$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d874a882-7cd5-41b7-aeff-555ab68043f0.roa File: d874a882-7cd5-41b7-aeff-555ab68043f0.roa (raw, json) Hash identifier: 3ZlCAp5N8KJdV6rzLo8bv5ZVah35VRR26PD2cHASo7Y= Subject key identifier: 9D:EE:B9:6B:9B:A2:41:77:95:29:4A:DB:DD:2C:24:DF:3A:A5:D9:54 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5B5759C62302D9DEA60C2AC116354606254BEB91 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d874a882-7cd5-41b7-aeff-555ab68043f0.roa Signing time: Wed 13 May 2026 00:11:04 +0000 ROA not before: Wed 13 May 2026 00:11:04 +0000 ROA not after: Tue 11 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf8:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 May 2026 00:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:57:59:c6:23:02:d9:de:a6:0c:2a:c1:16:35:46:06:25:4b:eb:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 13 00:11:04 2026 GMT Not After : Aug 11 23:59:59 2026 GMT Subject: serialNumber=89974c67e4e783c7a0c43e46e52c3adc56eeda18270dd15ae233722df64a0413, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:fb:88:2c:a6:76:20:df:a4:3d:f5:0b:e1:c9: 66:b8:83:d6:0d:fb:f8:4a:1d:2d:f8:f3:62:25:e5: 2a:3c:86:6c:f5:ca:6f:d8:ec:0a:20:73:e1:e5:2e: a2:07:f3:ab:3d:b5:37:3e:03:db:b1:47:57:7e:c8: 94:54:38:dc:db:2e:91:b0:ce:d9:bd:4c:7a:e1:8c: 79:2a:aa:a3:d3:d6:d3:40:88:40:76:08:5a:71:05: 76:5f:ee:81:c6:04:ed:54:9f:c6:9a:e8:17:f9:ff: f2:ac:3a:fd:20:cf:51:e7:28:98:d1:13:84:a7:a2: 33:e1:d3:20:88:75:87:68:56:48:24:6a:ca:79:6e: 5d:8d:80:c9:7e:fc:d4:38:c2:28:a7:28:54:17:47: 16:97:10:ce:13:fb:10:7a:4a:3a:2c:82:60:5f:f9: 6d:dc:cb:ed:64:3f:9b:da:f7:70:af:0e:a8:2f:37: 0c:39:ad:f7:1d:4b:f4:78:d0:9c:d0:2f:31:15:9e: 79:44:8a:ee:7d:8b:1d:ba:71:a0:79:91:9b:e4:95: 85:27:1a:74:86:71:ce:c1:ac:4f:f5:1d:23:dd:f8: 30:29:29:2d:34:94:00:f0:35:84:b9:0f:9e:91:6e: 76:89:e0:36:a3:8b:4f:c6:42:22:34:92:6a:b1:b6: 28:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:EE:B9:6B:9B:A2:41:77:95:29:4A:DB:DD:2C:24:DF:3A:A5:D9:54 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d874a882-7cd5-41b7-aeff-555ab68043f0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf8:e000::/40 Signature Algorithm: sha256WithRSAEncryption 4a:ca:2a:4d:20:0f:ea:af:b1:ba:64:e1:1b:f8:5a:e0:96:5d: 2f:5d:32:4b:7c:57:32:5e:13:0c:37:67:f9:11:5e:35:41:fa: dc:7d:41:02:1b:c7:4e:23:7f:f3:6a:f5:bb:38:c7:41:f7:88: 57:3f:dd:8c:1c:8e:6e:15:89:1a:ae:fe:38:7f:c2:80:f3:ad: 1e:a5:73:57:e5:b3:f6:d5:d6:72:87:94:f7:97:53:ac:3e:66: fa:06:f0:4b:11:f1:a1:a9:ac:f0:a4:98:d3:5a:96:12:0b:bf: 24:12:1c:81:7f:1a:80:ed:67:37:b7:30:bc:46:10:4a:f8:cc: 5e:d7:3a:d7:6d:36:59:49:58:22:fd:e3:7a:08:0e:2a:37:4c: f3:7f:05:7c:cb:76:d9:48:f9:17:b1:ea:17:3d:19:ec:58:50: 17:8e:6d:28:8f:0e:98:3b:da:d7:b6:71:8f:29:55:d2:15:7c: 8f:7a:ff:34:49:d1:7f:77:1e:7f:7f:52:c2:31:04:9d:1a:30: fa:c9:52:40:25:6f:00:cc:54:ff:e7:d8:3d:52:cc:a1:a0:bf: 99:3f:be:7d:a0:29:ed:fd:f4:fa:2f:22:6e:e4:ab:84:e6:44: c9:2c:a9:66:f3:95:01:3d:bb:b1:74:3f:29:98:e7:4e:ce:10: 0a:61:6b:40 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUW1dZxiMC2d6mDCrBFjVGBiVL65EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMzAwMTEwNFoX DTI2MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAODk5NzRjNjdlNGU3ODNjN2EwYzQz ZTQ2ZTUyYzNhZGM1NmVlZGExODI3MGRkMTVhZTIzMzcyMmRmNjRhMDQxMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPuILKZ2IN+kPfUL4clmuIPWDfv4 Sh0t+PNiJeUqPIZs9cpv2OwKIHPh5S6iB/OrPbU3PgPbsUdXfsiUVDjc2y6RsM7Z vUx64Yx5Kqqj09bTQIhAdghacQV2X+6BxgTtVJ/GmugX+f/yrDr9IM9R5yiY0ROE p6Iz4dMgiHWHaFZIJGrKeW5djYDJfvzUOMIopyhUF0cWlxDOE/sQeko6LIJgX/lt 3MvtZD+b2vdwrw6oLzcMOa33HUv0eNCc0C8xFZ55RIrufYsdunGgeZGb5JWFJxp0 hnHOwaxP9R0j3fgwKSktNJQA8DWEuQ+ekW52ieA2o4tPxkIiNJJqsbYo2wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJ3uuWubokF3lSlK290sJN86pdlUMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q4NzRhODgyLTdjZDUtNDFiNy1hZWZmLTU1NWFiNjgwNDNmMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+OAwDQYJKoZIhvcNAQELBQADggEBAErKKk0gD+qvsbpk4Rv4 WuCWXS9dMkt8VzJeEww3Z/kRXjVB+tx9QQIbx04jf/Nq9bs4x0H3iFc/3Ywcjm4V iRqu/jh/woDzrR6lc1fls/bV1nKHlPeXU6w+ZvoG8EsR8aGprPCkmNNalhILvyQS HIF/GoDtZze3MLxGEEr4zF7XOtdtNllJWCL943oIDio3TPN/BXzLdtlI+Rex6hc9 GexYUBeObSiPDpg72te2cY8pVdIVfI96/zRJ0X93Hn9/UsIxBJ0aMPrJUkAlbwDM VP/n2D1SzKGgv5k/vn2gKe399PovIm7kq4TmRMksqWbzlQE9u7F0PymY507OEAph a0A= -----END CERTIFICATE-----Generated at Tue May 26 18:18:36 2026 by rpki-client