$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0384c943-d0ac-4d4c-b5c3-a670c7e33c51.roa File: 0384c943-d0ac-4d4c-b5c3-a670c7e33c51.roa (raw, json) Hash identifier: G5nTAtxLSU9v+h3ojN+FQDv8WdMQWCKolTGxF1QyohQ= Subject key identifier: 98:F9:13:5D:23:67:68:59:82:BE:8E:AB:73:88:D3:52:D4:E4:22:D3 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4630B7E2B1FCD76CFFB74E0F4359D70984C87CE8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0384c943-d0ac-4d4c-b5c3-a670c7e33c51.roa Signing time: Fri 15 May 2026 00:00:50 +0000 ROA not before: Fri 15 May 2026 00:00:50 +0000 ROA not after: Thu 13 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 43.216.0.0/15 maxlen: 15 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 17 Jun 2026 00:02:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:30:b7:e2:b1:fc:d7:6c:ff:b7:4e:0f:43:59:d7:09:84:c8:7c:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 15 00:00:50 2026 GMT Not After : Aug 13 23:59:59 2026 GMT Subject: serialNumber=5409f80f1c214e505866a11fb29ddbfa5103c42ff9fe6ed8c70e4a8f73cd074b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:56:ba:8b:fd:8d:d0:c1:53:e0:5b:6d:5b:b3: b4:37:17:c6:01:58:06:5a:d8:a4:92:21:79:8f:0c: 21:aa:05:90:7e:ea:4c:13:c9:ca:e6:f9:d9:0a:d6: 2c:0c:47:96:4f:43:1f:ec:a8:75:58:70:1e:f0:97: 72:cf:32:cd:e5:8f:5a:96:15:78:fd:95:fd:32:b6: c3:8c:47:89:1a:29:8a:23:4e:5b:dc:03:11:73:53: 5d:48:3b:f5:45:e7:2e:f2:3a:5e:62:8d:39:b5:df: 9e:a0:e3:18:ec:4b:ae:e0:6f:fb:c4:f4:fe:ba:1c: c3:97:fc:b8:b7:21:fb:bd:5a:e6:c5:21:2a:11:63: b5:ce:b6:72:2f:93:4e:b0:8f:a0:33:b0:91:df:5c: 64:44:2d:14:14:b8:8d:7a:29:a1:1a:1c:09:ce:ac: c2:3e:c6:60:bf:db:19:4a:17:7c:d7:11:c0:76:fc: e8:9b:0d:0e:ba:85:79:62:1b:01:43:c6:2c:80:e3: 8e:9c:37:0b:51:cc:ed:4d:60:bc:16:36:f4:7b:3a: 34:eb:06:a8:29:1a:04:d5:20:1d:ff:b5:90:3c:f2: 86:36:f0:97:23:1b:e4:18:39:d4:63:d7:0a:d6:aa: 54:7c:1d:2f:94:a7:1f:ff:d4:6e:e1:6c:ca:f1:10: cf:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:F9:13:5D:23:67:68:59:82:BE:8E:AB:73:88:D3:52:D4:E4:22:D3 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0384c943-d0ac-4d4c-b5c3-a670c7e33c51.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.216.0.0/15 Signature Algorithm: sha256WithRSAEncryption 88:2a:cb:79:50:63:ac:91:a4:25:a4:3a:0e:ba:0d:d9:af:4c: 99:b9:7c:1e:9a:5c:51:4c:bb:72:80:4e:8b:d9:14:d7:50:27: e1:0f:e8:16:66:c4:61:3e:8a:a3:fe:07:33:e5:8e:76:2b:e4: bb:d3:9a:ae:ce:fc:47:fa:bd:6e:ad:42:50:f0:21:8f:ae:c4: b5:dc:2c:81:e6:6b:af:0a:74:9b:c9:6f:74:e8:24:6f:a2:3d: d6:7d:bb:d6:53:5e:a5:4a:f3:ec:43:20:2b:89:bd:0e:e7:23: 3b:c9:12:87:a4:9c:18:12:81:a2:e9:dc:3e:99:dd:48:33:db: dc:9c:ab:8a:e5:5b:d4:fa:aa:06:0a:81:31:ca:bd:62:cd:a0: eb:51:65:ee:f1:5e:23:40:6b:18:37:ef:6c:79:28:55:39:31: 9f:41:ed:5e:76:ab:0c:be:89:14:14:51:e7:e3:8f:b6:7a:f2: ac:c3:a8:8c:42:56:23:d6:5e:f7:1e:f4:3e:a5:1e:0f:47:0a: 57:aa:6c:cb:ba:27:27:e0:d7:0e:f9:00:61:8b:0e:cd:f9:c9: f4:55:3c:72:ec:77:6b:1e:58:b9:47:06:77:af:57:a9:11:7c: ae:f5:8a:01:40:c2:7c:1d:b7:ca:a0:97:10:00:bb:44:7d:29: 1b:ca:11:39 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIURjC34rH812z/t04PQ1nXCYTIfOgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxNTAwMDA1MFoX DTI2MDgxMzIzNTk1OVowejFJMEcGA1UEBRNANTQwOWY4MGYxYzIxNGU1MDU4NjZh MTFmYjI5ZGRiZmE1MTAzYzQyZmY5ZmU2ZWQ4YzcwZTRhOGY3M2NkMDc0YjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1a6i/2N0MFT4FttW7O0NxfGAVgG WtikkiF5jwwhqgWQfupME8nK5vnZCtYsDEeWT0Mf7Kh1WHAe8JdyzzLN5Y9alhV4 /ZX9MrbDjEeJGimKI05b3AMRc1NdSDv1Recu8jpeYo05td+eoOMY7Euu4G/7xPT+ uhzDl/y4tyH7vVrmxSEqEWO1zrZyL5NOsI+gM7CR31xkRC0UFLiNeimhGhwJzqzC PsZgv9sZShd81xHAdvzomw0OuoV5YhsBQ8YsgOOOnDcLUcztTWC8Fjb0ezo06wao KRoE1SAd/7WQPPKGNvCXIxvkGDnUY9cK1qpUfB0vlKcf/9Ru4WzK8RDPsQIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFJj5E10jZ2hZgr6Oq3OI01LU5CLTMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzAzODRjOTQzLWQwYWMtNGQ0Yy1iNWMzLWE2NzBjN2UzM2M1MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMBK9gwDQYJKoZIhvcNAQELBQADggEBAIgqy3lQY6yRpCWkOg66Ddmv TJm5fB6aXFFMu3KATovZFNdQJ+EP6BZmxGE+iqP+BzPljnYr5LvTmq7O/Ef6vW6t QlDwIY+uxLXcLIHma68KdJvJb3ToJG+iPdZ9u9ZTXqVK8+xDICuJvQ7nIzvJEoek nBgSgaLp3D6Z3Ugz29ycq4rlW9T6qgYKgTHKvWLNoOtRZe7xXiNAaxg372x5KFU5 MZ9B7V52qwy+iRQUUefjj7Z68qzDqIxCViPWXvce9D6lHg9HCleqbMu6Jyfg1w75 AGGLDs35yfRVPHLsd2seWLlHBnevV6kRfK71igFAwnwdt8qglxAAu0R9KRvKETk= -----END CERTIFICATE-----Generated at Sat Jun 13 09:16:32 2026 by rpki-client