$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c40c7106-86b6-4b59-9dc1-1003f0bf118e.roa File: c40c7106-86b6-4b59-9dc1-1003f0bf118e.roa (raw, json) Hash identifier: KCWfgGD9jPBEgamhc50fPkHIguCNBgERVwYDJWZXO/k= Subject key identifier: 83:89:AE:61:E8:41:4A:75:10:36:FF:E8:B3:D6:34:37:1F:4B:B6:AB Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 10E1F4FB96C886D3E323CF0AFF01BFF9AD7943C5 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c40c7106-86b6-4b59-9dc1-1003f0bf118e.roa Signing time: Mon 27 Apr 2026 00:00:11 +0000 ROA not before: Mon 27 Apr 2026 00:00:11 +0000 ROA not after: Sun 26 Jul 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da68:a0c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 07 May 2026 00:00:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:e1:f4:fb:96:c8:86:d3:e3:23:cf:0a:ff:01:bf:f9:ad:79:43:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 27 00:00:11 2026 GMT Not After : Jul 26 23:59:59 2026 GMT Subject: serialNumber=d8334bc32a916e70db29ae9ab2c8b43581b62c893f48d89c7b67faf3ae81083c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:e3:64:7a:da:f8:93:2d:da:07:85:57:d0:e0: 0d:68:bc:41:26:c6:93:8d:95:56:47:e9:ec:56:34: a0:f8:5c:e5:22:c6:67:c1:37:35:d1:7b:f4:54:54: b3:59:18:db:80:9b:22:9d:fc:f8:5b:1a:64:66:08: 74:52:eb:d8:ae:30:d6:b4:fe:0e:2a:42:02:cc:c2: 4f:a3:60:24:49:e8:6f:35:bb:9c:3e:ef:59:46:1f: d2:be:78:bd:87:ae:42:56:dd:1c:a7:50:7b:4c:59: d7:8d:2e:dc:22:12:fa:ad:cc:15:b2:21:4b:17:a9: c5:4f:11:4e:b2:76:fe:7e:8f:57:b9:ad:5c:d9:73: 07:95:24:51:1b:92:39:91:6c:01:73:1a:0a:19:d1: 35:c1:7d:c7:d4:97:50:45:54:a4:7a:6a:63:e2:94: 95:b5:05:01:4f:1b:d1:01:fe:97:0d:c1:5b:29:c8: b1:b9:34:d7:08:f0:53:dd:1b:f9:fc:35:68:55:d4: dc:92:c8:b8:ea:f0:0d:73:b7:b5:29:b2:d6:bc:04: 8d:6e:09:9f:b8:a3:7e:5b:1d:be:15:96:c4:00:a9: 15:d7:45:46:a2:a9:94:37:be:92:ba:fe:11:b3:df: a3:24:f2:96:a9:ca:c3:ec:13:76:b9:ad:a4:1d:20: 05:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:89:AE:61:E8:41:4A:75:10:36:FF:E8:B3:D6:34:37:1F:4B:B6:AB X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c40c7106-86b6-4b59-9dc1-1003f0bf118e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da68:a0c0::/46 Signature Algorithm: sha256WithRSAEncryption 82:4a:30:1d:b5:6f:2d:47:fe:0f:49:2b:67:da:2a:2d:ca:3b: 6d:f2:73:d5:9a:64:b1:05:1a:6b:5a:e2:78:36:6e:d6:ce:70: 1f:85:e8:51:cc:ca:56:7f:ab:c1:88:24:01:46:ed:15:ad:81: 67:e1:0c:48:da:bd:1f:8b:4b:f0:51:bb:14:fd:6f:48:66:1b: 30:fb:40:86:8f:21:3b:70:1a:21:93:c4:0f:62:3c:97:36:1d: f9:27:ea:05:4d:a9:75:a6:39:81:f8:df:52:c3:e1:28:1c:63: 00:be:a8:df:b6:6f:b7:b4:a4:1b:64:1f:df:c1:72:f9:f7:23: 78:24:c1:f7:3c:c6:53:e9:d1:41:cd:dd:50:44:e1:4f:3d:6d: 9f:96:5f:19:dd:92:60:ab:8c:2e:df:55:12:66:9c:1c:36:d2: 8f:89:6a:f9:29:f6:c5:3d:05:df:dc:b7:71:13:de:b0:6f:da: d1:62:7a:f3:2a:e1:e7:ed:13:fc:87:2e:04:16:e7:01:cc:48: 1d:6d:28:51:76:a5:fe:92:17:c6:5c:a3:c2:2d:71:df:6a:6b: 27:1e:12:13:d9:23:4f:bb:18:da:b5:15:61:4a:5c:52:44:85: 75:5d:e8:d8:af:b6:db:2c:6f:90:cf:c1:2b:24:d3:50:6a:1a: e7:ba:ef:6c -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUEOH0+5bIhtPjI88K/wG/+a15Q8UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDQyNzAwMDAxMVoX DTI2MDcyNjIzNTk1OVowejFJMEcGA1UEBRNAZDgzMzRiYzMyYTkxNmU3MGRiMjlh ZTlhYjJjOGI0MzU4MWI2MmM4OTNmNDhkODljN2I2N2ZhZjNhZTgxMDgzYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+Nketr4ky3aB4VX0OANaLxBJsaT jZVWR+nsVjSg+FzlIsZnwTc10Xv0VFSzWRjbgJsinfz4WxpkZgh0UuvYrjDWtP4O KkICzMJPo2AkSehvNbucPu9ZRh/Svni9h65CVt0cp1B7TFnXjS7cIhL6rcwVsiFL F6nFTxFOsnb+fo9Xua1c2XMHlSRRG5I5kWwBcxoKGdE1wX3H1JdQRVSkempj4pSV tQUBTxvRAf6XDcFbKcixuTTXCPBT3Rv5/DVoVdTcksi46vANc7e1KbLWvASNbgmf uKN+Wx2+FZbEAKkV10VGoqmUN76Suv4Rs9+jJPKWqcrD7BN2ua2kHSAFwQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFIOJrmHoQUp1EDb/6LPWNDcfS7arMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2M0MGM3MTA2LTg2YjYtNGI1OS05ZGMxLTEwMDNmMGJmMTE4ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAbaaKDAMA0GCSqGSIb3DQEBCwUAA4IBAQCCSjAdtW8tR/4PSStn 2iotyjtt8nPVmmSxBRprWuJ4Nm7WznAfhehRzMpWf6vBiCQBRu0VrYFn4QxI2r0f i0vwUbsU/W9IZhsw+0CGjyE7cBohk8QPYjyXNh35J+oFTal1pjmB+N9Sw+EoHGMA vqjftm+3tKQbZB/fwXL59yN4JMH3PMZT6dFBzd1QROFPPW2fll8Z3ZJgq4wu31US ZpwcNtKPiWr5KfbFPQXf3LdxE96wb9rRYnrzKuHn7RP8hy4EFucBzEgdbShRdqX+ khfGXKPCLXHfamsnHhIT2SNPuxjatRVhSlxSRIV1XejYr7bbLG+Qz8ErJNNQahrn uu9s -----END CERTIFICATE-----Generated at Sun May 3 15:29:02 2026 by rpki-client