$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d1ed69c2-5793-4712-a624-2cff13ab19b2.roa File: d1ed69c2-5793-4712-a624-2cff13ab19b2.roa (raw, json) Hash identifier: vI4UeVTIx2DWQ+ZE7Zgnb0wh2/fd4/PS1PYvXKBY9O8= Subject key identifier: 27:92:CC:F0:3D:66:02:2A:FD:31:DB:2E:B4:EC:08:B3:CF:74:32:F7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 376431B01DAC348746C0352D86D3C6B97D23E4B2 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d1ed69c2-5793-4712-a624-2cff13ab19b2.roa Signing time: Fri 03 Apr 2026 00:01:41 +0000 ROA not before: Fri 03 Apr 2026 00:01:41 +0000 ROA not after: Thu 02 Jul 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daeb:c000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Apr 2026 21:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:64:31:b0:1d:ac:34:87:46:c0:35:2d:86:d3:c6:b9:7d:23:e4:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 3 00:01:41 2026 GMT Not After : Jul 2 23:59:59 2026 GMT Subject: serialNumber=fefdf2f7ff6cce12b9f1ee3992b45ed0c72972aa7c05ec3071f0eb40aa51bb47, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:af:2b:db:28:57:c8:b5:11:f5:55:15:d5:93: cd:d9:6b:15:9f:fa:64:7a:3c:ba:2b:da:f6:d8:55: 0e:93:1c:08:f7:9d:ea:f7:86:db:bd:f1:03:53:c1: 3a:b5:6b:00:61:64:e5:21:22:64:4e:c1:c1:c8:2f: 9f:d1:fa:0f:37:18:6d:bc:6d:84:be:c3:1d:fe:e0: 4c:87:21:61:f7:2d:f1:c0:01:b7:df:29:3e:50:be: d8:6e:65:58:4d:26:a7:b8:18:8e:20:65:b1:6b:fb: f9:32:35:85:fc:06:1b:41:f8:94:7d:b9:1c:47:21: 1d:ec:49:18:9e:68:90:22:49:0a:46:e4:03:7f:8a: 7b:6a:92:82:bc:c6:d5:c9:6c:aa:4b:41:84:c5:19: ba:e5:c4:ed:6c:94:a2:ca:33:6b:68:3c:16:da:1b: 9d:0c:1e:83:d4:07:39:d2:9c:34:ca:71:3d:85:b2: e8:ab:ac:b5:86:df:b0:27:03:74:4e:41:f9:b5:00: 85:f3:8f:58:02:9c:4e:6c:b7:7b:e9:12:3f:e4:69: 95:e8:d7:32:69:c0:20:e0:cd:18:5f:a4:a8:af:61: 14:b7:c0:ba:a9:ac:f7:b9:58:2f:4d:bb:fb:f3:21: c4:c4:a5:47:33:da:70:91:f5:75:10:d0:3e:06:73: f7:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:92:CC:F0:3D:66:02:2A:FD:31:DB:2E:B4:EC:08:B3:CF:74:32:F7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d1ed69c2-5793-4712-a624-2cff13ab19b2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daeb:c000::/40 Signature Algorithm: sha256WithRSAEncryption 0f:87:86:ba:7e:c2:95:2f:a6:c4:17:27:35:c4:bf:36:03:c3: ef:85:80:c1:e0:90:4a:a4:10:ba:97:af:11:11:a4:b9:a1:62: 1f:2e:24:0e:27:c1:e4:70:17:a2:c5:b0:40:7d:60:8d:29:0f: 39:97:8e:cb:53:b1:0a:d4:f2:48:9e:ff:d2:9a:e5:21:47:cc: 4d:6e:0a:d7:d2:ec:df:ac:9b:50:87:e1:74:c7:eb:34:c6:b4: 87:6e:16:37:9e:10:d5:80:3a:32:b7:98:7c:f1:49:98:b8:eb: ee:bf:38:74:9f:af:9d:fd:03:91:61:c8:14:d9:bb:e5:3d:26: 2d:8d:1f:a1:d0:9d:a1:06:ec:02:36:ce:d1:00:a8:75:d0:74: 7f:45:2b:ee:f2:14:42:74:5c:ca:72:0e:1f:84:f4:90:b4:3b: 01:b0:58:9a:c9:4c:e9:9f:83:29:d5:b5:3f:1d:48:b2:a0:f0: 62:e6:0c:c0:a9:18:5a:a8:a1:56:78:6b:65:8a:8c:05:94:fa: ec:fc:80:97:d3:1f:b2:95:33:e4:17:8e:8f:a3:93:38:71:fc: f7:c4:3b:df:c9:fe:c5:51:38:f6:2d:bd:d0:4b:11:6e:59:e7: 1b:80:8d:0a:4e:aa:b8:c7:20:dd:72:2a:30:27:5e:12:25:4c: 28:fb:1c:5b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUN2QxsB2sNIdGwDUthtPGuX0j5LIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDQwMzAwMDE0MVoX DTI2MDcwMjIzNTk1OVowejFJMEcGA1UEBRNAZmVmZGYyZjdmZjZjY2UxMmI5ZjFl ZTM5OTJiNDVlZDBjNzI5NzJhYTdjMDVlYzMwNzFmMGViNDBhYTUxYmI0NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq68r2yhXyLUR9VUV1ZPN2WsVn/pk ejy6K9r22FUOkxwI953q94bbvfEDU8E6tWsAYWTlISJkTsHByC+f0foPNxhtvG2E vsMd/uBMhyFh9y3xwAG33yk+UL7YbmVYTSanuBiOIGWxa/v5MjWF/AYbQfiUfbkc RyEd7EkYnmiQIkkKRuQDf4p7apKCvMbVyWyqS0GExRm65cTtbJSiyjNraDwW2hud DB6D1Ac50pw0ynE9hbLoq6y1ht+wJwN0TkH5tQCF849YApxObLd76RI/5GmV6Ncy acAg4M0YX6Sor2EUt8C6qaz3uVgvTbv78yHExKVHM9pwkfV1ENA+BnP35wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCeSzPA9ZgIq/THbLrTsCLPPdDL3MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2QxZWQ2OWMyLTU3OTMtNDcxMi1hNjI0LTJjZmYxM2FiMTliMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba68AwDQYJKoZIhvcNAQELBQADggEBAA+Hhrp+wpUvpsQXJzXE vzYDw++FgMHgkEqkELqXrxERpLmhYh8uJA4nweRwF6LFsEB9YI0pDzmXjstTsQrU 8kie/9Ka5SFHzE1uCtfS7N+sm1CH4XTH6zTGtIduFjeeENWAOjK3mHzxSZi46+6/ OHSfr539A5FhyBTZu+U9Ji2NH6HQnaEG7AI2ztEAqHXQdH9FK+7yFEJ0XMpyDh+E 9JC0OwGwWJrJTOmfgynVtT8dSLKg8GLmDMCpGFqooVZ4a2WKjAWU+uz8gJfTH7KV M+QXjo+jkzhx/PfEO9/J/sVROPYtvdBLEW5Z5xuAjQpOqrjHIN1yKjAnXhIlTCj7 HFs= -----END CERTIFICATE-----Generated at Fri Apr 17 08:20:18 2026 by rpki-client