$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d6d439a9-d0b0-44a2-b326-95d1592e6156.roa File: d6d439a9-d0b0-44a2-b326-95d1592e6156.roa (raw, json) Hash identifier: HZxv0xU7kDV6Fb7xuLHyB1+nTx0QxceAI0BFrVCcSUs= Subject key identifier: B9:5A:8F:54:2C:B7:3C:B4:FD:97:FE:E2:E7:4A:78:D6:65:F3:0C:C8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 51CB060355F20F2C3CD9ECBA59589522C547C798 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d6d439a9-d0b0-44a2-b326-95d1592e6156.roa Signing time: Wed 06 May 2026 00:00:10 +0000 ROA not before: Wed 06 May 2026 00:00:10 +0000 ROA not after: Tue 04 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da60:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:cb:06:03:55:f2:0f:2c:3c:d9:ec:ba:59:58:95:22:c5:47:c7:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 6 00:00:10 2026 GMT Not After : Aug 4 23:59:59 2026 GMT Subject: serialNumber=6f4d9b98c63117cf8cd23771fb983a212228869c12511bbb546922d1df6c8dd2, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:22:e6:b4:b8:68:f0:52:f4:8c:fa:13:bc:8d: 95:dc:59:b2:2c:e3:de:f4:20:74:7f:be:97:36:64: 08:e2:5e:42:e8:71:ff:32:0f:98:8f:9d:c2:41:28: 1a:bd:fc:e0:2b:a1:07:ca:04:b5:4c:ae:89:92:0b: 30:c2:69:f9:fa:10:be:51:d7:6e:82:4c:81:3f:ec: f1:28:b7:67:02:40:28:00:1e:3b:e2:6e:92:c5:bd: de:5b:1b:e6:48:bb:03:23:aa:a4:35:61:d7:16:99: 27:93:ad:10:6d:59:5f:16:7e:85:95:c0:d6:5d:bf: a6:a7:4f:32:70:8f:f7:b2:2e:46:02:61:f7:a5:da: 6a:5a:3d:6a:d1:32:41:e6:52:e9:8b:f7:3a:c0:71: 90:5f:23:aa:46:d4:89:76:01:f5:43:5c:7e:d1:19: ce:8c:a3:d2:40:d5:69:df:be:75:22:e4:9c:3b:15: 9b:5b:93:74:ee:eb:a1:39:8a:77:01:ad:fd:40:01: 71:07:f8:1d:fb:96:a2:11:46:17:f7:14:e2:81:79: 3f:b7:6b:96:99:9b:cc:10:33:ea:b0:05:19:a4:25: 0a:f9:37:25:c4:54:84:09:af:20:78:d4:33:b1:27: 95:dd:fe:86:5d:9f:fc:2f:22:d5:7f:6c:4e:b2:b7: 72:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:5A:8F:54:2C:B7:3C:B4:FD:97:FE:E2:E7:4A:78:D6:65:F3:0C:C8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d6d439a9-d0b0-44a2-b326-95d1592e6156.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60:e000::/40 Signature Algorithm: sha256WithRSAEncryption 8a:41:16:c7:7b:ff:41:3e:99:4e:f7:ed:b3:6d:d1:cc:4c:48: d5:38:90:f7:eb:15:cb:fa:68:9f:11:fc:d2:57:12:c5:65:4e: 49:e0:bc:14:83:73:10:17:9a:a1:19:d8:2b:a7:4f:cb:70:dc: 75:db:88:fb:8d:bf:b7:e4:4e:3d:ee:02:33:25:1d:db:26:49: 93:dd:42:3c:17:25:cf:6d:5f:d1:25:b4:47:34:bf:68:d0:6a: 22:39:f2:1e:fb:eb:43:3e:f8:f0:c9:ce:f4:68:f2:33:a6:85: fa:0d:8d:5e:41:81:ef:10:a0:9c:93:95:7f:ee:6d:e0:a3:98: ff:77:ef:9f:97:7c:45:6b:0d:70:fc:39:bf:d7:ec:9e:01:d1: c5:c8:4d:7e:a2:61:bd:be:1e:65:0b:eb:4f:ca:ee:3a:18:fa: 77:3d:91:ef:60:8a:9f:4f:75:da:a4:a8:64:35:cb:56:47:1d: 25:7a:e1:29:8a:5d:e1:34:77:e2:69:b0:70:6d:33:1e:c6:33: f2:e9:a5:89:0d:64:09:21:2f:ab:53:67:50:45:b9:5f:54:15: d7:da:b4:02:d2:34:61:da:83:ad:e4:20:52:b8:ab:79:5c:5b: a6:94:df:3f:d2:e3:0d:8d:c8:ec:ec:2d:59:e7:21:a1:f6:02: cd:22:7d:b4 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUUcsGA1XyDyw82ey6WViVIsVHx5gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwNjAwMDAxMFoX DTI2MDgwNDIzNTk1OVowejFJMEcGA1UEBRNANmY0ZDliOThjNjMxMTdjZjhjZDIz NzcxZmI5ODNhMjEyMjI4ODY5YzEyNTExYmJiNTQ2OTIyZDFkZjZjOGRkMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySLmtLho8FL0jPoTvI2V3FmyLOPe 9CB0f76XNmQI4l5C6HH/Mg+Yj53CQSgavfzgK6EHygS1TK6Jkgswwmn5+hC+Uddu gkyBP+zxKLdnAkAoAB474m6Sxb3eWxvmSLsDI6qkNWHXFpknk60QbVlfFn6FlcDW Xb+mp08ycI/3si5GAmH3pdpqWj1q0TJB5lLpi/c6wHGQXyOqRtSJdgH1Q1x+0RnO jKPSQNVp3751IuScOxWbW5N07uuhOYp3Aa39QAFxB/gd+5aiEUYX9xTigXk/t2uW mZvMEDPqsAUZpCUK+TclxFSECa8geNQzsSeV3f6GXZ/8LyLVf2xOsrdyzQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLlaj1Qstzy0/Zf+4udKeNZl8wzIMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q2ZDQzOWE5LWQwYjAtNDRhMi1iMzI2LTk1ZDE1OTJlNjE1Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYOAwDQYJKoZIhvcNAQELBQADggEBAIpBFsd7/0E+mU737bNt 0cxMSNU4kPfrFcv6aJ8R/NJXEsVlTkngvBSDcxAXmqEZ2CunT8tw3HXbiPuNv7fk Tj3uAjMlHdsmSZPdQjwXJc9tX9EltEc0v2jQaiI58h7760M++PDJzvRo8jOmhfoN jV5Bge8QoJyTlX/ubeCjmP9375+XfEVrDXD8Ob/X7J4B0cXITX6iYb2+HmUL60/K 7joY+nc9ke9gip9PddqkqGQ1y1ZHHSV64SmKXeE0d+JpsHBtMx7GM/LppYkNZAkh L6tTZ1BFuV9UFdfatALSNGHag63kIFK4q3lcW6aU3z/S4w2NyOzsLVnnIaH2As0i fbQ= -----END CERTIFICATE-----Generated at Tue May 12 23:30:07 2026 by rpki-client