$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f28624f2-29a1-4d66-bb6c-dd38f883f14b.roa File: f28624f2-29a1-4d66-bb6c-dd38f883f14b.roa (raw, json) Hash identifier: 73UC5KiF5Dp+rRkVe/BhDDBUwYUZz+uBX8VxctPwcKM= Subject key identifier: 93:E8:BF:89:87:F6:1A:C7:9E:09:88:D7:47:15:85:86:B4:62:E1:D9 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 710E059581549B0E8B9F6262A686E9CF4DDD196E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f28624f2-29a1-4d66-bb6c-dd38f883f14b.roa Signing time: Wed 13 May 2026 00:30:14 +0000 ROA not before: Wed 13 May 2026 00:30:14 +0000 ROA not after: Tue 11 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da19:c00::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 May 2026 17:17:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:0e:05:95:81:54:9b:0e:8b:9f:62:62:a6:86:e9:cf:4d:dd:19:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 13 00:30:14 2026 GMT Not After : Aug 11 23:59:59 2026 GMT Subject: serialNumber=8a2dac4e952db1c9a1ba3035936a2b11cbb06d24080261b7ac55528284c4ccdd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:34:79:8f:2b:2b:93:5b:f9:cb:53:8a:67:b8: 32:07:9a:8f:e5:4f:11:ab:82:43:02:f6:83:5c:bb: d9:55:e4:48:8b:b6:9c:71:1f:bc:50:b9:2a:f2:21: 79:2a:de:ae:b3:e2:74:f3:24:7f:56:91:18:c6:60: ab:59:3d:b5:36:7c:7d:26:7b:9f:1e:8e:0a:d6:62: fa:09:c4:25:1d:04:6b:0e:9c:9e:09:90:f8:46:10: 6e:d3:43:33:1d:7c:b3:cb:cb:74:3a:a5:ee:16:2c: 2f:18:03:f0:cf:c4:89:cf:bd:81:be:5b:71:8e:8c: 4e:15:3c:80:b5:04:40:1f:22:03:c7:58:e3:13:01: 04:5f:f9:f9:68:a4:da:33:bd:e2:50:e7:e6:db:1e: cc:6a:e4:98:3c:c3:71:67:66:74:50:a7:12:8d:a1: 3c:7e:8d:a3:d3:1f:00:41:d4:6f:fe:12:ec:37:bd: 40:12:8b:cc:27:b5:bf:f8:1d:6b:d9:55:16:47:a9: df:72:b5:e2:1c:38:5a:d0:91:32:25:5a:88:6f:47: c5:7d:14:5d:57:41:0f:1a:b8:8b:71:cc:e9:cb:09: 24:93:0b:55:ab:e7:fd:a4:6e:2c:d4:92:64:05:19: aa:8b:31:e2:7b:5e:39:2c:d6:92:69:d2:7e:28:dc: 19:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:E8:BF:89:87:F6:1A:C7:9E:09:88:D7:47:15:85:86:B4:62:E1:D9 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f28624f2-29a1-4d66-bb6c-dd38f883f14b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da19:c00::/38 Signature Algorithm: sha256WithRSAEncryption a0:1d:90:c4:1b:aa:62:f1:d3:6d:5b:c3:cf:bf:de:4c:3f:ff: 6f:6b:fb:a9:6c:33:d1:8a:ef:c2:68:68:df:06:df:b8:a0:7e: a7:4f:fe:33:ff:9f:e0:3c:a1:95:6a:a7:fd:88:f7:9f:0d:53: 5b:5c:e1:e5:e0:81:29:c1:0e:43:e4:b0:c9:f8:6a:6f:2b:cc: ba:4f:a2:cc:56:62:bf:69:37:82:fc:f4:17:67:fc:a3:86:4e: fa:96:39:d0:e3:72:f0:bb:ac:70:3a:f1:7a:b6:46:32:8a:c7: 5f:05:03:8b:74:92:1e:ec:19:9e:ab:a2:fe:97:2c:6e:ce:22: df:cb:1e:61:6f:db:e4:da:8c:08:7e:d0:32:f4:14:c3:66:79: d9:21:dc:ad:b4:c4:77:90:50:95:3d:7f:04:c7:56:0d:76:17: 4c:38:9e:f0:5c:20:36:f0:64:a6:f9:af:1d:7b:a9:9e:c9:83: 8a:10:8b:1d:3f:8e:41:2b:92:fe:05:f3:0a:14:35:51:e6:c2: 7c:53:ec:a1:53:f3:69:a9:e3:5b:3c:8e:5c:3a:5b:aa:b5:98: ba:77:fb:f0:e5:8c:88:00:8c:97:2b:aa:0c:6b:12:db:8a:51: 2a:81:d2:f6:88:3e:9c:58:d5:e1:ff:81:e9:7a:98:82:04:f3: 65:70:21:21 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUcQ4FlYFUmw6Ln2Jipobpz03dGW4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMzAwMzAxNFoX DTI2MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAOGEyZGFjNGU5NTJkYjFjOWExYmEz MDM1OTM2YTJiMTFjYmIwNmQyNDA4MDI2MWI3YWM1NTUyODI4NGM0Y2NkZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDR5jysrk1v5y1OKZ7gyB5qP5U8R q4JDAvaDXLvZVeRIi7accR+8ULkq8iF5Kt6us+J08yR/VpEYxmCrWT21Nnx9Jnuf Ho4K1mL6CcQlHQRrDpyeCZD4RhBu00MzHXyzy8t0OqXuFiwvGAPwz8SJz72Bvltx joxOFTyAtQRAHyIDx1jjEwEEX/n5aKTaM73iUOfm2x7MauSYPMNxZ2Z0UKcSjaE8 fo2j0x8AQdRv/hLsN71AEovMJ7W/+B1r2VUWR6nfcrXiHDha0JEyJVqIb0fFfRRd V0EPGriLcczpywkkkwtVq+f9pG4s1JJkBRmqizHie145LNaSadJ+KNwZ3wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJPov4mH9hrHngmI10cVhYa0YuHZMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2YyODYyNGYyLTI5YTEtNGQ2Ni1iYjZjLWRkMzhmODgzZjE0Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaGQwwDQYJKoZIhvcNAQELBQADggEBAKAdkMQbqmLx021bw8+/ 3kw//29r+6lsM9GK78JoaN8G37igfqdP/jP/n+A8oZVqp/2I958NU1tc4eXggSnB DkPksMn4am8rzLpPosxWYr9pN4L89Bdn/KOGTvqWOdDjcvC7rHA68Xq2RjKKx18F A4t0kh7sGZ6rov6XLG7OIt/LHmFv2+TajAh+0DL0FMNmedkh3K20xHeQUJU9fwTH Vg12F0w4nvBcIDbwZKb5rx17qZ7Jg4oQix0/jkErkv4F8woUNVHmwnxT7KFT82mp 41s8jlw6W6q1mLp3+/DljIgAjJcrqgxrEtuKUSqB0vaIPpxY1eH/gel6mIIE82Vw ISE= -----END CERTIFICATE-----Generated at Sun May 24 12:21:59 2026 by rpki-client