$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ea6376bc-3f0a-4473-94e8-31ba637cd756.roa File: ea6376bc-3f0a-4473-94e8-31ba637cd756.roa (raw, json) Hash identifier: YI6gEbmwx9fpP1o+FCoVmvv8wQFchtjNjNsaTo2Wuns= Subject key identifier: C9:5C:2F:B1:4A:3F:13:0C:67:27:FF:28:8F:65:DD:FD:50:71:25:10 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7850EB3127C6B8AAD9D765953FA49E1CAA478CF0 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ea6376bc-3f0a-4473-94e8-31ba637cd756.roa Signing time: Tue 05 May 2026 00:01:17 +0000 ROA not before: Tue 05 May 2026 00:01:17 +0000 ROA not after: Mon 03 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf4:4800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78:50:eb:31:27:c6:b8:aa:d9:d7:65:95:3f:a4:9e:1c:aa:47:8c:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 5 00:01:17 2026 GMT Not After : Aug 3 23:59:59 2026 GMT Subject: serialNumber=fa3a5d0dab923eddd318ac54b1f8ebc5acd0376b3810c7fe14d17e0af9e9cfef, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:d0:80:c0:60:d9:b2:82:c5:06:b0:df:8f:78: b7:7e:07:67:5e:26:65:ba:ac:fc:13:05:de:09:de: bf:4c:e9:f0:f9:d3:94:72:40:d4:e1:9d:8f:09:41: 66:66:24:51:fb:4a:c3:c5:cd:d9:ef:77:31:2f:48: 17:73:1d:10:fc:3a:ec:a9:ea:11:e0:33:34:cb:82: e8:68:36:fd:19:7d:0d:3d:56:af:99:61:7c:03:56: cc:55:63:12:ea:5f:a2:69:ae:a6:52:db:51:c8:8d: b6:ba:b9:f7:0d:71:6a:48:c5:07:0b:27:f2:24:fb: de:af:1e:de:c1:eb:af:09:49:cc:84:a0:64:48:2d: 16:ab:e0:70:5c:2d:0a:a5:e5:69:d7:68:68:8a:7f: cd:45:ef:06:0b:72:d0:78:29:33:68:0c:45:4c:10: ab:09:a3:66:5f:03:a9:65:2a:5b:c6:93:92:8d:86: 56:60:39:94:6a:50:fd:31:10:62:1a:fe:9e:98:2a: 0b:85:94:99:70:7a:4b:32:dd:41:2a:c5:e2:7f:04: 79:f1:1f:2c:08:49:72:df:fb:3e:83:25:46:0e:ae: 58:ee:b9:2b:bf:95:20:93:63:c5:6d:05:57:74:52: d3:f7:18:2d:d3:0b:cd:8b:b8:5f:1f:44:45:50:2b: a4:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:5C:2F:B1:4A:3F:13:0C:67:27:FF:28:8F:65:DD:FD:50:71:25:10 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ea6376bc-3f0a-4473-94e8-31ba637cd756.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:4800::/40 Signature Algorithm: sha256WithRSAEncryption 70:e7:3d:55:15:38:ac:af:a2:77:0c:e0:31:1d:88:b1:f7:9e: fc:cb:4b:7f:1c:06:98:51:d5:f3:f0:be:fb:4f:d5:85:5a:5b: d9:23:59:d9:9b:94:17:20:19:5d:e3:fc:be:32:20:5b:78:c1: 80:7e:ad:48:be:e4:4d:cd:6c:cf:34:24:ab:44:74:a0:67:b9: cc:6d:25:43:cd:34:da:e8:18:19:8e:ba:06:9c:06:de:d4:06: b1:b5:ae:51:47:68:65:de:f6:99:14:ff:04:93:20:f7:ae:88: 02:7f:b8:e6:8e:b2:94:35:15:fc:86:4c:1a:20:5c:1b:60:7b: 10:4f:3f:73:e4:3c:56:36:72:0e:d6:e1:97:ed:b1:a9:9f:3b: e4:c8:c8:87:54:22:50:0b:5a:e8:e3:5a:1d:47:e8:d8:7e:23: 81:c1:be:2d:aa:13:32:a0:d2:a3:30:89:a7:48:77:8f:d7:6a: 29:d6:91:15:1e:9d:d1:c2:fc:22:4d:50:be:c7:fc:2f:85:0b: 89:42:5c:3f:bc:f0:51:f3:e1:65:9c:eb:00:1a:99:1f:be:1e: 96:a1:b3:1e:1c:fa:62:7e:43:33:8b:d2:91:e2:3f:24:a7:71: ef:1c:c1:4c:29:fa:61:68:09:55:d7:ee:1c:52:a8:1d:98:8e: c0:0a:36:27 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUeFDrMSfGuKrZ12WVP6SeHKpHjPAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwNTAwMDExN1oX DTI2MDgwMzIzNTk1OVowejFJMEcGA1UEBRNAZmEzYTVkMGRhYjkyM2VkZGQzMThh YzU0YjFmOGViYzVhY2QwMzc2YjM4MTBjN2ZlMTRkMTdlMGFmOWU5Y2ZlZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9CAwGDZsoLFBrDfj3i3fgdnXiZl uqz8EwXeCd6/TOnw+dOUckDU4Z2PCUFmZiRR+0rDxc3Z73cxL0gXcx0Q/DrsqeoR 4DM0y4LoaDb9GX0NPVavmWF8A1bMVWMS6l+iaa6mUttRyI22urn3DXFqSMUHCyfy JPverx7eweuvCUnMhKBkSC0Wq+BwXC0KpeVp12hoin/NRe8GC3LQeCkzaAxFTBCr CaNmXwOpZSpbxpOSjYZWYDmUalD9MRBiGv6emCoLhZSZcHpLMt1BKsXifwR58R8s CEly3/s+gyVGDq5Y7rkrv5Ugk2PFbQVXdFLT9xgt0wvNi7hfH0RFUCukKwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMlcL7FKPxMMZyf/KI9l3f1QcSUQMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2VhNjM3NmJjLTNmMGEtNDQ3My05NGU4LTMxYmE2MzdjZDc1Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9EgwDQYJKoZIhvcNAQELBQADggEBAHDnPVUVOKyvoncM4DEd iLH3nvzLS38cBphR1fPwvvtP1YVaW9kjWdmblBcgGV3j/L4yIFt4wYB+rUi+5E3N bM80JKtEdKBnucxtJUPNNNroGBmOugacBt7UBrG1rlFHaGXe9pkU/wSTIPeuiAJ/ uOaOspQ1FfyGTBogXBtgexBPP3PkPFY2cg7W4ZftsamfO+TIyIdUIlALWujjWh1H 6Nh+I4HBvi2qEzKg0qMwiadId4/XainWkRUendHC/CJNUL7H/C+FC4lCXD+88FHz 4WWc6wAamR++Hpahsx4c+mJ+QzOL0pHiPySnce8cwUwp+mFoCVXX7hxSqB2YjsAK Nic= -----END CERTIFICATE-----Generated at Wed May 13 00:26:06 2026 by rpki-client