$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bf7dfcf8-ba0c-47e9-8ddb-6a6d8ec70412.roa File: bf7dfcf8-ba0c-47e9-8ddb-6a6d8ec70412.roa (raw, json) Hash identifier: S81NbhxXzFjU5pgUaptpwovmLGfsTBsJwAKuk7UYGCY= Subject key identifier: 34:DD:77:22:48:7C:CF:3F:80:38:7B:7C:62:96:F7:8C:E8:BF:72:E3 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6BAA9893DDE102A0E7067426B9EE94A54AA7ABEE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bf7dfcf8-ba0c-47e9-8ddb-6a6d8ec70412.roa Signing time: Sat 02 May 2026 00:11:07 +0000 ROA not before: Sat 02 May 2026 00:11:07 +0000 ROA not after: Fri 31 Jul 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daa0:c800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:aa:98:93:dd:e1:02:a0:e7:06:74:26:b9:ee:94:a5:4a:a7:ab:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 2 00:11:07 2026 GMT Not After : Jul 31 23:59:59 2026 GMT Subject: serialNumber=3b3e393dc417355f6b985449c6cfb993c54b7a734a8e157983238092e85c9dca, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:23:2c:0b:69:91:b4:e5:f0:3b:58:b9:5b:a1: 25:6f:bd:b5:76:1e:a9:88:8c:75:95:b4:93:54:69: 87:e5:ed:1a:83:88:76:cb:dc:39:dd:3d:42:ec:45: e3:7d:1e:1a:7c:c5:2e:e0:06:8d:75:69:ef:20:fc: 04:cf:55:77:76:2d:94:e9:83:54:5c:1d:1e:71:24: a8:60:35:ae:7f:a4:d6:4f:bd:df:58:62:ec:ca:27: 0c:33:12:bf:86:70:ab:26:fe:72:9d:1a:fe:35:32: 19:cd:dc:34:e5:21:5d:4a:32:33:b0:78:91:ad:bf: ac:e7:e5:cc:44:2c:92:82:67:68:01:fd:ba:80:09: 02:7e:81:af:c2:b8:a5:d8:3f:ca:99:bc:b9:d8:68: b6:66:bd:f0:ac:c0:38:72:46:96:80:fa:8f:14:fe: 94:56:9d:07:e1:23:15:f5:8b:81:02:29:48:e1:d0: f2:ca:0c:42:69:01:23:3c:ac:80:92:a6:aa:b4:71: ae:1c:92:5c:e3:2e:f2:e5:ca:49:18:d0:59:c3:87: d3:6c:54:f6:4d:cd:07:ac:9e:00:f4:81:aa:da:3b: 26:0b:57:17:cc:76:16:cb:76:97:13:0b:b5:05:3e: 8f:8b:e2:80:f8:9f:3b:cc:ee:28:24:1c:6e:df:bd: 45:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:DD:77:22:48:7C:CF:3F:80:38:7B:7C:62:96:F7:8C:E8:BF:72:E3 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bf7dfcf8-ba0c-47e9-8ddb-6a6d8ec70412.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daa0:c800::/40 Signature Algorithm: sha256WithRSAEncryption 3c:f4:3b:7a:9b:8d:65:a4:1b:01:a7:3d:98:2f:2e:70:ca:ad: d8:d6:22:b4:a9:bf:dd:32:3d:f7:ae:ab:f3:54:b0:57:f5:ee: 0a:b4:2d:8e:15:f8:62:f4:d8:12:f3:0b:9c:be:7d:1e:6c:17: 06:89:e2:a5:bb:5a:43:09:93:f8:8e:02:7d:30:fb:e6:34:43: 95:42:4c:f1:ac:65:cf:b0:8c:9c:d4:eb:86:1c:e7:94:15:08: 4e:65:ad:91:e9:77:7d:8e:ec:96:19:ae:2e:3d:98:34:8c:9a: 26:f3:c0:55:db:d5:1b:eb:8f:2e:08:43:fa:b6:4d:07:0c:4f: 27:14:42:e7:da:00:7d:25:92:a0:2b:51:83:db:c4:c5:b7:ce: 56:9f:1d:6a:d9:68:6c:3e:bf:d2:35:6c:ac:23:a9:27:34:e3: 68:75:70:02:3f:53:06:75:6d:45:39:13:25:66:09:cb:8c:ea: 72:67:bc:64:26:85:c9:4d:4e:5a:9a:f7:06:ed:04:7d:da:3d: a3:b2:14:80:5a:cf:1a:81:c8:a8:43:dc:c6:97:5b:f4:95:96: a1:d2:61:ed:fa:92:a8:83:ce:d9:f4:29:cb:a3:37:72:d8:d9: 65:bb:c0:0d:c8:0a:ab:13:89:95:1e:f6:29:a3:0c:31:be:c0: ea:89:33:0f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUa6qYk93hAqDnBnQmue6UpUqnq+4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwMjAwMTEwN1oX DTI2MDczMTIzNTk1OVowejFJMEcGA1UEBRNAM2IzZTM5M2RjNDE3MzU1ZjZiOTg1 NDQ5YzZjZmI5OTNjNTRiN2E3MzRhOGUxNTc5ODMyMzgwOTJlODVjOWRjYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCMsC2mRtOXwO1i5W6Elb721dh6p iIx1lbSTVGmH5e0ag4h2y9w53T1C7EXjfR4afMUu4AaNdWnvIPwEz1V3di2U6YNU XB0ecSSoYDWuf6TWT73fWGLsyicMMxK/hnCrJv5ynRr+NTIZzdw05SFdSjIzsHiR rb+s5+XMRCySgmdoAf26gAkCfoGvwril2D/Kmby52Gi2Zr3wrMA4ckaWgPqPFP6U Vp0H4SMV9YuBAilI4dDyygxCaQEjPKyAkqaqtHGuHJJc4y7y5cpJGNBZw4fTbFT2 Tc0HrJ4A9IGq2jsmC1cXzHYWy3aXEwu1BT6Pi+KA+J87zO4oJBxu371FNQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDTddyJIfM8/gDh7fGKW94zov3LjMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JmN2RmY2Y4LWJhMGMtNDdlOS04ZGRiLTZhNmQ4ZWM3MDQxMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaoMgwDQYJKoZIhvcNAQELBQADggEBADz0O3qbjWWkGwGnPZgv LnDKrdjWIrSpv90yPfeuq/NUsFf17gq0LY4V+GL02BLzC5y+fR5sFwaJ4qW7WkMJ k/iOAn0w++Y0Q5VCTPGsZc+wjJzU64Yc55QVCE5lrZHpd32O7JYZri49mDSMmibz wFXb1Rvrjy4IQ/q2TQcMTycUQufaAH0lkqArUYPbxMW3zlafHWrZaGw+v9I1bKwj qSc042h1cAI/UwZ1bUU5EyVmCcuM6nJnvGQmhclNTlqa9wbtBH3aPaOyFIBazxqB yKhD3MaXW/SVlqHSYe36kqiDztn0KcujN3LY2WW7wA3ICqsTiZUe9imjDDG+wOqJ Mw8= -----END CERTIFICATE-----Generated at Wed May 13 00:10:02 2026 by rpki-client