$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f611f5b8-6400-4b10-bf6f-3c313ca38db5.roa File: f611f5b8-6400-4b10-bf6f-3c313ca38db5.roa (raw, json) Hash identifier: avKkTw6k6Hx3AqggNh8ch9S6xyLNn/DxbzKlwnlQFzg= Subject key identifier: 79:68:9F:E1:DD:80:7A:31:96:B4:86:55:DF:08:DC:BC:F7:CD:38:1C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 411B2DB45697E1970993731E68AB174C8BED3907 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f611f5b8-6400-4b10-bf6f-3c313ca38db5.roa Signing time: Tue 19 May 2026 00:00:07 +0000 ROA not before: Tue 19 May 2026 00:00:07 +0000 ROA not after: Mon 17 Aug 2026 23:59:59 +0000 asID: 14618 IP address blocks: 2406:daef:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 May 2026 00:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:1b:2d:b4:56:97:e1:97:09:93:73:1e:68:ab:17:4c:8b:ed:39:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 19 00:00:07 2026 GMT Not After : Aug 17 23:59:59 2026 GMT Subject: serialNumber=9c4953464eadece314afa71ef341caa0d603ebbd22779a7a387574574280f375, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:cb:42:34:3c:e2:86:b3:23:49:c2:fd:d3:c0: 59:34:4a:43:44:e2:08:5e:3b:d0:09:04:73:91:fd: 90:3d:5a:c2:bd:d6:95:24:e3:04:79:82:23:56:33: 84:01:75:31:bb:ca:0f:fd:ca:b7:7d:ac:44:6c:e5: c3:48:c2:c0:ac:7c:0f:6e:cd:a1:be:13:01:4d:b0: a7:81:54:48:53:c3:ea:2e:7f:6e:e8:f8:83:5c:51: 65:8e:92:78:8f:ec:93:87:9e:1a:c0:ec:93:a0:88: aa:f5:d5:55:d9:38:52:35:3d:cf:88:8a:15:f1:60: bc:e1:93:f3:1e:a2:af:9d:14:1f:c3:ed:4b:77:c9: a7:8d:41:e0:a4:e3:7f:2f:68:3e:cf:55:a5:d7:be: 2d:1c:99:d1:8d:09:6b:99:48:83:bc:46:e8:d1:8e: ba:51:4f:c2:8f:cc:42:8c:ec:09:de:4d:7b:46:ff: 6c:57:22:2b:2d:11:ff:f3:d2:bf:7d:75:f8:7f:ab: 33:1d:93:a3:67:e0:3f:39:d9:33:87:63:40:4e:4d: 84:b9:57:42:49:16:b1:10:4d:70:29:8a:ff:c4:67: dd:a9:b6:70:88:fe:b8:54:7d:c2:79:72:b5:1c:12: af:c7:da:9a:a1:33:eb:92:33:84:ab:28:04:0a:ce: 15:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:68:9F:E1:DD:80:7A:31:96:B4:86:55:DF:08:DC:BC:F7:CD:38:1C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f611f5b8-6400-4b10-bf6f-3c313ca38db5.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daef:4000::/40 Signature Algorithm: sha256WithRSAEncryption 1f:b4:9a:18:bc:97:c0:62:d3:45:ec:ad:59:23:37:b1:3e:ab: 3f:7b:b4:b6:ca:05:fb:89:cc:42:37:b5:27:76:c6:96:73:8e: f8:02:7e:b6:bb:49:f4:40:7f:8a:8e:e4:de:17:bd:4f:48:ae: fb:8c:1c:86:0d:d6:6a:6d:4d:67:08:82:98:9f:95:e8:45:84: 80:67:c8:a5:15:0f:13:68:43:50:95:49:82:6e:c9:67:71:e4: 65:a5:e9:64:07:f0:ae:80:e8:b0:c1:80:57:46:29:b6:92:e0: a7:1b:ce:4c:7c:30:e6:cb:09:c0:a9:8a:18:1b:e6:a2:cb:53: 08:d6:20:56:92:ed:72:be:d9:1b:3e:ef:99:bd:9f:e7:07:97: 31:0a:cd:ec:09:2a:1e:42:aa:62:97:94:c3:f5:12:23:9f:ad: 28:39:1d:ef:35:f9:00:e4:73:1d:ea:16:a3:60:9c:a1:cb:e1: b0:2a:48:4b:85:a3:e5:fa:4a:1c:37:23:ad:e5:3e:60:40:20: cc:3e:2f:20:67:98:a4:54:ad:02:75:89:fa:14:a5:7a:f8:ec: 40:3e:d8:4b:57:6d:7a:a5:16:0e:0e:d1:62:4d:0d:ec:77:0d: ba:35:7c:5b:6e:db:bc:f4:33:6e:36:fd:ee:57:c2:87:9a:10: 3f:f8:49:c2 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQRsttFaX4ZcJk3MeaKsXTIvtOQcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxOTAwMDAwN1oX DTI2MDgxNzIzNTk1OVowejFJMEcGA1UEBRNAOWM0OTUzNDY0ZWFkZWNlMzE0YWZh NzFlZjM0MWNhYTBkNjAzZWJiZDIyNzc5YTdhMzg3NTc0NTc0MjgwZjM3NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0stCNDzihrMjScL908BZNEpDROII XjvQCQRzkf2QPVrCvdaVJOMEeYIjVjOEAXUxu8oP/cq3faxEbOXDSMLArHwPbs2h vhMBTbCngVRIU8PqLn9u6PiDXFFljpJ4j+yTh54awOyToIiq9dVV2ThSNT3PiIoV 8WC84ZPzHqKvnRQfw+1Ld8mnjUHgpON/L2g+z1Wl174tHJnRjQlrmUiDvEbo0Y66 UU/Cj8xCjOwJ3k17Rv9sVyIrLRH/89K/fXX4f6szHZOjZ+A/Odkzh2NATk2EuVdC SRaxEE1wKYr/xGfdqbZwiP64VH3CeXK1HBKvx9qaoTPrkjOEqygECs4VRQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHlon+HdgHoxlrSGVd8I3Lz3zTgcMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Y2MTFmNWI4LTY0MDAtNGIxMC1iZjZmLTNjMzEzY2EzOGRiNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba70AwDQYJKoZIhvcNAQELBQADggEBAB+0mhi8l8Bi00XsrVkj N7E+qz97tLbKBfuJzEI3tSd2xpZzjvgCfra7SfRAf4qO5N4XvU9IrvuMHIYN1mpt TWcIgpiflehFhIBnyKUVDxNoQ1CVSYJuyWdx5GWl6WQH8K6A6LDBgFdGKbaS4Kcb zkx8MObLCcCpihgb5qLLUwjWIFaS7XK+2Rs+75m9n+cHlzEKzewJKh5CqmKXlMP1 EiOfrSg5He81+QDkcx3qFqNgnKHL4bAqSEuFo+X6Shw3I63lPmBAIMw+LyBnmKRU rQJ1ifoUpXr47EA+2EtXbXqlFg4O0WJNDex3Dbo1fFtu27z0M242/e5XwoeaED/4 ScI= -----END CERTIFICATE-----Generated at Fri May 22 14:19:11 2026 by rpki-client