$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f98bdb59-0b45-43a6-b973-d7b24039aa6e.roa File: f98bdb59-0b45-43a6-b973-d7b24039aa6e.roa (raw, json) Hash identifier: 2oONj5VYZyYgeGF4D3QtV8S8HQe2tdLGmV0K8ZAuw1s= Subject key identifier: 52:2E:25:3F:53:48:98:48:F8:38:21:EE:01:FE:8D:85:8D:8A:A6:5A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 15FBA88DA27B64334DA1DBAC59D9AD5CB9A3EF66 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f98bdb59-0b45-43a6-b973-d7b24039aa6e.roa Signing time: Sat 02 May 2026 00:20:08 +0000 ROA not before: Sat 02 May 2026 00:20:08 +0000 ROA not after: Fri 31 Jul 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daea:8080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:fb:a8:8d:a2:7b:64:33:4d:a1:db:ac:59:d9:ad:5c:b9:a3:ef:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 2 00:20:08 2026 GMT Not After : Jul 31 23:59:59 2026 GMT Subject: serialNumber=9ec80e5d69d393a23e7496e1580596a6331a49401b4fc5782a82133f10b48766, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:18:d0:9a:dd:2a:f7:ca:5e:01:f8:91:4c:01: a3:f9:eb:a4:09:31:65:01:c0:f3:b8:02:bc:c1:21: 35:c1:9b:82:e7:13:08:72:ce:74:2b:df:7c:a5:40: 5b:eb:4b:48:d9:ff:50:9c:ae:8e:a2:f4:d3:72:a9: fb:2a:75:5c:a1:c4:eb:02:26:19:84:2f:b2:a3:a1: 14:06:6d:68:71:df:39:73:ef:3b:80:bd:0b:2f:47: 08:a9:a8:3b:69:d2:78:22:c4:56:b6:37:a0:8e:45: 55:ba:39:4b:d2:41:fe:2d:b3:20:91:95:8f:51:ab: ca:49:a4:0f:44:23:17:75:ae:8c:fd:70:64:9b:52: cb:ed:15:97:e2:a3:62:88:c5:72:78:f7:c1:02:2d: 17:af:13:a5:6f:e9:32:fb:24:7f:45:ba:5e:eb:20: 6e:4b:4e:6d:49:a3:c0:a5:72:59:f1:1d:ca:3e:3a: a1:91:84:9a:a2:e8:1a:77:37:8a:37:0e:9d:59:25: 78:95:e3:17:2f:ef:2a:fb:32:95:47:d7:b7:9f:a3: 93:1a:3d:5d:70:99:19:0b:52:81:22:88:a6:fc:c5: 83:9c:6c:c3:b7:f6:39:3a:ac:75:e6:05:95:d7:0f: 58:54:6a:b5:6e:93:26:5d:49:71:d1:8e:4b:02:b1: f9:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:2E:25:3F:53:48:98:48:F8:38:21:EE:01:FE:8D:85:8D:8A:A6:5A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f98bdb59-0b45-43a6-b973-d7b24039aa6e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daea:8080::/48 Signature Algorithm: sha256WithRSAEncryption 6b:f2:5e:2d:b2:89:f9:7b:bc:77:65:cd:8f:45:92:89:a5:e7: cf:33:fa:56:02:56:70:b3:21:b0:20:9e:22:d6:db:29:1e:37: f2:7e:83:2a:e2:ad:11:ea:18:25:fd:a3:e5:47:18:04:a3:66: 6c:e7:92:2a:1a:bb:2a:f1:0d:17:ae:d1:71:de:fb:59:86:3c: ea:a7:7d:b5:84:5f:38:dd:e0:09:f4:cf:b6:d7:b6:01:ea:96: 64:47:90:60:67:c0:69:d9:c4:2a:7b:93:9c:18:01:a0:a6:a5: 42:59:b9:68:a5:63:9d:e1:65:35:77:e3:49:0b:dd:49:06:38: 22:b8:da:72:22:9e:32:79:a5:32:7c:7b:0c:bb:e8:2b:f4:7c: 8b:93:ed:2f:8b:31:79:5c:a3:ff:1f:3f:a3:ce:ba:c4:e2:b3: a6:ab:dd:76:97:b7:30:52:e7:c8:34:f3:69:6e:56:0e:1e:f3: 55:2d:c6:20:38:3f:a7:3e:bb:8b:c1:5b:52:00:08:a0:a6:a9: 42:7f:1a:bd:d5:3d:66:ac:2b:cd:f0:d4:92:99:3b:3b:dc:f7: 00:7c:4f:9b:36:a0:fa:9c:28:3a:9d:45:7b:76:d7:d1:9f:c5: 45:de:dd:bb:2c:bd:8e:cd:15:a1:7f:0c:b6:02:e8:ab:5b:14: 56:2e:e9:63 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUFfuojaJ7ZDNNodusWdmtXLmj72YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwMjAwMjAwOFoX DTI2MDczMTIzNTk1OVowejFJMEcGA1UEBRNAOWVjODBlNWQ2OWQzOTNhMjNlNzQ5 NmUxNTgwNTk2YTYzMzFhNDk0MDFiNGZjNTc4MmE4MjEzM2YxMGI0ODc2NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBjQmt0q98peAfiRTAGj+eukCTFl AcDzuAK8wSE1wZuC5xMIcs50K998pUBb60tI2f9QnK6OovTTcqn7KnVcocTrAiYZ hC+yo6EUBm1ocd85c+87gL0LL0cIqag7adJ4IsRWtjegjkVVujlL0kH+LbMgkZWP UavKSaQPRCMXda6M/XBkm1LL7RWX4qNiiMVyePfBAi0XrxOlb+ky+yR/Rbpe6yBu S05tSaPApXJZ8R3KPjqhkYSaougadzeKNw6dWSV4leMXL+8q+zKVR9e3n6OTGj1d cJkZC1KBIoim/MWDnGzDt/Y5Oqx15gWV1w9YVGq1bpMmXUlx0Y5LArH5iwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFFIuJT9TSJhI+Dgh7gH+jYWNiqZaMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Y5OGJkYjU5LTBiNDUtNDNhNi1iOTczLWQ3YjI0MDM5YWE2ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba6oCAMA0GCSqGSIb3DQEBCwUAA4IBAQBr8l4tson5e7x3Zc2P RZKJpefPM/pWAlZwsyGwIJ4i1tspHjfyfoMq4q0R6hgl/aPlRxgEo2Zs55IqGrsq 8Q0XrtFx3vtZhjzqp321hF843eAJ9M+217YB6pZkR5BgZ8Bp2cQqe5OcGAGgpqVC WblopWOd4WU1d+NJC91JBjgiuNpyIp4yeaUyfHsMu+gr9HyLk+0vizF5XKP/Hz+j zrrE4rOmq912l7cwUufINPNpblYOHvNVLcYgOD+nPruLwVtSAAigpqlCfxq91T1m rCvN8NSSmTs73PcAfE+bNqD6nCg6nUV7dtfRn8VF3t27LL2OzRWhfwy2AuirWxRW Lulj -----END CERTIFICATE-----Generated at Tue May 12 23:47:01 2026 by rpki-client