$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8b00db97-2511-430d-9f35-06dea72e4d33.roa File: 8b00db97-2511-430d-9f35-06dea72e4d33.roa (raw, json) Hash identifier: h4QJQWwR1psEHiGYX6tDGjnmNV2AlSLq6lHXDgtIW7o= Subject key identifier: B5:25:AA:2C:86:DB:42:F3:46:2F:26:4C:8A:83:C5:4E:B4:71:02:08 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3E5C1C890C6BF4EBCC6583A01E672CD212EAD24A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8b00db97-2511-430d-9f35-06dea72e4d33.roa Signing time: Fri 22 May 2026 17:16:36 +0000 ROA not before: Fri 22 May 2026 17:16:36 +0000 ROA not after: Thu 20 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dae8:4000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 May 2026 17:17:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:5c:1c:89:0c:6b:f4:eb:cc:65:83:a0:1e:67:2c:d2:12:ea:d2:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 22 17:16:36 2026 GMT Not After : Aug 20 23:59:59 2026 GMT Subject: serialNumber=dedbf7b86b4579b810430a252f35473cd0046c68d3e103bfc6e7d4393767254b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:60:89:fe:22:59:a0:a3:be:56:fd:80:99:f5: 54:d3:f0:75:f9:ff:3c:0e:81:5a:22:1e:57:66:2d: fd:a2:a6:ed:46:da:1f:ad:8b:bd:7f:70:2f:fb:8a: 81:f8:6b:62:76:58:96:0e:2f:0e:ee:60:cb:4a:7e: 98:1b:28:f5:30:88:31:21:98:2b:99:f5:f6:9a:8b: ab:be:81:75:9e:30:d5:55:a7:65:bf:8b:76:dd:49: 34:44:74:0a:35:e3:66:70:78:ff:ea:b4:5e:7f:46: 23:1c:c4:84:ad:05:eb:38:cf:71:e3:58:05:08:f6: 56:a5:ec:ba:7f:05:f8:cc:b0:98:69:24:f3:1d:72: 2b:89:fe:88:21:fa:f4:5c:53:5b:a0:ef:63:95:f3: 57:2e:e0:c2:7a:51:71:a7:d8:72:c3:27:14:d4:f2: 22:4c:34:7e:96:ae:21:f6:44:c1:30:cc:5f:ad:e0: 4c:9f:d3:69:ac:35:c0:4f:bf:34:e0:54:ce:10:fa: 29:7d:1e:11:d3:ad:65:e4:dd:ac:3d:e2:44:f9:34: b8:94:8c:8a:df:f8:8c:e6:28:31:f2:07:31:36:42: f1:f2:61:52:4c:3e:fc:60:ad:e3:f7:50:29:c7:41: d2:49:11:72:66:e1:0a:f2:43:90:2f:16:c5:5c:01: 98:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:25:AA:2C:86:DB:42:F3:46:2F:26:4C:8A:83:C5:4E:B4:71:02:08 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8b00db97-2511-430d-9f35-06dea72e4d33.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dae8:4000::/40 Signature Algorithm: sha256WithRSAEncryption 66:25:88:22:d7:28:0e:7c:67:f4:35:0e:8f:f1:5a:f4:c2:0a: 39:99:83:72:5e:3b:f0:11:ae:44:ab:06:b0:1d:be:04:86:ce: 71:09:99:91:7c:af:45:e7:5c:73:cd:22:64:01:b9:a4:07:3d: ab:e5:c2:f3:13:82:b6:43:b8:4f:f7:93:de:cd:5e:1b:31:d8: 28:0b:93:51:76:7d:36:64:ce:c8:fc:7d:a2:a2:15:b4:c3:16: 23:9e:3c:c8:c5:4d:31:40:89:f9:d1:33:78:65:43:ca:c0:2a: 7b:db:f9:de:7e:e1:e0:2a:b3:2d:6c:0a:a9:70:2d:f9:b1:13: 53:63:71:e4:85:39:46:ab:ad:8e:0d:42:72:3b:d1:de:25:0c: ba:1a:a3:5d:8b:44:54:9e:1e:48:d2:20:14:30:f9:97:a2:29: dc:47:c8:1f:0e:f4:c6:76:be:d0:1e:2c:02:ee:1a:30:08:4a: f6:79:f7:4d:76:21:5a:52:03:6d:8d:fb:43:bd:e7:b0:dc:8f: 0b:b2:29:93:2a:09:e7:48:6a:94:71:90:cb:bd:60:4d:31:d4: 68:47:d5:b1:cb:7c:d6:b9:f2:92:79:e5:fa:b4:fb:66:79:0c: ef:fc:c1:4e:93:e3:0b:d1:8b:26:1d:bc:df:2b:5a:9b:6d:12: 72:2d:2c:f6 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUPlwciQxr9OvMZYOgHmcs0hLq0kowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUyMjE3MTYzNloX DTI2MDgyMDIzNTk1OVowejFJMEcGA1UEBRNAZGVkYmY3Yjg2YjQ1NzliODEwNDMw YTI1MmYzNTQ3M2NkMDA0NmM2OGQzZTEwM2JmYzZlN2Q0MzkzNzY3MjU0YjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmCJ/iJZoKO+Vv2AmfVU0/B1+f88 DoFaIh5XZi39oqbtRtofrYu9f3Av+4qB+GtidliWDi8O7mDLSn6YGyj1MIgxIZgr mfX2mourvoF1njDVVadlv4t23Uk0RHQKNeNmcHj/6rRef0YjHMSErQXrOM9x41gF CPZWpey6fwX4zLCYaSTzHXIrif6IIfr0XFNboO9jlfNXLuDCelFxp9hywycU1PIi TDR+lq4h9kTBMMxfreBMn9NprDXAT7804FTOEPopfR4R061l5N2sPeJE+TS4lIyK 3/iM5igx8gcxNkLx8mFSTD78YK3j91Apx0HSSRFyZuEK8kOQLxbFXAGYDQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLUlqiyG20LzRi8mTIqDxU60cQIIMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhiMDBkYjk3LTI1MTEtNDMwZC05ZjM1LTA2ZGVhNzJlNGQzMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba6EAwDQYJKoZIhvcNAQELBQADggEBAGYliCLXKA58Z/Q1Do/x WvTCCjmZg3JeO/ARrkSrBrAdvgSGznEJmZF8r0XnXHPNImQBuaQHPavlwvMTgrZD uE/3k97NXhsx2CgLk1F2fTZkzsj8faKiFbTDFiOePMjFTTFAifnRM3hlQ8rAKnvb +d5+4eAqsy1sCqlwLfmxE1NjceSFOUarrY4NQnI70d4lDLoao12LRFSeHkjSIBQw +ZeiKdxHyB8O9MZ2vtAeLALuGjAISvZ59012IVpSA22N+0O957DcjwuyKZMqCedI apRxkMu9YE0x1GhH1bHLfNa58pJ55fq0+2Z5DO/8wU6T4wvRiyYdvN8rWpttEnIt LPY= -----END CERTIFICATE-----Generated at Sun May 24 12:19:09 2026 by rpki-client