$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0bce91dc-229b-42a7-9c92-722aa69f577e.roa File: 0bce91dc-229b-42a7-9c92-722aa69f577e.roa (raw, json) Hash identifier: r55DRj8NTurun1G6gdfymmzqwj3kROVq1q+noBAwsAI= Subject key identifier: 32:F7:03:A6:94:E1:89:61:1A:63:BB:8F:6A:A6:EB:EF:A8:E9:44:D8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5AFB533C36C43CA0C141AD358724F17429DD0EEC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0bce91dc-229b-42a7-9c92-722aa69f577e.roa Signing time: Wed 13 May 2026 00:21:13 +0000 ROA not before: Wed 13 May 2026 00:21:13 +0000 ROA not after: Tue 11 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 43.198.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 17 Jun 2026 00:02:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:fb:53:3c:36:c4:3c:a0:c1:41:ad:35:87:24:f1:74:29:dd:0e:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 13 00:21:13 2026 GMT Not After : Aug 11 23:59:59 2026 GMT Subject: serialNumber=f6eead839b2950c89dd26faf3a3f4f6be85f7c1bbb7be8e73b1844582f779096, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:1f:47:4d:6d:ae:c4:41:a6:46:6c:93:56:0c: 31:4c:b9:27:d0:c5:e8:d2:2b:52:6e:60:3d:3b:dd: 2b:48:e1:09:e7:23:c4:6f:97:ba:3d:1b:cd:b0:a3: 94:fc:fc:8d:e7:fa:ba:92:f8:92:30:be:d6:8c:f2: 5f:c7:f0:b5:eb:a8:51:86:54:81:c5:02:0d:bc:2b: b8:87:f7:91:19:c9:b2:0f:8d:02:47:16:29:74:33: 74:ae:76:1e:6b:35:2f:97:18:3c:f2:f8:4e:86:aa: 00:95:a0:fe:55:50:54:68:eb:55:b9:f1:6e:1c:79: cd:bc:6b:31:04:4a:ef:0f:bf:3d:d2:36:70:50:c4: 7c:26:1f:ba:7d:e2:8f:d3:ce:7c:82:d9:d9:c9:54: 9e:e1:40:55:29:88:18:0e:2b:3c:b6:d6:cc:fd:43: 86:96:3f:54:c2:b3:85:3c:b0:f3:a7:77:08:2d:f2: ba:cf:de:50:1d:b5:a4:5c:d2:15:76:24:81:22:f6: 74:fb:1c:48:61:b2:bf:7f:d4:aa:09:f5:0c:03:3b: 35:0b:c9:1b:d2:a0:74:f8:c5:c5:98:db:24:db:57: 97:55:f1:55:7c:89:9f:71:fe:cd:99:56:9d:56:83: 96:ab:d5:01:b7:ee:79:29:fe:27:f2:6e:a1:22:13: 2b:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:F7:03:A6:94:E1:89:61:1A:63:BB:8F:6A:A6:EB:EF:A8:E9:44:D8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0bce91dc-229b-42a7-9c92-722aa69f577e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.198.0.0/15 Signature Algorithm: sha256WithRSAEncryption 57:03:77:de:21:e7:b9:e0:73:34:92:ea:48:60:09:8a:a6:98: e8:20:13:42:fd:b2:f6:77:6a:92:b9:25:ca:c2:7b:19:8d:b7: ff:cd:e2:d2:a7:dd:7d:28:9c:16:ce:26:21:5d:b8:4f:5d:dd: b1:48:ee:ef:8f:75:93:7b:d4:ab:95:13:7a:a1:6c:fd:e2:a2: 63:2a:38:55:36:73:7b:64:1a:72:c1:00:99:b6:e0:ff:23:01: 2b:e7:75:9d:fe:0a:ce:9d:e7:09:14:62:b3:1f:c5:f9:30:62: c1:da:69:93:5a:76:59:ba:30:07:00:63:95:93:6b:33:c3:9c: fa:ef:28:2a:49:be:6f:ea:be:e6:ec:fb:e4:30:11:28:29:70: 7b:7a:19:e4:d5:af:f7:c9:82:f9:99:6c:51:7e:8c:ee:a5:2a: 99:c0:28:33:de:ba:91:d3:76:29:79:a9:87:db:74:72:01:0c: f5:98:fc:1c:34:f6:eb:07:dd:67:c7:84:c1:71:1d:eb:d3:b6: 4c:21:8a:d5:7a:e7:96:49:64:c5:00:bf:5f:f0:26:01:cd:4a: ff:83:e5:1b:53:7a:ff:b1:e2:ca:ce:0b:75:9e:96:c6:84:67: 86:e9:b3:21:d7:64:55:64:f4:99:55:7c:de:80:34:42:7a:1e: 48:9c:ce:e9 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUWvtTPDbEPKDBQa01hyTxdCndDuwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMzAwMjExM1oX DTI2MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAZjZlZWFkODM5YjI5NTBjODlkZDI2 ZmFmM2EzZjRmNmJlODVmN2MxYmJiN2JlOGU3M2IxODQ0NTgyZjc3OTA5NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApB9HTW2uxEGmRmyTVgwxTLkn0MXo 0itSbmA9O90rSOEJ5yPEb5e6PRvNsKOU/PyN5/q6kviSML7WjPJfx/C166hRhlSB xQINvCu4h/eRGcmyD40CRxYpdDN0rnYeazUvlxg88vhOhqoAlaD+VVBUaOtVufFu HHnNvGsxBErvD7890jZwUMR8Jh+6feKP0858gtnZyVSe4UBVKYgYDis8ttbM/UOG lj9UwrOFPLDzp3cILfK6z95QHbWkXNIVdiSBIvZ0+xxIYbK/f9SqCfUMAzs1C8kb 0qB0+MXFmNsk21eXVfFVfImfcf7NmVadVoOWq9UBt+55Kf4n8m6hIhMrywIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFDL3A6aU4YlhGmO7j2qm6++o6UTYMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzBiY2U5MWRjLTIyOWItNDJhNy05YzkyLTcyMmFhNjlmNTc3ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMBK8YwDQYJKoZIhvcNAQELBQADggEBAFcDd94h57ngczSS6khgCYqm mOggE0L9svZ3apK5JcrCexmNt//N4tKn3X0onBbOJiFduE9d3bFI7u+PdZN71KuV E3qhbP3iomMqOFU2c3tkGnLBAJm24P8jASvndZ3+Cs6d5wkUYrMfxfkwYsHaaZNa dlm6MAcAY5WTazPDnPrvKCpJvm/qvubs++QwESgpcHt6GeTVr/fJgvmZbFF+jO6l KpnAKDPeupHTdil5qYfbdHIBDPWY/Bw09usH3WfHhMFxHevTtkwhitV655ZJZMUA v1/wJgHNSv+D5RtTev+x4srOC3WelsaEZ4bpsyHXZFVk9JlVfN6ANEJ6Hkiczuk= -----END CERTIFICATE-----Generated at Sat Jun 13 08:02:45 2026 by rpki-client