$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cf35e264-b53a-4b49-a7c8-5b159b7ccfd7.roa File: cf35e264-b53a-4b49-a7c8-5b159b7ccfd7.roa (raw, json) Hash identifier: JL2YxJQcwQCPe2Ev9nYXEuTQVDDsWcfLykO3T2c9UBg= Subject key identifier: 9F:21:4C:01:A5:2A:4D:CC:8B:D4:8B:3B:5E:E2:A1:79:1A:D5:34:0D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 27E9CDECCEF0D801E13C85CE254B83A260A2D158 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cf35e264-b53a-4b49-a7c8-5b159b7ccfd7.roa Signing time: Wed 13 May 2026 00:30:13 +0000 ROA not before: Wed 13 May 2026 00:30:13 +0000 ROA not after: Tue 11 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:4800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 17 Jun 2026 00:02:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:e9:cd:ec:ce:f0:d8:01:e1:3c:85:ce:25:4b:83:a2:60:a2:d1:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 13 00:30:13 2026 GMT Not After : Aug 11 23:59:59 2026 GMT Subject: serialNumber=2972e699af46a5c11ec128a596086d2deeef2eeaa5d36812b5e604d39c003546, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:1a:c5:33:61:4b:92:2a:d6:60:21:a5:cb:04: 6a:b9:15:14:bf:6f:66:bf:69:8d:1d:d7:77:b2:cf: 08:52:bb:21:52:e1:17:99:29:f7:e4:d2:13:02:3e: 30:8f:50:44:67:f1:b5:31:4a:ef:95:32:ad:8e:64: 82:02:a3:25:6a:8e:55:c0:fa:29:ad:34:bd:7f:2c: 50:e4:9c:39:6d:77:68:aa:d0:af:5a:c8:a9:bf:74: c0:a4:6e:22:c5:e0:7f:fb:c8:e2:3f:c7:86:61:7c: ea:3f:08:e7:67:48:13:08:f3:c4:1c:03:20:04:fd: 05:57:67:3e:25:28:05:c0:2f:40:86:6e:91:bc:13: 31:d7:9a:f6:34:6f:26:0b:96:75:64:c9:be:f5:a7: c8:15:b5:a1:27:b6:4f:62:d6:f9:a7:ad:c2:2e:ec: fc:ce:41:ed:e4:f1:4b:79:8d:4e:99:e9:7c:7c:56: 16:8c:e8:8d:44:e5:79:77:90:ea:c4:67:ed:5b:7a: f1:08:93:61:e7:b5:92:0f:2c:3e:12:39:94:6c:ec: 7b:6b:23:0b:b6:62:88:a7:bc:aa:f1:5c:d0:b4:ed: 87:e2:1f:54:92:30:45:61:4f:05:08:9a:ee:ba:a4: bc:c9:da:4f:01:c2:24:80:82:69:52:39:cb:14:2a: 98:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:21:4C:01:A5:2A:4D:CC:8B:D4:8B:3B:5E:E2:A1:79:1A:D5:34:0D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cf35e264-b53a-4b49-a7c8-5b159b7ccfd7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:4800::/40 Signature Algorithm: sha256WithRSAEncryption 96:75:7e:7d:d4:25:06:7c:bb:cb:ba:70:74:0b:90:97:36:97: 49:ae:17:ae:0c:5d:ef:bb:b2:76:dc:38:7d:ad:ba:b9:ee:ca: 28:78:d3:82:3e:e8:aa:e1:36:b9:7d:ea:41:5e:95:9f:72:83: d3:00:10:0d:7f:3b:86:dd:f2:b5:67:f6:70:e4:dd:c3:78:b4: 65:cf:17:5a:36:6e:76:62:2f:26:c7:28:fc:ff:7d:91:f4:2e: 39:34:bd:a7:16:65:27:35:3f:16:6e:b5:ce:84:90:82:66:40: 4e:fe:9a:a8:fb:d1:8c:42:20:47:6d:9c:9a:26:70:06:82:bb: 43:12:d0:46:a2:2d:87:82:c7:d9:d3:cf:2e:d2:b6:0b:19:6d: fb:70:d9:11:ae:c2:51:fb:dd:1b:05:24:7a:14:aa:10:43:af: 45:2b:64:e6:75:63:ed:bd:cf:4f:c0:cf:02:7a:87:97:5d:bf: 5f:b5:ad:f5:71:de:2c:f8:c7:d5:3f:26:04:88:21:75:78:33: 87:87:e8:86:fb:09:52:17:ef:68:07:44:52:b3:3c:ad:d2:e2: 3e:b3:d9:b9:d6:11:97:1a:a8:84:9f:dc:35:62:ea:9f:14:16: fe:06:9c:b9:9d:f7:b7:c4:46:a6:5b:ff:d5:fb:71:6f:5a:ee: c2:02:67:59 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJ+nN7M7w2AHhPIXOJUuDomCi0VgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMzAwMzAxM1oX DTI2MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAMjk3MmU2OTlhZjQ2YTVjMTFlYzEy OGE1OTYwODZkMmRlZWVmMmVlYWE1ZDM2ODEyYjVlNjA0ZDM5YzAwMzU0NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxrFM2FLkirWYCGlywRquRUUv29m v2mNHdd3ss8IUrshUuEXmSn35NITAj4wj1BEZ/G1MUrvlTKtjmSCAqMlao5VwPop rTS9fyxQ5Jw5bXdoqtCvWsipv3TApG4ixeB/+8jiP8eGYXzqPwjnZ0gTCPPEHAMg BP0FV2c+JSgFwC9Ahm6RvBMx15r2NG8mC5Z1ZMm+9afIFbWhJ7ZPYtb5p63CLuz8 zkHt5PFLeY1Omel8fFYWjOiNROV5d5DqxGftW3rxCJNh57WSDyw+EjmUbOx7ayML tmKIp7yq8VzQtO2H4h9UkjBFYU8FCJruuqS8ydpPAcIkgIJpUjnLFCqY6wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJ8hTAGlKk3Mi9SLO17ioXka1TQNMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NmMzVlMjY0LWI1M2EtNGI0OS1hN2M4LTViMTU5YjdjY2ZkNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8UgwDQYJKoZIhvcNAQELBQADggEBAJZ1fn3UJQZ8u8u6cHQL kJc2l0muF64MXe+7snbcOH2turnuyih404I+6KrhNrl96kFelZ9yg9MAEA1/O4bd 8rVn9nDk3cN4tGXPF1o2bnZiLybHKPz/fZH0Ljk0vacWZSc1PxZutc6EkIJmQE7+ mqj70YxCIEdtnJomcAaCu0MS0EaiLYeCx9nTzy7StgsZbftw2RGuwlH73RsFJHoU qhBDr0UrZOZ1Y+29z0/AzwJ6h5ddv1+1rfVx3iz4x9U/JgSIIXV4M4eH6Ib7CVIX 72gHRFKzPK3S4j6z2bnWEZcaqISf3DVi6p8UFv4GnLmd97fERqZb/9X7cW9a7sIC Z1k= -----END CERTIFICATE-----Generated at Sat Jun 13 10:25:05 2026 by rpki-client