$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d0716d05-e421-4b76-b3d0-5a92c5c93094.roa File: d0716d05-e421-4b76-b3d0-5a92c5c93094.roa (raw, json) Hash identifier: QTogwC1Q9emwAFFXI7KZdkc+ReVATEHavyMat2szXhU= Subject key identifier: 68:C0:1F:22:B0:89:0C:9E:61:FA:FF:18:0B:AC:95:BD:FC:50:26:8B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 11E3CFC187936399D744364D4D938CFAB6703CA1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d0716d05-e421-4b76-b3d0-5a92c5c93094.roa Signing time: Sat 09 May 2026 00:00:41 +0000 ROA not before: Sat 09 May 2026 00:00:41 +0000 ROA not after: Fri 07 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:70c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:e3:cf:c1:87:93:63:99:d7:44:36:4d:4d:93:8c:fa:b6:70:3c:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 9 00:00:41 2026 GMT Not After : Aug 7 23:59:59 2026 GMT Subject: serialNumber=a18c17a7f3c2e680f6bbcd0c344070a932ae869658347e76ab372cfc97ec2a1b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:25:7f:a0:f9:e7:9c:4c:4d:a2:6e:b8:ce:e2: 97:4a:84:63:71:8a:d8:3a:cf:62:5a:89:cd:89:d6: 24:b8:8a:f0:61:83:7b:47:b8:b5:35:8c:1d:f6:b7: 33:c7:01:0e:e1:5e:35:0a:30:c2:0a:88:cf:56:a6: 04:e1:4f:b0:c3:6b:09:19:46:0d:a1:fa:61:6c:88: 79:a2:5a:eb:10:d8:e0:42:b8:77:97:51:b3:91:92: c3:0a:59:ad:e7:b9:fe:79:65:09:6c:50:31:19:04: cb:64:c8:18:57:8b:fe:96:98:84:5f:f2:59:b1:5d: 99:0f:8a:64:9e:a6:13:95:12:3d:35:ae:50:b5:c4: fd:33:88:3b:0e:21:37:48:98:c1:fb:14:19:b0:25: 1e:4e:7b:81:37:97:d2:a1:c7:28:90:94:42:3d:3f: 02:6c:7e:ac:8e:ec:1e:8b:96:91:84:da:17:32:3f: 06:82:f2:2c:36:b0:18:2e:02:16:1f:26:b3:1d:c3: fa:8d:c5:d6:04:38:f0:18:5e:8e:c6:3b:d6:ac:cd: 2a:af:5b:38:78:39:ad:40:e5:e6:5a:9b:03:10:7b: 7a:a5:17:e2:bf:e5:da:f2:88:09:67:b1:1d:4b:64: 68:9f:8d:aa:81:2e:88:32:f1:ca:97:34:2a:34:85: 10:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:C0:1F:22:B0:89:0C:9E:61:FA:FF:18:0B:AC:95:BD:FC:50:26:8B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d0716d05-e421-4b76-b3d0-5a92c5c93094.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:70c0::/48 Signature Algorithm: sha256WithRSAEncryption 88:d8:7e:42:25:1f:d7:52:aa:cd:5e:c2:2f:60:99:fe:73:83: 97:0f:e2:01:86:72:aa:c4:4e:a7:29:32:03:ad:89:34:25:6a: 55:2d:ce:c2:ba:b4:c7:aa:4f:ba:38:6a:40:e3:fe:f5:8a:b9: c0:9b:02:7e:3f:f1:01:49:3c:39:50:a4:88:ca:c9:35:10:0b: 2f:b8:ba:9d:64:58:9c:1a:dc:1e:ac:e5:72:1d:68:4f:61:24: 40:a0:e7:91:8a:ef:d8:4c:0b:a6:e4:99:ee:d0:ec:cb:71:56: 30:6e:c9:b7:5a:b5:b8:92:ba:23:68:4b:72:f8:2b:74:a4:48: fe:61:6d:ca:91:38:4b:6a:e2:33:99:d6:cc:38:e3:a9:05:aa: b7:0d:1e:d7:c2:cc:ea:ea:d8:86:d5:17:7b:ad:e6:8d:5c:e1: 27:ac:d4:f4:8f:72:a3:96:f7:7f:dd:c8:d6:0e:91:23:8b:87: e6:aa:61:4c:37:28:93:95:bb:86:a6:4d:d1:21:24:5e:5d:6a: 18:25:6e:6b:20:24:89:00:59:8a:88:c0:a4:eb:29:2f:2f:47: c1:55:44:ee:2d:d0:36:07:e5:be:63:9c:f8:fa:18:1a:cf:02: f7:9b:b2:e2:42:0b:0c:4b:c5:5f:60:eb:6a:a9:a9:5c:de:2f: c8:f2:4f:49 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUEePPwYeTY5nXRDZNTZOM+rZwPKEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwOTAwMDA0MVoX DTI2MDgwNzIzNTk1OVowejFJMEcGA1UEBRNAYTE4YzE3YTdmM2MyZTY4MGY2YmJj ZDBjMzQ0MDcwYTkzMmFlODY5NjU4MzQ3ZTc2YWIzNzJjZmM5N2VjMmExYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSV/oPnnnExNom64zuKXSoRjcYrY Os9iWonNidYkuIrwYYN7R7i1NYwd9rczxwEO4V41CjDCCojPVqYE4U+ww2sJGUYN ofphbIh5olrrENjgQrh3l1GzkZLDClmt57n+eWUJbFAxGQTLZMgYV4v+lpiEX/JZ sV2ZD4pknqYTlRI9Na5QtcT9M4g7DiE3SJjB+xQZsCUeTnuBN5fSoccokJRCPT8C bH6sjuwei5aRhNoXMj8GgvIsNrAYLgIWHyazHcP6jcXWBDjwGF6OxjvWrM0qr1s4 eDmtQOXmWpsDEHt6pRfiv+Xa8ogJZ7EdS2Ron42qgS6IMvHKlzQqNIUQdQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFGjAHyKwiQyeYfr/GAuslb38UCaLMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2QwNzE2ZDA1LWU0MjEtNGI3Ni1iM2QwLTVhOTJjNWM5MzA5NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/3DAMA0GCSqGSIb3DQEBCwUAA4IBAQCI2H5CJR/XUqrNXsIv YJn+c4OXD+IBhnKqxE6nKTIDrYk0JWpVLc7CurTHqk+6OGpA4/71irnAmwJ+P/EB STw5UKSIysk1EAsvuLqdZFicGtwerOVyHWhPYSRAoOeRiu/YTAum5Jnu0OzLcVYw bsm3WrW4krojaEty+Ct0pEj+YW3KkThLauIzmdbMOOOpBaq3DR7Xwszq6tiG1Rd7 reaNXOEnrNT0j3Kjlvd/3cjWDpEji4fmqmFMNyiTlbuGpk3RISReXWoYJW5rICSJ AFmKiMCk6ykvL0fBVUTuLdA2B+W+Y5z4+hgazwL3m7LiQgsMS8VfYOtqqalc3i/I 8k9J -----END CERTIFICATE-----Generated at Wed May 13 00:08:49 2026 by rpki-client