$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6966423c-fa27-4cd5-898f-a147e75cdcb6.roa File: 6966423c-fa27-4cd5-898f-a147e75cdcb6.roa (raw, json) Hash identifier: +f8D7/V8jLYVIDssx8hsQytzFEjbUocNNeORIjGU17k= Subject key identifier: 2C:EA:3B:15:F6:59:46:8E:62:78:7B:48:68:5C:21:48:0B:E3:F9:78 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 68368FD042264667963A956E989E304C1E8CD1DA Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6966423c-fa27-4cd5-898f-a147e75cdcb6.roa Signing time: Wed 13 May 2026 00:21:16 +0000 ROA not before: Wed 13 May 2026 00:21:16 +0000 ROA not after: Tue 11 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab9:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 17 Jun 2026 00:02:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:36:8f:d0:42:26:46:67:96:3a:95:6e:98:9e:30:4c:1e:8c:d1:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 13 00:21:16 2026 GMT Not After : Aug 11 23:59:59 2026 GMT Subject: serialNumber=83ccf680da3df1605d6d771380a8318d9f80fa43b4c7f11dce348d8121698cba, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:06:82:88:32:fb:69:de:f1:00:f5:ec:1e:42: 6f:21:eb:e1:db:df:a2:f5:a2:c3:ae:a0:b9:a7:cb: 10:f9:eb:4f:af:a5:59:40:84:87:b9:95:1f:19:cf: 9b:2e:66:55:18:f7:74:45:54:1f:0a:0d:f3:09:d2: 58:55:d3:6e:a5:30:6b:39:8e:ea:f2:14:86:6c:09: 14:3e:9b:9e:1a:b9:3d:15:d6:7e:fa:6b:36:2a:ce: f1:66:f6:18:7e:94:b9:e8:92:01:29:83:cd:f5:0b: fa:db:f3:77:86:00:d1:4d:f6:13:8c:ab:3c:44:e9: aa:68:a4:c2:b3:42:44:79:44:b8:50:15:68:ce:0a: e5:a3:21:5b:7c:a4:b0:87:8a:da:a0:45:6e:83:12: 21:d2:c4:75:71:d7:8a:41:31:9b:71:f1:27:25:8b: 65:4a:8d:5b:42:9d:87:c2:b2:b6:60:26:65:0a:ee: b1:2a:9b:99:40:fb:65:ed:1e:12:b9:db:53:9f:a5: 9a:1b:c7:35:c3:63:d8:d4:58:04:40:63:c6:8d:e4: 04:87:cb:6f:e1:13:52:9f:b4:2d:a5:d3:7b:9e:3d: c7:09:ad:6a:3a:74:37:8f:0d:ec:90:92:93:a3:c8: 35:8c:d4:a9:11:7e:4a:5b:e2:c0:cd:63:56:51:a8: 71:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:EA:3B:15:F6:59:46:8E:62:78:7B:48:68:5C:21:48:0B:E3:F9:78 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6966423c-fa27-4cd5-898f-a147e75cdcb6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:a000::/40 Signature Algorithm: sha256WithRSAEncryption 2a:f2:b1:bb:6b:27:ea:7a:2b:af:84:9a:e7:32:22:db:69:4f: 5c:01:7f:ec:23:7d:4f:50:a1:0b:da:3e:6b:39:2a:3c:e3:32: 21:33:16:2d:b1:a9:b9:c5:c6:a5:62:8f:f2:27:38:5a:d8:79: d1:b8:f3:bb:9d:37:43:4c:7c:2a:a5:13:6b:7f:31:9d:cc:46: 11:05:89:e6:e4:b8:45:6d:a5:79:a0:d8:13:fe:5e:7d:e7:24: e3:ce:00:3c:ab:96:75:63:82:c7:5c:66:6f:06:e8:12:f2:0e: 0b:66:c1:a2:79:9a:76:65:f0:7d:c7:87:80:6e:bb:58:fb:4a: ea:2b:de:b8:6b:8b:a2:b4:d1:52:e1:d5:d4:dd:d1:8d:a2:8c: 13:0e:cb:44:b7:3f:6a:0f:9e:be:96:92:c3:c2:1c:de:ab:86: dd:c7:34:b8:9b:06:0a:6a:b4:9b:31:80:72:39:e8:1f:4a:da: c7:44:fa:1f:82:e5:a6:07:45:b3:5f:44:6a:3d:77:66:8c:26: 92:70:de:56:32:74:d6:c1:21:c5:2f:14:63:c5:9f:2e:82:1d: 08:ff:0a:0e:82:56:50:27:48:ba:f3:0e:a1:76:64:f9:83:40: 0b:88:23:2f:76:42:5c:85:bb:57:5f:e8:41:d4:d9:0e:a2:cb: 43:f5:3e:70 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUaDaP0EImRmeWOpVumJ4wTB6M0dowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMzAwMjExNloX DTI2MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAODNjY2Y2ODBkYTNkZjE2MDVkNmQ3 NzEzODBhODMxOGQ5ZjgwZmE0M2I0YzdmMTFkY2UzNDhkODEyMTY5OGNiYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwaCiDL7ad7xAPXsHkJvIevh29+i 9aLDrqC5p8sQ+etPr6VZQISHuZUfGc+bLmZVGPd0RVQfCg3zCdJYVdNupTBrOY7q 8hSGbAkUPpueGrk9FdZ++ms2Ks7xZvYYfpS56JIBKYPN9Qv62/N3hgDRTfYTjKs8 ROmqaKTCs0JEeUS4UBVozgrloyFbfKSwh4raoEVugxIh0sR1cdeKQTGbcfEnJYtl So1bQp2HwrK2YCZlCu6xKpuZQPtl7R4SudtTn6WaG8c1w2PY1FgEQGPGjeQEh8tv 4RNSn7QtpdN7nj3HCa1qOnQ3jw3skJKTo8g1jNSpEX5KW+LAzWNWUahx/QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCzqOxX2WUaOYnh7SGhcIUgL4/l4MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY5NjY0MjNjLWZhMjctNGNkNS04OThmLWExNDdlNzVjZGNiNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauaAwDQYJKoZIhvcNAQELBQADggEBACrysbtrJ+p6K6+Emucy IttpT1wBf+wjfU9QoQvaPms5KjzjMiEzFi2xqbnFxqVij/InOFrYedG487udN0NM fCqlE2t/MZ3MRhEFiebkuEVtpXmg2BP+Xn3nJOPOADyrlnVjgsdcZm8G6BLyDgtm waJ5mnZl8H3Hh4Buu1j7Suor3rhri6K00VLh1dTd0Y2ijBMOy0S3P2oPnr6WksPC HN6rht3HNLibBgpqtJsxgHI56B9K2sdE+h+C5aYHRbNfRGo9d2aMJpJw3lYydNbB IcUvFGPFny6CHQj/Cg6CVlAnSLrzDqF2ZPmDQAuIIy92QlyFu1df6EHU2Q6iy0P1 PnA= -----END CERTIFICATE-----Generated at Sat Jun 13 10:26:05 2026 by rpki-client