$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/084fc721-60a4-414f-b72d-dc01788e0fc2.roa File: 084fc721-60a4-414f-b72d-dc01788e0fc2.roa (raw, json) Hash identifier: MmB9qHLTHHDR5eIpvksCk032g+rnScCVgksFOkTx1I0= Subject key identifier: 37:B0:D3:6F:13:AE:F9:45:39:4E:2C:12:D9:CE:B7:5B:17:AA:C8:D4 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5286A2C9729C1DA9616F14DD8FB3B09AF931B0AF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/084fc721-60a4-414f-b72d-dc01788e0fc2.roa Signing time: Fri 15 May 2026 00:10:33 +0000 ROA not before: Fri 15 May 2026 00:10:33 +0000 ROA not after: Thu 13 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 43.216.61.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 17 Jun 2026 00:02:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:86:a2:c9:72:9c:1d:a9:61:6f:14:dd:8f:b3:b0:9a:f9:31:b0:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 15 00:10:33 2026 GMT Not After : Aug 13 23:59:59 2026 GMT Subject: serialNumber=9a7720a9e72c77effee6a89688c76f2a3f7bb7d62d9a5a353afe8572ea533591, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:87:4d:06:1f:83:95:81:ab:7b:dc:68:71:c9:c6: 62:a1:c1:eb:28:1b:20:10:02:64:23:a4:6a:0f:f5: 0f:f9:2c:1d:92:af:33:aa:f3:ee:be:fa:5c:14:74: 94:4d:e7:64:90:17:0a:d2:18:66:60:68:7a:e7:ee: 37:25:7f:73:f0:9a:2c:57:44:9f:0a:1f:d9:12:10: e2:80:89:2b:91:d7:77:e8:8c:1a:7e:54:7d:46:77: 34:11:85:dc:8f:fd:73:e4:ff:62:c0:b0:30:f1:f3: 38:e4:5b:5c:d7:5d:c6:d4:f2:5a:23:88:3f:b9:ff: b4:ec:3b:5b:ea:e5:f7:7a:f3:e3:60:e3:6d:4f:54: 6e:cc:4a:45:2f:9e:12:a3:b1:0d:9a:33:8c:89:d8: bb:49:93:a1:ed:c1:95:18:d8:53:e0:5d:f0:b8:45: d7:f9:a0:95:4e:0c:42:d3:d8:37:96:10:c6:af:aa: d4:df:85:d7:49:a8:78:19:68:a7:46:66:e6:f2:fb: 4b:e6:d2:33:09:47:75:74:6c:ba:b2:b5:f6:27:85: 63:19:11:63:55:46:c9:02:cf:32:ac:8e:74:2a:3f: a7:00:a9:04:ff:2c:71:ea:bf:6e:3b:ee:2e:2e:13: 4b:98:f7:92:34:46:20:66:25:2b:f7:ef:b7:31:01: 02:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:B0:D3:6F:13:AE:F9:45:39:4E:2C:12:D9:CE:B7:5B:17:AA:C8:D4 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/084fc721-60a4-414f-b72d-dc01788e0fc2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.216.61.0/24 Signature Algorithm: sha256WithRSAEncryption c6:0c:e9:25:c1:e8:d9:b6:5e:7e:6a:2e:59:01:b5:ab:e9:ac: bd:53:88:0e:a1:5f:a2:f1:25:76:af:a2:a9:2d:15:b6:c5:9d: cc:99:70:10:3c:88:00:22:22:ad:c0:b6:79:1f:e2:a7:0f:42: 4e:e4:87:32:70:55:de:f2:dc:e6:01:e2:32:ae:27:90:67:d0: 62:d6:2e:94:1f:74:5b:1d:d5:54:3c:6a:82:92:8b:6d:d5:bd: 82:aa:15:f8:22:5c:7b:ed:07:bd:a5:c2:f6:7f:f5:ad:f0:04: 09:91:6a:6a:89:37:6d:f5:9f:14:62:66:03:69:0c:72:71:05: b0:be:d6:78:0d:af:9a:f4:5f:c5:be:32:89:ab:53:42:a5:c6: f9:57:62:5e:05:3a:a1:dc:b7:1b:2e:16:58:a4:81:7b:cb:3e: d7:92:5f:38:5d:61:35:e2:87:8d:a7:fa:dc:56:55:74:76:e6: e2:cc:f0:e3:12:ec:48:5f:c7:05:63:bc:14:da:c8:93:76:69: 1e:8f:7d:27:4f:1d:ff:67:08:2b:6e:d2:d9:ad:28:b0:9d:01: 99:b5:c3:88:a9:6e:8f:b3:cd:06:d6:89:70:a4:4f:b8:e2:48: 37:47:8f:a3:49:6f:14:cc:08:5c:24:c5:35:19:90:ac:22:f3: 07:8a:82:80 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUUoaiyXKcHalhbxTdj7OwmvkxsK8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxNTAwMTAzM1oX DTI2MDgxMzIzNTk1OVowejFJMEcGA1UEBRNAOWE3NzIwYTllNzJjNzdlZmZlZTZh ODk2ODhjNzZmMmEzZjdiYjdkNjJkOWE1YTM1M2FmZTg1NzJlYTUzMzU5MTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh00GH4OVgat73GhxycZiocHrKBsg EAJkI6RqD/UP+Swdkq8zqvPuvvpcFHSUTedkkBcK0hhmYGh65+43JX9z8JosV0Sf Ch/ZEhDigIkrkdd36IwaflR9Rnc0EYXcj/1z5P9iwLAw8fM45Ftc113G1PJaI4g/ uf+07Dtb6uX3evPjYONtT1RuzEpFL54So7ENmjOMidi7SZOh7cGVGNhT4F3wuEXX +aCVTgxC09g3lhDGr6rU34XXSah4GWinRmbm8vtL5tIzCUd1dGy6srX2J4VjGRFj VUbJAs8yrI50Kj+nAKkE/yxx6r9uO+4uLhNLmPeSNEYgZiUr9++3MQECwQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFDew028TrvlFOU4sEtnOt1sXqsjUMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzA4NGZjNzIxLTYwYTQtNDE0Zi1iNzJkLWRjMDE3ODhlMGZjMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9g9MA0GCSqGSIb3DQEBCwUAA4IBAQDGDOklwejZtl5+ai5ZAbWr 6ay9U4gOoV+i8SV2r6KpLRW2xZ3MmXAQPIgAIiKtwLZ5H+KnD0JO5IcycFXe8tzm AeIyrieQZ9Bi1i6UH3RbHdVUPGqCkott1b2CqhX4Ilx77Qe9pcL2f/Wt8AQJkWpq iTdt9Z8UYmYDaQxycQWwvtZ4Da+a9F/FvjKJq1NCpcb5V2JeBTqh3LcbLhZYpIF7 yz7Xkl84XWE14oeNp/rcVlV0dubizPDjEuxIX8cFY7wU2siTdmkej30nTx3/Zwgr btLZrSiwnQGZtcOIqW6Ps80G1olwpE+44kg3R4+jSW8UzAhcJMU1GZCsIvMHioKA -----END CERTIFICATE-----Generated at Sat Jun 13 10:25:56 2026 by rpki-client