$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/0c5c54ff-f977-4b96-8ce9-a1eaf082fe9c.roa File: 0c5c54ff-f977-4b96-8ce9-a1eaf082fe9c.roa (raw, json) Hash identifier: 5JBx3U3yROg9e1Wa4wZ6pBktVXmoZ2pDGJ03dT+dcwg= Subject key identifier: D2:9D:3D:D7:FE:C1:DE:2B:1A:3E:98:93:B0:C2:92:E7:D8:34:04:BC Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 0AF9E0EA799DBE101CDEBC846FBCE8793A8DF530 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/0c5c54ff-f977-4b96-8ce9-a1eaf082fe9c.roa Signing time: Fri 15 May 2026 00:00:38 +0000 ROA not before: Fri 15 May 2026 00:00:38 +0000 ROA not after: Thu 13 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.232.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 May 2026 00:01:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:f9:e0:ea:79:9d:be:10:1c:de:bc:84:6f:bc:e8:79:3a:8d:f5:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: May 15 00:00:38 2026 GMT Not After : Aug 13 23:59:59 2026 GMT Subject: serialNumber=442fde447f9c95dd5c7d6b6fc576feac3fc7bd8a4a953b6d35b9874e3aa92025, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:44:7e:fa:71:68:5d:ad:56:7e:45:96:09:a1: 93:fe:56:d7:3c:d4:39:13:c4:f3:cd:1e:27:33:16: 63:1e:7c:2b:7c:be:3a:bc:7b:9f:f4:e4:80:0b:a2: 32:33:bd:f6:81:a3:ee:8e:20:1f:e4:82:ca:7e:86: d4:85:9f:2e:c6:1b:91:46:75:18:19:e1:77:69:65: 70:51:61:90:83:6c:20:f7:a0:53:1a:79:3c:43:aa: d7:9a:4a:a1:b4:d3:9c:8a:f3:3c:b2:a5:8c:fe:1f: 87:5e:56:b7:ac:63:8c:7d:d7:1c:cf:40:32:5f:5d: 8a:b6:ba:08:60:ee:80:84:3e:42:a0:29:98:8c:7a: cd:4e:70:98:52:69:ab:0d:70:e7:0e:79:c3:07:4b: c0:19:3d:50:e8:1a:fa:3b:41:38:03:12:ef:15:87: 37:cb:af:cc:6c:c3:33:32:04:2a:26:6f:76:3c:a3: 65:c7:33:dc:3a:95:03:19:3f:c2:65:49:1c:73:20: e9:7b:e9:2b:44:f8:85:fc:b5:78:97:95:cb:b3:b9: f2:86:58:38:da:2d:3d:28:08:06:8f:86:7c:bb:1e: b0:7f:ce:79:ef:9b:69:ad:c7:d4:49:d3:3d:ce:60: 89:ae:ea:67:cd:f5:45:f1:91:65:2a:47:9f:e6:5a: 29:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:9D:3D:D7:FE:C1:DE:2B:1A:3E:98:93:B0:C2:92:E7:D8:34:04:BC X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/0c5c54ff-f977-4b96-8ce9-a1eaf082fe9c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.232.0/22 Signature Algorithm: sha256WithRSAEncryption 95:3e:7a:b5:3d:81:45:c4:a8:53:15:fa:60:5a:82:83:82:43: ce:af:ca:0b:b4:84:45:e7:f0:de:4e:54:32:96:ed:9e:82:14: 3a:5d:e5:03:88:0d:c5:75:61:f0:9b:94:b5:38:46:37:d9:b5: f5:3e:95:0d:00:6e:d8:d7:a0:98:63:78:c1:ca:c1:06:91:67: 79:27:e1:a9:98:31:d1:1d:d9:1f:d8:f4:64:74:4d:ff:44:1c: 57:bb:12:5c:92:55:4e:88:5e:04:25:62:ac:0c:bb:ac:0b:f6: 82:7b:14:9e:6c:40:ab:56:6e:f5:fa:2c:b9:bf:4a:61:d5:a6: f6:cc:90:b3:5f:77:56:3d:77:f1:fc:43:20:15:e7:2b:d0:95: 63:8f:1c:75:13:73:1a:1d:df:d1:fd:bd:35:1d:25:27:e4:9f: 05:10:ec:c7:f5:48:7a:c2:08:c3:e4:2e:ba:45:99:53:11:39: 65:52:16:19:c9:99:99:46:13:a8:e8:e9:26:94:42:61:e1:0e: 59:75:94:ff:40:db:2e:dd:92:22:0b:30:59:e5:7c:99:39:39: 9b:fe:3f:15:ab:cd:b7:8a:5f:73:d5:5f:7f:3a:4b:d3:49:b8: f9:f3:c3:c7:f2:5c:62:79:cb:43:8f:cf:f3:b4:2a:3a:22:e1: 35:b0:e9:93 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUCvng6nmdvhAc3ryEb7zoeTqN9TAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI2MDUxNTAwMDAzOFoX DTI2MDgxMzIzNTk1OVowejFJMEcGA1UEBRNANDQyZmRlNDQ3ZjljOTVkZDVjN2Q2 YjZmYzU3NmZlYWMzZmM3YmQ4YTRhOTUzYjZkMzViOTg3NGUzYWE5MjAyNTEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUR++nFoXa1WfkWWCaGT/lbXPNQ5 E8TzzR4nMxZjHnwrfL46vHuf9OSAC6IyM732gaPujiAf5ILKfobUhZ8uxhuRRnUY GeF3aWVwUWGQg2wg96BTGnk8Q6rXmkqhtNOcivM8sqWM/h+HXla3rGOMfdccz0Ay X12KtroIYO6AhD5CoCmYjHrNTnCYUmmrDXDnDnnDB0vAGT1Q6Br6O0E4AxLvFYc3 y6/MbMMzMgQqJm92PKNlxzPcOpUDGT/CZUkccyDpe+krRPiF/LV4l5XLs7nyhlg4 2i09KAgGj4Z8ux6wf85575tprcfUSdM9zmCJrupnzfVF8ZFlKkef5lopXwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFNKdPdf+wd4rGj6Yk7DCkufYNAS8MB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzBjNWM1NGZmLWY5NzctNGI5Ni04Y2U5LWExZWFmMDgyZmU5Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCrynoMA0GCSqGSIb3DQEBCwUAA4IBAQCVPnq1PYFFxKhTFfpgWoKD gkPOr8oLtIRF5/DeTlQylu2eghQ6XeUDiA3FdWHwm5S1OEY32bX1PpUNAG7Y16CY Y3jBysEGkWd5J+GpmDHRHdkf2PRkdE3/RBxXuxJcklVOiF4EJWKsDLusC/aCexSe bECrVm71+iy5v0ph1ab2zJCzX3dWPXfx/EMgFecr0JVjjxx1E3MaHd/R/b01HSUn 5J8FEOzH9Uh6wgjD5C66RZlTETllUhYZyZmZRhOo6OkmlEJh4Q5ZdZT/QNsu3ZIi CzBZ5XyZOTmb/j8Vq823il9z1V9/OkvTSbj588PH8lxiectDj8/ztCo6IuE1sOmT -----END CERTIFICATE-----Generated at Thu May 21 11:13:56 2026 by rpki-client