$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/be1922bc-9d75-4e8d-ba39-8044d8bf734b.roa File: be1922bc-9d75-4e8d-ba39-8044d8bf734b.roa (raw, json) Hash identifier: LTQR4WKm4Rq6ZsAIhZ4y7d6F+6/MRhJvpjCiSU6k/do= Subject key identifier: 7D:D9:C2:A3:F8:D2:A2:E7:0D:F8:9D:79:6B:64:99:5F:46:A7:54:27 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4B2FC88DB3C6EEED287F659EB82768ACAAB01522 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/be1922bc-9d75-4e8d-ba39-8044d8bf734b.roa Signing time: Tue 05 May 2026 00:01:11 +0000 ROA not before: Tue 05 May 2026 00:01:11 +0000 ROA not after: Mon 03 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf4:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:2f:c8:8d:b3:c6:ee:ed:28:7f:65:9e:b8:27:68:ac:aa:b0:15:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 5 00:01:11 2026 GMT Not After : Aug 3 23:59:59 2026 GMT Subject: serialNumber=2c62bd1c9eed958639b99039e6d1a1930039dc24c32db38fac934893cf6f0974, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:c8:ac:16:1b:4e:fc:7a:0d:03:aa:79:32:05: 1e:19:ce:9a:36:60:49:44:40:d8:3b:c1:8a:53:8e: b3:1a:17:4f:5c:27:2f:51:20:9a:a9:e0:f0:4d:3f: a5:49:97:ae:97:49:58:9f:1b:87:31:75:50:f7:81: 55:94:ac:95:80:3b:57:e3:17:f4:04:92:67:8f:1d: 21:c7:23:66:22:e1:6e:4b:52:1a:47:94:ad:7c:5f: b6:7b:75:1b:c2:ae:90:93:f0:e3:26:20:bc:59:10: 8e:66:4c:12:e1:05:dc:22:8d:b6:40:1b:a1:5b:24: 64:0a:ff:1d:16:fd:21:4d:dd:61:ec:18:e1:f0:bb: af:90:c8:e3:2e:02:32:60:9f:76:26:b4:5a:cb:14: 4d:07:53:42:22:cd:c4:64:69:0c:13:0d:38:1b:cc: 9f:95:50:c4:02:ae:33:02:e3:1b:59:4a:00:ed:02: 77:48:06:ac:fa:f7:21:34:e8:d5:b1:fc:11:e7:d7: 32:7e:7e:5b:62:8c:be:2b:46:10:fb:d5:aa:24:e8: 72:cc:e2:67:be:b5:1a:0b:20:86:f2:a7:1e:6e:a9: 15:69:f9:6b:be:1a:0f:51:6d:ff:2f:a1:7d:39:47: 26:54:78:15:a8:6a:a9:98:d5:5b:9a:e3:ac:a0:70: f8:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:D9:C2:A3:F8:D2:A2:E7:0D:F8:9D:79:6B:64:99:5F:46:A7:54:27 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/be1922bc-9d75-4e8d-ba39-8044d8bf734b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:b000::/40 Signature Algorithm: sha256WithRSAEncryption 8c:5c:1c:51:53:b1:8a:59:aa:bb:2f:93:ae:a6:5a:e3:09:16: c5:36:d0:c6:8e:5a:be:db:43:8f:a4:f3:ea:22:7b:f2:36:5e: 49:c0:ab:48:c0:ae:2a:15:a2:ba:1b:9e:d1:4c:c3:b4:e2:d4: 54:93:4e:c3:75:56:b0:54:bf:db:91:0f:b7:95:93:ef:30:68: 28:df:53:b7:34:66:cd:a5:c7:b3:34:aa:c4:fb:01:4d:4f:99: ba:fb:22:91:79:51:14:f9:ba:81:af:9e:c1:c4:bb:fb:0f:2b: ee:16:af:bd:46:d8:8d:ef:b3:82:5c:59:9b:6c:3f:b4:30:49: 28:30:2f:23:00:7a:70:02:21:70:71:23:67:9c:7a:6e:84:2a: 4e:98:89:a4:ed:a4:89:85:ae:60:d3:99:59:8b:6d:ec:4c:46: a5:49:df:53:99:12:e1:a1:e8:b5:81:8b:be:f8:20:e1:2b:31: e2:8c:b8:b9:62:54:ad:17:ac:67:e7:3f:50:b6:f9:79:e9:47: 03:59:ec:9e:86:7c:ca:16:26:f2:bf:c6:69:30:0e:bf:0c:3a: b1:98:cc:02:1f:ae:b8:67:24:c8:40:48:23:58:63:f9:b9:90: 33:fe:eb:8e:bb:1f:05:2e:dc:66:a4:63:2f:42:13:95:1f:80: 5e:9a:7b:b2 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUSy/IjbPG7u0of2WeuCdorKqwFSIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwNTAwMDExMVoX DTI2MDgwMzIzNTk1OVowejFJMEcGA1UEBRNAMmM2MmJkMWM5ZWVkOTU4NjM5Yjk5 MDM5ZTZkMWExOTMwMDM5ZGMyNGMzMmRiMzhmYWM5MzQ4OTNjZjZmMDk3NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsisFhtO/HoNA6p5MgUeGc6aNmBJ REDYO8GKU46zGhdPXCcvUSCaqeDwTT+lSZeul0lYnxuHMXVQ94FVlKyVgDtX4xf0 BJJnjx0hxyNmIuFuS1IaR5StfF+2e3Ubwq6Qk/DjJiC8WRCOZkwS4QXcIo22QBuh WyRkCv8dFv0hTd1h7Bjh8LuvkMjjLgIyYJ92JrRayxRNB1NCIs3EZGkMEw04G8yf lVDEAq4zAuMbWUoA7QJ3SAas+vchNOjVsfwR59cyfn5bYoy+K0YQ+9WqJOhyzOJn vrUaCyCG8qcebqkVaflrvhoPUW3/L6F9OUcmVHgVqGqpmNVbmuOsoHD4jwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFH3ZwqP40qLnDfideWtkmV9Gp1QnMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JlMTkyMmJjLTlkNzUtNGU4ZC1iYTM5LTgwNDRkOGJmNzM0Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9LAwDQYJKoZIhvcNAQELBQADggEBAIxcHFFTsYpZqrsvk66m WuMJFsU20MaOWr7bQ4+k8+oie/I2XknAq0jArioVorobntFMw7Ti1FSTTsN1VrBU v9uRD7eVk+8waCjfU7c0Zs2lx7M0qsT7AU1Pmbr7IpF5URT5uoGvnsHEu/sPK+4W r71G2I3vs4JcWZtsP7QwSSgwLyMAenACIXBxI2ecem6EKk6YiaTtpImFrmDTmVmL bexMRqVJ31OZEuGh6LWBi774IOErMeKMuLliVK0XrGfnP1C2+XnpRwNZ7J6GfMoW JvK/xmkwDr8MOrGYzAIfrrhnJMhASCNYY/m5kDP+6467HwUu3GakYy9CE5UfgF6a e7I= -----END CERTIFICATE-----Generated at Tue May 12 23:53:02 2026 by rpki-client