$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/215699c6-5d5e-4a83-9fb4-db4dd9834f3e.roa File: 215699c6-5d5e-4a83-9fb4-db4dd9834f3e.roa (raw, json) Hash identifier: CCNhEwSfYsOLOHNYvsI1xMlBr+JuDlYeeY+COtoMIuM= Subject key identifier: B6:D0:10:47:84:E8:82:22:D8:49:2A:52:BE:71:88:82:DB:77:97:D3 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0DA1E072A720DE10C31BA834FD17CC7318715026 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/215699c6-5d5e-4a83-9fb4-db4dd9834f3e.roa Signing time: Fri 03 Apr 2026 00:10:05 +0000 ROA not before: Fri 03 Apr 2026 00:10:05 +0000 ROA not after: Thu 02 Jul 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daeb:6080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Apr 2026 21:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:a1:e0:72:a7:20:de:10:c3:1b:a8:34:fd:17:cc:73:18:71:50:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 3 00:10:05 2026 GMT Not After : Jul 2 23:59:59 2026 GMT Subject: serialNumber=75ef4952848ceb0e89f73e6acf44fb91c44451b61036eb576550c6f3be2a2792, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:3c:5e:74:e3:20:64:0d:47:6c:c0:ed:9a:9f: 9d:ba:ef:27:ca:a7:d2:db:c2:95:ce:d8:e7:17:3c: c7:80:a1:cc:1b:79:0e:e6:39:a8:62:11:96:86:8d: 93:13:17:ae:0e:ce:55:7b:a0:fd:8b:0e:b1:d3:38: d4:dd:95:14:d9:06:7c:91:83:f8:79:5b:80:f4:9f: a2:4a:54:65:08:58:2b:d2:eb:9e:43:dc:10:f4:a1: e9:a8:84:f2:1e:cd:3d:8e:56:72:2a:bd:04:5e:ac: b9:46:9c:3e:11:19:3d:5d:9d:03:50:e4:cf:b6:72: 63:84:2e:7b:2f:3f:27:1a:31:54:89:74:2a:5c:e8: c1:1b:5f:78:27:ef:cb:ec:3c:b8:ea:68:81:e3:18: af:39:11:16:a6:f9:56:8f:5b:31:a1:07:a5:31:05: eb:e6:17:76:eb:7a:8d:4d:77:b6:9e:a1:b1:17:68: 0f:73:10:16:54:fb:cb:20:8e:23:75:61:f2:dd:d0: b7:a1:b2:c1:46:b4:f2:dd:2b:8f:e2:f7:c3:14:ce: 47:c4:ac:5c:a2:3c:cd:f5:3b:6f:85:2b:ac:be:45: 2c:1b:0d:06:f5:07:a6:15:dc:39:21:56:fa:af:12: 55:fe:02:0d:44:13:a4:3d:1e:91:ca:18:07:4e:d6: bf:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:D0:10:47:84:E8:82:22:D8:49:2A:52:BE:71:88:82:DB:77:97:D3 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/215699c6-5d5e-4a83-9fb4-db4dd9834f3e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daeb:6080::/48 Signature Algorithm: sha256WithRSAEncryption 26:46:4e:4d:13:03:2b:41:c7:c7:0f:23:ab:da:e1:43:d7:0d: 2c:35:93:35:96:5b:f3:ec:60:2f:41:ca:29:72:6d:50:11:a7: be:ce:15:92:08:6d:4f:7c:ae:b4:29:af:04:7e:5b:bc:a9:24: d8:dc:1e:10:04:d9:2d:aa:e2:f9:b1:52:a0:1c:ea:c0:3a:4b: 74:da:c5:92:e8:af:a4:48:c2:4c:fd:bb:6e:29:2e:00:24:b0: e3:0a:3e:f6:bc:20:fe:56:4d:99:c2:af:7d:f2:74:3d:3d:72: 26:87:b2:4a:62:16:07:a1:c4:d6:c6:07:fd:6e:01:66:fe:45: 7f:bf:4c:a5:8a:0e:4b:14:83:e4:22:5c:de:a0:d6:b2:76:9e: 0f:a6:c1:ac:64:83:5f:73:5d:2b:5a:30:fc:0c:97:03:62:72: 5b:c4:d8:5d:0e:d0:50:fe:e6:6b:a4:05:e7:37:69:55:be:97: 50:2a:37:32:b3:27:fb:31:d8:9a:c9:9c:10:0d:c1:15:01:11: a9:92:8b:fc:3c:57:cf:07:09:d7:bb:9d:09:eb:fb:bd:de:b5: 08:15:3e:fc:da:74:59:d2:5a:c3:b0:1d:21:f6:4c:2c:7c:47: 99:70:34:e4:d4:27:d1:bb:0d:5d:c8:8f:16:38:f4:49:3f:e9: f9:e5:62:14 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUDaHgcqcg3hDDG6g0/RfMcxhxUCYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDQwMzAwMTAwNVoX DTI2MDcwMjIzNTk1OVowejFJMEcGA1UEBRNANzVlZjQ5NTI4NDhjZWIwZTg5Zjcz ZTZhY2Y0NGZiOTFjNDQ0NTFiNjEwMzZlYjU3NjU1MGM2ZjNiZTJhMjc5MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTxedOMgZA1HbMDtmp+duu8nyqfS 28KVztjnFzzHgKHMG3kO5jmoYhGWho2TExeuDs5Ve6D9iw6x0zjU3ZUU2QZ8kYP4 eVuA9J+iSlRlCFgr0uueQ9wQ9KHpqITyHs09jlZyKr0EXqy5Rpw+ERk9XZ0DUOTP tnJjhC57Lz8nGjFUiXQqXOjBG194J+/L7Dy46miB4xivOREWpvlWj1sxoQelMQXr 5hd263qNTXe2nqGxF2gPcxAWVPvLII4jdWHy3dC3obLBRrTy3SuP4vfDFM5HxKxc ojzN9TtvhSusvkUsGw0G9QemFdw5IVb6rxJV/gINRBOkPR6RyhgHTta/gwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLbQEEeE6IIi2EkqUr5xiILbd5fTMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzIxNTY5OWM2LTVkNWUtNGE4My05ZmI0LWRiNGRkOTgzNGYzZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba62CAMA0GCSqGSIb3DQEBCwUAA4IBAQAmRk5NEwMrQcfHDyOr 2uFD1w0sNZM1llvz7GAvQcopcm1QEae+zhWSCG1PfK60Ka8Eflu8qSTY3B4QBNkt quL5sVKgHOrAOkt02sWS6K+kSMJM/btuKS4AJLDjCj72vCD+Vk2Zwq998nQ9PXIm h7JKYhYHocTWxgf9bgFm/kV/v0ylig5LFIPkIlzeoNaydp4PpsGsZINfc10rWjD8 DJcDYnJbxNhdDtBQ/uZrpAXnN2lVvpdQKjcysyf7MdiayZwQDcEVARGpkov8PFfP BwnXu50J6/u93rUIFT782nRZ0lrDsB0h9kwsfEeZcDTk1CfRuw1dyI8WOPRJP+n5 5WIU -----END CERTIFICATE-----Generated at Fri Apr 17 08:17:54 2026 by rpki-client