$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ffd89ff2-4de6-4517-88fc-12345cabb969.roa File: ffd89ff2-4de6-4517-88fc-12345cabb969.roa (raw, json) Hash identifier: txkP8vUn99N67dqWtIzMWMPreM0AA9PhUL1i6YlKSLU= Subject key identifier: 61:87:1B:B4:7F:AF:12:68:BE:32:3E:59:71:73:F3:07:08:21:EF:98 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 08FE27B3A5FDB2D6C0DCAA9C424DD4569CD9AA1D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ffd89ff2-4de6-4517-88fc-12345cabb969.roa Signing time: Wed 13 May 2026 00:10:49 +0000 ROA not before: Wed 13 May 2026 00:10:49 +0000 ROA not after: Tue 11 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da15::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 31 May 2026 00:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:fe:27:b3:a5:fd:b2:d6:c0:dc:aa:9c:42:4d:d4:56:9c:d9:aa:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 13 00:10:49 2026 GMT Not After : Aug 11 23:59:59 2026 GMT Subject: serialNumber=8bd27ee3683872352e8cd30e9407326c81ee5d57d218752090fd800c6e2bcbde, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:d2:83:15:81:83:42:ed:5e:45:31:29:5e:91: 3d:9d:93:28:22:ba:38:20:10:cf:21:22:d6:cf:72: fb:75:d0:2d:40:96:be:47:c7:36:35:e4:c1:50:07: 0d:ca:fa:e7:ea:50:5a:0e:a9:da:3d:6f:c1:e0:ab: 4c:cf:a5:da:6d:56:67:0e:6b:97:2e:94:6a:f0:19: cf:62:8e:c4:1c:2f:95:b2:20:f2:25:0d:f5:24:49: 5e:5a:34:39:35:77:32:ab:ff:38:17:73:06:59:f2: cd:90:a9:30:f0:ae:d0:e4:df:2f:10:3d:00:f2:00: 06:6c:37:42:a5:cb:ca:84:73:b7:84:01:4d:3f:7f: 69:d4:09:c2:e7:4c:5a:4b:9f:93:0c:c7:09:02:d8: f2:5e:f5:57:2f:5c:94:78:3d:e5:ef:32:f4:b6:0b: e3:ed:75:4e:e4:76:c2:bc:e2:1e:13:f3:9f:47:92: 39:26:fd:b0:d3:a4:84:ea:6e:6b:b4:f9:3f:75:0a: c6:e2:b0:7b:57:2c:8a:e7:0d:fd:77:ac:2d:6f:9d: 90:38:8f:30:0c:63:10:46:08:a1:0c:43:15:f0:8c: e0:92:51:b4:8e:3f:e0:3a:46:6b:ef:35:30:58:5a: 99:9f:33:0e:5a:c2:a0:ca:6f:04:d0:16:d7:38:1c: de:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:87:1B:B4:7F:AF:12:68:BE:32:3E:59:71:73:F3:07:08:21:EF:98 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ffd89ff2-4de6-4517-88fc-12345cabb969.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da15::/36 Signature Algorithm: sha256WithRSAEncryption 48:21:75:f1:be:8b:01:b7:11:df:34:82:be:f4:df:2f:7c:a0: 17:ca:29:07:a3:30:4b:d4:8b:c0:94:5e:90:6f:3f:f7:08:f9: d1:15:f7:ec:35:d1:55:ac:03:d6:b5:94:64:83:81:09:fb:39: 8c:f2:77:4e:6f:5d:95:bd:37:ab:0e:12:13:50:31:e4:e1:b8: 1a:f0:d0:e0:7f:4b:21:29:6a:07:fd:2f:55:6e:f8:c5:e4:74: cb:75:e0:ea:97:a0:5d:82:6e:42:c1:85:83:83:f6:be:b6:df: 13:7c:98:ec:6f:07:3f:19:5d:b9:7d:b9:d0:20:cc:70:7c:ae: a5:d7:ff:9c:df:aa:9b:bd:69:9b:95:c0:2b:be:9c:ba:05:bd: 5b:be:07:63:c5:26:1d:c6:8f:02:8d:1f:60:a3:d9:bc:57:6e: bd:24:e9:49:28:42:fd:59:01:f5:6b:ee:e2:f4:aa:55:9b:a9: 53:29:ee:67:c4:a6:4b:41:f4:68:2f:0b:e7:a6:f5:57:5c:cf: f3:90:5a:11:ee:32:01:6b:04:26:dd:22:60:57:73:ea:78:cc: d4:f4:5d:69:e9:59:05:73:89:55:eb:89:e4:f5:5a:00:96:14: fd:e4:e9:4c:a0:4f:04:2b:e2:17:c4:81:28:2b:8c:01:93:84: 6a:54:7a:47 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUCP4ns6X9stbA3KqcQk3UVpzZqh0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMzAwMTA0OVoX DTI2MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAOGJkMjdlZTM2ODM4NzIzNTJlOGNk MzBlOTQwNzMyNmM4MWVlNWQ1N2QyMTg3NTIwOTBmZDgwMGM2ZTJiY2JkZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtKDFYGDQu1eRTEpXpE9nZMoIro4 IBDPISLWz3L7ddAtQJa+R8c2NeTBUAcNyvrn6lBaDqnaPW/B4KtMz6XabVZnDmuX LpRq8BnPYo7EHC+VsiDyJQ31JEleWjQ5NXcyq/84F3MGWfLNkKkw8K7Q5N8vED0A 8gAGbDdCpcvKhHO3hAFNP39p1AnC50xaS5+TDMcJAtjyXvVXL1yUeD3l7zL0tgvj 7XVO5HbCvOIeE/OfR5I5Jv2w06SE6m5rtPk/dQrG4rB7VyyK5w39d6wtb52QOI8w DGMQRgihDEMV8IzgklG0jj/gOkZr7zUwWFqZnzMOWsKgym8E0BbXOBzexwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGGHG7R/rxJovjI+WXFz8wcIIe+YMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZmZDg5ZmYyLTRkZTYtNDUxNy04OGZjLTEyMzQ1Y2FiYjk2OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaFQAwDQYJKoZIhvcNAQELBQADggEBAEghdfG+iwG3Ed80gr70 3y98oBfKKQejMEvUi8CUXpBvP/cI+dEV9+w10VWsA9a1lGSDgQn7OYzyd05vXZW9 N6sOEhNQMeThuBrw0OB/SyEpagf9L1Vu+MXkdMt14OqXoF2CbkLBhYOD9r623xN8 mOxvBz8ZXbl9udAgzHB8rqXX/5zfqpu9aZuVwCu+nLoFvVu+B2PFJh3GjwKNH2Cj 2bxXbr0k6UkoQv1ZAfVr7uL0qlWbqVMp7mfEpktB9GgvC+em9Vdcz/OQWhHuMgFr BCbdImBXc+p4zNT0XWnpWQVziVXrieT1WgCWFP3k6UygTwQr4hfEgSgrjAGThGpU ekc= -----END CERTIFICATE-----Generated at Wed May 27 22:44:51 2026 by rpki-client