$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9c47ca85-f58b-41a9-b004-51d6fd554894.roa File: 9c47ca85-f58b-41a9-b004-51d6fd554894.roa (raw, json) Hash identifier: tsTWBIHe2d4KVcMbIulIN3LtqnH/qFLD/v1g8vlMxSg= Subject key identifier: 18:34:E3:C8:00:F9:85:33:F7:E8:5F:0A:89:89:76:74:47:CC:1A:CC Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5871129E0D245CD3EAEBFEB03C2BDB50F92CCB43 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9c47ca85-f58b-41a9-b004-51d6fd554894.roa Signing time: Fri 03 Apr 2026 00:00:51 +0000 ROA not before: Fri 03 Apr 2026 00:00:51 +0000 ROA not after: Thu 02 Jul 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daeb:60c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Apr 2026 21:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:71:12:9e:0d:24:5c:d3:ea:eb:fe:b0:3c:2b:db:50:f9:2c:cb:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 3 00:00:51 2026 GMT Not After : Jul 2 23:59:59 2026 GMT Subject: serialNumber=316d7f1c7f343c75c54729e5f6745d5fe7d7a68eb252b46777110d8a864c1ccb, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:a4:63:30:25:f0:df:a0:45:a3:2d:e1:34:d2: e7:4e:ce:24:ba:9b:ea:ca:74:c4:d8:89:e5:f9:55: 47:47:a8:82:1a:b8:b4:00:2a:17:f4:54:6a:ce:da: 35:b0:43:2c:4f:45:77:9d:6c:5f:81:2d:68:39:7f: 4f:68:34:64:b7:16:de:63:20:01:e2:fc:ea:22:31: 66:4d:27:45:eb:92:2f:fd:26:c8:c7:f3:52:85:a5: 82:d6:cb:4b:48:ca:33:14:29:91:db:a7:0b:64:b4: 9b:13:c3:11:10:c0:69:59:40:32:45:2c:fd:68:ea: 6b:18:ca:3f:2f:0e:53:15:4d:9c:1e:39:fd:5f:78: e3:7f:9c:79:49:6c:4c:09:e5:08:34:89:bf:4f:3a: 21:3b:00:55:90:c7:ae:ed:de:c0:fb:3b:f3:a6:b3: dd:2d:a5:05:c1:78:2e:53:1f:da:b1:85:6d:d2:eb: 37:4d:c0:ad:ae:04:8b:87:19:ec:95:81:26:1b:17: 63:98:13:71:20:2a:44:42:47:42:15:52:20:46:a0: 7a:f1:01:f3:10:64:36:9f:81:23:7f:34:ec:6b:4d: 8d:9a:64:5f:94:a8:e1:a1:24:55:ef:f6:5a:0c:a5: 34:5d:b8:6a:f2:a6:d3:05:cc:9f:c3:69:24:2f:33: c8:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:34:E3:C8:00:F9:85:33:F7:E8:5F:0A:89:89:76:74:47:CC:1A:CC X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9c47ca85-f58b-41a9-b004-51d6fd554894.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daeb:60c0::/48 Signature Algorithm: sha256WithRSAEncryption 6d:33:91:fa:be:dc:a9:86:e9:cb:7d:5d:46:f2:6c:0f:4b:ff: fa:bc:00:df:a8:e6:d0:6e:90:0e:be:92:a9:8b:bc:b7:36:2f: e7:87:ca:12:be:6e:7d:88:3c:64:56:f3:61:7d:36:35:53:43: 0e:23:08:23:b4:a8:c1:0e:e2:f6:c5:d4:dc:6f:d6:53:33:a2: 9b:62:bd:53:58:d9:0e:4a:5f:31:8e:93:ed:89:f5:09:79:01: dc:67:1c:b7:da:89:45:41:7b:ff:15:da:ed:b2:1f:6e:96:32: 5e:eb:fb:9c:48:a6:9c:9e:86:15:55:1d:ab:6c:6f:cb:6b:7a: ea:26:14:6a:8f:fe:ad:2e:ba:ba:db:35:e4:9a:06:f5:46:9d: 49:28:68:9f:28:4c:43:3f:9f:4b:7b:0a:37:1a:b4:6e:e9:5f: 50:ad:3c:ca:16:be:2c:d6:85:5b:a0:54:35:76:c6:ef:41:aa: 88:ab:35:1e:d0:32:19:93:5c:72:fb:5b:b7:3f:93:cf:73:1a: 29:47:db:94:4d:9d:eb:4b:b2:4d:3b:14:42:8f:b9:ec:36:8c: 79:18:ab:29:15:63:df:cc:18:28:5b:ab:75:17:f1:26:cb:49: 5a:e5:da:98:e0:4e:c0:eb:8a:c7:56:2c:50:9a:95:17:cc:47: e0:03:95:72 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUWHESng0kXNPq6/6wPCvbUPksy0MwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDQwMzAwMDA1MVoX DTI2MDcwMjIzNTk1OVowejFJMEcGA1UEBRNAMzE2ZDdmMWM3ZjM0M2M3NWM1NDcy OWU1ZjY3NDVkNWZlN2Q3YTY4ZWIyNTJiNDY3NzcxMTBkOGE4NjRjMWNjYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzaRjMCXw36BFoy3hNNLnTs4kupvq ynTE2Inl+VVHR6iCGri0ACoX9FRqzto1sEMsT0V3nWxfgS1oOX9PaDRktxbeYyAB 4vzqIjFmTSdF65Iv/SbIx/NShaWC1stLSMozFCmR26cLZLSbE8MREMBpWUAyRSz9 aOprGMo/Lw5TFU2cHjn9X3jjf5x5SWxMCeUINIm/TzohOwBVkMeu7d7A+zvzprPd LaUFwXguUx/asYVt0us3TcCtrgSLhxnslYEmGxdjmBNxICpEQkdCFVIgRqB68QHz EGQ2n4EjfzTsa02NmmRflKjhoSRV7/ZaDKU0Xbhq8qbTBcyfw2kkLzPIWQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFBg048gA+YUz9+hfComJdnRHzBrMMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzljNDdjYTg1LWY1OGItNDFhOS1iMDA0LTUxZDZmZDU1NDg5NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba62DAMA0GCSqGSIb3DQEBCwUAA4IBAQBtM5H6vtyphunLfV1G 8mwPS//6vADfqObQbpAOvpKpi7y3Ni/nh8oSvm59iDxkVvNhfTY1U0MOIwgjtKjB DuL2xdTcb9ZTM6KbYr1TWNkOSl8xjpPtifUJeQHcZxy32olFQXv/Fdrtsh9uljJe 6/ucSKacnoYVVR2rbG/La3rqJhRqj/6tLrq62zXkmgb1Rp1JKGifKExDP59Lewo3 GrRu6V9QrTzKFr4s1oVboFQ1dsbvQaqIqzUe0DIZk1xy+1u3P5PPcxopR9uUTZ3r S7JNOxRCj7nsNox5GKspFWPfzBgoW6t1F/Emy0la5dqY4E7A64rHVixQmpUXzEfg A5Vy -----END CERTIFICATE-----Generated at Fri Apr 17 07:58:51 2026 by rpki-client