$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2b5e1bd9-2c77-44af-84e2-c35b1024f365.roa File: 2b5e1bd9-2c77-44af-84e2-c35b1024f365.roa (raw, json) Hash identifier: GzY7ncdut/zBsfeLNcYqViJfa6Th+FZZao1oiyI+zyc= Subject key identifier: EC:87:FB:0A:22:25:B4:54:33:48:23:4B:57:8A:D0:F1:CB:F6:1B:18 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 08D1DF3E6694D126FEBD8A8B8E834E2ED9BB1B20 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2b5e1bd9-2c77-44af-84e2-c35b1024f365.roa Signing time: Fri 22 May 2026 17:01:24 +0000 ROA not before: Fri 22 May 2026 17:01:24 +0000 ROA not after: Thu 20 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dae8:4020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 May 2026 17:17:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:d1:df:3e:66:94:d1:26:fe:bd:8a:8b:8e:83:4e:2e:d9:bb:1b:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 22 17:01:24 2026 GMT Not After : Aug 20 23:59:59 2026 GMT Subject: serialNumber=d6a1aec73e7976f98a029e07a6a699484b25e726ba551686017f1bfea167ba17, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:f1:7a:de:dc:25:4d:17:8e:eb:d9:eb:f1:46: e6:ee:67:68:00:b8:c9:fa:19:1a:4c:0a:5c:03:7c: c1:62:58:34:3a:90:ab:3d:de:c4:83:21:b5:97:44: 3e:11:97:12:e2:5d:45:b4:65:e6:da:0b:03:2d:d7: 20:54:40:2d:a1:d0:d0:6e:ef:cd:de:6c:5d:f9:0b: 9b:cb:3c:18:ae:c5:dc:7f:97:07:6e:f4:e9:68:ec: 9a:6d:4f:51:fb:a4:dc:6b:35:20:1f:37:e4:44:35: 80:91:f8:88:d0:37:a4:aa:2d:d0:31:b6:3e:53:31: 19:94:85:b5:20:14:da:89:d3:9e:7e:ba:54:60:ab: 9f:bb:d9:39:37:5f:d1:04:8e:46:e7:66:3c:1c:ae: d0:e9:2b:e2:f3:a4:5b:e0:a1:12:23:99:91:1b:4c: f9:28:d2:98:e8:56:09:ba:5b:16:85:58:08:b1:72: 2e:d9:02:e4:4f:ea:1b:ff:45:ad:95:99:9e:f2:04: ad:d2:d2:14:2a:1f:9e:df:9d:c7:e1:f3:a7:f3:5b: 38:8e:ad:17:d4:2a:b4:fa:80:16:0d:c0:e9:aa:01: 03:17:2b:e1:d0:16:48:9c:8a:4d:df:d8:fb:b2:cc: 95:ce:8f:0d:b6:eb:32:69:5f:bb:ba:5d:15:7f:3e: e8:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:87:FB:0A:22:25:B4:54:33:48:23:4B:57:8A:D0:F1:CB:F6:1B:18 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2b5e1bd9-2c77-44af-84e2-c35b1024f365.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dae8:4020::/48 Signature Algorithm: sha256WithRSAEncryption a6:fc:99:2b:20:6e:22:12:4a:9e:4c:cc:60:4c:50:06:cd:7a: c2:76:94:20:ea:0a:5b:6d:48:25:52:d8:18:c1:40:82:c3:bb: e4:0a:5f:7b:af:24:cd:32:87:27:9c:57:01:75:da:9b:86:06: aa:cc:5a:59:8f:87:62:d6:77:29:1b:f3:a2:57:15:62:da:61: a3:db:87:1a:5c:0a:ca:be:8b:e3:6f:30:53:95:6d:34:98:ab: fc:6d:3b:5e:c0:42:26:f6:17:f9:52:fc:8f:56:8d:d1:d9:6d: 70:45:d0:51:5b:79:5a:20:d3:8a:9a:05:94:1f:1d:9e:8c:0f: fa:a8:32:18:91:42:ca:28:7f:07:90:56:1a:c0:5c:85:de:6f: f0:7f:99:d0:11:3e:b6:49:79:11:f5:1e:7f:41:d0:da:1e:66: 07:ca:4c:7f:44:a3:78:45:3a:d2:03:74:91:01:ce:62:b5:99: 80:27:ed:23:8f:21:ed:2f:b6:eb:70:40:cd:12:44:62:89:d1: ff:b7:60:64:82:08:9c:42:a5:53:6b:f6:9c:ac:d2:a0:19:e9: 1b:64:48:79:93:52:26:8a:73:09:bb:17:9b:38:bf:54:6a:25: f4:dd:b5:65:11:1c:b8:a0:e5:f4:fa:35:54:a7:c0:43:09:93: 59:be:f1:9f -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUCNHfPmaU0Sb+vYqLjoNOLtm7GyAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUyMjE3MDEyNFoX DTI2MDgyMDIzNTk1OVowejFJMEcGA1UEBRNAZDZhMWFlYzczZTc5NzZmOThhMDI5 ZTA3YTZhNjk5NDg0YjI1ZTcyNmJhNTUxNjg2MDE3ZjFiZmVhMTY3YmExNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvF63twlTReO69nr8Ubm7mdoALjJ +hkaTApcA3zBYlg0OpCrPd7EgyG1l0Q+EZcS4l1FtGXm2gsDLdcgVEAtodDQbu/N 3mxd+QubyzwYrsXcf5cHbvTpaOyabU9R+6TcazUgHzfkRDWAkfiI0Dekqi3QMbY+ UzEZlIW1IBTaidOefrpUYKufu9k5N1/RBI5G52Y8HK7Q6Svi86Rb4KESI5mRG0z5 KNKY6FYJulsWhVgIsXIu2QLkT+ob/0WtlZme8gSt0tIUKh+e353H4fOn81s4jq0X 1Cq0+oAWDcDpqgEDFyvh0BZInIpN39j7ssyVzo8NtusyaV+7ul0Vfz7ouQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFOyH+woiJbRUM0gjS1eK0PHL9hsYMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJiNWUxYmQ5LTJjNzctNDRhZi04NGUyLWMzNWIxMDI0ZjM2NS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba6EAgMA0GCSqGSIb3DQEBCwUAA4IBAQCm/JkrIG4iEkqeTMxg TFAGzXrCdpQg6gpbbUglUtgYwUCCw7vkCl97ryTNMocnnFcBddqbhgaqzFpZj4di 1ncpG/OiVxVi2mGj24caXArKvovjbzBTlW00mKv8bTtewEIm9hf5UvyPVo3R2W1w RdBRW3laINOKmgWUHx2ejA/6qDIYkULKKH8HkFYawFyF3m/wf5nQET62SXkR9R5/ QdDaHmYHykx/RKN4RTrSA3SRAc5itZmAJ+0jjyHtL7brcEDNEkRiidH/t2Bkggic QqVTa/acrNKgGekbZEh5k1IminMJuxebOL9UaiX03bVlERy4oOX0+jVUp8BDCZNZ vvGf -----END CERTIFICATE-----Generated at Sun May 24 12:18:52 2026 by rpki-client