$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e6bab3e6-c28e-47e7-bab4-a461b1539faa.roa File: e6bab3e6-c28e-47e7-bab4-a461b1539faa.roa (raw, json) Hash identifier: mq0gvHduCq3e96SMNpLcVmSvY4azaiBFStWT77QYPJg= Subject key identifier: 58:C4:2E:BF:07:F0:7C:22:EB:DF:4B:91:71:5C:02:5C:E8:28:55:C2 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2D8CF184ED085265D8811BA265DD54994E853963 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e6bab3e6-c28e-47e7-bab4-a461b1539faa.roa Signing time: Sat 02 May 2026 00:20:06 +0000 ROA not before: Sat 02 May 2026 00:20:06 +0000 ROA not after: Fri 31 Jul 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:f000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 07 May 2026 00:00:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:8c:f1:84:ed:08:52:65:d8:81:1b:a2:65:dd:54:99:4e:85:39:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 2 00:20:06 2026 GMT Not After : Jul 31 23:59:59 2026 GMT Subject: serialNumber=1415bb33d0f30c82647046c5069a4154f9c2844d57c1c8092d8016782b5d1301, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:d6:59:46:1c:88:fb:42:1c:22:c6:92:41:9b: 0d:1c:f2:cc:e3:81:c9:cd:49:c1:72:dd:e2:a7:b6: 2f:0a:f8:da:b3:54:19:c2:d2:11:a1:e6:21:ae:4c: aa:85:c7:4f:a2:b6:2e:8c:fd:3e:d3:f8:9c:7d:50: fd:27:c5:70:62:56:b2:08:64:f7:ae:53:de:f5:2a: 5b:5a:38:a1:0f:d2:a0:c4:40:8d:40:40:88:74:55: db:50:ed:6f:45:0b:ef:bd:f0:b3:97:4f:14:57:41: f2:69:dc:93:d9:c8:60:64:03:a6:17:e0:23:a0:5e: 20:c8:44:aa:ff:93:0e:a5:d4:3a:39:ca:a9:f1:3f: ed:c2:eb:ec:50:2f:2d:62:de:1f:8e:83:9c:b3:89: 11:47:71:e7:a8:58:cb:68:ab:bc:5c:15:59:6b:f7: 4c:fa:88:77:db:80:81:0b:71:ce:9b:dd:c4:2c:62: 04:91:74:54:96:9e:d4:e6:cb:fc:11:6c:59:1d:6d: 9e:02:51:71:2e:37:42:22:98:cd:52:6e:1b:63:ae: f4:f4:4e:d7:38:44:3d:6d:b6:49:71:78:5c:4d:c9: 6a:0b:7c:b3:82:fb:e2:df:72:46:31:24:bc:9b:10: 62:51:e1:fb:45:f4:41:fb:66:cd:fe:c8:dc:5d:54: 58:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:C4:2E:BF:07:F0:7C:22:EB:DF:4B:91:71:5C:02:5C:E8:28:55:C2 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e6bab3e6-c28e-47e7-bab4-a461b1539faa.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:f000::/40 Signature Algorithm: sha256WithRSAEncryption 57:6a:3f:79:7d:84:56:2f:a9:1c:dd:f3:ca:a8:de:29:12:e3: 84:48:be:c5:1f:2b:fb:54:61:1b:cc:b5:87:ce:39:e7:d3:de: db:a3:d1:26:ec:9d:c4:e7:33:1d:ff:48:e3:89:52:be:e0:23: 9b:d7:35:94:76:e1:f3:28:93:a1:9a:6d:56:cd:ac:82:06:27: 6c:8e:1b:0b:99:a0:5f:bf:e1:8e:34:c8:57:07:38:43:ae:54: f7:49:17:61:33:09:77:4d:d3:22:05:0a:ef:46:dc:66:8d:00: 92:bd:6f:43:e1:85:1a:8f:b5:31:f7:33:bc:4d:0e:17:6f:ba: 0a:22:7f:1f:5b:c2:64:ce:67:85:26:bc:cb:8a:b9:e3:84:47: 37:55:db:cb:fd:e6:59:2e:b3:9b:d5:dc:66:05:c4:57:67:de: f0:dc:4b:de:b5:ce:e2:f8:a2:06:cb:15:13:0c:51:3d:fa:48: 6d:d5:a7:4b:ac:d3:f1:91:11:13:86:5e:e4:a0:e9:19:26:20: 89:98:e1:f9:9f:64:de:56:9d:82:8e:fb:e2:55:b7:bb:41:99: c3:b5:fc:84:9b:47:91:86:80:3d:37:8e:b4:79:c7:ed:ed:6a: 99:14:4b:ae:e0:03:30:d3:90:8c:32:11:95:52:eb:1e:60:aa: 1d:99:45:46 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIULYzxhO0IUmXYgRuiZd1UmU6FOWMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwMjAwMjAwNloX DTI2MDczMTIzNTk1OVowejFJMEcGA1UEBRNAMTQxNWJiMzNkMGYzMGM4MjY0NzA0 NmM1MDY5YTQxNTRmOWMyODQ0ZDU3YzFjODA5MmQ4MDE2NzgyYjVkMTMwMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNZZRhyI+0IcIsaSQZsNHPLM44HJ zUnBct3ip7YvCvjas1QZwtIRoeYhrkyqhcdPorYujP0+0/icfVD9J8VwYlayCGT3 rlPe9SpbWjihD9KgxECNQECIdFXbUO1vRQvvvfCzl08UV0HyadyT2chgZAOmF+Aj oF4gyESq/5MOpdQ6Ocqp8T/twuvsUC8tYt4fjoOcs4kRR3HnqFjLaKu8XBVZa/dM +oh324CBC3HOm93ELGIEkXRUlp7U5sv8EWxZHW2eAlFxLjdCIpjNUm4bY6709E7X OEQ9bbZJcXhcTclqC3yzgvvi33JGMSS8mxBiUeH7RfRB+2bN/sjcXVRYdQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFFjELr8H8Hwi699LkXFcAlzoKFXCMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2U2YmFiM2U2LWMyOGUtNDdlNy1iYWI0LWE0NjFiMTUzOWZhYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8/AwDQYJKoZIhvcNAQELBQADggEBAFdqP3l9hFYvqRzd88qo 3ikS44RIvsUfK/tUYRvMtYfOOefT3tuj0SbsncTnMx3/SOOJUr7gI5vXNZR24fMo k6GabVbNrIIGJ2yOGwuZoF+/4Y40yFcHOEOuVPdJF2EzCXdN0yIFCu9G3GaNAJK9 b0PhhRqPtTH3M7xNDhdvugoifx9bwmTOZ4UmvMuKueOERzdV28v95lkus5vV3GYF xFdn3vDcS961zuL4ogbLFRMMUT36SG3Vp0us0/GREROGXuSg6RkmIImY4fmfZN5W nYKO++JVt7tBmcO1/ISbR5GGgD03jrR5x+3tapkUS67gAzDTkIwyEZVS6x5gqh2Z RUY= -----END CERTIFICATE-----Generated at Sun May 3 14:48:09 2026 by rpki-client