$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/504ee0b7-b1f3-4f91-a867-2dd94be1a212.roa File: 504ee0b7-b1f3-4f91-a867-2dd94be1a212.roa (raw, json) Hash identifier: XLK6lkif5RKEuwnTMKppwh9hS7r4fWl9JcPCkEA2L3o= Subject key identifier: 2D:9F:BA:62:CB:FD:1C:6F:F6:FA:44:6D:47:63:64:B2:3C:1B:43:2F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 37A7DD88F43447C3EDEB5BB6267988CFD9B057F5 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/504ee0b7-b1f3-4f91-a867-2dd94be1a212.roa Signing time: Wed 13 May 2026 00:20:12 +0000 ROA not before: Wed 13 May 2026 00:20:12 +0000 ROA not after: Tue 11 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da36:8800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Jun 2026 00:02:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:a7:dd:88:f4:34:47:c3:ed:eb:5b:b6:26:79:88:cf:d9:b0:57:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 13 00:20:12 2026 GMT Not After : Aug 11 23:59:59 2026 GMT Subject: serialNumber=ba5b9c2d07a1c42418554abff2a214cc0a543c5848818f3ae7712da2739d63e2, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:19:0e:9e:0d:0f:84:a8:94:a8:51:23:9e:68: 7c:f6:0f:c7:e1:b0:cc:6d:a9:7c:7a:25:2a:c8:35: de:dd:90:4a:63:bb:41:a1:e0:1e:8a:7e:ba:71:b7: 35:64:42:7c:b1:c0:5c:da:68:d6:98:0a:1d:ff:fb: 3c:a0:60:4a:98:b4:5e:ff:3c:82:b7:40:d5:c9:88: 4d:28:9e:d1:a6:80:43:54:81:0b:cd:2b:4c:6d:02: d6:82:ee:95:41:cc:a2:f9:83:c3:ee:56:67:a2:7f: db:ef:ac:58:44:32:36:df:72:69:31:b5:37:56:4c: fd:64:25:00:30:73:be:5f:4b:7f:8c:3b:ad:35:0d: f2:bf:9d:73:42:7d:9d:23:a3:45:5d:2c:4a:92:3b: 92:95:e8:cf:e3:47:c0:69:d8:ff:dd:71:6f:4b:76: 22:e0:5f:15:9f:90:de:9e:56:8d:c0:ec:6c:3a:2c: fc:ce:24:66:e4:27:8b:68:ff:b7:b2:90:c9:59:3b: d3:28:07:40:2b:71:4a:66:f2:88:90:35:90:ab:db: 94:9a:14:2b:05:fa:3f:b9:bd:e0:9f:d3:ce:ec:f7: d0:32:bc:98:eb:d5:70:9c:81:95:c3:e0:37:34:3f: f7:be:da:e2:0c:9a:cc:a8:d1:4d:9e:56:54:33:4b: 28:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:9F:BA:62:CB:FD:1C:6F:F6:FA:44:6D:47:63:64:B2:3C:1B:43:2F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/504ee0b7-b1f3-4f91-a867-2dd94be1a212.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da36:8800::/40 Signature Algorithm: sha256WithRSAEncryption a9:58:39:bc:c6:70:f9:10:f3:f0:20:55:d7:7d:9e:e1:13:c0: e9:24:26:55:a4:43:ca:ee:e0:76:c4:1c:fc:cf:40:63:84:d1: a8:5d:f8:c1:fb:11:00:92:72:0a:1a:28:eb:df:13:91:74:bc: c7:eb:bd:45:bd:fc:cd:c8:88:98:2e:7c:75:22:d7:1f:8f:99: c0:02:42:8d:18:d9:4c:90:27:a1:74:d7:81:58:75:41:8c:1e: 14:86:7b:e1:a3:f1:ac:f8:40:04:5b:6f:8c:85:27:26:c9:2b: 5e:cf:1e:7f:0f:08:d4:da:d5:a3:17:d3:9a:f2:43:2e:3f:41: ed:ff:d2:1c:56:09:74:f7:98:22:af:95:bd:05:7a:2c:44:7a: 19:5a:9d:7c:2a:eb:63:96:1c:e5:cb:0c:02:81:3a:51:9f:a5: d5:07:94:bb:49:1f:68:3d:8a:db:62:d1:8f:cc:d8:2f:9e:a9: 16:fb:c7:63:1e:ed:08:70:12:4d:56:be:0b:2a:de:d0:b6:87: b7:65:94:ec:35:ac:c2:c1:f9:19:0d:2e:8b:99:71:db:a2:18: 16:d4:74:1a:03:49:91:93:01:8e:06:9a:b7:cd:e1:93:ea:c8: 23:ea:c4:e0:82:63:f8:f3:dc:56:7c:9a:0a:c3:8b:7f:5c:82: 3f:0b:94:80 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUN6fdiPQ0R8Pt61u2JnmIz9mwV/UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMzAwMjAxMloX DTI2MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAYmE1YjljMmQwN2ExYzQyNDE4NTU0 YWJmZjJhMjE0Y2MwYTU0M2M1ODQ4ODE4ZjNhZTc3MTJkYTI3MzlkNjNlMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhkOng0PhKiUqFEjnmh89g/H4bDM bal8eiUqyDXe3ZBKY7tBoeAein66cbc1ZEJ8scBc2mjWmAod//s8oGBKmLRe/zyC t0DVyYhNKJ7RpoBDVIELzStMbQLWgu6VQcyi+YPD7lZnon/b76xYRDI233JpMbU3 Vkz9ZCUAMHO+X0t/jDutNQ3yv51zQn2dI6NFXSxKkjuSlejP40fAadj/3XFvS3Yi 4F8Vn5DenlaNwOxsOiz8ziRm5CeLaP+3spDJWTvTKAdAK3FKZvKIkDWQq9uUmhQr Bfo/ub3gn9PO7PfQMryY69VwnIGVw+A3ND/3vtriDJrMqNFNnlZUM0soHQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFC2fumLL/Rxv9vpEbUdjZLI8G0MvMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzUwNGVlMGI3LWIxZjMtNGY5MS1hODY3LTJkZDk0YmUxYTIxMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaNogwDQYJKoZIhvcNAQELBQADggEBAKlYObzGcPkQ8/AgVdd9 nuETwOkkJlWkQ8ru4HbEHPzPQGOE0ahd+MH7EQCScgoaKOvfE5F0vMfrvUW9/M3I iJgufHUi1x+PmcACQo0Y2UyQJ6F014FYdUGMHhSGe+Gj8az4QARbb4yFJybJK17P Hn8PCNTa1aMX05ryQy4/Qe3/0hxWCXT3mCKvlb0FeixEehlanXwq62OWHOXLDAKB OlGfpdUHlLtJH2g9itti0Y/M2C+eqRb7x2Me7QhwEk1Wvgsq3tC2h7dllOw1rMLB +RkNLouZcduiGBbUdBoDSZGTAY4GmrfN4ZPqyCPqxOCCY/jz3FZ8mgrDi39cgj8L lIA= -----END CERTIFICATE-----Generated at Wed Jun 17 08:58:16 2026 by rpki-client