$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/31d82ebe-09a5-48fe-8169-b4de58988b94.roa File: 31d82ebe-09a5-48fe-8169-b4de58988b94.roa (raw, json) Hash identifier: fyEwh5TpYe9ldpNDbTTJegbhsnjbyOtZ/GV3NIX6fdw= Subject key identifier: 7F:CE:02:BA:34:26:58:6F:75:D5:F3:11:65:B3:A8:C1:F4:54:6C:A8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2177062B76199F48D5B912626DBAD661282EA418 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/31d82ebe-09a5-48fe-8169-b4de58988b94.roa Signing time: Wed 13 May 2026 00:10:04 +0000 ROA not before: Wed 13 May 2026 00:10:04 +0000 ROA not after: Tue 11 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da1a::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 May 2026 17:17:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:77:06:2b:76:19:9f:48:d5:b9:12:62:6d:ba:d6:61:28:2e:a4:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 13 00:10:04 2026 GMT Not After : Aug 11 23:59:59 2026 GMT Subject: serialNumber=8b7dd02f6d3f10dec0917279d4e24d2cfdc2ce1ad072790a51ba508d91a44fc5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:51:f7:3e:06:08:bd:80:dc:6d:37:4a:3c:db: 0b:fd:b1:09:c2:7b:f9:67:c6:dd:8a:94:a1:31:1d: af:1d:49:c6:51:73:73:17:bd:e8:a7:7c:b6:d4:c7: c5:f6:d5:49:fd:93:fd:47:45:1b:55:6e:79:67:09: f7:c6:fc:3b:66:d8:78:ba:12:74:9b:09:50:4a:c7: 79:e8:34:26:32:26:b6:eb:ce:92:52:de:22:51:90: b9:36:41:9f:8a:2c:f6:17:07:ec:0c:11:3a:9e:51: b9:87:2c:89:06:b7:dc:4a:ba:03:e2:4b:4f:14:55: af:dd:bf:73:d8:1d:78:d0:53:be:b6:87:7e:2c:0c: f9:e2:55:75:2d:65:e5:09:e5:3d:15:0e:e9:77:f6: 3d:27:ee:56:70:6a:ab:dc:2d:75:ee:72:96:c5:94: 0d:ed:6b:98:2a:02:98:65:8d:bd:10:80:3a:12:6e: 26:ab:a3:1d:41:6e:07:b5:7f:40:32:51:de:39:ec: f9:95:01:b9:a5:ca:d9:de:ee:3c:fa:eb:50:74:36: 98:85:17:81:5f:15:af:80:1c:aa:a4:04:52:77:34: 72:8b:b9:b5:49:fd:bf:4a:eb:77:f4:75:22:81:42: 5e:23:c4:43:29:a4:24:24:90:59:e8:0f:92:79:b2: d2:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:CE:02:BA:34:26:58:6F:75:D5:F3:11:65:B3:A8:C1:F4:54:6C:A8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/31d82ebe-09a5-48fe-8169-b4de58988b94.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da1a::/36 Signature Algorithm: sha256WithRSAEncryption 0a:19:4c:cf:a8:3e:f2:07:3d:88:85:92:1b:4f:b5:7b:c0:44: aa:14:b9:8c:7b:d9:d5:8e:00:ce:86:6c:dc:64:43:cd:4e:4b: 5f:10:fc:e0:a9:a6:c0:1a:e6:19:ca:07:5f:26:2a:f8:06:f2: 31:ca:ec:00:74:46:f6:d2:a3:31:a4:96:18:e3:d4:14:6e:66: 08:2c:52:60:8d:2c:09:d0:b8:35:b1:49:23:dd:f8:72:7f:40: 10:44:ba:c1:ab:1b:81:cd:a0:1e:d6:23:be:ad:56:78:4b:ac: 9e:60:af:fc:a0:e9:ce:af:b9:67:24:6b:90:9a:dc:4d:02:0f: 0a:51:3e:f6:1e:e5:f5:28:83:2f:6a:1d:5b:08:e8:51:79:1b: 57:af:37:bd:ab:e8:5c:ca:52:61:80:03:90:21:8b:4e:d2:e2: 0c:9e:f4:92:e3:c3:eb:6d:3f:2b:c5:5e:cf:ae:c8:8e:b8:bb: aa:f9:e9:40:d9:f2:a9:d0:9b:28:67:6c:81:48:79:16:82:67: 77:18:30:bb:b9:a9:7e:bf:dc:c3:67:43:15:01:ef:b1:a4:a4: 76:03:be:a8:b6:7f:ab:8a:df:4a:e8:47:f5:f3:53:89:c7:5a: 15:0f:a8:61:6a:cb:2a:6b:f0:d5:a4:db:a9:58:12:48:d3:39: 36:e6:1f:c6 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUIXcGK3YZn0jVuRJibbrWYSgupBgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMzAwMTAwNFoX DTI2MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAOGI3ZGQwMmY2ZDNmMTBkZWMwOTE3 Mjc5ZDRlMjRkMmNmZGMyY2UxYWQwNzI3OTBhNTFiYTUwOGQ5MWE0NGZjNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA61H3PgYIvYDcbTdKPNsL/bEJwnv5 Z8bdipShMR2vHUnGUXNzF73op3y21MfF9tVJ/ZP9R0UbVW55Zwn3xvw7Zth4uhJ0 mwlQSsd56DQmMia2686SUt4iUZC5NkGfiiz2FwfsDBE6nlG5hyyJBrfcSroD4ktP FFWv3b9z2B140FO+tod+LAz54lV1LWXlCeU9FQ7pd/Y9J+5WcGqr3C117nKWxZQN 7WuYKgKYZY29EIA6Em4mq6MdQW4HtX9AMlHeOez5lQG5pcrZ3u48+utQdDaYhReB XxWvgByqpARSdzRyi7m1Sf2/Sut39HUigUJeI8RDKaQkJJBZ6A+SebLSXwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFH/OAro0JlhvddXzEWWzqMH0VGyoMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzMxZDgyZWJlLTA5YTUtNDhmZS04MTY5LWI0ZGU1ODk4OGI5NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaGgAwDQYJKoZIhvcNAQELBQADggEBAAoZTM+oPvIHPYiFkhtP tXvARKoUuYx72dWOAM6GbNxkQ81OS18Q/OCppsAa5hnKB18mKvgG8jHK7AB0RvbS ozGklhjj1BRuZggsUmCNLAnQuDWxSSPd+HJ/QBBEusGrG4HNoB7WI76tVnhLrJ5g r/yg6c6vuWcka5Ca3E0CDwpRPvYe5fUogy9qHVsI6FF5G1evN72r6FzKUmGAA5Ah i07S4gye9JLjw+ttPyvFXs+uyI64u6r56UDZ8qnQmyhnbIFIeRaCZ3cYMLu5qX6/ 3MNnQxUB77GkpHYDvqi2f6uK30roR/XzU4nHWhUPqGFqyypr8NWk26lYEkjTOTbm H8Y= -----END CERTIFICATE-----Generated at Sun May 24 12:22:26 2026 by rpki-client