$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1ef497a8-abd3-4d49-af13-215841ac320f.roa File: 1ef497a8-abd3-4d49-af13-215841ac320f.roa (raw, json) Hash identifier: Mcu9xpYRLwZQGj3IkA4gxexqkzorJoXYUj6vUZ2OqaM= Subject key identifier: 61:ED:AF:A3:1F:5F:BD:C9:AD:D4:30:10:AA:32:C8:77:85:2D:E5:97 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 27DE0991EBB8A700A5407C3A092373133FAAAEEF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1ef497a8-abd3-4d49-af13-215841ac320f.roa Signing time: Sat 16 May 2026 00:00:03 +0000 ROA not before: Sat 16 May 2026 00:00:03 +0000 ROA not after: Fri 14 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da36:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 17 Jun 2026 00:02:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:de:09:91:eb:b8:a7:00:a5:40:7c:3a:09:23:73:13:3f:aa:ae:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 00:00:03 2026 GMT Not After : Aug 14 23:59:59 2026 GMT Subject: serialNumber=eefa994fec901e0a2a9ee3588b52087afb2bcb2456707f3447b67e85f560c390, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:e6:0b:fb:2f:9e:dc:c0:d9:3a:79:72:9c:5b: f0:cc:9a:1a:37:bf:5c:4e:8d:8c:d4:86:e7:59:b0: b7:11:2c:ef:37:26:ff:83:95:ef:39:56:e8:a1:95: 84:e2:5e:e9:88:92:30:ae:01:ed:ea:7e:cc:09:9d: 51:5d:3f:6c:5b:46:e8:57:df:64:b3:4d:42:bc:50: 46:fd:f2:d9:42:17:2e:18:9b:68:d6:b8:bd:55:ee: b6:2b:aa:da:a2:92:04:59:fa:98:48:99:4c:a7:2f: 56:f5:aa:12:bb:fb:d7:38:70:6e:08:87:90:bc:87: c2:5d:f0:aa:26:dc:d7:4f:fa:70:85:82:8d:f9:ad: c1:10:96:bd:c4:91:c8:16:1d:bc:e1:27:f5:8f:95: 61:81:80:6c:25:e2:f6:2f:68:4f:55:a7:90:df:b2: 29:df:cf:34:1f:6e:e1:d8:32:70:ef:c6:79:e2:8d: df:a5:8f:7d:86:4e:96:81:c5:2e:0c:3f:8a:4b:41: 9c:3d:b4:b3:ea:39:04:ac:96:f1:1d:db:91:54:cb: 81:e3:97:4e:af:7d:3d:8e:66:a1:80:5a:e3:d1:52: 67:80:47:b2:52:63:18:18:8b:47:82:c8:80:cb:79: 19:59:98:61:39:49:96:63:38:cf:06:bb:d7:e9:15: 09:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:ED:AF:A3:1F:5F:BD:C9:AD:D4:30:10:AA:32:C8:77:85:2D:E5:97 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1ef497a8-abd3-4d49-af13-215841ac320f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da36:4000::/40 Signature Algorithm: sha256WithRSAEncryption 3b:b0:38:ac:40:ae:18:fd:55:63:fe:3a:4e:67:9c:cc:c0:80: f1:d5:86:11:51:93:91:93:0c:34:c1:b2:09:e1:e4:d4:c4:3a: 94:62:c0:32:66:18:e3:a6:9f:7f:c6:5b:77:02:a6:1b:31:d8: 91:f1:40:b7:5e:ab:29:92:dd:25:15:4a:d5:22:ee:8d:71:7e: 2b:12:5a:3b:23:90:f2:7c:13:7f:86:e9:48:5e:05:53:2e:34: e9:7b:b0:38:a2:8a:ca:bb:d8:73:63:26:18:6a:7e:46:53:c8: 56:2f:bf:ad:92:6b:8f:05:7e:d7:9a:75:94:c9:6a:42:be:a7: 35:6c:41:28:39:18:57:31:f6:da:e4:a0:d2:f5:8a:cf:2c:a4: 66:34:ca:d1:11:d8:42:b5:56:2f:5d:e9:18:18:ea:03:90:b4: 2c:cc:d5:7c:c6:43:10:d6:4a:1e:2d:f3:03:6a:51:4c:f6:87: 3f:e0:aa:0c:f7:86:ea:d5:16:16:9f:b8:9c:74:1f:78:43:ae: 73:20:79:77:ec:64:4e:e0:b2:b5:a8:9f:4f:05:07:6c:70:8c: c5:c3:b3:a8:54:46:86:48:8c:45:25:65:f6:5b:43:e5:8a:cf: d6:d6:56:73:ab:0a:7d:bc:48:42:39:be:e7:94:2a:3c:99:cd: fc:fa:3e:27 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJ94Jkeu4pwClQHw6CSNzEz+qru8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxNjAwMDAwM1oX DTI2MDgxNDIzNTk1OVowejFJMEcGA1UEBRNAZWVmYTk5NGZlYzkwMWUwYTJhOWVl MzU4OGI1MjA4N2FmYjJiY2IyNDU2NzA3ZjM0NDdiNjdlODVmNTYwYzM5MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+YL+y+e3MDZOnlynFvwzJoaN79c To2M1IbnWbC3ESzvNyb/g5XvOVbooZWE4l7piJIwrgHt6n7MCZ1RXT9sW0boV99k s01CvFBG/fLZQhcuGJto1ri9Ve62K6raopIEWfqYSJlMpy9W9aoSu/vXOHBuCIeQ vIfCXfCqJtzXT/pwhYKN+a3BEJa9xJHIFh284Sf1j5VhgYBsJeL2L2hPVaeQ37Ip 3880H27h2DJw78Z54o3fpY99hk6WgcUuDD+KS0GcPbSz6jkErJbxHduRVMuB45dO r309jmahgFrj0VJngEeyUmMYGItHgsiAy3kZWZhhOUmWYzjPBrvX6RUJGwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGHtr6MfX73JrdQwEKoyyHeFLeWXMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzFlZjQ5N2E4LWFiZDMtNGQ0OS1hZjEzLTIxNTg0MWFjMzIwZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaNkAwDQYJKoZIhvcNAQELBQADggEBADuwOKxArhj9VWP+Ok5n nMzAgPHVhhFRk5GTDDTBsgnh5NTEOpRiwDJmGOOmn3/GW3cCphsx2JHxQLdeqymS 3SUVStUi7o1xfisSWjsjkPJ8E3+G6UheBVMuNOl7sDiiisq72HNjJhhqfkZTyFYv v62Sa48FfteadZTJakK+pzVsQSg5GFcx9trkoNL1is8spGY0ytER2EK1Vi9d6RgY 6gOQtCzM1XzGQxDWSh4t8wNqUUz2hz/gqgz3hurVFhafuJx0H3hDrnMgeXfsZE7g srWon08FB2xwjMXDs6hURoZIjEUlZfZbQ+WKz9bWVnOrCn28SEI5vueUKjyZzfz6 Pic= -----END CERTIFICATE-----Generated at Sat Jun 13 10:26:31 2026 by rpki-client