$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f695f86c-1862-4357-8961-1e5b809c4811.roa File: f695f86c-1862-4357-8961-1e5b809c4811.roa (raw, json) Hash identifier: DRrasLceRjiYUKD1YdlPJbMGnZioW/xp3axDhISb6CM= Subject key identifier: 92:CC:6A:9C:72:98:B9:D4:B2:5A:96:8D:96:83:86:86:DC:1C:29:EA Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0299304C395AC0251480A7BC3D4041D599F2D624 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f695f86c-1862-4357-8961-1e5b809c4811.roa Signing time: Mon 11 May 2026 00:21:32 +0000 ROA not before: Mon 11 May 2026 00:21:32 +0000 ROA not after: Sun 09 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:a000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:99:30:4c:39:5a:c0:25:14:80:a7:bc:3d:40:41:d5:99:f2:d6:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 11 00:21:32 2026 GMT Not After : Aug 9 23:59:59 2026 GMT Subject: serialNumber=fc6957b6558420b9f8dd939f7808d983d8ceaebcb11a595afd1a750947e0a2b8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:52:ec:d6:7d:c7:23:ea:30:46:28:d3:00:f4: a3:f4:3b:d1:1d:a3:0a:49:e7:a7:eb:df:26:59:f4: ad:cf:d4:e0:ae:c3:38:dd:c9:ab:12:8e:e1:1a:23: 7c:98:1a:0d:70:ab:0e:bc:fb:ec:8d:a0:01:73:d6: ea:f8:fe:68:4d:8e:04:9a:5c:d1:a5:2c:6c:60:3a: 90:50:38:6c:8e:c1:44:6b:67:32:35:06:e6:8e:11: 0a:b9:ec:53:fb:c3:2c:06:14:71:43:fe:4d:aa:82: 81:aa:62:5a:fb:b2:cb:41:b6:7c:fe:e0:89:45:5d: 53:6a:5c:a3:fd:26:89:d1:82:44:94:2d:f5:08:a1: 7f:67:6e:23:12:ab:53:bb:0f:f2:d8:da:fe:9b:2d: 2d:d9:63:3b:1d:09:26:6b:fa:39:c5:95:42:dd:b9: da:68:b7:1c:e6:0c:4d:de:a7:44:84:0f:55:6d:b6: 75:ef:5f:13:fa:77:51:c7:88:93:5c:7e:f6:aa:d5: 42:f2:70:3a:bc:ac:b0:65:c8:21:c5:a6:2f:21:1c: 15:7e:86:1f:3c:2c:f4:75:f9:99:2e:03:07:61:56: c9:ad:9d:3f:ca:ef:3e:34:05:bc:6d:e8:12:4a:cd: 5b:1a:3b:a4:4c:a3:42:c9:a8:6c:d6:ea:a1:3f:56: 8a:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:CC:6A:9C:72:98:B9:D4:B2:5A:96:8D:96:83:86:86:DC:1C:29:EA X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f695f86c-1862-4357-8961-1e5b809c4811.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:a000::/40 Signature Algorithm: sha256WithRSAEncryption 6a:c7:f0:8a:7d:5d:61:1e:fb:1e:0c:dc:d8:14:9c:d3:f6:fa: d2:99:04:fe:59:5e:92:25:7b:9a:d8:32:7d:ab:be:9b:91:21: 99:c2:65:86:9b:d0:7e:9a:a8:96:42:b2:14:b1:8a:21:33:a1: 64:fd:7d:7b:ba:f4:10:7b:58:3b:34:86:d0:9b:44:cb:53:5c: 18:74:28:b3:b8:a8:fa:c1:37:a1:b5:a4:3a:bf:c2:d7:b9:13: 83:49:51:45:30:9c:93:92:0d:60:66:32:d6:1c:c7:93:6c:24: a4:93:11:52:d5:6b:3c:9a:b7:ce:0b:a0:6e:cd:1e:a3:4e:04: cc:80:b6:45:6e:c9:44:08:80:30:79:51:30:ab:a2:a1:03:d5: dc:aa:cc:c0:63:2a:7f:ba:bc:66:12:9a:51:57:4c:99:5a:56: 30:9e:ad:eb:f0:fa:05:3a:87:4c:df:9f:f5:ae:ae:ba:dd:75: c2:a6:87:5e:96:c2:9e:88:cc:aa:3b:af:0f:46:47:13:3d:cc: d6:2d:64:b5:e4:44:e9:bf:66:be:9f:0a:87:05:46:30:55:d6: c0:e8:b5:2b:f6:b0:33:c8:4b:7c:cc:88:af:57:fe:a7:2c:75: c2:29:e1:d6:65:96:50:fa:38:79:40:d3:b4:bb:d9:ab:17:4d: 3d:a6:87:bf -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUApkwTDlawCUUgKe8PUBB1Zny1iQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMTAwMjEzMloX DTI2MDgwOTIzNTk1OVowejFJMEcGA1UEBRNAZmM2OTU3YjY1NTg0MjBiOWY4ZGQ5 MzlmNzgwOGQ5ODNkOGNlYWViY2IxMWE1OTVhZmQxYTc1MDk0N2UwYTJiODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6FLs1n3HI+owRijTAPSj9DvRHaMK Seen698mWfStz9TgrsM43cmrEo7hGiN8mBoNcKsOvPvsjaABc9bq+P5oTY4EmlzR pSxsYDqQUDhsjsFEa2cyNQbmjhEKuexT+8MsBhRxQ/5NqoKBqmJa+7LLQbZ8/uCJ RV1Talyj/SaJ0YJElC31CKF/Z24jEqtTuw/y2Nr+my0t2WM7HQkma/o5xZVC3bna aLcc5gxN3qdEhA9VbbZ1718T+ndRx4iTXH72qtVC8nA6vKywZcghxaYvIRwVfoYf PCz0dfmZLgMHYVbJrZ0/yu8+NAW8begSSs1bGjukTKNCyahs1uqhP1aKOwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJLMapxymLnUslqWjZaDhobcHCnqMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Y2OTVmODZjLTE4NjItNDM1Ny04OTYxLTFlNWI4MDljNDgxMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaAKAwDQYJKoZIhvcNAQELBQADggEBAGrH8Ip9XWEe+x4M3NgU nNP2+tKZBP5ZXpIle5rYMn2rvpuRIZnCZYab0H6aqJZCshSxiiEzoWT9fXu69BB7 WDs0htCbRMtTXBh0KLO4qPrBN6G1pDq/wte5E4NJUUUwnJOSDWBmMtYcx5NsJKST EVLVazyat84LoG7NHqNOBMyAtkVuyUQIgDB5UTCroqED1dyqzMBjKn+6vGYSmlFX TJlaVjCerevw+gU6h0zfn/WurrrddcKmh16Wwp6IzKo7rw9GRxM9zNYtZLXkROm/ Zr6fCocFRjBV1sDotSv2sDPIS3zMiK9X/qcsdcIp4dZlllD6OHlA07S72asXTT2m h78= -----END CERTIFICATE-----Generated at Wed May 13 00:01:21 2026 by rpki-client