$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b9e1c759-db10-4a48-b586-da1f1ff39287.roa File: b9e1c759-db10-4a48-b586-da1f1ff39287.roa (raw, json) Hash identifier: n9DoAPZ3iK18VkF1Xolbkk/4QL2upihTwHzZKa+5qtg= Subject key identifier: 02:71:52:F4:EB:C8:12:31:71:6D:CA:1D:D8:85:95:F9:DD:E5:41:67 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 06095D2A6F10FA7824A9A2F63EE75AC0A51C17D2 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b9e1c759-db10-4a48-b586-da1f1ff39287.roa Signing time: Sun 17 May 2026 00:00:06 +0000 ROA not before: Sun 17 May 2026 00:00:06 +0000 ROA not after: Sat 15 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daed:9000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Jun 2026 00:02:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:09:5d:2a:6f:10:fa:78:24:a9:a2:f6:3e:e7:5a:c0:a5:1c:17:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 17 00:00:06 2026 GMT Not After : Aug 15 23:59:59 2026 GMT Subject: serialNumber=52d11aef4ffc85e329e217ccef66e7d2a1018b45e2960298861b260a9034b718, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:e0:fb:f4:5f:8b:e8:21:e9:93:78:0c:99:cf: 01:3e:ed:83:9c:6d:39:42:8a:7a:df:59:67:90:26: 4f:69:98:8c:a2:3f:01:0c:1c:d4:c0:9f:0f:cc:8a: 30:4f:e1:a0:83:31:da:7c:00:5b:d1:04:36:dd:08: 45:03:c1:9d:1e:7f:14:f6:2a:55:96:aa:a0:20:be: cc:f7:0f:7a:e7:1f:e6:55:27:b7:3b:62:c4:56:34: e3:c0:ae:56:db:cc:d2:b9:d9:a9:05:5d:f4:1f:d2: ca:1e:d3:4f:ed:fb:25:3b:e5:10:5f:d2:fe:9f:56: 2e:2a:61:e1:fa:0d:a5:32:3d:8f:6f:bf:f1:bf:05: be:57:80:a3:01:c2:e0:a0:b8:9a:61:d2:a1:6f:cb: a1:c5:4e:e7:c1:62:f9:b6:05:b3:db:13:08:f9:75: a9:eb:05:be:44:1c:b2:23:75:8f:ff:23:2e:80:08: c1:84:53:4d:0c:7c:05:5f:ce:f4:fd:4b:b0:3a:6f: 54:2d:7a:9c:52:11:3d:e9:02:47:d3:6d:17:7f:27: 9d:6a:47:66:0e:49:31:2b:8b:28:1e:53:dc:a0:18: 87:aa:3e:6a:ba:26:bf:98:8e:2f:b4:11:51:e1:cb: 31:16:8f:35:3e:b2:cb:17:e8:7c:b2:89:8f:00:f9: 9c:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:71:52:F4:EB:C8:12:31:71:6D:CA:1D:D8:85:95:F9:DD:E5:41:67 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b9e1c759-db10-4a48-b586-da1f1ff39287.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daed:9000::/40 Signature Algorithm: sha256WithRSAEncryption a7:dd:6b:58:fb:34:17:05:ee:5b:37:14:68:ba:91:18:4b:9b: 02:36:f8:c8:fe:2e:ad:39:63:e8:b1:db:48:2c:6b:6a:b9:b4: de:10:a5:29:71:01:ba:ac:82:95:86:c7:31:d2:3f:e3:dd:9a: 1e:a9:95:f3:a4:6d:d1:b6:f4:ee:68:c7:21:46:1e:dd:d0:0f: 10:5a:fd:db:ba:53:71:6b:14:2d:3a:2a:dc:ad:05:df:08:04: d0:d7:8b:b0:c5:a9:0b:80:35:16:2d:94:e8:bd:17:34:7e:6b: a0:4d:77:02:95:18:d8:0b:f2:fc:1e:b2:a1:8b:c7:3e:4d:1f: 63:11:73:fe:10:ce:8b:cb:99:c9:f7:72:ae:4f:ff:a1:a7:f6: da:f7:ba:3b:a7:eb:ac:a0:8d:22:7e:08:12:c8:2e:ee:a0:fb: ee:d6:99:5b:12:ca:a6:7d:2a:3c:1c:68:8b:1a:fc:b2:27:4b: b5:d0:37:46:c4:9b:c4:92:41:d1:e2:7b:48:37:7c:9a:a4:58: e9:d8:4b:4c:a2:90:2c:93:77:41:d5:1b:32:32:a8:46:2f:fe: a7:24:83:89:a6:62:92:8c:ec:52:8b:53:13:be:f7:50:d1:ef: b3:0b:51:0a:57:cc:00:4a:0f:27:3c:7f:cf:8c:dc:55:0d:52: 5e:b2:d1:60 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUBgldKm8Q+ngkqaL2PudawKUcF9IwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxNzAwMDAwNloX DTI2MDgxNTIzNTk1OVowejFJMEcGA1UEBRNANTJkMTFhZWY0ZmZjODVlMzI5ZTIx N2NjZWY2NmU3ZDJhMTAxOGI0NWUyOTYwMjk4ODYxYjI2MGE5MDM0YjcxODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4uD79F+L6CHpk3gMmc8BPu2DnG05 Qop631lnkCZPaZiMoj8BDBzUwJ8PzIowT+GggzHafABb0QQ23QhFA8GdHn8U9ipV lqqgIL7M9w965x/mVSe3O2LEVjTjwK5W28zSudmpBV30H9LKHtNP7fslO+UQX9L+ n1YuKmHh+g2lMj2Pb7/xvwW+V4CjAcLgoLiaYdKhb8uhxU7nwWL5tgWz2xMI+XWp 6wW+RByyI3WP/yMugAjBhFNNDHwFX870/UuwOm9ULXqcUhE96QJH020Xfyedakdm DkkxK4soHlPcoBiHqj5quia/mI4vtBFR4csxFo81PrLLF+h8somPAPmcYwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAJxUvTryBIxcW3KHdiFlfnd5UFnMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2I5ZTFjNzU5LWRiMTAtNGE0OC1iNTg2LWRhMWYxZmYzOTI4Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba7ZAwDQYJKoZIhvcNAQELBQADggEBAKfda1j7NBcF7ls3FGi6 kRhLmwI2+Mj+Lq05Y+ix20gsa2q5tN4QpSlxAbqsgpWGxzHSP+Pdmh6plfOkbdG2 9O5oxyFGHt3QDxBa/du6U3FrFC06KtytBd8IBNDXi7DFqQuANRYtlOi9FzR+a6BN dwKVGNgL8vwesqGLxz5NH2MRc/4QzovLmcn3cq5P/6Gn9tr3ujun66ygjSJ+CBLI Lu6g++7WmVsSyqZ9KjwcaIsa/LInS7XQN0bEm8SSQdHie0g3fJqkWOnYS0yikCyT d0HVGzIyqEYv/qckg4mmYpKM7FKLUxO+91DR77MLUQpXzABKDyc8f8+M3FUNUl6y 0WA= -----END CERTIFICATE-----Generated at Wed Jun 17 09:01:19 2026 by rpki-client