$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8f748076-f8ab-4d93-9e81-e21dff35f38a.roa File: 8f748076-f8ab-4d93-9e81-e21dff35f38a.roa (raw, json) Hash identifier: N+Uin8/D2/9NJBUyuJuWcCE8s85sEGz+fLhgPRZwV0o= Subject key identifier: D1:50:50:0D:B3:EE:69:EE:8C:10:03:ED:6A:D2:7A:0D:0B:6F:3B:14 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 251DB306B2347332AF939E3060DB42FD5FDCEF2C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8f748076-f8ab-4d93-9e81-e21dff35f38a.roa Signing time: Fri 03 Apr 2026 00:00:17 +0000 ROA not before: Fri 03 Apr 2026 00:00:17 +0000 ROA not after: Thu 02 Jul 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daeb:840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Apr 2026 21:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:1d:b3:06:b2:34:73:32:af:93:9e:30:60:db:42:fd:5f:dc:ef:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 3 00:00:17 2026 GMT Not After : Jul 2 23:59:59 2026 GMT Subject: serialNumber=46be9666325ed6f29588a53725b54f47044be1ac2648efe68131b1f1f13d840b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:28:1c:57:51:b6:34:dc:ff:09:2b:76:e3:3e: 46:b1:8f:bf:11:15:28:7b:d8:07:b3:96:4d:f5:b3: a3:ce:d5:e1:31:08:f0:07:4c:97:ed:45:69:09:cc: ee:5a:32:13:d3:33:a7:39:98:4d:34:29:46:27:b4: f7:55:66:27:de:c6:3e:1c:d0:ff:40:ab:4a:24:d9: 53:56:b1:af:de:af:32:13:b3:52:78:59:59:3b:38: 0e:01:ef:f2:1c:7b:c2:59:70:08:cd:49:86:3d:61: 67:19:7a:5f:26:db:0a:ef:c2:92:6b:12:10:6d:c8: 14:6c:f0:81:bf:8b:02:69:e6:10:4e:a1:ff:06:f3: c6:06:0e:5c:32:75:77:73:3c:81:4c:0e:73:1b:81: 38:23:1c:78:10:51:8a:19:22:07:27:b3:2c:da:4a: 59:86:4d:cc:4b:94:1c:bf:43:fd:7d:d1:6a:c3:31: 6f:8d:3d:f0:b8:b7:cb:3b:57:a8:43:f3:5c:62:52: cb:b4:dc:5c:78:21:7d:b5:4c:c6:7c:07:36:c2:81: be:5d:78:fb:8c:2b:a3:50:0f:56:f5:ef:70:c5:dc: 5c:fd:08:86:db:6c:87:8c:8a:ca:c4:d3:29:22:f0: 46:2e:68:f0:30:b9:57:b6:0a:28:03:c0:87:e0:c7: 3c:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:50:50:0D:B3:EE:69:EE:8C:10:03:ED:6A:D2:7A:0D:0B:6F:3B:14 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8f748076-f8ab-4d93-9e81-e21dff35f38a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daeb:840::/48 Signature Algorithm: sha256WithRSAEncryption 10:e2:ca:f7:22:5a:e9:3c:70:b5:91:fd:33:4d:87:0c:b2:48: e9:6d:94:c3:dc:af:06:bf:f3:bc:07:4f:ea:cd:ab:13:b9:9f: 73:8f:bd:bc:dc:38:e5:f1:09:22:2c:38:50:b8:b2:af:86:05: f9:90:2b:f2:b1:59:5a:69:f7:b0:4e:df:30:9a:f9:81:9f:6b: 8b:3d:86:15:25:85:38:76:fc:b1:29:90:2f:28:dc:78:eb:78: 84:cd:78:22:41:4d:ab:51:72:00:7e:54:40:6c:e0:b9:ed:b0: e0:2a:fa:9a:9b:a9:c6:fc:5b:fa:01:be:6f:55:ef:23:1f:4a: 03:22:56:d3:b3:f8:9e:57:23:c7:f8:be:5b:66:7f:a8:6c:c1: fc:c4:7e:72:d6:18:1e:cd:6c:db:39:46:d5:26:1f:0d:23:61: 26:6d:e8:5e:15:1e:9a:40:23:71:f6:6b:12:ff:b5:d2:15:f6: 10:2c:1f:c0:84:99:d6:6e:33:c7:9a:a5:d3:21:ba:a9:4e:d9: 23:74:57:97:c5:df:2c:10:fd:a7:ce:f4:39:28:49:e6:e6:1f: 4f:99:26:56:bd:74:2c:a7:c9:44:b6:e8:25:09:e0:fa:d7:ee: 6e:08:1a:15:49:0d:f5:a2:b8:9d:34:28:ba:58:86:4f:86:f1: c7:dd:41:3f -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUJR2zBrI0czKvk54wYNtC/V/c7ywwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDQwMzAwMDAxN1oX DTI2MDcwMjIzNTk1OVowejFJMEcGA1UEBRNANDZiZTk2NjYzMjVlZDZmMjk1ODhh NTM3MjViNTRmNDcwNDRiZTFhYzI2NDhlZmU2ODEzMWIxZjFmMTNkODQwYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyygcV1G2NNz/CSt24z5GsY+/ERUo e9gHs5ZN9bOjztXhMQjwB0yX7UVpCczuWjIT0zOnOZhNNClGJ7T3VWYn3sY+HND/ QKtKJNlTVrGv3q8yE7NSeFlZOzgOAe/yHHvCWXAIzUmGPWFnGXpfJtsK78KSaxIQ bcgUbPCBv4sCaeYQTqH/BvPGBg5cMnV3czyBTA5zG4E4Ixx4EFGKGSIHJ7Ms2kpZ hk3MS5Qcv0P9fdFqwzFvjT3wuLfLO1eoQ/NcYlLLtNxceCF9tUzGfAc2woG+XXj7 jCujUA9W9e9wxdxc/QiG22yHjIrKxNMpIvBGLmjwMLlXtgooA8CH4Mc8MwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFNFQUA2z7mnujBAD7WrSeg0LbzsUMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhmNzQ4MDc2LWY4YWItNGQ5My05ZTgxLWUyMWRmZjM1ZjM4YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba6whAMA0GCSqGSIb3DQEBCwUAA4IBAQAQ4sr3IlrpPHC1kf0z TYcMskjpbZTD3K8Gv/O8B0/qzasTuZ9zj7283Djl8QkiLDhQuLKvhgX5kCvysVla afewTt8wmvmBn2uLPYYVJYU4dvyxKZAvKNx463iEzXgiQU2rUXIAflRAbOC57bDg Kvqam6nG/Fv6Ab5vVe8jH0oDIlbTs/ieVyPH+L5bZn+obMH8xH5y1hgezWzbOUbV Jh8NI2EmbeheFR6aQCNx9msS/7XSFfYQLB/AhJnWbjPHmqXTIbqpTtkjdFeXxd8s EP2nzvQ5KEnm5h9PmSZWvXQsp8lEtuglCeD61+5uCBoVSQ31oridNCi6WIZPhvHH 3UE/ -----END CERTIFICATE-----Generated at Fri Apr 17 08:20:37 2026 by rpki-client