$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d305eddf-3172-4e8c-905b-a0f82d07dd6c.roa File: d305eddf-3172-4e8c-905b-a0f82d07dd6c.roa (raw, json) Hash identifier: nCmN9UCKUbZcXoGhnKh6qAYjz8b1vSnW8QghkcgSPe4= Subject key identifier: 5F:37:EA:02:11:29:A3:2D:19:A2:AE:BC:71:BB:25:50:EE:AF:5E:DC Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 31568767B0D70C1E4D998CB00BBE548A1F3EDC93 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d305eddf-3172-4e8c-905b-a0f82d07dd6c.roa Signing time: Sat 02 May 2026 00:20:10 +0000 ROA not before: Sat 02 May 2026 00:20:10 +0000 ROA not after: Fri 31 Jul 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daea:80c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:56:87:67:b0:d7:0c:1e:4d:99:8c:b0:0b:be:54:8a:1f:3e:dc:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 2 00:20:10 2026 GMT Not After : Jul 31 23:59:59 2026 GMT Subject: serialNumber=d7fa20ed652d090ec717b970f23e91403488ac3d2a50907c50872028ea635636, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:cd:60:5f:2a:f7:5d:b7:92:7f:6f:a3:1c:cb: 2e:bf:58:99:b6:16:ca:41:57:76:09:a5:aa:51:c6: 1a:9f:52:ba:77:df:a5:d2:44:11:29:e8:5a:61:f4: f8:50:00:4a:c6:ed:43:e9:99:e8:95:f6:de:56:01: b0:b6:49:e5:e2:52:cf:85:01:fd:f5:0a:73:b6:df: fd:ad:c6:86:ba:44:ac:b3:e8:1b:b1:07:c6:71:c2: 76:e4:cb:45:20:cd:03:ed:14:5b:79:6c:4c:c1:fa: 54:42:74:d0:52:d8:92:3e:fd:f0:84:6b:45:d6:92: 79:c8:05:5f:3b:ee:77:3c:02:83:b7:24:1b:9c:5a: bd:1c:27:bf:9f:f8:9c:3b:83:80:33:ca:81:85:08: 1c:d1:5e:d5:af:16:1c:9e:9c:6a:66:04:04:d6:6d: de:2f:25:cf:b0:b9:47:a8:ce:ba:6f:39:07:5a:95: 32:38:a8:c4:b1:aa:c2:8f:ad:65:23:45:1e:5c:d0: af:f2:42:42:b8:2c:ba:60:e8:65:89:d2:1b:af:79: a5:1f:2b:90:09:fa:3b:5a:67:9c:32:fc:5c:e9:fa: 02:0a:ee:b0:d5:9f:33:76:99:a7:75:37:0d:37:f8: 92:1d:7b:b3:59:e1:8b:8a:38:a5:a4:02:cf:e8:37: 72:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:37:EA:02:11:29:A3:2D:19:A2:AE:BC:71:BB:25:50:EE:AF:5E:DC X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d305eddf-3172-4e8c-905b-a0f82d07dd6c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daea:80c0::/48 Signature Algorithm: sha256WithRSAEncryption 61:30:e8:95:25:8d:15:fa:b6:c6:f9:d5:0f:f8:ec:a4:bd:c2: 16:7d:bc:29:8c:33:aa:20:06:06:8f:c2:c2:be:6d:60:fe:ac: bc:59:d3:ec:73:d9:d6:4f:eb:e6:68:f2:23:2e:87:7c:0c:32: 50:98:27:b2:51:a7:2b:c8:ff:df:96:a6:7b:45:1c:a7:99:50: 1e:86:c5:33:f7:ee:b5:42:6a:8b:63:e4:a5:16:af:6c:2b:f5: 47:8e:80:1c:9e:69:74:17:b4:ef:d6:33:92:de:10:05:a5:b6: 76:94:c5:78:79:e2:d5:69:7d:35:a7:d3:1c:31:af:1a:7c:4b: d6:b4:4c:32:83:b5:7f:cc:ff:6a:09:b4:1b:3e:e4:5f:b0:51: 5c:90:aa:ea:37:a5:2b:b2:3f:d6:b9:25:1b:c0:f0:8e:fd:c8: f9:fd:b7:b1:c3:06:85:26:cc:8d:05:4c:e2:97:a5:93:35:51: 29:09:4f:b7:2b:a1:05:ec:bb:58:0c:2a:40:35:0d:6a:2d:12: 50:89:90:77:cc:1c:fa:81:10:90:aa:56:e0:02:95:f5:86:7f: c9:41:72:6f:74:b0:cc:ac:8c:60:cf:08:80:9f:4b:78:de:85: 09:04:84:62:28:fd:68:cf:c1:87:6a:1f:11:4e:e1:57:75:6b: e4:5a:58:f0 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUMVaHZ7DXDB5NmYywC75Uih8+3JMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwMjAwMjAxMFoX DTI2MDczMTIzNTk1OVowejFJMEcGA1UEBRNAZDdmYTIwZWQ2NTJkMDkwZWM3MTdi OTcwZjIzZTkxNDAzNDg4YWMzZDJhNTA5MDdjNTA4NzIwMjhlYTYzNTYzNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAys1gXyr3XbeSf2+jHMsuv1iZthbK QVd2CaWqUcYan1K6d9+l0kQRKehaYfT4UABKxu1D6ZnolfbeVgGwtknl4lLPhQH9 9Qpztt/9rcaGukSss+gbsQfGccJ25MtFIM0D7RRbeWxMwfpUQnTQUtiSPv3whGtF 1pJ5yAVfO+53PAKDtyQbnFq9HCe/n/icO4OAM8qBhQgc0V7VrxYcnpxqZgQE1m3e LyXPsLlHqM66bzkHWpUyOKjEsarCj61lI0UeXNCv8kJCuCy6YOhlidIbr3mlHyuQ Cfo7WmecMvxc6foCCu6w1Z8zdpmndTcNN/iSHXuzWeGLijilpALP6DdyYQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFF836gIRKaMtGaKuvHG7JVDur17cMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2QzMDVlZGRmLTMxNzItNGU4Yy05MDViLWEwZjgyZDA3ZGQ2Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba6oDAMA0GCSqGSIb3DQEBCwUAA4IBAQBhMOiVJY0V+rbG+dUP +OykvcIWfbwpjDOqIAYGj8LCvm1g/qy8WdPsc9nWT+vmaPIjLod8DDJQmCeyUacr yP/flqZ7RRynmVAehsUz9+61QmqLY+SlFq9sK/VHjoAcnml0F7Tv1jOS3hAFpbZ2 lMV4eeLVaX01p9McMa8afEvWtEwyg7V/zP9qCbQbPuRfsFFckKrqN6Ursj/WuSUb wPCO/cj5/bexwwaFJsyNBUzil6WTNVEpCU+3K6EF7LtYDCpANQ1qLRJQiZB3zBz6 gRCQqlbgApX1hn/JQXJvdLDMrIxgzwiAn0t43oUJBIRiKP1oz8GHah8RTuFXdWvk Wljw -----END CERTIFICATE-----Generated at Tue May 12 23:34:46 2026 by rpki-client