$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f308a076-0e58-4b45-b7b0-474f5484be2e.roa File: f308a076-0e58-4b45-b7b0-474f5484be2e.roa (raw, json) Hash identifier: FLjtykp84hc/cdk+sPhzVzG4x9G1Npw3GrwMpB8YikY= Subject key identifier: 55:B2:C3:68:9E:25:9E:F4:D8:AC:67:FD:9F:B4:93:EF:70:A6:80:1C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6239F4DD412411E111BD7E288D686192FF8EF538 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f308a076-0e58-4b45-b7b0-474f5484be2e.roa Signing time: Tue 12 May 2026 00:01:14 +0000 ROA not before: Tue 12 May 2026 00:01:14 +0000 ROA not after: Mon 10 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daec:1000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:39:f4:dd:41:24:11:e1:11:bd:7e:28:8d:68:61:92:ff:8e:f5:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 12 00:01:14 2026 GMT Not After : Aug 10 23:59:59 2026 GMT Subject: serialNumber=5c88b38fce106f56668306ba7bbed5c5745544313d88e19e93e18dd7b3b77fed, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:a0:11:f1:b4:86:48:7c:52:6e:e9:75:5a:e8: 91:e5:d8:b8:db:07:f3:eb:9d:2b:a3:2e:00:8d:b4: ac:bf:d3:98:3e:1d:e1:57:f4:2e:0b:81:33:19:ca: 10:02:d0:16:9c:0e:93:e6:fa:8f:51:17:b5:b2:c3: b9:b6:31:56:28:25:f4:c2:9c:e0:92:cd:df:a9:89: 4f:04:fd:62:f1:b0:52:a8:f6:22:0c:a9:ae:68:fd: 4b:13:53:ef:39:80:2b:dd:24:de:bc:99:3c:a8:29: 05:66:61:38:c9:b0:7d:b6:8d:52:0f:25:d2:bd:69: 2a:cd:ff:8c:0f:a5:23:f2:9b:52:cd:38:5f:34:73: f4:dc:c6:4b:55:87:f9:df:ed:46:3e:bd:32:cd:26: 24:62:d8:65:f1:48:2f:0a:bc:43:40:bb:0d:d8:ac: 8e:b1:ca:76:44:31:ed:77:2e:7e:9e:be:c8:16:69: 9e:f7:17:9e:75:a0:6d:37:37:6d:d7:17:fd:21:b2: 1c:d3:40:07:a5:c0:e0:45:af:44:30:d9:50:6c:a6: ce:50:8b:df:8e:47:21:12:40:b3:45:ab:ad:14:ec: 6d:52:61:34:35:11:8f:eb:fe:f5:17:6d:89:4d:2f: 0e:cc:9a:04:3d:fc:ca:d7:68:f5:af:f4:d5:e3:ef: 52:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:B2:C3:68:9E:25:9E:F4:D8:AC:67:FD:9F:B4:93:EF:70:A6:80:1C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f308a076-0e58-4b45-b7b0-474f5484be2e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daec:1000::/48 Signature Algorithm: sha256WithRSAEncryption 47:03:7a:06:2a:f0:64:91:78:33:7d:80:02:69:f8:c1:d6:0a: d5:32:b3:a1:b8:83:12:fb:99:53:08:25:ce:60:27:0c:5f:84: fe:7a:94:31:fd:77:d4:92:bd:92:74:47:97:f6:7f:0f:d9:c3: 1f:5b:ed:f9:bf:cc:1b:95:0d:ed:40:bd:d8:bc:64:13:7b:f4: 19:18:5f:41:aa:2f:9a:50:45:b4:28:af:47:6c:05:90:c3:b4: e1:5e:29:08:a4:c4:1e:b2:6a:75:d5:b5:8e:64:4e:e1:a9:08: f6:84:a3:ee:a8:fa:93:23:0d:98:9a:32:0c:6a:c0:fd:01:52: 35:b2:e1:03:07:3b:bd:8d:e2:4d:57:e0:c7:bb:91:8b:ba:d0: 4d:26:5c:85:d6:92:09:df:50:e9:e5:3b:c7:43:6e:27:01:e5: ed:60:ac:73:1f:5d:ab:e3:f5:a6:db:17:58:cc:4c:80:99:be: 4c:7b:fb:6a:7d:d1:38:ed:9f:c7:19:0e:10:5e:bc:43:1d:30: ae:98:5f:ec:4b:0a:03:a5:1c:91:a1:76:2d:00:16:40:aa:db: b3:f3:e7:6e:0c:48:93:26:ef:ff:db:27:0c:6d:31:cb:3c:bb: ed:d1:7f:d3:eb:6a:02:fd:cd:aa:bc:ce:f9:6f:0d:7c:eb:b9: 05:6c:db:ee -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUYjn03UEkEeERvX4ojWhhkv+O9TgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMjAwMDExNFoX DTI2MDgxMDIzNTk1OVowejFJMEcGA1UEBRNANWM4OGIzOGZjZTEwNmY1NjY2ODMw NmJhN2JiZWQ1YzU3NDU1NDQzMTNkODhlMTllOTNlMThkZDdiM2I3N2ZlZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaAR8bSGSHxSbul1WuiR5di42wfz 650roy4AjbSsv9OYPh3hV/QuC4EzGcoQAtAWnA6T5vqPURe1ssO5tjFWKCX0wpzg ks3fqYlPBP1i8bBSqPYiDKmuaP1LE1PvOYAr3STevJk8qCkFZmE4ybB9to1SDyXS vWkqzf+MD6Uj8ptSzThfNHP03MZLVYf53+1GPr0yzSYkYthl8UgvCrxDQLsN2KyO scp2RDHtdy5+nr7IFmme9xeedaBtNzdt1xf9IbIc00AHpcDgRa9EMNlQbKbOUIvf jkchEkCzRautFOxtUmE0NRGP6/71F22JTS8OzJoEPfzK12j1r/TV4+9SjQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFFWyw2ieJZ702Kxn/Z+0k+9wpoAcMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2YzMDhhMDc2LTBlNTgtNGI0NS1iN2IwLTQ3NGY1NDg0YmUyZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba7BAAMA0GCSqGSIb3DQEBCwUAA4IBAQBHA3oGKvBkkXgzfYAC afjB1grVMrOhuIMS+5lTCCXOYCcMX4T+epQx/XfUkr2SdEeX9n8P2cMfW+35v8wb lQ3tQL3YvGQTe/QZGF9Bqi+aUEW0KK9HbAWQw7ThXikIpMQesmp11bWOZE7hqQj2 hKPuqPqTIw2YmjIMasD9AVI1suEDBzu9jeJNV+DHu5GLutBNJlyF1pIJ31Dp5TvH Q24nAeXtYKxzH12r4/Wm2xdYzEyAmb5Me/tqfdE47Z/HGQ4QXrxDHTCumF/sSwoD pRyRoXYtABZAqtuz8+duDEiTJu//2ycMbTHLPLvt0X/T62oC/c2qvM75bw1867kF bNvu -----END CERTIFICATE-----Generated at Tue May 12 23:44:32 2026 by rpki-client