$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/58370a36-bf5a-4314-8163-12b380e5ebe5.roa File: 58370a36-bf5a-4314-8163-12b380e5ebe5.roa (raw, json) Hash identifier: H3qmo67C9C7NdSyJrdGhVZDTUH1YuYtmFu+KmYIIfMI= Subject key identifier: 06:9F:01:F6:0A:04:20:E6:0C:B3:5A:C1:4A:C2:4C:0F:55:61:73:12 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 364F8799265DB98FE1892EF633DE5D55556F3F48 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/58370a36-bf5a-4314-8163-12b380e5ebe5.roa Signing time: Thu 14 May 2026 00:00:33 +0000 ROA not before: Thu 14 May 2026 00:00:33 +0000 ROA not after: Wed 12 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da70:4000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 May 2026 17:17:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:4f:87:99:26:5d:b9:8f:e1:89:2e:f6:33:de:5d:55:55:6f:3f:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 14 00:00:33 2026 GMT Not After : Aug 12 23:59:59 2026 GMT Subject: serialNumber=6118a2953a5f08c9e360c2d84b9ff34b3cc6d65b44fdb351b8614bfe131e75d3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:4e:fa:0a:81:d0:8f:3b:bd:36:56:07:0c:e6: 70:1d:43:76:dc:e3:d2:2a:bd:c0:9f:e0:9e:b8:cd: 69:8d:12:47:11:7f:c9:6b:ba:aa:8c:1c:f8:27:4e: 9e:cf:54:b2:02:60:00:eb:9f:a9:19:54:0b:88:73: fe:c8:5d:dc:f4:40:cb:46:7a:84:e2:59:d8:4b:ea: 10:28:ef:83:c3:6a:d6:2a:14:a1:30:0d:db:c6:cd: e5:1a:18:f1:97:0d:ac:2a:67:47:0d:f3:07:fc:58: 09:99:6e:23:53:bd:f4:3a:2a:ab:4e:32:00:52:a6: 89:08:0d:00:01:cf:3f:90:ab:8e:62:7c:88:84:53: f6:57:c4:e4:38:c7:a0:ff:b0:bf:20:aa:2c:6f:55: 58:5b:0a:95:a7:4d:b9:3e:e9:0a:c7:6c:dd:f6:a8: e4:36:4c:77:52:b5:3d:d2:6c:81:56:85:1f:94:7e: a3:0b:b2:13:0c:d4:b1:6e:d9:44:b4:90:7b:86:e0: 62:ac:60:69:06:fc:ea:25:cb:3d:d8:05:41:0f:5b: 84:7b:9f:64:ac:41:f0:d6:59:4e:3c:8c:90:c0:ab: df:6e:e4:43:a8:ca:21:47:d9:c1:6a:f6:2f:54:d1: 0a:f3:9a:b1:30:78:79:a3:c8:8e:1f:c9:a4:09:75: 6c:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:9F:01:F6:0A:04:20:E6:0C:B3:5A:C1:4A:C2:4C:0F:55:61:73:12 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/58370a36-bf5a-4314-8163-12b380e5ebe5.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da70:4000::/40 Signature Algorithm: sha256WithRSAEncryption 43:4a:d1:4a:bf:23:17:b9:d7:00:1d:6a:d8:87:43:4e:d7:55: 5e:01:eb:ac:f0:af:50:80:37:a2:89:e9:da:ec:8d:e8:52:e4: 12:cf:25:9e:34:ee:ea:b9:fc:3c:51:0f:49:2d:66:09:a5:19: 09:c7:a1:a5:75:4a:39:bc:c9:ce:58:19:c0:c8:05:f5:6b:8c: 3b:bf:c3:93:2f:fa:59:44:45:6a:4a:b2:f0:14:5f:9c:8a:90: 7c:6a:cf:ba:3b:85:04:32:66:9f:30:e9:a5:8f:95:3a:8e:55: 51:48:03:8b:1c:52:7f:48:cd:9b:cd:d2:1b:79:dd:d2:f4:e0: da:5c:d6:15:a5:da:07:5a:65:1e:92:f5:f2:30:e7:02:1f:6b: fe:a7:47:be:0a:4a:dd:53:ef:4d:d8:67:1d:cf:0f:66:8d:c1: 9b:f2:cd:a8:6c:6a:b4:2f:28:85:ec:c5:6e:3c:f7:f2:92:d0: 9c:ad:a4:bd:d0:df:98:fe:e8:3a:7a:92:4d:cd:31:ec:59:55: 73:12:30:f6:98:eb:21:24:9a:42:9b:2c:25:0d:ac:90:2c:48: 79:ac:a7:9c:2e:ef:3a:f7:98:af:24:f2:f7:a9:c2:a5:e6:2b: d2:5a:61:df:12:03:cd:23:d1:03:c6:f7:b6:d4:50:bf:eb:e9: 22:1c:e9:31 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUNk+HmSZduY/hiS72M95dVVVvP0gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxNDAwMDAzM1oX DTI2MDgxMjIzNTk1OVowejFJMEcGA1UEBRNANjExOGEyOTUzYTVmMDhjOWUzNjBj MmQ4NGI5ZmYzNGIzY2M2ZDY1YjQ0ZmRiMzUxYjg2MTRiZmUxMzFlNzVkMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuE76CoHQjzu9NlYHDOZwHUN23OPS Kr3An+CeuM1pjRJHEX/Ja7qqjBz4J06ez1SyAmAA65+pGVQLiHP+yF3c9EDLRnqE 4lnYS+oQKO+Dw2rWKhShMA3bxs3lGhjxlw2sKmdHDfMH/FgJmW4jU730OiqrTjIA UqaJCA0AAc8/kKuOYnyIhFP2V8TkOMeg/7C/IKosb1VYWwqVp025PukKx2zd9qjk Nkx3UrU90myBVoUflH6jC7ITDNSxbtlEtJB7huBirGBpBvzqJcs92AVBD1uEe59k rEHw1llOPIyQwKvfbuRDqMohR9nBavYvVNEK85qxMHh5o8iOH8mkCXVsPwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAafAfYKBCDmDLNawUrCTA9VYXMSMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU4MzcwYTM2LWJmNWEtNDMxNC04MTYzLTEyYjM4MGU1ZWJlNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbacEAwDQYJKoZIhvcNAQELBQADggEBAENK0Uq/Ixe51wAdatiH Q07XVV4B66zwr1CAN6KJ6drsjehS5BLPJZ407uq5/DxRD0ktZgmlGQnHoaV1Sjm8 yc5YGcDIBfVrjDu/w5Mv+llERWpKsvAUX5yKkHxqz7o7hQQyZp8w6aWPlTqOVVFI A4scUn9IzZvN0ht53dL04Npc1hWl2gdaZR6S9fIw5wIfa/6nR74KSt1T703YZx3P D2aNwZvyzahsarQvKIXsxW489/KS0JytpL3Q35j+6Dp6kk3NMexZVXMSMPaY6yEk mkKbLCUNrJAsSHmsp5wu7zr3mK8k8vepwqXmK9JaYd8SA80j0QPG97bUUL/r6SIc 6TE= -----END CERTIFICATE-----Generated at Sun May 24 12:22:30 2026 by rpki-client