$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b59fbe4-f242-4dbf-9964-15048c3da996.roa File: 9b59fbe4-f242-4dbf-9964-15048c3da996.roa (raw, json) Hash identifier: 8rTp6mbrD5rf+jzY3ic4O1UnEJSQtRUpgFi5WUndeBY= Subject key identifier: 2F:73:F2:0D:5D:DD:81:F6:97:BD:79:87:97:13:A1:7B:8C:A8:AC:2A Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 2A908A5D925A8297FDFCC245C61CF9C00777D37A Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b59fbe4-f242-4dbf-9964-15048c3da996.roa Signing time: Fri 15 May 2026 00:00:40 +0000 ROA not before: Fri 15 May 2026 00:00:40 +0000 ROA not after: Thu 13 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 103.4.8.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 May 2026 00:01:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:90:8a:5d:92:5a:82:97:fd:fc:c2:45:c6:1c:f9:c0:07:77:d3:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: May 15 00:00:40 2026 GMT Not After : Aug 13 23:59:59 2026 GMT Subject: serialNumber=aa63b4e0cc9785c8cca9dccd0712f426fca5a61e69e617088aab222300661f2f, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:d7:e4:82:bd:37:e0:61:03:86:74:e9:bb:43: 8d:0d:3d:58:bb:b2:cd:71:c2:59:54:99:46:d2:82: e1:0f:f9:90:84:83:23:d8:df:17:28:39:5c:c0:df: 49:d2:cc:79:41:47:01:1d:06:ca:0a:c0:97:83:85: 7b:2b:3f:cf:c3:ea:84:4a:47:4e:c9:22:9e:a8:e3: 4a:88:66:94:d8:25:91:a8:67:80:4e:6f:38:22:f7: c9:9e:62:aa:a2:fc:78:38:57:a5:ad:f6:dd:99:a7: 77:59:7f:7b:56:ef:af:2c:fc:96:05:6a:23:01:41: aa:e7:d3:7c:30:77:c7:07:ef:91:c6:9b:72:1b:81: 29:62:95:d1:1a:d4:39:6d:80:2e:4a:9e:78:3e:a3: 71:93:13:d7:bd:54:47:ae:8d:8f:c5:89:1a:31:a6: f2:13:91:3a:07:c8:51:7d:f7:69:f3:be:4f:82:30: 19:7c:1d:fb:32:63:4d:a3:b1:52:ae:5c:c3:6c:52: c2:56:21:79:a7:0c:a3:be:6b:56:3e:44:7a:f9:9d: a8:6f:2d:29:62:69:68:95:f6:c9:f5:68:9b:bd:e2: 99:7d:4c:ac:ef:dd:61:b9:7d:c4:e1:b6:b2:b3:24: 3b:32:cb:dc:6a:1a:c3:dd:8f:b8:f8:6a:98:c7:4a: 28:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:73:F2:0D:5D:DD:81:F6:97:BD:79:87:97:13:A1:7B:8C:A8:AC:2A X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b59fbe4-f242-4dbf-9964-15048c3da996.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.4.8.0/21 Signature Algorithm: sha256WithRSAEncryption 9a:30:da:bd:60:2e:92:81:35:a4:3a:b8:31:83:33:b3:26:cb: 94:b4:a2:2a:56:11:ea:fa:30:99:d0:1c:36:90:36:3d:39:6c: 79:99:51:16:01:fc:b7:93:4c:ef:e8:ee:49:cd:ac:75:4a:c3: f7:f3:a8:a7:38:05:d6:61:0c:d9:c3:23:02:c6:ca:44:30:0e: 50:8c:d5:f8:1d:4a:85:f3:6f:a1:1b:09:b8:96:a2:ec:c1:17: 46:b5:00:ce:d3:a2:b1:29:10:79:39:84:d6:93:c2:a9:94:04: 5e:0b:29:70:eb:cb:58:64:73:9d:77:fd:0e:8a:ec:f1:56:3e: b9:06:1e:f5:9d:3a:48:7a:67:65:b1:09:cd:ce:7a:01:8a:26: b7:e4:27:71:2e:d6:06:f9:f6:27:8d:a1:7e:3e:86:3c:47:94: 34:58:1b:0f:90:57:4b:49:3d:6f:d7:95:8e:80:d4:38:72:85: 2a:4b:b7:ac:f7:00:37:66:ee:b2:a8:d1:59:e1:82:7f:65:a6: fb:72:71:dd:66:39:0e:19:fc:6e:e3:19:6e:e0:cf:a4:51:0b: 48:d7:d1:df:94:66:ee:68:cb:47:c8:58:4e:5f:e6:1b:d7:3c: 05:f2:88:cf:08:04:c9:6f:50:1b:ad:d6:41:ee:c5:e2:6e:d5: e3:bf:43:ec -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUKpCKXZJagpf9/MJFxhz5wAd303owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI2MDUxNTAwMDA0MFoX DTI2MDgxMzIzNTk1OVowejFJMEcGA1UEBRNAYWE2M2I0ZTBjYzk3ODVjOGNjYTlk Y2NkMDcxMmY0MjZmY2E1YTYxZTY5ZTYxNzA4OGFhYjIyMjMwMDY2MWYyZjEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA59fkgr034GEDhnTpu0ONDT1Yu7LN ccJZVJlG0oLhD/mQhIMj2N8XKDlcwN9J0sx5QUcBHQbKCsCXg4V7Kz/Pw+qESkdO ySKeqONKiGaU2CWRqGeATm84IvfJnmKqovx4OFelrfbdmad3WX97Vu+vLPyWBWoj AUGq59N8MHfHB++RxptyG4EpYpXRGtQ5bYAuSp54PqNxkxPXvVRHro2PxYkaMaby E5E6B8hRffdp875PgjAZfB37MmNNo7FSrlzDbFLCViF5pwyjvmtWPkR6+Z2oby0p YmlolfbJ9WibveKZfUys791huX3E4baysyQ7MsvcahrD3Y+4+GqYx0oofQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFC9z8g1d3YH2l715h5cToXuMqKwqMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzliNTlmYmU0LWYyNDItNGRiZi05OTY0LTE1MDQ4YzNkYTk5Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDZwQIMA0GCSqGSIb3DQEBCwUAA4IBAQCaMNq9YC6SgTWkOrgxgzOz JsuUtKIqVhHq+jCZ0Bw2kDY9OWx5mVEWAfy3k0zv6O5Jzax1SsP386inOAXWYQzZ wyMCxspEMA5QjNX4HUqF82+hGwm4lqLswRdGtQDO06KxKRB5OYTWk8KplAReCylw 68tYZHOdd/0OiuzxVj65Bh71nTpIemdlsQnNznoBiia35CdxLtYG+fYnjaF+PoY8 R5Q0WBsPkFdLST1v15WOgNQ4coUqS7es9wA3Zu6yqNFZ4YJ/Zab7cnHdZjkOGfxu 4xlu4M+kUQtI19HflGbuaMtHyFhOX+Yb1zwF8ojPCATJb1AbrdZB7sXibtXjv0Ps -----END CERTIFICATE-----Generated at Thu May 21 11:13:56 2026 by rpki-client