$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c759ed47-7de1-4858-b207-c77b1f7d2c35.roa File: c759ed47-7de1-4858-b207-c77b1f7d2c35.roa (raw, json) Hash identifier: v1mQhaNBHeRZZGpSLqsBO85ZyIKKsq5mINVtSm5DapU= Subject key identifier: A7:D3:32:5A:30:3E:F3:C5:98:5B:3E:B1:D0:DC:80:59:5B:93:AA:18 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 615B03ECB0925BB2AF7BEEC1238438C358B27CCF Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c759ed47-7de1-4858-b207-c77b1f7d2c35.roa Signing time: Fri 15 May 2026 00:10:06 +0000 ROA not before: Fri 15 May 2026 00:10:06 +0000 ROA not after: Thu 13 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 103.21.240.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Jun 2026 00:04:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:5b:03:ec:b0:92:5b:b2:af:7b:ee:c1:23:84:38:c3:58:b2:7c:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: May 15 00:10:06 2026 GMT Not After : Aug 13 23:59:59 2026 GMT Subject: serialNumber=ec8d1967861b3b1f50d4aec49479444c890c675e93fee231c868bb07ed5a376b, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:bc:bc:66:69:c3:6b:a8:32:8d:8b:20:d8:d6: d4:06:1e:35:f4:72:5f:72:ae:85:61:aa:d3:35:fc: f8:dc:b7:79:61:0d:53:88:51:27:69:5b:ff:b9:60: 06:9d:90:a8:20:40:fa:f5:55:32:73:42:26:0c:18: 8e:8f:c2:3a:6d:57:85:ef:05:79:1c:4a:3f:51:08: 11:26:d6:b6:9d:90:ab:4b:ce:f3:49:a6:ac:97:54: 39:7c:67:8f:d1:12:12:5b:04:81:ff:82:02:0d:aa: e4:dd:72:01:6f:f4:1a:22:f5:11:34:7b:a1:ec:a6: 55:a3:35:47:0c:8f:53:56:91:c4:e4:10:8c:cd:dc: 3b:6c:f1:aa:05:b2:7a:67:81:ab:cd:ab:78:12:02: 62:8c:77:6c:9f:79:04:cb:7d:31:c5:1d:f4:3c:af: 9d:90:ef:fd:2c:ba:67:bd:05:ec:df:3a:a7:02:68: 28:07:f1:9d:12:cf:7a:e9:04:5e:6a:1f:c6:71:e5: bb:81:be:bf:47:7e:94:26:ce:23:c3:14:01:29:33: d4:0b:d9:6c:23:3d:0f:cf:a6:19:19:35:cd:da:ad: e6:40:d3:ae:2b:61:58:56:48:9d:88:2b:54:fb:01: db:0b:05:b3:93:58:01:0c:6f:6a:b2:8a:f8:fa:c2: 4d:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:D3:32:5A:30:3E:F3:C5:98:5B:3E:B1:D0:DC:80:59:5B:93:AA:18 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c759ed47-7de1-4858-b207-c77b1f7d2c35.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.21.240.0/22 Signature Algorithm: sha256WithRSAEncryption 9e:c4:92:11:a2:db:c3:59:05:24:c8:ca:d3:00:db:ee:12:0b: af:08:a4:ba:16:04:98:0c:7d:16:86:4a:a4:a0:8f:51:9b:a5: 85:80:e0:95:93:6a:c6:5d:9c:1d:71:42:b6:6b:21:c8:fc:12: d7:07:c4:da:c2:96:63:20:76:fa:9d:5a:ac:77:3c:e8:74:f8: 8e:59:81:17:e3:59:ef:cd:b8:7c:4b:85:66:18:5b:dd:7b:72: f2:96:df:c7:83:d6:e3:69:14:f5:81:39:76:7b:d1:99:b0:55: c4:25:58:d3:34:28:41:65:d8:b4:99:31:5c:f2:7a:c5:cb:fe: 20:dd:d1:07:e7:c0:b6:22:d8:01:6f:ce:b1:ad:fc:b1:58:9f: e1:30:b4:3a:d7:ad:11:5d:60:ef:27:c4:40:47:b6:b5:08:8a: 5c:9d:a1:55:75:34:40:68:d8:14:a2:55:b1:2e:fa:98:9e:84: 15:14:0a:3b:a3:32:c9:b8:6d:06:b3:82:ed:18:ea:45:76:c8: 14:53:dc:d6:97:c9:f8:a6:6e:ed:0d:2e:85:0c:0d:b4:a4:fb: f4:12:65:98:25:9f:7e:a4:d6:c3:ab:69:87:ef:21:4a:59:9f: 38:3e:c7:22:8d:4d:56:fa:ee:7c:88:a0:b6:23:d3:ff:85:2a: 45:cc:e7:15 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUYVsD7LCSW7Kve+7BI4Q4w1iyfM8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI2MDUxNTAwMTAwNloX DTI2MDgxMzIzNTk1OVowejFJMEcGA1UEBRNAZWM4ZDE5Njc4NjFiM2IxZjUwZDRh ZWM0OTQ3OTQ0NGM4OTBjNjc1ZTkzZmVlMjMxYzg2OGJiMDdlZDVhMzc2YjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA37y8ZmnDa6gyjYsg2NbUBh419HJf cq6FYarTNfz43Ld5YQ1TiFEnaVv/uWAGnZCoIED69VUyc0ImDBiOj8I6bVeF7wV5 HEo/UQgRJta2nZCrS87zSaasl1Q5fGeP0RISWwSB/4ICDark3XIBb/QaIvURNHuh 7KZVozVHDI9TVpHE5BCMzdw7bPGqBbJ6Z4Grzat4EgJijHdsn3kEy30xxR30PK+d kO/9LLpnvQXs3zqnAmgoB/GdEs966QReah/GceW7gb6/R36UJs4jwxQBKTPUC9ls Iz0Pz6YZGTXN2q3mQNOuK2FYVkidiCtU+wHbCwWzk1gBDG9qsor4+sJNqwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFKfTMlowPvPFmFs+sdDcgFlbk6oYMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2M3NTllZDQ3LTdkZTEtNDg1OC1iMjA3LWM3N2IxZjdkMmMzNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCZxXwMA0GCSqGSIb3DQEBCwUAA4IBAQCexJIRotvDWQUkyMrTANvu EguvCKS6FgSYDH0WhkqkoI9Rm6WFgOCVk2rGXZwdcUK2ayHI/BLXB8TawpZjIHb6 nVqsdzzodPiOWYEX41nvzbh8S4VmGFvde3Lylt/Hg9bjaRT1gTl2e9GZsFXEJVjT NChBZdi0mTFc8nrFy/4g3dEH58C2ItgBb86xrfyxWJ/hMLQ6160RXWDvJ8RAR7a1 CIpcnaFVdTRAaNgUolWxLvqYnoQVFAo7ozLJuG0Gs4LtGOpFdsgUU9zWl8n4pm7t DS6FDA20pPv0EmWYJZ9+pNbDq2mH7yFKWZ84PscijU1W+u58iKC2I9P/hSpFzOcV -----END CERTIFICATE-----Generated at Thu Jun 4 22:19:15 2026 by rpki-client