Wdv++9867VPMIvwN7P27Tf kMxXFCKw2NhJF2qGAdbTQFZLiGCEcypsGAhIKZG/oT8C7thWxa4FTM7SrW8tPL83 ZE+w -----END CERTIFICATE-----Generated at Tue May 12 23:38:12 2026 by rpki-client