$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1608d804-974f-4707-85cf-540b359a4e74.roa File: 1608d804-974f-4707-85cf-540b359a4e74.roa (raw, json) Hash identifier: WcFxTl/aPM1RM9ipec3LY4Qf374guo00Iyjn+o0zD2g= Subject key identifier: 7F:E1:60:34:73:FC:A2:A5:89:D5:2C:6B:A0:B5:8C:02:9A:46:02:11 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1FE8D1194C78795A1601281D22E039D0E5870FFE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1608d804-974f-4707-85cf-540b359a4e74.roa Signing time: Sun 31 May 2026 00:01:26 +0000 ROA not before: Sun 31 May 2026 00:01:26 +0000 ROA not after: Sat 29 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daba:c040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Jun 2026 00:02:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:e8:d1:19:4c:78:79:5a:16:01:28:1d:22:e0:39:d0:e5:87:0f:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 31 00:01:26 2026 GMT Not After : Aug 29 23:59:59 2026 GMT Subject: serialNumber=c6f48d7b2dfcb26ea1766eabe32cd27414fe34d1014f549419ed1dc18f17a979, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:69:a3:61:3f:cb:61:d5:7f:65:c9:7e:16:21: ee:74:90:f9:da:1a:97:ab:24:8c:f8:47:7f:72:a9: a6:0e:d5:68:ab:fd:85:f7:70:f2:de:0a:c8:16:5e: f4:e5:8d:11:d7:20:1c:5e:ff:3c:b8:a6:41:a6:b5: 1c:b8:2e:be:3a:fa:50:3f:3f:22:6e:3e:32:b6:39: 15:61:a7:d1:5d:65:ae:89:a6:81:6d:55:38:6f:94: 1d:8c:9e:f1:e8:74:90:bd:d7:ba:d6:97:25:6c:b2: ec:3b:7c:fc:0c:42:cb:52:65:17:0f:81:fc:0d:eb: bb:f6:e8:23:d1:8b:91:fd:6e:bf:df:93:83:8b:a5: 37:da:a4:3b:93:b6:f2:43:ec:d6:79:3e:4d:ab:4b: b6:57:ac:d7:0c:af:c9:54:21:5b:62:bb:f2:d6:63: 9e:f8:2d:bc:7b:34:ee:d0:bd:7f:9c:1a:a5:41:e8: 65:96:ca:d8:d6:a6:00:ae:7e:69:d0:d3:fd:51:db: 43:3f:8e:95:94:39:8a:0c:94:58:6f:27:12:87:e4: fe:3b:09:7e:76:4f:1b:f1:09:33:5f:f5:46:92:6e: 7e:70:55:d1:fc:63:43:e3:08:43:5c:6c:3b:64:b1: c6:7e:15:21:6d:3c:ef:08:7e:76:09:2d:da:a7:46: 72:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:E1:60:34:73:FC:A2:A5:89:D5:2C:6B:A0:B5:8C:02:9A:46:02:11 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1608d804-974f-4707-85cf-540b359a4e74.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daba:c040::/48 Signature Algorithm: sha256WithRSAEncryption b4:43:af:74:f5:0f:97:16:44:94:a4:9f:4a:28:d9:96:41:b4: ac:b2:46:a3:ff:07:c3:4b:4c:08:7e:a7:82:46:86:05:b3:de: 4c:94:7a:50:88:4f:3b:d0:38:3a:38:b4:26:8c:5b:37:86:56: d5:b8:3a:c7:a2:3a:57:5a:54:35:c1:51:68:78:7f:46:cb:a2: b1:3b:5f:d5:b1:9f:e4:24:3f:e8:05:4e:25:52:6e:38:8d:f1: 1b:6d:38:08:83:2b:70:10:71:b1:3f:b9:d8:76:d1:00:08:a4: 99:29:8e:79:c1:e0:ef:b5:49:d7:d1:12:0b:8f:35:e8:f0:06: ec:bc:44:6c:d2:bf:ab:b5:8e:cd:78:de:24:df:bf:89:eb:b5: a9:be:01:54:cf:19:b2:ef:10:7a:c9:4f:30:42:63:2f:7f:e0: ee:ac:2d:11:27:47:b6:51:ce:01:79:d0:55:f3:55:58:20:30: fb:f8:e2:5c:29:22:8f:88:c9:ed:93:2a:b2:bf:88:2e:6a:cf: 82:73:97:77:82:bd:8e:e3:21:b3:c5:21:69:53:f5:7c:ba:fd: 32:40:82:d7:cc:77:62:6a:f3:6f:ca:c6:6a:d6:bc:e7:ed:01: 5e:52:dd:83:85:2c:0c:ff:12:04:3c:ec:e8:d4:b2:d3:65:54: 95:1f:e7:d3 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUH+jRGUx4eVoWASgdIuA50OWHD/4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUzMTAwMDEyNloX DTI2MDgyOTIzNTk1OVowejFJMEcGA1UEBRNAYzZmNDhkN2IyZGZjYjI2ZWExNzY2 ZWFiZTMyY2QyNzQxNGZlMzRkMTAxNGY1NDk0MTllZDFkYzE4ZjE3YTk3OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6mmjYT/LYdV/Zcl+FiHudJD52hqX qySM+Ed/cqmmDtVoq/2F93Dy3grIFl705Y0R1yAcXv88uKZBprUcuC6+OvpQPz8i bj4ytjkVYafRXWWuiaaBbVU4b5QdjJ7x6HSQvde61pclbLLsO3z8DELLUmUXD4H8 Deu79ugj0YuR/W6/35ODi6U32qQ7k7byQ+zWeT5Nq0u2V6zXDK/JVCFbYrvy1mOe +C28ezTu0L1/nBqlQehllsrY1qYArn5p0NP9UdtDP46VlDmKDJRYbycSh+T+Owl+ dk8b8QkzX/VGkm5+cFXR/GND4whDXGw7ZLHGfhUhbTzvCH52CS3ap0Zy2QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFH/hYDRz/KKlidUsa6C1jAKaRgIRMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzE2MDhkODA0LTk3NGYtNDcwNy04NWNmLTU0MGIzNTlhNGU3NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbausBAMA0GCSqGSIb3DQEBCwUAA4IBAQC0Q6909Q+XFkSUpJ9K KNmWQbSsskaj/wfDS0wIfqeCRoYFs95MlHpQiE870Dg6OLQmjFs3hlbVuDrHojpX WlQ1wVFoeH9Gy6KxO1/VsZ/kJD/oBU4lUm44jfEbbTgIgytwEHGxP7nYdtEACKSZ KY55weDvtUnX0RILjzXo8AbsvERs0r+rtY7NeN4k37+J67WpvgFUzxmy7xB6yU8w QmMvf+DurC0RJ0e2Uc4BedBV81VYIDD7+OJcKSKPiMntkyqyv4guas+Cc5d3gr2O 4yGzxSFpU/V8uv0yQILXzHdiavNvysZq1rzn7QFeUt2DhSwM/xIEPOzo1LLTZVSV H+fT -----END CERTIFICATE-----Generated at Wed Jun 17 09:10:36 2026 by rpki-client