$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc3a69bc-0d8b-4438-9290-7f41f5935e42.roa File: dc3a69bc-0d8b-4438-9290-7f41f5935e42.roa (raw, json) Hash identifier: 6pirQzFytPlSCMraN3vDa/bHgSIAN4FqatT0Y8VsgjE= Subject key identifier: 42:BE:64:0B:E6:EE:57:F6:7B:79:8C:31:ED:49:44:84:71:0B:49:35 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3EC04491BDB9E72D6AF0E0B08BE60125FC3C5B96 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc3a69bc-0d8b-4438-9290-7f41f5935e42.roa Signing time: Wed 13 May 2026 00:10:29 +0000 ROA not before: Wed 13 May 2026 00:10:29 +0000 ROA not after: Tue 11 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf8:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 17 Jun 2026 00:02:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:c0:44:91:bd:b9:e7:2d:6a:f0:e0:b0:8b:e6:01:25:fc:3c:5b:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 13 00:10:29 2026 GMT Not After : Aug 11 23:59:59 2026 GMT Subject: serialNumber=12f32128a2e26c83ec641a29ce8c1ed8f421f97ea69ff7f7fced6d25fac92791, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:27:19:44:ba:ab:5a:b8:93:53:27:fc:0e:d3: bb:28:a8:6e:10:bb:53:bb:2c:40:88:73:ee:b8:f5: 1c:b7:c0:9b:6e:5a:34:c0:d0:0f:be:dd:ba:b8:c5: eb:cc:3c:2b:ea:d4:bf:95:b3:7f:32:66:16:24:9a: 11:59:a2:39:7c:56:97:9b:dc:d6:b7:ac:bd:7a:0a: 59:f1:3a:44:47:01:1b:88:3d:76:c0:7e:3c:39:71: 6e:92:87:01:56:18:a5:67:ad:b1:35:3e:ee:dd:c3: 36:ea:b8:92:59:85:52:b2:d8:2c:4a:f2:f4:cc:62: 96:b1:14:52:f2:cc:7f:89:65:4b:c7:54:37:81:06: ed:8c:c5:a9:e0:fe:fd:a8:53:fa:e0:55:4e:99:64: 3b:19:9f:4d:71:9d:c7:e2:b9:f0:fd:16:39:7f:b9: 06:12:74:95:3b:3d:4b:d9:8a:d3:62:bc:f0:c2:8e: df:b9:c4:e7:f6:78:b7:10:e6:33:d7:35:e9:59:e0: 2f:b8:4f:42:84:30:60:e7:4a:ec:1a:4e:fa:d3:61: 20:f3:f1:37:6d:03:32:84:6d:06:c9:c2:15:d9:13: 50:6b:47:ef:4e:d8:cd:3a:8e:a0:38:22:ad:56:eb: f9:06:0d:e9:32:89:f7:26:7d:7e:2f:5e:d6:44:72: a1:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:BE:64:0B:E6:EE:57:F6:7B:79:8C:31:ED:49:44:84:71:0B:49:35 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc3a69bc-0d8b-4438-9290-7f41f5935e42.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf8:b000::/40 Signature Algorithm: sha256WithRSAEncryption a9:0a:9c:6b:d3:d8:5c:74:e3:0d:eb:27:a5:09:ca:88:9a:80: f8:32:a6:d9:7b:c1:86:25:ac:8e:55:17:08:e1:cf:84:df:44: ba:34:3b:dc:96:fd:4b:34:ec:5e:47:9d:d6:4b:f3:48:10:57: b9:90:17:e3:05:fd:01:39:75:23:6c:75:c9:bb:22:5d:89:ae: ee:71:29:0a:b4:14:99:cd:5c:0e:d8:e9:3f:08:a6:e8:36:36: a6:f8:65:24:71:2b:04:43:61:f1:27:bf:f0:4a:ab:d5:f0:c8: 8f:37:99:be:b0:3a:a2:6c:1d:af:e6:38:be:6f:34:56:65:a8: 81:dc:f6:8b:b9:4f:00:8f:8f:ff:e3:bd:e1:4a:39:50:76:0b: 9f:01:2b:e9:b7:fd:b0:23:9a:2f:bd:15:2e:be:f6:e1:2d:f2: 61:8e:e0:a6:fd:cd:e9:75:cb:00:ea:75:95:66:bf:30:73:22: 98:81:2f:1a:6f:63:e0:eb:05:98:32:56:88:1f:ed:41:32:d4: ae:ce:e5:91:77:3a:83:e7:46:f9:ee:5b:40:82:c4:11:54:95: 48:9f:75:4a:f9:dd:02:66:47:5a:fd:20:a7:c2:66:91:6f:bb: 72:e2:b1:41:fd:6c:3e:72:55:80:79:41:44:74:3e:42:cf:90: b9:ff:f5:94 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUPsBEkb255y1q8OCwi+YBJfw8W5YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMzAwMTAyOVoX DTI2MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAMTJmMzIxMjhhMmUyNmM4M2VjNjQx YTI5Y2U4YzFlZDhmNDIxZjk3ZWE2OWZmN2Y3ZmNlZDZkMjVmYWM5Mjc5MTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCcZRLqrWriTUyf8DtO7KKhuELtT uyxAiHPuuPUct8Cbblo0wNAPvt26uMXrzDwr6tS/lbN/MmYWJJoRWaI5fFaXm9zW t6y9egpZ8TpERwEbiD12wH48OXFukocBVhilZ62xNT7u3cM26riSWYVSstgsSvL0 zGKWsRRS8sx/iWVLx1Q3gQbtjMWp4P79qFP64FVOmWQ7GZ9NcZ3H4rnw/RY5f7kG EnSVOz1L2YrTYrzwwo7fucTn9ni3EOYz1zXpWeAvuE9ChDBg50rsGk7602Eg8/E3 bQMyhG0GycIV2RNQa0fvTtjNOo6gOCKtVuv5Bg3pMon3Jn1+L17WRHKhwQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEK+ZAvm7lf2e3mMMe1JRIRxC0k1MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RjM2E2OWJjLTBkOGItNDQzOC05MjkwLTdmNDFmNTkzNWU0Mi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+LAwDQYJKoZIhvcNAQELBQADggEBAKkKnGvT2Fx04w3rJ6UJ yoiagPgyptl7wYYlrI5VFwjhz4TfRLo0O9yW/Us07F5HndZL80gQV7mQF+MF/QE5 dSNsdcm7Il2Jru5xKQq0FJnNXA7Y6T8Ipug2Nqb4ZSRxKwRDYfEnv/BKq9XwyI83 mb6wOqJsHa/mOL5vNFZlqIHc9ou5TwCPj//jveFKOVB2C58BK+m3/bAjmi+9FS6+ 9uEt8mGO4Kb9zel1ywDqdZVmvzBzIpiBLxpvY+DrBZgyVogf7UEy1K7O5ZF3OoPn RvnuW0CCxBFUlUifdUr53QJmR1r9IKfCZpFvu3LisUH9bD5yVYB5QUR0PkLPkLn/ 9ZQ= -----END CERTIFICATE-----Generated at Sat Jun 13 10:28:32 2026 by rpki-client