$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a37838b8-524c-4ff8-b517-727be63ea330.roa File: a37838b8-524c-4ff8-b517-727be63ea330.roa (raw, json) Hash identifier: i0EHXtRrFhTXkNnD3SYanybQlCCx1RhVwSjCf9HPmio= Subject key identifier: DF:35:61:08:74:04:97:EC:48:BF:6F:DA:64:EA:55:59:7A:D8:F6:24 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 20BF4D021CB03E9193DB9474F5CDFBDDD174EDEC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a37838b8-524c-4ff8-b517-727be63ea330.roa Signing time: Sat 02 May 2026 00:10:52 +0000 ROA not before: Sat 02 May 2026 00:10:52 +0000 ROA not after: Fri 31 Jul 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daea:a040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 07 May 2026 00:00:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:bf:4d:02:1c:b0:3e:91:93:db:94:74:f5:cd:fb:dd:d1:74:ed:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 2 00:10:52 2026 GMT Not After : Jul 31 23:59:59 2026 GMT Subject: serialNumber=9903c4659f793d732141ad26ef9a8c6bc823ee2e39dbea4bab876f8697a4b8ea, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:da:55:b1:3a:bb:45:56:b2:47:3f:3b:03:a9: 87:28:cd:a1:3f:67:36:09:59:c5:a9:2b:64:69:f8: 7f:55:31:19:3b:ce:63:73:fe:3a:65:fd:87:a4:c8: 08:74:4e:13:7b:60:e2:75:20:28:7f:87:99:8d:44: 86:d4:d9:5d:96:c1:2a:bb:ab:d9:b8:60:de:a6:b9: c9:90:9a:78:8b:f8:20:5c:6f:c3:97:15:6a:16:6c: 04:20:83:46:e0:58:e5:71:72:d0:69:2f:70:fc:98: e7:2e:84:e6:5c:72:7d:c9:58:80:26:ff:f5:15:f5: 52:4f:9d:7c:94:5b:d7:4f:af:6b:35:4b:de:c9:39: 13:83:fd:dc:b0:49:e9:ba:a0:8e:29:20:f6:50:f5: 02:0c:95:73:3e:6f:d9:c6:a6:f4:ee:75:9d:3b:08: 9d:ba:d5:f8:0c:fc:02:88:1f:11:77:aa:98:d3:ac: d5:f1:86:b1:ad:83:e4:55:09:4e:af:63:3f:bd:b4: 1c:22:02:3c:8b:61:b5:45:c0:b5:db:56:1e:8a:fa: 61:1a:8f:b5:a1:4d:ac:79:eb:01:41:26:52:84:f5: 19:78:fa:a2:b6:cf:50:60:75:d8:e8:5d:be:07:25: 1d:c2:76:c1:c4:7b:cb:2d:dd:85:df:f7:8a:81:a6: cf:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:35:61:08:74:04:97:EC:48:BF:6F:DA:64:EA:55:59:7A:D8:F6:24 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a37838b8-524c-4ff8-b517-727be63ea330.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daea:a040::/48 Signature Algorithm: sha256WithRSAEncryption 6b:85:4a:6b:c3:a0:70:ab:cd:f0:3a:e4:5e:7b:b8:88:b8:9c: f3:7f:f2:5b:b7:b2:75:ee:45:35:e3:93:62:e7:cd:5c:ed:23: eb:c9:bb:c5:e9:66:a7:c4:3a:96:51:9e:5b:6d:a5:c1:44:19: a3:80:5b:b3:37:be:05:30:cf:89:70:ab:1b:84:b1:d1:8f:8a: 1c:35:31:27:77:4a:93:00:84:62:4a:28:e1:a2:f0:b1:37:1a: d6:d0:fc:72:3b:f2:1c:8f:ee:41:cd:4a:10:8e:64:af:73:6e: 4d:60:e8:e9:eb:72:bd:cd:df:d4:3f:89:03:21:84:c7:15:bb: 3d:d5:f7:e1:7a:90:e8:58:bd:ce:b4:e2:a7:06:35:c1:a1:f1: da:2b:45:b2:c2:18:c3:45:b1:c7:fa:6e:79:ab:1d:f6:91:bd: 03:d3:6b:1b:99:f3:ea:81:15:65:4b:cc:48:7e:4f:98:09:24: 35:f6:c3:2c:0b:9c:42:93:25:24:16:bd:72:3b:0b:6c:d9:40: 9e:8f:4e:6e:d8:f2:0e:3e:0a:e2:cc:80:0d:7a:3e:ae:85:cb: 42:11:a8:df:59:f5:59:44:bc:c2:1c:28:9a:cf:3b:0e:13:88: b0:0d:5b:8a:fd:eb:db:80:2a:ad:8b:b1:41:8b:0f:7d:ba:a1: 38:2c:70:be -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUIL9NAhywPpGT25R09c373dF07ewwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwMjAwMTA1MloX DTI2MDczMTIzNTk1OVowejFJMEcGA1UEBRNAOTkwM2M0NjU5Zjc5M2Q3MzIxNDFh ZDI2ZWY5YThjNmJjODIzZWUyZTM5ZGJlYTRiYWI4NzZmODY5N2E0YjhlYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntpVsTq7RVayRz87A6mHKM2hP2c2 CVnFqStkafh/VTEZO85jc/46Zf2HpMgIdE4Te2DidSAof4eZjUSG1NldlsEqu6vZ uGDeprnJkJp4i/ggXG/DlxVqFmwEIING4FjlcXLQaS9w/JjnLoTmXHJ9yViAJv/1 FfVST518lFvXT69rNUveyTkTg/3csEnpuqCOKSD2UPUCDJVzPm/Zxqb07nWdOwid utX4DPwCiB8Rd6qY06zV8YaxrYPkVQlOr2M/vbQcIgI8i2G1RcC121YeivphGo+1 oU2seesBQSZShPUZePqits9QYHXY6F2+ByUdwnbBxHvLLd2F3/eKgabPTwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFN81YQh0BJfsSL9v2mTqVVl62PYkMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2EzNzgzOGI4LTUyNGMtNGZmOC1iNTE3LTcyN2JlNjNlYTMzMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba6qBAMA0GCSqGSIb3DQEBCwUAA4IBAQBrhUprw6Bwq83wOuRe e7iIuJzzf/Jbt7J17kU145Ni581c7SPrybvF6WanxDqWUZ5bbaXBRBmjgFuzN74F MM+JcKsbhLHRj4ocNTEnd0qTAIRiSijhovCxNxrW0PxyO/Icj+5BzUoQjmSvc25N YOjp63K9zd/UP4kDIYTHFbs91ffhepDoWL3OtOKnBjXBofHaK0WywhjDRbHH+m55 qx32kb0D02sbmfPqgRVlS8xIfk+YCSQ19sMsC5xCkyUkFr1yOwts2UCej05u2PIO PgrizIANej6uhctCEajfWfVZRLzCHCiazzsOE4iwDVuK/evbgCqti7FBiw99uqE4 LHC+ -----END CERTIFICATE-----Generated at Sun May 3 16:59:15 2026 by rpki-client