$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/427017ca-fc05-4df1-9de8-dc6182848704.roa File: 427017ca-fc05-4df1-9de8-dc6182848704.roa (raw, json) Hash identifier: 7f/sPKcrSY/XXvviJSmy0M3H/wzzhPbKZPSJ090Os1M= Subject key identifier: 9D:1F:93:A6:D4:F8:2E:DE:61:9E:AD:D3:D1:FA:63:D8:79:84:E7:EC Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 15202838FF0CD9285134AF7ADB833DBD98CB81FA Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/427017ca-fc05-4df1-9de8-dc6182848704.roa Signing time: Wed 13 May 2026 00:21:14 +0000 ROA not before: Wed 13 May 2026 00:21:14 +0000 ROA not after: Tue 11 Aug 2026 23:59:59 +0000 asID: 8987 IP address blocks: 43.198.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 17 May 2026 00:31:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:20:28:38:ff:0c:d9:28:51:34:af:7a:db:83:3d:bd:98:cb:81:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 13 00:21:14 2026 GMT Not After : Aug 11 23:59:59 2026 GMT Subject: serialNumber=864380f1a9aa290a9610ff81fe0c251bc349b00624b4a19fa2277f0d393e17fc, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:62:e9:f1:84:fa:1b:34:8f:c2:e0:6f:4c:0c: 5f:d7:d7:e9:82:98:55:a8:c2:6a:43:8d:f3:4c:d6: d1:67:3d:a8:4e:d5:78:80:26:f1:ff:b0:b2:e8:19: 8b:df:6d:c2:14:40:2e:7d:51:86:7f:da:86:98:85: 52:85:1e:f9:4d:7e:6d:e8:88:e9:02:cd:bd:89:63: 15:45:09:3b:39:e1:f4:08:1a:dd:81:94:0a:4c:3b: ad:4b:59:96:e9:5c:5a:eb:41:80:c5:b1:d4:38:ea: c0:29:b4:81:22:61:c7:24:81:e3:e8:57:aa:ce:8a: 9c:d6:cb:51:c1:56:4f:d6:f0:dc:6b:6a:ca:8b:ca: a1:84:50:2e:b4:95:a1:b2:78:14:3f:5b:aa:05:2a: da:68:95:41:88:c8:f7:2c:7a:a3:79:12:ac:58:be: 0d:3b:a6:af:20:3a:9c:37:6d:77:d2:db:fb:f7:35: 0d:53:36:4e:39:46:25:1f:1d:2a:c5:7d:9a:c6:69: 37:56:be:1e:e4:7b:5c:da:db:85:82:36:87:d5:dd: 6c:7c:59:19:50:af:97:70:23:e1:0b:fe:00:59:6b: c4:f2:08:9e:60:37:c7:d8:bf:a8:6a:cc:3c:92:d5: 55:4e:37:58:87:50:ad:5a:7a:96:c3:e9:1c:c5:6f: 9c:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:1F:93:A6:D4:F8:2E:DE:61:9E:AD:D3:D1:FA:63:D8:79:84:E7:EC X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/427017ca-fc05-4df1-9de8-dc6182848704.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.198.0.0/15 Signature Algorithm: sha256WithRSAEncryption 1e:57:b2:c6:44:0c:4b:0f:1c:0c:9e:9b:76:a9:70:5a:b0:ae: b9:f5:ae:a1:cc:53:00:62:33:c5:bc:fa:0d:f8:03:18:22:a7: 53:09:50:e6:6c:5b:69:7c:18:12:5f:36:39:fe:8b:f8:91:07: c3:51:6e:1b:f8:98:2b:32:ee:27:34:64:96:b0:e6:6e:15:5c: 51:c0:1f:d8:d4:aa:60:29:94:37:b2:38:e7:f0:1d:e2:b4:42: 3d:e9:f7:ff:89:ba:07:88:97:52:1d:11:6a:28:6e:bb:f0:6f: 20:72:27:e0:b3:df:c4:f6:d3:09:f4:26:8d:6a:b1:d6:ba:a0: 10:98:a6:49:20:bd:1e:5d:ea:0a:d8:ec:b0:85:d0:bb:1b:b3: 32:7f:1b:62:4b:16:44:b9:db:f9:dc:68:f8:48:b9:1d:08:97: c9:cf:70:93:28:02:9b:0e:f8:9c:91:8a:76:a2:71:ce:b2:98: 34:6e:d1:17:60:cd:73:41:68:50:52:e8:6b:c8:c9:10:24:73: 32:d2:c7:75:2e:a0:2f:5c:85:eb:10:15:22:d7:bb:1e:e7:e2: f5:91:3d:f8:34:9c:d2:84:26:93:50:58:c6:a7:5a:78:3c:03: a1:a5:5b:52:b1:d8:af:be:cc:53:b2:0b:b0:7f:7f:4c:e8:98: 21:06:97:55 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUFSAoOP8M2ShRNK9624M9vZjLgfowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMzAwMjExNFoX DTI2MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAODY0MzgwZjFhOWFhMjkwYTk2MTBm ZjgxZmUwYzI1MWJjMzQ5YjAwNjI0YjRhMTlmYTIyNzdmMGQzOTNlMTdmYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2Lp8YT6GzSPwuBvTAxf19fpgphV qMJqQ43zTNbRZz2oTtV4gCbx/7Cy6BmL323CFEAufVGGf9qGmIVShR75TX5t6Ijp As29iWMVRQk7OeH0CBrdgZQKTDutS1mW6Vxa60GAxbHUOOrAKbSBImHHJIHj6Feq zoqc1stRwVZP1vDca2rKi8qhhFAutJWhsngUP1uqBSraaJVBiMj3LHqjeRKsWL4N O6avIDqcN2130tv79zUNUzZOOUYlHx0qxX2axmk3Vr4e5Htc2tuFgjaH1d1sfFkZ UK+XcCPhC/4AWWvE8gieYDfH2L+oasw8ktVVTjdYh1CtWnqWw+kcxW+cZwIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFJ0fk6bU+C7eYZ6t09H6Y9h5hOfsMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQyNzAxN2NhLWZjMDUtNGRmMS05ZGU4LWRjNjE4Mjg0ODcwNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMBK8YwDQYJKoZIhvcNAQELBQADggEBAB5XssZEDEsPHAyem3apcFqw rrn1rqHMUwBiM8W8+g34Axgip1MJUOZsW2l8GBJfNjn+i/iRB8NRbhv4mCsy7ic0 ZJaw5m4VXFHAH9jUqmAplDeyOOfwHeK0Qj3p9/+JugeIl1IdEWoobrvwbyByJ+Cz 38T20wn0Jo1qsda6oBCYpkkgvR5d6grY7LCF0LsbszJ/G2JLFkS52/ncaPhIuR0I l8nPcJMoApsO+JyRinaicc6ymDRu0RdgzXNBaFBS6GvIyRAkczLSx3UuoC9chesQ FSLXux7n4vWRPfg0nNKEJpNQWManWng8A6GlW1Kx2K++zFOyC7B/f0zomCEGl1U= -----END CERTIFICATE-----Generated at Wed May 13 09:41:09 2026 by rpki-client