$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/49119734-9dbc-4bd4-98be-57e4ce078928.roa File: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (raw, json) Hash identifier: ixxf6ccd3osEyLmWkgkbiHVYyusTctrUjOhnPpMvlE4= Subject key identifier: 35:F8:0D:36:C9:62:30:45:FB:D9:9B:01:94:6B:5B:9E:2A:79:F6:BF Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 700E036C18BD8D5F8BA5B6A68AB52AC7C10205DF Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/49119734-9dbc-4bd4-98be-57e4ce078928.roa Signing time: Mon 27 Apr 2026 00:00:07 +0000 ROA not before: Mon 27 Apr 2026 00:00:07 +0000 ROA not after: Sun 26 Jul 2026 23:59:59 +0000 asID: 7224 IP address blocks: 43.224.76.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 May 2026 00:02:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:0e:03:6c:18:bd:8d:5f:8b:a5:b6:a6:8a:b5:2a:c7:c1:02:05:df Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Apr 27 00:00:07 2026 GMT Not After : Jul 26 23:59:59 2026 GMT Subject: serialNumber=c951382ec8a26e9c773cf07208245390befb7b5020df88799bd01d4a4d35fbee, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:ff:86:f6:9b:17:24:3e:dd:18:22:21:f1:f4: 13:66:09:0f:a0:38:b0:55:b3:3b:f5:1f:87:53:84: df:2c:f3:6e:12:e1:b9:58:c5:d9:1a:06:73:15:fd: ad:67:44:ad:2c:ec:2a:af:df:3b:ae:f6:5a:b6:a5: 5e:c5:fb:0c:46:78:37:7d:2b:a7:e7:d8:e8:06:0d: 53:60:ce:7f:26:5e:1a:25:df:be:5d:58:37:ef:e1: 52:89:da:ab:37:fe:a1:c5:67:fb:38:0a:8a:6a:18: 89:ec:c3:d2:66:ed:66:2c:53:1d:f4:e5:13:b4:70: 04:70:d0:05:dd:ed:2d:6f:93:65:ae:a7:3a:02:cc: b1:a9:6f:90:ae:ef:0a:38:4f:c0:35:d0:4d:ba:9d: 4e:ea:66:1b:d5:65:c0:1d:de:e4:cd:49:07:cd:d7: c0:7d:5c:5d:58:d7:a9:1e:90:1d:db:0a:d1:d0:ea: ce:07:79:bb:67:b1:b9:67:e1:df:99:8e:b2:3c:61: 53:54:aa:98:3c:4c:c4:70:01:33:ff:ac:4a:b1:91: 70:87:25:b2:18:f0:ae:f3:ac:c1:c6:c4:bf:97:0a: 24:24:8e:58:91:d5:8e:3c:54:70:79:97:5d:34:fb: a9:44:2a:41:37:34:ab:67:00:78:8d:a3:de:76:a8: 95:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:F8:0D:36:C9:62:30:45:FB:D9:9B:01:94:6B:5B:9E:2A:79:F6:BF X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/49119734-9dbc-4bd4-98be-57e4ce078928.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.224.76.0/22 Signature Algorithm: sha256WithRSAEncryption 45:bd:f5:0a:ba:52:92:46:7f:12:f1:60:af:56:a0:b5:e7:76: 2f:0f:5f:00:37:6f:49:5f:7a:88:ff:90:fd:a6:16:41:70:7d: 3b:04:c9:7b:c5:42:46:1e:2f:fd:64:d3:bf:90:4a:b6:e0:16: 79:31:dc:d4:c8:39:d5:2a:99:02:83:98:8c:df:f3:f5:af:c9: 0f:1a:26:ba:3c:a5:b4:1b:fb:99:a6:c3:bc:d8:04:2b:3f:b2: 3c:9e:ea:6e:ee:35:d4:04:c2:a2:21:35:5a:83:7c:bf:d7:61: 1b:13:b6:bd:ca:4c:eb:89:f5:3c:74:9a:f2:32:43:f1:f7:39: e3:02:d8:45:97:0b:6e:d8:01:67:bd:f1:3e:9f:bc:d3:3b:45: 43:45:76:b1:8e:21:0a:c2:37:41:8b:ca:ee:46:7b:1a:04:fb: 6d:ed:c5:d7:4f:61:6f:eb:8a:41:7c:6d:6b:18:10:dd:20:2e: 68:a5:71:e1:79:cf:b7:f3:74:07:b1:d6:a0:da:47:7f:08:00: e5:4d:21:86:63:b3:20:c8:e1:6f:8c:0c:a3:94:66:be:01:08: 04:4f:90:06:ad:bb:43:27:63:08:37:c8:e3:51:86:72:04:19: 98:ae:5e:1a:d4:01:c3:ee:eb:76:aa:a6:9f:5f:69:85:01:89: 8f:0d:6b:e3 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUcA4DbBi9jV+LpbamirUqx8ECBd8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI2MDQyNzAwMDAwN1oX DTI2MDcyNjIzNTk1OVowejFJMEcGA1UEBRNAYzk1MTM4MmVjOGEyNmU5Yzc3M2Nm MDcyMDgyNDUzOTBiZWZiN2I1MDIwZGY4ODc5OWJkMDFkNGE0ZDM1ZmJlZTEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5f+G9psXJD7dGCIh8fQTZgkPoDiw VbM79R+HU4TfLPNuEuG5WMXZGgZzFf2tZ0StLOwqr987rvZatqVexfsMRng3fSun 59joBg1TYM5/Jl4aJd++XVg37+FSidqrN/6hxWf7OAqKahiJ7MPSZu1mLFMd9OUT tHAEcNAF3e0tb5Nlrqc6AsyxqW+Qru8KOE/ANdBNup1O6mYb1WXAHd7kzUkHzdfA fVxdWNepHpAd2wrR0OrOB3m7Z7G5Z+HfmY6yPGFTVKqYPEzEcAEz/6xKsZFwhyWy GPCu86zBxsS/lwokJI5YkdWOPFRweZddNPupRCpBNzSrZwB4jaPedqiVNQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFDX4DTbJYjBF+9mbAZRrW54qefa/MB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi LzQ5MTE5NzM0LTlkYmMtNGJkNC05OGJlLTU3ZTRjZTA3ODkyOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK+BMMA0GCSqGSIb3DQEBCwUAA4IBAQBFvfUKulKSRn8S8WCvVqC1 53YvD18AN29JX3qI/5D9phZBcH07BMl7xUJGHi/9ZNO/kEq24BZ5MdzUyDnVKpkC g5iM3/P1r8kPGia6PKW0G/uZpsO82AQrP7I8nupu7jXUBMKiITVag3y/12EbE7a9 ykzrifU8dJryMkPx9znjAthFlwtu2AFnvfE+n7zTO0VDRXaxjiEKwjdBi8ruRnsa BPtt7cXXT2Fv64pBfG1rGBDdIC5opXHhec+383QHsdag2kd/CADlTSGGY7MgyOFv jAyjlGa+AQgET5AGrbtDJ2MIN8jjUYZyBBmYrl4a1AHD7ut2qqafX2mFAYmPDWvj -----END CERTIFICATE-----Generated at Mon May 4 19:15:15 2026 by rpki-client