$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d857c82f-a402-44db-b300-f24b347c61d1.roa File: d857c82f-a402-44db-b300-f24b347c61d1.roa (raw, json) Hash identifier: OYHoQg1lKjLqIb6Wk0oxELxxkOdbojseS/YxdXPy6Ak= Subject key identifier: A5:70:DD:01:1D:4C:3C:CB:34:39:08:E6:B7:FF:7F:E1:05:E1:7D:A6 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 31B5565826E4E64215D60A7BC1981A0AE6181636 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d857c82f-a402-44db-b300-f24b347c61d1.roa Signing time: Wed 13 May 2026 00:10:43 +0000 ROA not before: Wed 13 May 2026 00:10:43 +0000 ROA not after: Tue 11 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da14:c00::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 17 Jun 2026 00:02:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:b5:56:58:26:e4:e6:42:15:d6:0a:7b:c1:98:1a:0a:e6:18:16:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 13 00:10:43 2026 GMT Not After : Aug 11 23:59:59 2026 GMT Subject: serialNumber=e03561d5154acf4dbbed921129bb57d209ca6f8588cb907ab242a7c31ebb9ca0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:92:42:8b:d2:b9:2e:da:7e:0c:36:da:7b:4a: 39:bf:d8:a7:92:b0:30:5b:6e:2e:05:8a:58:5a:92: 21:de:af:96:81:33:ef:45:a6:ef:d7:88:97:a7:67: 40:67:61:29:3d:3a:1c:81:1c:bd:35:e0:9e:97:52: 7e:03:65:57:8b:48:bb:50:c7:57:5a:68:3a:20:cb: 00:1c:57:73:11:a0:b9:0c:31:75:67:ed:1d:31:55: 30:dd:04:8d:a1:2e:dd:7d:a0:db:15:b8:c7:d1:bb: 0a:e4:38:5a:69:bd:6b:af:95:df:53:b5:1a:38:69: 70:20:b6:23:cf:41:d1:fc:dd:43:00:bd:97:83:de: c3:f7:b5:53:db:e0:3d:52:39:a3:35:e5:26:6a:fc: 4e:cf:22:f2:e4:7b:3f:e6:59:36:0f:7b:ae:70:d1: d2:2a:13:61:7a:44:1c:72:c2:f3:0d:a8:e0:5e:9d: 57:56:f5:17:be:ef:19:b2:b0:6d:65:91:13:40:d4: fc:95:d1:f4:c5:00:ae:ef:f3:27:c9:46:30:ce:bd: ac:f2:73:c4:95:c8:92:a3:e9:3f:8e:5e:47:9a:5b: 7d:30:1e:eb:08:04:a6:5a:90:22:ca:48:9b:a9:5d: 8b:07:1c:94:8f:33:0d:6a:5c:26:f7:29:df:e7:9e: 4a:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:70:DD:01:1D:4C:3C:CB:34:39:08:E6:B7:FF:7F:E1:05:E1:7D:A6 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d857c82f-a402-44db-b300-f24b347c61d1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da14:c00::/38 Signature Algorithm: sha256WithRSAEncryption 48:87:b7:1a:7d:8e:22:4a:30:3d:32:13:1a:95:48:ee:7e:b2: 14:b0:bf:2b:79:03:86:98:29:6c:7b:0b:52:e1:71:0e:dd:e2: e7:36:6f:7e:51:24:41:56:a7:0f:1d:89:34:25:fe:ec:51:ec: 41:ff:4b:45:62:02:50:53:38:e3:89:5b:10:60:82:4c:dc:69: a6:2c:88:73:9c:78:5f:ca:c7:31:13:e7:cd:76:64:db:82:fd: b8:bb:81:b8:a1:20:a5:86:d0:f5:9e:8d:b2:68:9b:c4:6e:ae: b7:3b:26:d3:f1:7b:09:82:79:60:e9:c4:3f:77:0d:46:fb:54: fe:79:9a:34:03:fb:0a:8c:6c:8a:00:41:ec:67:be:b9:e4:e2: 0a:82:4f:62:db:23:c1:37:a3:d1:5c:fc:67:e5:6e:ae:9f:83: aa:40:29:17:af:24:df:b8:fd:bc:96:78:24:56:21:62:dd:c1: 7a:4c:36:20:e7:30:da:f6:11:7c:20:12:e4:bf:1c:ec:b5:db: b9:89:9e:9a:b3:c2:26:7d:01:69:54:ec:9e:80:ee:3b:b4:12: e4:78:dc:47:ae:fd:99:f9:1d:c5:d4:a3:19:80:7f:22:76:fa: bf:4e:38:48:20:12:04:39:76:23:5f:e1:72:5d:43:ac:cf:f6: 70:4c:7d:b1 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUMbVWWCbk5kIV1gp7wZgaCuYYFjYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMzAwMTA0M1oX DTI2MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAZTAzNTYxZDUxNTRhY2Y0ZGJiZWQ5 MjExMjliYjU3ZDIwOWNhNmY4NTg4Y2I5MDdhYjI0MmE3YzMxZWJiOWNhMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZJCi9K5Ltp+DDbae0o5v9inkrAw W24uBYpYWpIh3q+WgTPvRabv14iXp2dAZ2EpPTocgRy9NeCel1J+A2VXi0i7UMdX Wmg6IMsAHFdzEaC5DDF1Z+0dMVUw3QSNoS7dfaDbFbjH0bsK5Dhaab1rr5XfU7Ua OGlwILYjz0HR/N1DAL2Xg97D97VT2+A9UjmjNeUmavxOzyLy5Hs/5lk2D3uucNHS KhNhekQccsLzDajgXp1XVvUXvu8ZsrBtZZETQNT8ldH0xQCu7/MnyUYwzr2s8nPE lciSo+k/jl5Hmlt9MB7rCASmWpAiykibqV2LBxyUjzMNalwm9ynf555KGQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKVw3QEdTDzLNDkI5rf/f+EF4X2mMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q4NTdjODJmLWE0MDItNDRkYi1iMzAwLWYyNGIzNDdjNjFkMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaFAwwDQYJKoZIhvcNAQELBQADggEBAEiHtxp9jiJKMD0yExqV SO5+shSwvyt5A4aYKWx7C1LhcQ7d4uc2b35RJEFWpw8diTQl/uxR7EH/S0ViAlBT OOOJWxBggkzcaaYsiHOceF/KxzET5812ZNuC/bi7gbihIKWG0PWejbJom8Rurrc7 JtPxewmCeWDpxD93DUb7VP55mjQD+wqMbIoAQexnvrnk4gqCT2LbI8E3o9Fc/Gfl bq6fg6pAKRevJN+4/byWeCRWIWLdwXpMNiDnMNr2EXwgEuS/HOy127mJnpqzwiZ9 AWlU7J6A7ju0EuR43Eeu/Zn5HcXUoxmAfyJ2+r9OOEggEgQ5diNf4XJdQ6zP9nBM fbE= -----END CERTIFICATE-----Generated at Sat Jun 13 09:19:10 2026 by rpki-client