$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d8456f50-6ead-49e9-ad54-f384ac4008be.roa File: d8456f50-6ead-49e9-ad54-f384ac4008be.roa (raw, json) Hash identifier: P1Y70P7rLv6u1R3Q1O1aA3N9RUWKIQGMcx3sJQs7u94= Subject key identifier: 0F:AA:2C:4D:A7:A6:17:13:4A:FC:70:2D:C8:B3:36:9E:3A:14:B3:71 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5DA0BE91B533CA4C71168BF87ADB64429AFCB73D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d8456f50-6ead-49e9-ad54-f384ac4008be.roa Signing time: Tue 05 May 2026 00:00:58 +0000 ROA not before: Tue 05 May 2026 00:00:58 +0000 ROA not after: Mon 03 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab9:7000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:a0:be:91:b5:33:ca:4c:71:16:8b:f8:7a:db:64:42:9a:fc:b7:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 5 00:00:58 2026 GMT Not After : Aug 3 23:59:59 2026 GMT Subject: serialNumber=b8b8c383163ac3ba19e05a69faf83eb4dae497157ea1c3be1817d31656deffd2, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:eb:f4:c2:cc:af:df:68:b8:44:fb:c5:a8:2c: 3a:c5:c7:4c:c4:48:db:e8:12:7e:d7:f6:1b:d5:a0: 78:9e:57:94:b4:27:4e:97:f7:73:c9:1b:ce:21:39: 28:13:4e:34:99:58:61:76:06:0b:9b:f0:1f:ad:02: 07:a2:b7:06:a3:de:d7:6a:de:1c:ef:35:57:14:7c: 78:6a:3d:20:45:6b:dc:be:fe:78:f1:d8:4d:ea:c1: 6a:5c:e9:72:be:f0:2f:eb:04:6a:72:3c:f9:c2:ff: c8:cc:2b:7f:c0:cf:64:9c:2f:c4:bf:9c:4c:1b:a3: a2:6f:92:e4:82:8b:56:2e:ba:08:4c:61:c4:1e:2d: 79:5c:f5:78:49:6b:85:11:44:3f:c3:0d:d0:89:39: c0:6f:9e:4f:e7:70:7b:12:59:9b:4d:0b:db:78:e3: 64:0c:14:c9:41:3f:82:27:29:c0:d5:48:12:bd:5d: a4:5f:c0:f9:09:55:94:66:92:ba:dd:64:12:85:bf: 13:44:6c:65:26:b9:ac:34:da:b7:02:c3:1e:c3:55: 31:49:09:bf:14:61:7c:93:e2:32:91:c8:4d:b7:73: 34:6c:45:f9:66:35:9f:16:9c:59:65:1e:d9:e0:ce: 7e:d9:7d:0f:64:fb:4c:23:1b:3f:eb:9f:12:94:68: b6:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:AA:2C:4D:A7:A6:17:13:4A:FC:70:2D:C8:B3:36:9E:3A:14:B3:71 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d8456f50-6ead-49e9-ad54-f384ac4008be.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:7000::/40 Signature Algorithm: sha256WithRSAEncryption 40:73:b9:84:ae:8d:14:a5:f2:77:3f:d9:c4:55:cb:a6:b9:75: 4a:94:c7:cb:ee:2a:3d:26:50:8e:ab:ff:5c:02:58:df:4c:c1: 92:7c:70:44:d2:97:89:8c:2e:c5:54:5e:30:10:b1:f2:97:0d: d5:c6:b4:2f:3d:29:bb:88:84:f4:b1:7e:2c:26:c7:c6:5d:98: 73:dc:be:04:a7:4d:f1:40:76:c3:42:52:ee:b7:36:cc:50:19: 15:2b:df:86:f6:df:7c:b5:0c:e4:06:33:7c:60:20:04:10:81: b8:3a:a9:62:af:62:61:d4:8a:bd:ff:5b:8f:53:19:29:9f:2a: 22:21:85:94:10:c8:ef:a4:a7:27:94:6b:73:db:e8:e3:6b:97: c2:22:6d:7f:4b:8e:55:ad:39:99:03:e4:f9:5e:4d:c0:9a:47: 1c:b9:03:3c:e6:dc:6e:9a:9b:b0:c3:60:bb:f7:e6:a6:4e:7b: 82:3c:af:0f:96:98:a3:a5:02:09:29:3b:a6:63:01:14:35:fa: 16:85:4e:ec:1e:55:84:91:4e:68:f0:6b:71:29:e1:aa:f1:e1: 17:85:4f:de:50:fa:cb:59:99:47:a4:2a:bc:35:00:39:e2:da: fe:81:71:13:dd:ff:75:70:f5:47:64:4f:7b:3a:0f:d0:72:62: 2d:32:c6:a3 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUXaC+kbUzykxxFov4ettkQpr8tz0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwNTAwMDA1OFoX DTI2MDgwMzIzNTk1OVowejFJMEcGA1UEBRNAYjhiOGMzODMxNjNhYzNiYTE5ZTA1 YTY5ZmFmODNlYjRkYWU0OTcxNTdlYTFjM2JlMTgxN2QzMTY1NmRlZmZkMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyev0wsyv32i4RPvFqCw6xcdMxEjb 6BJ+1/Yb1aB4nleUtCdOl/dzyRvOITkoE040mVhhdgYLm/AfrQIHorcGo97Xat4c 7zVXFHx4aj0gRWvcvv548dhN6sFqXOlyvvAv6wRqcjz5wv/IzCt/wM9knC/Ev5xM G6Oib5LkgotWLroITGHEHi15XPV4SWuFEUQ/ww3QiTnAb55P53B7ElmbTQvbeONk DBTJQT+CJynA1UgSvV2kX8D5CVWUZpK63WQShb8TRGxlJrmsNNq3AsMew1UxSQm/ FGF8k+IykchNt3M0bEX5ZjWfFpxZZR7Z4M5+2X0PZPtMIxs/658SlGi23QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFA+qLE2nphcTSvxwLcizNp46FLNxMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q4NDU2ZjUwLTZlYWQtNDllOS1hZDU0LWYzODRhYzQwMDhiZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauXAwDQYJKoZIhvcNAQELBQADggEBAEBzuYSujRSl8nc/2cRV y6a5dUqUx8vuKj0mUI6r/1wCWN9MwZJ8cETSl4mMLsVUXjAQsfKXDdXGtC89KbuI hPSxfiwmx8ZdmHPcvgSnTfFAdsNCUu63NsxQGRUr34b233y1DOQGM3xgIAQQgbg6 qWKvYmHUir3/W49TGSmfKiIhhZQQyO+kpyeUa3Pb6ONrl8IibX9LjlWtOZkD5Ple TcCaRxy5Azzm3G6am7DDYLv35qZOe4I8rw+WmKOlAgkpO6ZjARQ1+haFTuweVYSR Tmjwa3Ep4arx4ReFT95Q+stZmUekKrw1ADni2v6BcRPd/3Vw9UdkT3s6D9ByYi0y xqM= -----END CERTIFICATE-----Generated at Wed May 13 01:09:23 2026 by rpki-client