$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af674e28-8a6b-4881-bc24-1bd1d459637c.roa File: af674e28-8a6b-4881-bc24-1bd1d459637c.roa (raw, json) Hash identifier: 5vFycNYbS4pA6xKPYMMtagiovksvdQRpdcjbcMy4w2E= Subject key identifier: 52:EF:B9:A0:F4:46:DC:9B:38:B0:BD:56:B7:9C:5A:A5:29:51:AC:9C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 20362CDDECE8E528EDE9867DF59D929DD2FF9BD3 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af674e28-8a6b-4881-bc24-1bd1d459637c.roa Signing time: Wed 13 May 2026 00:10:42 +0000 ROA not before: Wed 13 May 2026 00:10:42 +0000 ROA not after: Tue 11 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daa0:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Jun 2026 00:02:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:36:2c:dd:ec:e8:e5:28:ed:e9:86:7d:f5:9d:92:9d:d2:ff:9b:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 13 00:10:42 2026 GMT Not After : Aug 11 23:59:59 2026 GMT Subject: serialNumber=13e8756c95952ab80a4a39975eca4720d41d91ca9f9f13f201ae884335e8260b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:12:a7:4e:d6:f3:cd:b5:d0:73:dd:81:be:15: d9:fb:68:1a:b4:68:53:fd:bb:96:e5:2a:fe:51:d1: 74:d6:d4:a6:da:d4:ef:e5:53:c6:db:13:44:23:ed: 2f:9b:62:de:d5:bd:fc:71:b1:bf:00:69:9e:bc:48: de:6c:91:05:08:05:1b:eb:7d:68:5e:48:02:ee:68: f5:52:7e:6b:a4:35:f3:4a:64:1b:7c:39:0f:fb:ea: 41:37:63:be:df:ef:c9:6b:b3:2e:41:06:b4:93:ef: b1:48:0a:3c:9c:b8:24:e4:f8:b3:92:82:54:17:43: d8:fb:2f:22:c6:5c:b8:1e:95:1c:65:2d:57:0e:7c: 08:b9:8f:16:ed:41:9f:bb:8b:49:ac:76:8c:3e:a9: 6c:2a:d4:2a:34:1b:25:5f:92:32:01:1b:7d:cf:ad: d9:81:10:78:e7:56:de:b9:31:46:1c:21:0f:cc:a6: 3a:7a:5d:61:35:f5:82:b3:d8:58:d1:03:a4:4e:de: 61:9e:c2:40:2e:87:c1:08:34:86:25:3b:a6:2c:d5: d4:7f:78:99:e0:0b:a3:ab:e2:c0:c1:6c:1d:f5:e8: ea:c5:96:f7:14:4a:9b:b9:dc:39:6c:8c:41:e5:e4: 55:df:41:c5:1c:a6:c0:29:c1:9d:fe:e2:9f:42:2f: cb:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:EF:B9:A0:F4:46:DC:9B:38:B0:BD:56:B7:9C:5A:A5:29:51:AC:9C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af674e28-8a6b-4881-bc24-1bd1d459637c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daa0:a000::/40 Signature Algorithm: sha256WithRSAEncryption 35:0e:c3:6a:6f:7b:9f:07:2c:76:e5:4e:8e:da:9f:d3:f7:6b: 31:74:50:56:88:2f:45:b6:38:9f:c8:59:e2:a4:60:d1:bf:83: 08:cd:a3:45:2f:04:a6:30:09:5d:af:ae:74:0c:59:27:67:dc: 97:93:fc:8c:eb:a2:67:e4:e9:cc:e0:f1:0e:fa:28:d4:88:06: 70:11:24:ed:7e:61:86:53:92:06:97:1b:fd:c5:f1:d8:e4:8c: 42:f2:ed:7d:c5:ad:60:d5:85:76:d3:ef:13:96:d5:cb:ad:e5: ec:0e:92:d0:c4:be:7b:63:8f:c5:1d:53:c1:eb:75:0c:04:88: 87:c3:bc:54:e3:64:a8:10:73:72:3d:df:3a:1d:4d:e5:1a:c2: aa:32:04:ea:86:ef:10:99:7b:8b:5a:7c:57:81:00:5f:fe:cb: 93:5b:62:ab:88:fc:32:ed:11:ca:e9:1e:81:2b:c3:69:b5:88: b6:63:5d:16:2f:25:08:1f:07:10:d1:3e:24:33:fd:ae:9b:ed: 39:c7:00:c7:a0:5b:4f:2f:56:9e:ad:89:9e:c5:fe:74:99:18: 8f:ef:5f:0f:97:ac:d7:97:47:ba:a9:b5:b3:1e:bd:af:f9:ea: cf:92:9d:1f:49:bd:ff:0c:06:13:2f:da:a3:ec:db:5b:78:16: 18:a5:ee:0a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUIDYs3ezo5Sjt6YZ99Z2SndL/m9MwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMzAwMTA0MloX DTI2MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAMTNlODc1NmM5NTk1MmFiODBhNGEz OTk3NWVjYTQ3MjBkNDFkOTFjYTlmOWYxM2YyMDFhZTg4NDMzNWU4MjYwYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRKnTtbzzbXQc92BvhXZ+2gatGhT /buW5Sr+UdF01tSm2tTv5VPG2xNEI+0vm2Le1b38cbG/AGmevEjebJEFCAUb631o XkgC7mj1Un5rpDXzSmQbfDkP++pBN2O+3+/Ja7MuQQa0k++xSAo8nLgk5PizkoJU F0PY+y8ixly4HpUcZS1XDnwIuY8W7UGfu4tJrHaMPqlsKtQqNBslX5IyARt9z63Z gRB451beuTFGHCEPzKY6el1hNfWCs9hY0QOkTt5hnsJALofBCDSGJTumLNXUf3iZ 4Aujq+LAwWwd9ejqxZb3FEqbudw5bIxB5eRV30HFHKbAKcGd/uKfQi/LEQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFFLvuaD0RtybOLC9VrecWqUpUaycMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FmNjc0ZTI4LThhNmItNDg4MS1iYzI0LTFiZDFkNDU5NjM3Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaoKAwDQYJKoZIhvcNAQELBQADggEBADUOw2pve58HLHblTo7a n9P3azF0UFaIL0W2OJ/IWeKkYNG/gwjNo0UvBKYwCV2vrnQMWSdn3JeT/Izromfk 6czg8Q76KNSIBnARJO1+YYZTkgaXG/3F8djkjELy7X3FrWDVhXbT7xOW1cut5ewO ktDEvntjj8UdU8HrdQwEiIfDvFTjZKgQc3I93zodTeUawqoyBOqG7xCZe4tafFeB AF/+y5NbYquI/DLtEcrpHoErw2m1iLZjXRYvJQgfBxDRPiQz/a6b7TnHAMegW08v Vp6tiZ7F/nSZGI/vXw+XrNeXR7qptbMeva/56s+SnR9Jvf8MBhMv2qPs21t4Fhil 7go= -----END CERTIFICATE-----Generated at Wed Jun 17 09:46:26 2026 by rpki-client