$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3684e50c-c50f-4ebb-b327-e0759241197e.roa File: 3684e50c-c50f-4ebb-b327-e0759241197e.roa (raw, json) Hash identifier: 1t03EChjZYkK077vk6ZH3a5qPnl5WndlNpd+mVGJaPM= Subject key identifier: 86:CB:03:5A:24:97:34:CB:70:0A:FF:2B:7E:4F:B1:E8:CB:48:B2:21 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 452C31C3410452D6DA23730C482C9B44DEBD9C68 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3684e50c-c50f-4ebb-b327-e0759241197e.roa Signing time: Sat 16 May 2026 00:00:40 +0000 ROA not before: Sat 16 May 2026 00:00:40 +0000 ROA not after: Fri 14 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 23 Jun 2026 00:07:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:2c:31:c3:41:04:52:d6:da:23:73:0c:48:2c:9b:44:de:bd:9c:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: May 16 00:00:40 2026 GMT Not After : Aug 14 23:59:59 2026 GMT Subject: serialNumber=5cfeda16542c411e9a062064a9d9f58094d68015c009a2939d8b7c75677167f3, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:55:b9:3e:20:bc:6c:5b:7d:1c:26:89:82:01: 8d:da:58:a0:0e:e4:60:db:78:ec:4e:ed:84:b5:3c: de:47:fc:2a:67:35:92:f2:58:4d:46:e0:d9:b3:2a: cb:2b:83:a4:7f:58:23:12:15:21:66:a7:8d:14:3a: 2a:53:c4:10:a5:21:42:c4:4a:3b:3a:bc:68:3d:7a: 9e:ce:dc:f9:e8:bf:3b:3c:38:44:29:7d:76:69:db: 5f:89:f9:98:75:eb:fb:27:b2:5e:83:e7:8b:49:d2: 3b:d2:15:48:14:0e:08:5e:6d:2a:9b:b0:1e:73:3c: f7:ad:69:3d:5d:c8:0c:b0:a0:9f:9b:3e:c2:fc:0f: b0:a8:a2:fd:f9:60:6d:d5:aa:3d:82:a9:14:19:e4: 1d:69:25:bb:d1:93:78:7f:25:7c:85:1e:46:8e:ff: f5:ac:f0:96:8f:53:56:cb:6a:9b:8d:9c:77:8b:dc: 77:1e:c5:1b:40:26:58:4c:9b:f5:8b:31:8b:37:d7: 5b:b6:d4:fb:61:68:6b:c2:85:7d:52:e3:58:18:19: 0b:1c:fe:ee:c7:b4:eb:f4:98:4a:1b:b3:eb:6e:27: a8:b9:96:36:40:a7:f7:57:33:7b:6c:f7:c3:4e:b1: ce:b9:1e:33:83:89:54:ff:ee:97:8a:4d:a2:75:97: da:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:CB:03:5A:24:97:34:CB:70:0A:FF:2B:7E:4F:B1:E8:CB:48:B2:21 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3684e50c-c50f-4ebb-b327-e0759241197e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500::/48 Signature Algorithm: sha256WithRSAEncryption 0a:9d:ec:cf:71:c2:5c:32:2c:46:b5:ce:30:1e:1f:8c:56:fb: da:00:c6:70:2e:6f:0f:03:45:0f:3e:45:54:3b:3e:8d:19:43: e8:ef:e8:67:ec:30:b8:ad:96:99:c3:11:06:20:6b:dc:48:3b: 1f:f7:d0:0e:a7:d4:b8:d8:68:13:5f:f7:81:8f:8c:f2:8f:91: 52:5e:8d:e3:f4:43:d2:b4:f4:af:4a:b7:47:8a:d8:79:fc:7e: a0:d8:11:ab:e6:f8:d2:3d:19:6e:46:44:5d:17:e7:09:8a:71: a9:2b:64:88:76:46:b5:f5:ad:d8:ca:1c:49:68:eb:1a:97:33: 9a:37:c6:19:da:69:b4:80:eb:50:fb:13:ae:28:74:7d:a5:c6: 98:46:c8:92:8e:5d:68:73:49:a4:62:39:fe:63:bf:32:d6:67: cd:39:f8:72:97:a9:91:35:85:ce:11:19:33:d2:d8:03:0f:ca: b4:42:b3:ab:85:56:cc:c0:23:8d:c9:b5:cf:4a:56:8e:42:65: 4e:93:1d:c4:90:d5:9e:7b:6d:73:af:c8:30:19:6d:6c:8f:1d: 0b:1b:09:b5:ea:bd:8f:f6:f2:a2:0b:92:7b:e9:d3:68:65:3d: 98:48:26:82:b5:31:c2:4b:e8:9f:09:59:41:00:92:08:22:0e: 35:fd:2f:5f -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIURSwxw0EEUtbaI3MMSCybRN69nGgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI2MDUxNjAwMDA0MFoX DTI2MDgxNDIzNTk1OVowejFJMEcGA1UEBRNANWNmZWRhMTY1NDJjNDExZTlhMDYy MDY0YTlkOWY1ODA5NGQ2ODAxNWMwMDlhMjkzOWQ4YjdjNzU2NzcxNjdmMzEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFW5PiC8bFt9HCaJggGN2ligDuRg 23jsTu2EtTzeR/wqZzWS8lhNRuDZsyrLK4Okf1gjEhUhZqeNFDoqU8QQpSFCxEo7 OrxoPXqeztz56L87PDhEKX12adtfifmYdev7J7Jeg+eLSdI70hVIFA4IXm0qm7Ae czz3rWk9XcgMsKCfmz7C/A+wqKL9+WBt1ao9gqkUGeQdaSW70ZN4fyV8hR5Gjv/1 rPCWj1NWy2qbjZx3i9x3HsUbQCZYTJv1izGLN9dbttT7YWhrwoV9UuNYGBkLHP7u x7Tr9JhKG7PrbieouZY2QKf3VzN7bPfDTrHOuR4zg4lU/+6Xik2idZfagwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFIbLA1oklzTLcAr/K35PsejLSLIhMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzM2ODRlNTBjLWM1MGYtNGViYi1iMzI3LWUwNzU5MjQxMTk3ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJABlAAAAMA0GCSqGSIb3DQEBCwUAA4IBAQAKnezPccJcMixGtc4w Hh+MVvvaAMZwLm8PA0UPPkVUOz6NGUPo7+hn7DC4rZaZwxEGIGvcSDsf99AOp9S4 2GgTX/eBj4zyj5FSXo3j9EPStPSvSrdHith5/H6g2BGr5vjSPRluRkRdF+cJinGp K2SIdka19a3YyhxJaOsalzOaN8YZ2mm0gOtQ+xOuKHR9pcaYRsiSjl1oc0mkYjn+ Y78y1mfNOfhyl6mRNYXOERkz0tgDD8q0QrOrhVbMwCONybXPSlaOQmVOkx3EkNWe e21zr8gwGW1sjx0LGwm16r2P9vKiC5J76dNoZT2YSCaCtTHCS+ifCVlBAJIIIg41 /S9f -----END CERTIFICATE-----Generated at Fri Jun 19 08:11:18 2026 by rpki-client