$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5d316ef2-56e4-4581-990e-015883180353.roa File: 5d316ef2-56e4-4581-990e-015883180353.roa (raw, json) Hash identifier: Qp3f3t/hmj9BsWUCKW4A+gL/F8roepoaVvPRwH8CwD0= Subject key identifier: 4E:F0:AF:ED:A3:53:23:CE:4C:01:94:58:D5:C0:BF:40:F2:C1:E6:59 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7716FEB8F8E36DE4D2F023C26F81F1DCF671576B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5d316ef2-56e4-4581-990e-015883180353.roa Signing time: Sat 02 May 2026 00:00:44 +0000 ROA not before: Sat 02 May 2026 00:00:44 +0000 ROA not after: Fri 31 Jul 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:4000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 07 May 2026 00:00:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77:16:fe:b8:f8:e3:6d:e4:d2:f0:23:c2:6f:81:f1:dc:f6:71:57:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 2 00:00:44 2026 GMT Not After : Jul 31 23:59:59 2026 GMT Subject: serialNumber=859783001a21cac70074c7dfc18a42b8152135be2600a313e0c5bb6edc92e8be, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:b1:7d:0e:d7:b4:87:03:ce:d6:60:bd:d6:a3: b4:0a:cf:14:c9:27:c6:13:4c:b1:6d:29:26:79:a1: 08:38:15:8c:df:cf:10:05:87:5f:09:01:98:ae:12: f6:0c:31:98:c5:ea:7c:8a:84:5a:1c:0b:2e:7e:bf: 7d:20:00:a1:49:24:b8:eb:de:58:23:4a:08:77:ba: b5:da:b0:a9:80:e5:a6:38:5f:a6:4d:85:63:e0:97: 37:c8:39:eb:86:f5:bf:13:71:07:75:d7:c0:ac:15: 6a:cf:87:b1:bf:83:e4:49:0f:5a:c1:15:b0:08:17: 81:3e:c9:f3:75:5d:f4:d7:15:41:e6:2f:ea:73:b2: cf:dc:49:f7:51:af:d4:af:38:1d:36:47:22:a4:f7: 8a:7e:2c:38:91:19:07:df:13:9a:e0:aa:b9:ca:ff: 0e:14:5e:7b:75:3a:3d:75:12:ee:e7:5e:03:5a:0f: b1:e2:50:13:e2:be:e1:99:01:30:2e:21:7d:0d:7f: 9b:58:13:3f:1f:13:89:a3:f1:43:bb:62:e7:8f:59: 86:91:52:c8:dc:5d:ab:6c:ae:0b:16:3d:65:5c:af: 69:c4:e7:f3:f1:1b:27:d0:95:c3:45:9b:da:7a:e6: c8:86:65:70:32:bf:6f:bd:11:6a:45:3b:51:fe:81: 10:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:F0:AF:ED:A3:53:23:CE:4C:01:94:58:D5:C0:BF:40:F2:C1:E6:59 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5d316ef2-56e4-4581-990e-015883180353.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:4000::/40 Signature Algorithm: sha256WithRSAEncryption 0e:82:44:f4:4d:f0:f4:ba:a8:fc:ea:3f:37:f2:89:c9:59:99: 57:4f:35:c9:d8:c3:33:03:1a:02:f0:e1:ae:a1:12:dc:c8:60: 0a:6b:3e:ad:cf:9b:02:01:7e:d8:c1:75:2e:06:f7:b5:83:f1: 5e:49:78:ea:7f:ae:25:b4:16:07:3d:8c:32:42:73:87:ae:98: 5c:db:16:64:2f:7f:38:b8:f3:a6:47:5b:48:d0:2d:4a:5d:9c: d7:a1:e9:8c:af:02:a6:b2:cc:50:fd:7c:d7:fb:af:54:4b:d4: 24:7c:65:af:07:5a:39:e3:0a:93:2b:73:aa:2e:8b:0a:cb:bd: 5d:ed:1a:08:ca:60:4d:e6:18:6d:85:e1:06:4d:54:3d:8d:93: 64:9a:5e:39:93:a0:61:1c:fe:f2:51:a0:2c:34:7b:4d:5d:8d: 07:93:01:e7:d2:3f:5c:0b:2a:69:d2:db:41:22:0a:b5:80:71: 7e:81:eb:04:2c:73:f8:c4:a5:b9:06:93:06:ad:14:56:f3:1d: 28:4b:21:f1:af:e4:4a:38:ca:7f:d0:d7:a4:09:5c:94:23:53: fa:a9:a4:4a:58:76:a3:11:9f:54:6a:5e:51:69:6b:75:c6:e9: c1:84:cd:8b:2d:7e:9f:21:c8:50:c6:2d:2a:e1:cc:b0:dc:b4: 64:b3:52:d1 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUdxb+uPjjbeTS8CPCb4Hx3PZxV2swDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwMjAwMDA0NFoX DTI2MDczMTIzNTk1OVowejFJMEcGA1UEBRNAODU5NzgzMDAxYTIxY2FjNzAwNzRj N2RmYzE4YTQyYjgxNTIxMzViZTI2MDBhMzEzZTBjNWJiNmVkYzkyZThiZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyrF9Dte0hwPO1mC91qO0Cs8UySfG E0yxbSkmeaEIOBWM388QBYdfCQGYrhL2DDGYxep8ioRaHAsufr99IAChSSS4695Y I0oId7q12rCpgOWmOF+mTYVj4Jc3yDnrhvW/E3EHddfArBVqz4exv4PkSQ9awRWw CBeBPsnzdV301xVB5i/qc7LP3En3Ua/UrzgdNkcipPeKfiw4kRkH3xOa4Kq5yv8O FF57dTo9dRLu514DWg+x4lAT4r7hmQEwLiF9DX+bWBM/HxOJo/FDu2Lnj1mGkVLI 3F2rbK4LFj1lXK9pxOfz8Rsn0JXDRZvaeubIhmVwMr9vvRFqRTtR/oEQLwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFE7wr+2jUyPOTAGUWNXAv0DyweZZMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzVkMzE2ZWYyLTU2ZTQtNDU4MS05OTBlLTAxNTg4MzE4MDM1My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba80AwDQYJKoZIhvcNAQELBQADggEBAA6CRPRN8PS6qPzqPzfy iclZmVdPNcnYwzMDGgLw4a6hEtzIYAprPq3PmwIBftjBdS4G97WD8V5JeOp/riW0 Fgc9jDJCc4eumFzbFmQvfzi486ZHW0jQLUpdnNeh6YyvAqayzFD9fNf7r1RL1CR8 Za8HWjnjCpMrc6ouiwrLvV3tGgjKYE3mGG2F4QZNVD2Nk2SaXjmToGEc/vJRoCw0 e01djQeTAefSP1wLKmnS20EiCrWAcX6B6wQsc/jEpbkGkwatFFbzHShLIfGv5Eo4 yn/Q16QJXJQjU/qppEpYdqMRn1RqXlFpa3XG6cGEzYstfp8hyFDGLSrhzLDctGSz UtE= -----END CERTIFICATE-----Generated at Sun May 3 16:13:56 2026 by rpki-client