$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/84ac1fac-e66d-40f9-9aca-157bb30ddc21.roa File: 84ac1fac-e66d-40f9-9aca-157bb30ddc21.roa (raw, json) Hash identifier: 1QxGCmVbDW/ziuLVml7opiAkoqkUZiqOegCfgp2CgCY= Subject key identifier: E3:E0:E5:5D:87:C1:21:2F:58:72:44:73:29:A3:7E:70:28:A2:45:44 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 760CD0837D8E59CEFC7A36EA6D39B4218BDF61F1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/84ac1fac-e66d-40f9-9aca-157bb30ddc21.roa Signing time: Fri 22 May 2026 17:16:39 +0000 ROA not before: Fri 22 May 2026 17:16:39 +0000 ROA not after: Thu 20 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dae8:9000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 May 2026 17:17:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:0c:d0:83:7d:8e:59:ce:fc:7a:36:ea:6d:39:b4:21:8b:df:61:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 22 17:16:39 2026 GMT Not After : Aug 20 23:59:59 2026 GMT Subject: serialNumber=1e51cdeee4b186652df080b0769430f60f301469ad5ad40c46253f8325309e65, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:4f:23:f4:e3:30:cc:e0:a1:cb:71:7c:64:d1: 21:3d:3a:6c:bc:c7:47:1f:6b:a3:a4:91:a4:02:3a: db:c9:43:5b:de:0a:bc:4e:01:18:cb:89:13:31:28: 05:b6:db:13:75:40:8c:8f:59:6b:a4:e0:e0:ce:4b: 75:12:d4:d3:c1:91:d5:be:34:15:7d:67:5f:5a:56: 34:50:ca:7a:10:4e:32:8b:0a:a6:32:9e:05:e5:3c: 3c:2e:b5:22:00:91:fd:79:64:02:ce:e2:19:c8:1e: 4c:ed:f0:10:f9:26:33:83:9f:a3:04:98:a5:19:bb: 94:ad:0c:fe:02:38:69:aa:8b:46:fb:54:92:22:1a: 11:19:6c:8c:7d:97:3e:4e:c5:33:26:b2:31:20:8b: 6b:5c:ab:71:45:70:d1:ad:de:b4:5f:bc:50:e6:93: b8:71:7c:91:50:a3:a8:91:78:7c:0c:97:d5:ed:42: a9:96:c6:0a:c0:73:46:d7:31:3c:a5:91:c8:33:9f: 58:11:ad:29:18:5b:b6:5f:9e:41:f9:ea:a4:f7:80: ef:92:91:c8:59:65:80:57:4e:2a:52:be:59:73:ed: bc:bc:75:1f:e3:c3:4e:d4:6a:f8:16:0e:1b:29:7f: fe:c8:da:6c:32:52:6f:6f:a0:63:8a:54:0f:6c:e1: 21:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:E0:E5:5D:87:C1:21:2F:58:72:44:73:29:A3:7E:70:28:A2:45:44 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/84ac1fac-e66d-40f9-9aca-157bb30ddc21.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dae8:9000::/40 Signature Algorithm: sha256WithRSAEncryption 28:b5:f4:db:a6:d0:c8:53:bc:ca:8e:89:ab:e5:78:4b:3e:95: c8:21:82:1f:24:08:90:47:b2:1a:dc:7f:79:0c:10:24:c7:3c: d1:e9:1e:ac:4f:c8:f9:57:8f:b5:bf:e9:75:2c:99:7b:74:52: a2:b4:22:9c:0f:4a:02:50:fc:19:c0:79:7e:d9:31:55:29:39: f3:59:e6:e3:5d:c4:e8:08:30:cd:36:8e:51:3a:2e:9b:81:bb: b9:a5:94:fd:f9:f5:c2:2b:ea:a1:a1:a8:8b:49:ac:00:97:eb: 93:f4:6e:28:93:18:cd:2e:e5:f7:5e:a9:1c:9d:cd:05:56:93: ed:9a:1d:3d:93:0e:8b:3e:e0:2b:35:27:13:cc:a5:3b:34:d2: 3b:12:f7:c5:a7:c9:b5:ce:a1:98:4e:18:83:8f:12:2b:4f:e2: 2a:a7:24:97:5a:7f:97:cf:d4:9d:24:2d:88:46:d4:38:b5:82: a5:56:f3:ce:de:32:5d:c2:1e:bc:43:d7:0b:70:78:28:6c:dd: 2a:8a:0f:11:f7:7d:23:29:96:bd:62:2b:d4:9c:39:2f:cd:6b: 3c:bd:79:d9:5e:f1:1d:66:cc:dc:44:4e:07:15:18:f8:32:71: 4d:4c:9c:e7:e2:ea:c2:39:ab:45:e0:ee:30:47:86:1e:16:d3: 33:60:87:a5 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUdgzQg32OWc78ejbqbTm0IYvfYfEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUyMjE3MTYzOVoX DTI2MDgyMDIzNTk1OVowejFJMEcGA1UEBRNAMWU1MWNkZWVlNGIxODY2NTJkZjA4 MGIwNzY5NDMwZjYwZjMwMTQ2OWFkNWFkNDBjNDYyNTNmODMyNTMwOWU2NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuk8j9OMwzOChy3F8ZNEhPTpsvMdH H2ujpJGkAjrbyUNb3gq8TgEYy4kTMSgFttsTdUCMj1lrpODgzkt1EtTTwZHVvjQV fWdfWlY0UMp6EE4yiwqmMp4F5Tw8LrUiAJH9eWQCzuIZyB5M7fAQ+SYzg5+jBJil GbuUrQz+AjhpqotG+1SSIhoRGWyMfZc+TsUzJrIxIItrXKtxRXDRrd60X7xQ5pO4 cXyRUKOokXh8DJfV7UKplsYKwHNG1zE8pZHIM59YEa0pGFu2X55B+eqk94DvkpHI WWWAV04qUr5Zc+28vHUf48NO1Gr4Fg4bKX/+yNpsMlJvb6BjilQPbOEhqwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOPg5V2HwSEvWHJEcymjfnAookVEMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg0YWMxZmFjLWU2NmQtNDBmOS05YWNhLTE1N2JiMzBkZGMyMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba6JAwDQYJKoZIhvcNAQELBQADggEBACi19Num0MhTvMqOiavl eEs+lcghgh8kCJBHshrcf3kMECTHPNHpHqxPyPlXj7W/6XUsmXt0UqK0IpwPSgJQ /BnAeX7ZMVUpOfNZ5uNdxOgIMM02jlE6LpuBu7mllP359cIr6qGhqItJrACX65P0 biiTGM0u5fdeqRydzQVWk+2aHT2TDos+4Cs1JxPMpTs00jsS98WnybXOoZhOGIOP EitP4iqnJJdaf5fP1J0kLYhG1Di1gqVW887eMl3CHrxD1wtweChs3SqKDxH3fSMp lr1iK9ScOS/Nazy9edle8R1mzNxETgcVGPgycU1MnOfi6sI5q0Xg7jBHhh4W0zNg h6U= -----END CERTIFICATE-----Generated at Sun May 24 12:18:47 2026 by rpki-client