$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa File: cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa (raw, json) Hash identifier: KpdoMD0r6LzGsIFEnqxHdIGwAQfhLRI49qdtI7ZZKXk= Subject key identifier: C0:DD:C3:A6:35:74:0E:14:0F:52:E1:B5:42:C5:16:96:71:B7:D1:8F Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 2F7B4B53D60FC26449AF2834249A279A83A6FB94 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa Signing time: Thu 14 May 2026 00:00:43 +0000 ROA not before: Thu 14 May 2026 00:00:43 +0000 ROA not after: Wed 12 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 43.250.192.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 04 Jun 2026 00:04:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:7b:4b:53:d6:0f:c2:64:49:af:28:34:24:9a:27:9a:83:a6:fb:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: May 14 00:00:43 2026 GMT Not After : Aug 12 23:59:59 2026 GMT Subject: serialNumber=0920211608ee5dbf0f4c3a17f727257929de36b9183f9ab917c9ea551f99d149, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:f4:fd:13:7f:ba:18:e2:bc:91:9f:e6:a5:7b: 55:c5:32:da:bb:a5:ac:7f:91:00:e2:f8:2b:ab:83: 83:46:cd:2d:dc:12:b1:63:d0:40:52:eb:4a:a8:0f: 41:99:fe:ed:89:d3:c2:dc:62:a9:8d:5d:b7:f0:55: 14:73:0b:b0:b6:be:97:cf:74:0e:34:fe:09:f6:40: 38:57:32:7d:1d:d1:9b:65:e0:02:e4:ea:81:68:7d: 23:ba:ef:c4:83:4b:16:fe:d8:28:d2:df:53:da:d6: 0c:37:2c:e7:d9:18:c2:e5:ee:5d:25:92:30:a2:ad: 33:2d:dc:d9:c4:d8:82:da:d3:6b:44:b8:73:e1:68: 09:38:3d:76:ed:db:4e:9a:4b:21:7f:b2:03:8a:d0: 97:45:fc:3a:e6:23:ed:4b:7c:14:cc:d2:54:c8:6e: 99:36:e1:be:4f:7b:75:65:4a:3d:ea:27:3d:48:e9: 64:c8:00:5b:69:ac:61:94:91:e1:8e:9c:ab:3c:cd: a7:b9:b9:ee:08:92:32:d8:10:86:b6:02:6c:4a:3c: d5:fd:31:c8:bd:5c:ce:33:7f:f1:48:5c:b7:52:08: 27:d9:e2:bd:6b:1a:72:6d:2e:fe:10:40:bf:4b:b0: 6f:8e:db:b1:a0:2c:77:49:b3:3f:75:84:1f:e3:83: e7:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:DD:C3:A6:35:74:0E:14:0F:52:E1:B5:42:C5:16:96:71:B7:D1:8F X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.192.0/22 Signature Algorithm: sha256WithRSAEncryption 4e:d1:56:a4:04:c6:b5:b8:59:0c:5a:74:da:b0:b8:0d:c9:b8: 64:3c:b7:c0:9c:b4:f3:fc:c0:b3:19:22:63:6b:d1:d0:cc:5b: b7:e4:32:07:68:98:38:b2:3a:2e:bd:2f:dc:e5:48:ba:3a:1a: 83:ba:3c:39:ae:3a:75:76:80:fc:a6:74:7e:df:b4:2f:44:d6: 3c:6b:54:c4:b3:e2:4d:8f:1b:e7:37:11:0b:30:6e:87:13:7b: b5:f4:1f:8a:7d:66:83:f2:29:b2:5f:ae:e1:af:b4:d6:38:cb: d9:fb:92:67:c1:24:9c:43:27:e7:17:ca:d4:99:90:27:d8:f4: 67:25:26:3c:21:93:bd:d1:0f:db:c8:2c:09:ed:2a:b7:5b:5a: 5f:8c:a0:94:be:12:57:9b:b3:31:a8:04:b5:a7:7c:e4:cf:9a: b0:b3:5f:41:83:20:45:6d:6c:d7:fd:63:99:85:4b:da:3f:a8: 03:38:c4:33:a7:a2:78:c1:2e:ed:b2:3d:d4:ee:db:56:ab:74: 1e:4e:ea:d7:97:69:b3:c8:08:73:2f:33:f8:cf:d4:e3:70:3c: 09:fc:ec:06:80:6b:18:3e:d2:61:cb:8c:fc:d0:27:48:83:c4: df:f8:c3:0b:88:fb:7d:49:24:17:97:5e:9b:2f:5f:46:0a:be: 63:2e:8f:db -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUL3tLU9YPwmRJryg0JJonmoOm+5QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI2MDUxNDAwMDA0M1oX DTI2MDgxMjIzNTk1OVowejFJMEcGA1UEBRNAMDkyMDIxMTYwOGVlNWRiZjBmNGMz YTE3ZjcyNzI1NzkyOWRlMzZiOTE4M2Y5YWI5MTdjOWVhNTUxZjk5ZDE0OTEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0PT9E3+6GOK8kZ/mpXtVxTLau6Ws f5EA4vgrq4ODRs0t3BKxY9BAUutKqA9Bmf7tidPC3GKpjV238FUUcwuwtr6Xz3QO NP4J9kA4VzJ9HdGbZeAC5OqBaH0juu/Eg0sW/tgo0t9T2tYMNyzn2RjC5e5dJZIw oq0zLdzZxNiC2tNrRLhz4WgJOD127dtOmkshf7IDitCXRfw65iPtS3wUzNJUyG6Z NuG+T3t1ZUo96ic9SOlkyABbaaxhlJHhjpyrPM2nubnuCJIy2BCGtgJsSjzV/THI vVzOM3/xSFy3Uggn2eK9axpybS7+EEC/S7BvjtuxoCx3SbM/dYQf44Pn0wIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFMDdw6Y1dA4UD1LhtULFFpZxt9GPMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2NiMmU1YThjLTIxZjEtNDY3OS1hMzcyLTYxNzczMmZjM2VhNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/rAMA0GCSqGSIb3DQEBCwUAA4IBAQBO0VakBMa1uFkMWnTasLgN ybhkPLfAnLTz/MCzGSJja9HQzFu35DIHaJg4sjouvS/c5Ui6OhqDujw5rjp1doD8 pnR+37QvRNY8a1TEs+JNjxvnNxELMG6HE3u19B+KfWaD8imyX67hr7TWOMvZ+5Jn wSScQyfnF8rUmZAn2PRnJSY8IZO90Q/byCwJ7Sq3W1pfjKCUvhJXm7MxqAS1p3zk z5qws19BgyBFbWzX/WOZhUvaP6gDOMQzp6J4wS7tsj3U7ttWq3QeTurXl2mzyAhz LzP4z9TjcDwJ/OwGgGsYPtJhy4z80CdIg8Tf+MMLiPt9SSQXl16bL19GCr5jLo/b -----END CERTIFICATE-----Generated at Sun May 31 19:23:18 2026 by rpki-client