$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/15f0df98-8d36-4eb8-8d73-6075251475ae.roa File: 15f0df98-8d36-4eb8-8d73-6075251475ae.roa (raw, json) Hash identifier: 9G3k3doFMJE7mK024xGMYbiJ3vAfCKpls9hCjm1pBAo= Subject key identifier: 33:56:14:8A:7C:A1:D5:E3:00:79:18:5E:11:93:2E:27:1C:33:FD:88 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6D352AFF1A0563FCD3D984B004FE1EB73BB1DCEC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/15f0df98-8d36-4eb8-8d73-6075251475ae.roa Signing time: Wed 13 May 2026 00:21:13 +0000 ROA not before: Wed 13 May 2026 00:21:13 +0000 ROA not after: Tue 11 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 43.220.0.0/15 maxlen: 15 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 17 Jun 2026 00:02:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:35:2a:ff:1a:05:63:fc:d3:d9:84:b0:04:fe:1e:b7:3b:b1:dc:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 13 00:21:13 2026 GMT Not After : Aug 11 23:59:59 2026 GMT Subject: serialNumber=a893ee261e99fd43c0d26b600cc3f8ff11d3a0b58dd496396e8a5351cf7bb282, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:36:73:d6:f5:b3:35:ab:7a:7c:66:6b:c4:bc: 9d:44:fe:74:a5:95:7a:66:f5:e4:db:18:e1:f6:a0: be:98:2d:c5:91:72:f5:bc:f5:92:b6:57:a0:a4:90: f8:d1:bf:cd:44:15:74:d5:da:e8:24:2c:b1:30:7b: d2:05:99:76:a9:a3:3d:13:dc:78:52:c6:9d:bd:3a: fd:50:56:ad:8d:89:6b:16:6d:2c:4e:3d:76:97:14: ac:af:23:18:1e:bc:2e:d0:a4:50:74:d3:a7:d6:2f: a2:1e:39:b8:4b:fb:14:57:50:be:09:cd:65:bf:20: ad:e8:a8:19:ea:83:53:4b:c3:51:d3:d5:5c:76:61: e9:55:0e:ba:fa:0f:c2:c2:d6:40:ab:82:8b:ae:a7: e9:92:dc:d0:f7:b1:29:43:3a:84:9e:22:e3:1a:ab: 4f:d3:f1:2e:35:0e:75:7b:ac:23:82:52:ac:e8:92: 65:8e:c0:a2:77:d3:73:03:0e:fe:f8:7c:77:15:0c: 9d:e3:c0:24:2e:84:36:b5:3c:cb:82:59:df:6e:88: 72:0f:58:f7:72:be:33:72:d3:71:5a:68:c0:a3:a7: c1:c9:4d:a3:ae:e8:b5:d3:06:03:40:a9:95:f5:06: c7:67:ce:e7:c7:16:b5:06:b9:84:c1:12:4c:a4:7c: dc:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:56:14:8A:7C:A1:D5:E3:00:79:18:5E:11:93:2E:27:1C:33:FD:88 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/15f0df98-8d36-4eb8-8d73-6075251475ae.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.220.0.0/15 Signature Algorithm: sha256WithRSAEncryption 92:4b:d9:05:af:81:cf:fa:10:30:36:02:f6:8c:c5:e8:4c:b3: 05:00:92:e2:09:54:b1:8c:7c:0d:b9:d9:be:80:00:34:51:a4: 96:26:c6:f7:ff:d9:fe:3f:68:64:fa:2a:14:60:6a:7a:7c:fd: 93:f9:cf:7f:32:ab:95:be:d9:2b:da:97:17:02:1c:3f:e6:63: 7d:e1:45:c9:86:93:45:06:fe:ac:77:27:08:bc:3c:e2:39:74: d9:8f:8b:4f:ce:8f:1f:ff:8a:f9:dc:8f:15:e0:e2:4d:c0:c0: ce:08:35:31:62:ad:34:a9:2a:85:c1:5a:4e:b8:a1:32:99:22: f6:8d:63:44:d5:0a:ce:26:00:2f:9d:16:aa:a1:2f:c6:00:75: 5a:31:f5:27:1e:29:ea:68:91:15:04:0d:8d:22:98:de:79:72: 65:00:04:79:56:ba:d0:09:63:b1:92:d5:18:1e:0c:66:cd:81: b5:ea:7a:2a:99:1b:05:66:f6:c1:77:73:f9:c3:b1:7e:c6:ea: 8c:ac:b6:f3:ca:2d:4f:e2:9e:35:07:5d:cf:3b:f0:fd:d7:af: 6e:cb:37:60:85:38:57:27:60:fd:fc:30:60:b1:15:04:8e:e9: 2d:95:55:2e:48:41:1f:a8:a9:8b:81:bd:db:52:8a:23:78:91: 89:4c:bd:40 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUbTUq/xoFY/zT2YSwBP4etzux3OwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMzAwMjExM1oX DTI2MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAYTg5M2VlMjYxZTk5ZmQ0M2MwZDI2 YjYwMGNjM2Y4ZmYxMWQzYTBiNThkZDQ5NjM5NmU4YTUzNTFjZjdiYjI4MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzZz1vWzNat6fGZrxLydRP50pZV6 ZvXk2xjh9qC+mC3FkXL1vPWStlegpJD40b/NRBV01droJCyxMHvSBZl2qaM9E9x4 UsadvTr9UFatjYlrFm0sTj12lxSsryMYHrwu0KRQdNOn1i+iHjm4S/sUV1C+Cc1l vyCt6KgZ6oNTS8NR09VcdmHpVQ66+g/CwtZAq4KLrqfpktzQ97EpQzqEniLjGqtP 0/EuNQ51e6wjglKs6JJljsCid9NzAw7++Hx3FQyd48AkLoQ2tTzLglnfbohyD1j3 cr4zctNxWmjAo6fByU2jrui10wYDQKmV9QbHZ87nxxa1BrmEwRJMpHzcTwIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFDNWFIp8odXjAHkYXhGTLiccM/2IMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzE1ZjBkZjk4LThkMzYtNGViOC04ZDczLTYwNzUyNTE0NzVhZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMBK9wwDQYJKoZIhvcNAQELBQADggEBAJJL2QWvgc/6EDA2AvaMxehM swUAkuIJVLGMfA252b6AADRRpJYmxvf/2f4/aGT6KhRganp8/ZP5z38yq5W+2Sva lxcCHD/mY33hRcmGk0UG/qx3Jwi8POI5dNmPi0/Ojx//ivncjxXg4k3AwM4INTFi rTSpKoXBWk64oTKZIvaNY0TVCs4mAC+dFqqhL8YAdVox9SceKepokRUEDY0imN55 cmUABHlWutAJY7GS1RgeDGbNgbXqeiqZGwVm9sF3c/nDsX7G6oystvPKLU/injUH Xc878P3Xr27LN2CFOFcnYP38MGCxFQSO6S2VVS5IQR+oqYuBvdtSiiN4kYlMvUA= -----END CERTIFICATE-----Generated at Sat Jun 13 09:18:10 2026 by rpki-client