$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/debc584f-82ae-4052-973f-96282869d7c9.roa File: debc584f-82ae-4052-973f-96282869d7c9.roa (raw, json) Hash identifier: jMA2U6Il9DCdhIl7CW7KCks+6vgiskiaQU0Rxrj3lNs= Subject key identifier: CD:2F:E2:9D:AA:06:09:B9:86:32:89:6B:C8:A5:C0:E3:8A:60:F0:81 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4ED4CCF1FBE33B41CBA4E93E4527234E1C107A30 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/debc584f-82ae-4052-973f-96282869d7c9.roa Signing time: Mon 11 May 2026 00:10:26 +0000 ROA not before: Mon 11 May 2026 00:10:26 +0000 ROA not after: Sun 09 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:20c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:d4:cc:f1:fb:e3:3b:41:cb:a4:e9:3e:45:27:23:4e:1c:10:7a:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 11 00:10:26 2026 GMT Not After : Aug 9 23:59:59 2026 GMT Subject: serialNumber=c744cb082434b10b8a1bad2bacdae9a58a0ee26438f51c3e4b3d059c7e4852f4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:81:22:64:3f:1d:5e:c0:e5:8d:4a:05:0b:71: 6a:38:61:f7:92:f0:7d:98:4b:d7:b9:44:65:76:ab: aa:b9:11:5c:80:81:7e:f7:0d:0a:e5:84:ba:f0:81: 1c:fd:bc:c4:99:02:61:a2:3f:59:51:b3:f2:21:68: ff:98:ac:80:ae:a9:8b:24:84:00:42:a2:2d:7b:9e: 1d:bf:bd:2b:9f:3d:25:90:55:56:a1:c2:13:8a:b0: b8:ef:de:5e:78:44:46:20:8e:ba:45:dc:43:8e:b1: 03:38:1f:da:6a:b2:62:a7:95:17:5c:3e:8d:71:47: c1:79:89:96:01:b1:c4:77:6d:93:63:43:ee:77:d7: d4:31:9f:da:91:50:7c:92:d0:cd:1f:6c:80:ae:ee: 60:77:54:9f:dd:c1:f2:ba:3b:4d:ae:5e:e9:11:0a: 35:8f:d9:e6:b3:d7:9f:2b:7a:e8:ad:54:c5:4a:4a: f7:ef:08:d0:cf:54:90:c4:05:3b:12:85:3b:ee:2f: d2:de:fb:4d:e2:d2:0f:9a:e7:74:43:ff:8d:15:ac: 75:cf:92:e0:26:0f:f6:4d:82:25:f6:79:f4:06:96: 3e:32:74:10:e9:3f:1a:73:f2:34:61:39:17:09:c7: 3c:c1:50:4e:56:b6:76:08:23:ca:98:66:22:dc:e3: 7b:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:2F:E2:9D:AA:06:09:B9:86:32:89:6B:C8:A5:C0:E3:8A:60:F0:81 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/debc584f-82ae-4052-973f-96282869d7c9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:20c0::/48 Signature Algorithm: sha256WithRSAEncryption 4c:7f:1e:f1:ed:1b:3e:cc:01:0e:90:d0:e2:db:00:59:4f:55: 25:b0:84:70:a8:62:64:ff:50:74:7e:86:f0:41:65:17:50:89: 15:83:c9:b2:c6:7c:ef:9b:2f:18:bf:76:14:71:e8:34:00:b5: ba:d6:b2:b1:67:34:49:79:1b:c7:7e:dd:71:c1:f3:a0:c7:80: f1:43:57:7f:b8:50:01:77:b9:ca:57:50:46:24:e8:e3:31:a9: 4d:fb:8e:3e:d8:d2:86:8c:65:70:57:b7:25:68:f9:23:a1:25: 3d:7b:98:3d:cc:6e:01:3e:4f:e4:c4:40:6d:56:0f:c4:05:79: 4f:11:52:a7:1d:a8:75:92:22:93:eb:96:b9:7c:43:22:e0:eb: 7e:be:b1:00:9b:ef:17:3b:f7:19:04:cd:80:5e:1d:c3:37:59: 5a:27:85:84:07:79:0b:88:0a:3a:f8:34:77:d1:c7:e7:9b:c6: 1d:8a:44:dd:3b:8a:2e:3e:73:1e:8b:b5:6b:3d:bf:9d:e2:fd: 43:07:73:13:57:2b:cf:16:a9:84:2e:58:44:9f:79:c3:19:71: 1e:b2:e6:fe:a3:8c:33:a2:04:cb:52:b7:8f:b6:2e:43:22:27: 66:1a:7c:a1:db:80:69:4f:ee:9b:6c:80:88:4d:b1:ac:b1:e2: a5:b1:92:f0 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUTtTM8fvjO0HLpOk+RScjThwQejAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMTAwMTAyNloX DTI2MDgwOTIzNTk1OVowejFJMEcGA1UEBRNAYzc0NGNiMDgyNDM0YjEwYjhhMWJh ZDJiYWNkYWU5YTU4YTBlZTI2NDM4ZjUxYzNlNGIzZDA1OWM3ZTQ4NTJmNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1YEiZD8dXsDljUoFC3FqOGH3kvB9 mEvXuURldququRFcgIF+9w0K5YS68IEc/bzEmQJhoj9ZUbPyIWj/mKyArqmLJIQA QqIte54dv70rnz0lkFVWocITirC4795eeERGII66RdxDjrEDOB/aarJip5UXXD6N cUfBeYmWAbHEd22TY0Pud9fUMZ/akVB8ktDNH2yAru5gd1Sf3cHyujtNrl7pEQo1 j9nms9efK3rorVTFSkr37wjQz1SQxAU7EoU77i/S3vtN4tIPmud0Q/+NFax1z5Lg Jg/2TYIl9nn0BpY+MnQQ6T8ac/I0YTkXCcc8wVBOVrZ2CCPKmGYi3ON7gwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFM0v4p2qBgm5hjKJa8ilwOOKYPCBMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RlYmM1ODRmLTgyYWUtNDA1Mi05NzNmLTk2MjgyODY5ZDdjOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYSDAMA0GCSqGSIb3DQEBCwUAA4IBAQBMfx7x7Rs+zAEOkNDi 2wBZT1UlsIRwqGJk/1B0fobwQWUXUIkVg8myxnzvmy8Yv3YUceg0ALW61rKxZzRJ eRvHft1xwfOgx4DxQ1d/uFABd7nKV1BGJOjjMalN+44+2NKGjGVwV7claPkjoSU9 e5g9zG4BPk/kxEBtVg/EBXlPEVKnHah1kiKT65a5fEMi4Ot+vrEAm+8XO/cZBM2A Xh3DN1laJ4WEB3kLiAo6+DR30cfnm8YdikTdO4ouPnMei7VrPb+d4v1DB3MTVyvP FqmELlhEn3nDGXEesub+o4wzogTLUrePti5DIidmGnyh24BpT+6bbICITbGsseKl sZLw -----END CERTIFICATE-----Generated at Tue May 12 23:41:02 2026 by rpki-client