$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/00971cda-f8a5-49a0-a1dc-2285c68a8e9f.roa File: 00971cda-f8a5-49a0-a1dc-2285c68a8e9f.roa (raw, json) Hash identifier: XwlvhXzLRo6aaGb1TUakMpKA+JswQs2J3VZE0CqJF4Y= Subject key identifier: 01:78:F4:9D:18:0B:3A:36:EB:B3:AE:1D:22:8C:8D:47:09:33:6C:92 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5CBA97DA48CB23301FB78D0D9178B1C8DF10F1F9 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/00971cda-f8a5-49a0-a1dc-2285c68a8e9f.roa Signing time: Wed 13 May 2026 00:00:10 +0000 ROA not before: Wed 13 May 2026 00:00:10 +0000 ROA not after: Tue 11 Aug 2026 23:59:59 +0000 asID: 14618 IP address blocks: 43.200.0.0/13 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 May 2026 00:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:ba:97:da:48:cb:23:30:1f:b7:8d:0d:91:78:b1:c8:df:10:f1:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 13 00:00:10 2026 GMT Not After : Aug 11 23:59:59 2026 GMT Subject: serialNumber=8b253750b9fab569cd13f24574570804d272f820cdab44daa8cb654c9387bd1c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:3d:31:c0:1f:ec:b8:09:43:2c:fa:9e:25:e2: 9e:04:37:e4:73:79:ae:d3:3e:c9:a4:d8:3b:ab:5e: dd:7c:f2:34:0c:f5:27:ec:cf:bb:2b:e5:aa:1d:f7: eb:7b:65:ce:28:ff:13:dc:c9:10:8d:e0:78:1f:e7: bd:56:6a:3b:ea:90:8c:da:24:6c:77:8b:b3:df:57: 5b:6d:28:a8:ac:c6:d6:7b:1b:6f:ce:2b:e6:71:a4: 61:71:50:8a:fc:18:50:ca:97:b5:2b:91:81:61:24: cd:0e:7c:c7:96:21:65:e4:d9:f1:27:3d:9a:e4:88: f5:50:ab:3b:ab:49:6e:c2:19:07:07:3f:62:6d:1b: 94:19:3e:6e:b0:81:02:44:78:7d:5f:d0:30:02:e3: 82:a6:05:51:55:3e:93:d0:26:2f:9a:78:45:50:6d: 7e:54:c2:82:d1:31:98:75:f3:af:10:86:71:0a:08: 0d:4f:4e:71:2a:e5:1f:51:19:99:5b:79:c5:b3:de: 00:5d:6e:38:a4:a9:28:bd:eb:ba:6b:31:b1:83:d4: 54:75:1b:46:7c:cf:90:5b:0e:27:c2:3b:83:e6:6b: d4:eb:4e:fb:4b:ac:e7:d2:a1:08:e9:c7:98:a2:83: dc:a6:60:aa:83:93:c9:33:67:62:da:93:fb:66:b3: f5:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:78:F4:9D:18:0B:3A:36:EB:B3:AE:1D:22:8C:8D:47:09:33:6C:92 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/00971cda-f8a5-49a0-a1dc-2285c68a8e9f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.200.0.0/13 Signature Algorithm: sha256WithRSAEncryption 65:d9:51:dc:0b:aa:a0:a4:ea:1b:76:32:d1:ee:87:9d:f8:ca: 0f:ee:57:4e:1b:9a:2f:e5:55:bc:b9:1a:26:f6:5f:d7:9a:db: 5a:b1:c2:64:c6:54:ee:8c:e0:01:19:27:49:bc:b3:ab:f0:17: 5f:94:e9:16:f4:be:ee:60:4b:e2:3b:a8:fa:ad:17:31:dc:71: 8d:7e:40:88:4d:3e:94:c1:41:6a:ae:ef:96:38:34:f1:b6:a3: ae:60:6d:ce:f0:1f:bd:5d:be:ab:5e:b9:07:9c:47:c6:b7:38: 73:ad:49:b9:44:77:91:e6:9f:d4:d5:65:0f:86:65:6a:96:53: d6:79:62:af:18:f5:53:c8:e7:3c:ae:27:cd:f2:90:ab:a8:9e: 8a:3b:ad:68:1d:6d:be:14:16:89:ba:ef:09:68:ff:95:6d:a0: f8:c2:f3:40:de:79:42:4e:f6:2b:66:32:08:90:51:80:4b:ee: ec:59:3d:e3:2d:94:07:51:72:21:34:bd:09:44:9a:dc:72:e1: ea:1d:19:56:ce:b9:b8:61:37:6a:f0:1b:f9:39:68:41:5b:e2: c4:b0:8d:97:27:ea:d9:ea:dd:08:34:de:52:a4:c0:e8:4b:c2: 9b:1a:5c:83:f6:df:94:35:9e:71:cc:2f:1e:83:cb:d5:bb:9d: ab:bf:6e:19 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUXLqX2kjLIzAft40NkXixyN8Q8fkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMzAwMDAxMFoX DTI2MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAOGIyNTM3NTBiOWZhYjU2OWNkMTNm MjQ1NzQ1NzA4MDRkMjcyZjgyMGNkYWI0NGRhYThjYjY1NGM5Mzg3YmQxYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsT0xwB/suAlDLPqeJeKeBDfkc3mu 0z7JpNg7q17dfPI0DPUn7M+7K+WqHffre2XOKP8T3MkQjeB4H+e9Vmo76pCM2iRs d4uz31dbbSiorMbWextvzivmcaRhcVCK/BhQype1K5GBYSTNDnzHliFl5NnxJz2a 5Ij1UKs7q0luwhkHBz9ibRuUGT5usIECRHh9X9AwAuOCpgVRVT6T0CYvmnhFUG1+ VMKC0TGYdfOvEIZxCggNT05xKuUfURmZW3nFs94AXW44pKkoveu6azGxg9RUdRtG fM+QWw4nwjuD5mvU6077S6zn0qEI6ceYooPcpmCqg5PJM2di2pP7ZrP1xwIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFAF49J0YCzo267OuHSKMjUcJM2ySMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzAwOTcxY2RhLWY4YTUtNDlhMC1hMWRjLTIyODVjNjhhOGU5Zi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMDK8gwDQYJKoZIhvcNAQELBQADggEBAGXZUdwLqqCk6ht2MtHuh534 yg/uV04bmi/lVby5Gib2X9ea21qxwmTGVO6M4AEZJ0m8s6vwF1+U6Rb0vu5gS+I7 qPqtFzHccY1+QIhNPpTBQWqu75Y4NPG2o65gbc7wH71dvqteuQecR8a3OHOtSblE d5Hmn9TVZQ+GZWqWU9Z5Yq8Y9VPI5zyuJ83ykKuonoo7rWgdbb4UFom67wlo/5Vt oPjC80DeeUJO9itmMgiQUYBL7uxZPeMtlAdRciE0vQlEmtxy4eodGVbOubhhN2rw G/k5aEFb4sSwjZcn6tnq3Qg03lKkwOhLwpsaXIP235Q1nnHMLx6Dy9W7nau/bhk= -----END CERTIFICATE-----Generated at Fri May 22 14:19:09 2026 by rpki-client