$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dd2c2945-d487-4697-92e0-60bea4ebc9ee.roa File: dd2c2945-d487-4697-92e0-60bea4ebc9ee.roa (raw, json) Hash identifier: d2ivXSNpSLaYI956x5JIffK0aNAVRe4BBwkb08p9B30= Subject key identifier: 4A:AB:8D:8B:39:B9:92:EB:81:8C:21:E5:3E:4C:D9:46:9F:21:45:10 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 057C10CC24DAF692EC2960406ABBD70117CF5E41 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dd2c2945-d487-4697-92e0-60bea4ebc9ee.roa Signing time: Sat 02 May 2026 00:11:09 +0000 ROA not before: Sat 02 May 2026 00:11:09 +0000 ROA not after: Fri 31 Jul 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daea:8840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:7c:10:cc:24:da:f6:92:ec:29:60:40:6a:bb:d7:01:17:cf:5e:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 2 00:11:09 2026 GMT Not After : Jul 31 23:59:59 2026 GMT Subject: serialNumber=bce338850acc100849f1db90e179bc6156cbd8babb4843cfe0493f34c72789e4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:e3:d7:56:f8:5b:86:3e:7c:5a:34:c2:a6:cb: 83:a2:a9:20:e9:c2:ae:2d:f9:1e:71:be:cb:63:02: 95:f9:29:08:03:e9:5d:4c:e0:bb:55:93:14:5b:f2: 91:9a:62:f5:13:3c:d7:28:59:19:69:49:29:41:36: f5:d5:62:01:00:66:4f:4e:ba:4a:6e:1e:72:19:0f: e6:fa:47:9f:29:45:65:a7:9d:69:8c:22:24:16:17: 46:2e:05:64:ec:54:67:98:7d:21:d4:cf:d8:ae:c0: 0b:80:6d:19:4b:56:1a:fc:b6:2c:1b:35:b9:a4:b4: a2:30:39:ad:4a:29:ad:6a:3e:f0:18:f6:c9:df:67: 35:ef:3d:26:4e:c6:2d:57:b1:99:fe:ef:06:05:88: 8a:33:05:b8:c9:bb:8d:4e:aa:21:d1:e0:84:f1:93: 88:a0:11:8e:b3:39:2d:5c:03:8d:70:ff:04:d3:7c: 75:68:cb:b8:ce:7a:c1:75:40:41:0b:2b:7c:12:18: 71:5e:4d:3f:4d:84:5e:b9:8a:ac:a6:fb:7e:ff:2f: 4b:b0:07:f8:06:86:bc:68:08:08:10:b4:7a:2b:b3: 93:98:77:bb:d1:29:0c:67:db:02:fb:17:1a:cd:47: ef:d2:d0:60:99:1e:df:85:d4:ae:44:de:5f:9c:ce: 28:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:AB:8D:8B:39:B9:92:EB:81:8C:21:E5:3E:4C:D9:46:9F:21:45:10 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dd2c2945-d487-4697-92e0-60bea4ebc9ee.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daea:8840::/48 Signature Algorithm: sha256WithRSAEncryption 1c:0f:ea:d7:ae:4d:9d:e1:cd:b2:b6:64:4f:7e:5a:a4:06:3c: 43:b7:73:66:8f:f1:c7:24:47:8f:cc:cb:9f:27:8e:83:62:48: 2a:1f:b7:ce:a9:b2:1d:8b:43:b6:b5:01:cb:50:11:a3:83:0c: 04:0b:7e:18:10:16:58:e0:b7:b2:b7:69:1f:a4:9e:95:22:fe: 47:56:80:d6:76:50:78:bb:4a:47:64:89:13:7b:b4:6a:bc:07: 7e:05:f6:6b:5c:97:4d:2b:d6:ca:43:68:fe:43:ac:f5:9d:36: ff:12:af:5d:08:ab:e7:ad:81:b9:2e:f2:3d:b6:a1:69:98:6e: 53:b0:1a:70:12:42:c4:90:05:ea:5d:ef:f4:13:a2:7e:b2:4e: d3:64:27:03:ca:b3:d3:1a:15:90:ac:5f:f0:78:51:45:a9:e3: bc:7c:8b:fc:4e:38:89:dc:6c:e2:88:3f:45:bc:ba:7f:02:57: 5e:eb:83:0b:75:2e:aa:7a:ca:ef:c6:53:7f:8a:19:81:db:fa: 02:c6:3b:a1:65:f4:00:a0:e5:7f:05:44:8c:d4:d3:4c:68:bd: 7a:5c:a4:87:94:90:9d:a6:56:66:79:e9:a5:65:cb:82:a3:1d: 88:e9:e8:d8:83:6a:db:b7:e1:92:34:b1:fb:9f:40:ed:c3:cb: a9:bf:dc:ee -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUBXwQzCTa9pLsKWBAarvXARfPXkEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwMjAwMTEwOVoX DTI2MDczMTIzNTk1OVowejFJMEcGA1UEBRNAYmNlMzM4ODUwYWNjMTAwODQ5ZjFk YjkwZTE3OWJjNjE1NmNiZDhiYWJiNDg0M2NmZTA0OTNmMzRjNzI3ODllNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+PXVvhbhj58WjTCpsuDoqkg6cKu Lfkecb7LYwKV+SkIA+ldTOC7VZMUW/KRmmL1EzzXKFkZaUkpQTb11WIBAGZPTrpK bh5yGQ/m+kefKUVlp51pjCIkFhdGLgVk7FRnmH0h1M/YrsALgG0ZS1Ya/LYsGzW5 pLSiMDmtSimtaj7wGPbJ32c17z0mTsYtV7GZ/u8GBYiKMwW4ybuNTqoh0eCE8ZOI oBGOszktXAONcP8E03x1aMu4znrBdUBBCyt8EhhxXk0/TYReuYqspvt+/y9LsAf4 Boa8aAgIELR6K7OTmHe70SkMZ9sC+xcazUfv0tBgmR7fhdSuRN5fnM4oTQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFEqrjYs5uZLrgYwh5T5M2UafIUUQMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RkMmMyOTQ1LWQ0ODctNDY5Ny05MmUwLTYwYmVhNGViYzllZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba6ohAMA0GCSqGSIb3DQEBCwUAA4IBAQAcD+rXrk2d4c2ytmRP flqkBjxDt3Nmj/HHJEePzMufJ46DYkgqH7fOqbIdi0O2tQHLUBGjgwwEC34YEBZY 4Leyt2kfpJ6VIv5HVoDWdlB4u0pHZIkTe7RqvAd+BfZrXJdNK9bKQ2j+Q6z1nTb/ Eq9dCKvnrYG5LvI9tqFpmG5TsBpwEkLEkAXqXe/0E6J+sk7TZCcDyrPTGhWQrF/w eFFFqeO8fIv8TjiJ3GziiD9FvLp/Alde64MLdS6qesrvxlN/ihmB2/oCxjuhZfQA oOV/BUSM1NNMaL16XKSHlJCdplZmeemlZcuCox2I6ejYg2rbt+GSNLH7n0Dtw8up v9zu -----END CERTIFICATE-----Generated at Tue May 12 23:26:41 2026 by rpki-client