$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b4b3ea34-ccd1-4af5-ae37-7db2725720ce.roa File: b4b3ea34-ccd1-4af5-ae37-7db2725720ce.roa (raw, json) Hash identifier: c9YrfWLfxHSdm77j0UIYGl+hEdauBjwD9/wUZBcDQiA= Subject key identifier: 39:C8:9C:FE:3D:0A:92:16:40:73:61:C3:01:43:68:41:8C:2C:56:60 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3425AC8E2CE5941A97C7964A0C4E2C8B9F383D20 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b4b3ea34-ccd1-4af5-ae37-7db2725720ce.roa Signing time: Fri 22 May 2026 17:01:31 +0000 ROA not before: Fri 22 May 2026 17:01:31 +0000 ROA not after: Thu 20 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dae8:8840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 May 2026 17:17:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:25:ac:8e:2c:e5:94:1a:97:c7:96:4a:0c:4e:2c:8b:9f:38:3d:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 22 17:01:31 2026 GMT Not After : Aug 20 23:59:59 2026 GMT Subject: serialNumber=4c52635f109eba7e191c7f0e40a9001fd3b28d30cfb06dff78e0905571216325, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:cd:29:db:38:2b:75:41:03:a7:cc:b0:ee:7b: 32:01:8e:9a:2b:32:69:d1:3c:f1:dd:3b:1c:83:b0: 9f:57:5e:98:25:42:5e:41:33:0f:ca:e2:6b:17:88: 29:d8:ba:8c:49:76:00:60:96:de:e6:a3:00:fb:16: e6:64:eb:72:46:9a:cd:89:62:fb:61:91:15:2e:fd: f9:ef:80:39:99:ff:16:ca:07:f3:cc:19:7f:76:0f: d0:59:36:4b:0e:2c:63:44:a6:53:6f:b1:2c:41:26: b5:bd:8e:17:f1:81:ad:ed:0c:65:73:45:57:36:27: 66:bc:38:ed:73:92:4c:52:1e:fd:b3:77:97:2d:8b: 00:dd:de:b1:15:f2:cc:f4:a5:6c:7c:9a:fc:35:a3: 1f:63:6b:97:f1:09:c6:66:14:c7:76:3e:33:e1:b8: e5:e1:91:e7:b6:ee:74:b6:b8:3e:07:87:d3:77:c9: 72:91:d2:08:d2:f0:44:45:b2:84:dc:17:87:89:80: 97:cf:b7:c9:a5:5f:2d:6f:37:67:65:7c:3b:d5:35: 9f:62:cc:61:02:b8:49:da:81:5a:ba:20:4c:cb:c3: 16:37:39:a5:34:4c:bc:44:ee:d7:13:b7:8a:bd:0d: d2:a0:30:7a:af:85:9a:57:04:f9:f7:84:99:c7:c7: fd:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:C8:9C:FE:3D:0A:92:16:40:73:61:C3:01:43:68:41:8C:2C:56:60 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b4b3ea34-ccd1-4af5-ae37-7db2725720ce.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dae8:8840::/48 Signature Algorithm: sha256WithRSAEncryption 82:6d:02:45:67:f0:b3:a9:4f:71:ff:bd:90:1e:df:2b:7d:e4: 33:6b:80:46:50:ba:3f:e2:33:9f:bd:59:26:e2:82:1f:5f:55: 4d:c2:a5:18:b8:3d:11:d4:2e:26:d2:0b:22:61:07:74:32:7b: 66:ae:05:23:3a:a4:e3:2e:dc:99:f5:1c:ca:e2:a0:3c:32:e2: af:06:ce:40:37:ec:32:5a:a3:73:66:fe:c9:a2:9d:53:1a:0c: 66:4c:05:79:d5:a5:e4:c1:da:bf:5a:f5:df:db:9d:71:6d:71: a1:b4:f9:c2:94:23:18:a1:72:ba:e1:4b:28:a3:a3:ac:03:c2: 90:f4:50:f7:05:35:37:ff:9e:54:ba:5f:89:17:44:ff:d3:4c: 74:61:e2:16:78:56:f6:b0:a7:77:21:fc:a1:84:be:17:d0:72: c0:a0:d4:4b:f1:d5:9a:d8:79:56:56:81:e6:b9:65:84:51:be: f7:9b:e5:4d:79:d9:c6:03:15:8b:0e:f5:e2:07:e3:bb:75:48: 1c:eb:51:a7:95:f5:73:cb:18:19:2b:80:aa:2c:f9:b8:b5:f1: 55:ed:ec:a4:10:2e:fa:a8:6e:46:60:39:51:a6:09:4c:2e:93: ab:7f:7d:db:20:43:79:38:62:82:83:60:84:86:71:24:61:0e: 8c:d9:46:5d -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUNCWsjizllBqXx5ZKDE4si584PSAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUyMjE3MDEzMVoX DTI2MDgyMDIzNTk1OVowejFJMEcGA1UEBRNANGM1MjYzNWYxMDllYmE3ZTE5MWM3 ZjBlNDBhOTAwMWZkM2IyOGQzMGNmYjA2ZGZmNzhlMDkwNTU3MTIxNjMyNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvc0p2zgrdUEDp8yw7nsyAY6aKzJp 0Tzx3Tscg7CfV16YJUJeQTMPyuJrF4gp2LqMSXYAYJbe5qMA+xbmZOtyRprNiWL7 YZEVLv3574A5mf8WygfzzBl/dg/QWTZLDixjRKZTb7EsQSa1vY4X8YGt7Qxlc0VX NidmvDjtc5JMUh79s3eXLYsA3d6xFfLM9KVsfJr8NaMfY2uX8QnGZhTHdj4z4bjl 4ZHntu50trg+B4fTd8lykdII0vBERbKE3BeHiYCXz7fJpV8tbzdnZXw71TWfYsxh ArhJ2oFauiBMy8MWNzmlNEy8RO7XE7eKvQ3SoDB6r4WaVwT594SZx8f9hQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFDnInP49CpIWQHNhwwFDaEGMLFZgMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2I0YjNlYTM0LWNjZDEtNGFmNS1hZTM3LTdkYjI3MjU3MjBjZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba6IhAMA0GCSqGSIb3DQEBCwUAA4IBAQCCbQJFZ/CzqU9x/72Q Ht8rfeQza4BGULo/4jOfvVkm4oIfX1VNwqUYuD0R1C4m0gsiYQd0MntmrgUjOqTj LtyZ9RzK4qA8MuKvBs5AN+wyWqNzZv7Jop1TGgxmTAV51aXkwdq/WvXf251xbXGh tPnClCMYoXK64Usoo6OsA8KQ9FD3BTU3/55Uul+JF0T/00x0YeIWeFb2sKd3Ifyh hL4X0HLAoNRL8dWa2HlWVoHmuWWEUb73m+VNednGAxWLDvXiB+O7dUgc61GnlfVz yxgZK4CqLPm4tfFV7eykEC76qG5GYDlRpglMLpOrf33bIEN5OGKCg2CEhnEkYQ6M 2UZd -----END CERTIFICATE-----Generated at Sun May 24 12:18:51 2026 by rpki-client