$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/35dfb33f-b7b9-4028-af5b-c36bf54a49e8.roa File: 35dfb33f-b7b9-4028-af5b-c36bf54a49e8.roa (raw, json) Hash identifier: lvzhdPTIrTw/thA2dds6+WrF+CPYQG0SEiXXP71V0JU= Subject key identifier: A1:1E:7C:2F:AF:2E:7C:2F:A4:3F:3F:39:90:3F:82:AE:56:34:E9:9D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 512DBEAFACB5D4BE57532959F25C6373BBC77502 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/35dfb33f-b7b9-4028-af5b-c36bf54a49e8.roa Signing time: Wed 13 May 2026 00:00:10 +0000 ROA not before: Wed 13 May 2026 00:00:10 +0000 ROA not after: Tue 11 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 43.200.0.0/13 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 17 Jun 2026 00:02:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:2d:be:af:ac:b5:d4:be:57:53:29:59:f2:5c:63:73:bb:c7:75:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 13 00:00:10 2026 GMT Not After : Aug 11 23:59:59 2026 GMT Subject: serialNumber=4f4a04b669b3a21d102aa187350b0ad2cc11307732eef14f60180935b359bca1, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:d4:4b:ac:7d:f8:c0:81:7a:7a:6f:26:db:4c: a1:67:88:7f:43:6f:ca:13:77:5d:d4:b0:db:ab:7b: 7c:78:7d:8b:cb:a5:12:c8:a2:1c:71:51:70:f2:f7: 49:0a:87:45:5a:9d:af:8a:24:97:aa:67:88:78:72: 93:bf:da:ac:09:e4:82:63:81:9f:16:e4:a4:1f:79: 3c:be:e3:7b:61:7d:99:f3:f8:7b:28:ed:c3:76:30: 6f:4e:4b:cf:28:02:b2:0d:ec:3b:1e:da:96:ce:07: 1c:1e:d7:cd:c9:30:13:93:81:68:fd:96:d4:c2:80: 8a:88:af:32:39:37:62:2f:e1:48:c6:84:0a:1d:25: 04:8b:2d:d6:21:55:ff:b2:f3:8c:e9:26:6e:46:f8: 7d:c5:fa:f9:24:20:46:b2:52:ff:21:04:f7:e6:49: 18:72:8f:dd:a9:be:fe:9d:d9:8f:9d:2b:cc:5d:fa: 7b:18:d9:19:79:e6:8b:13:ce:40:c1:13:70:5b:c2: 35:82:2c:a2:b0:f5:5e:c0:d7:f6:2a:78:7d:10:4f: bb:40:70:ac:5c:82:a4:18:96:99:56:b3:7b:a2:44: ad:a6:e0:ee:bf:3f:11:fd:54:d9:94:a0:13:55:52: c2:c2:dc:f6:25:60:91:81:d9:c8:6d:bf:7a:d4:fe: 9a:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:1E:7C:2F:AF:2E:7C:2F:A4:3F:3F:39:90:3F:82:AE:56:34:E9:9D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/35dfb33f-b7b9-4028-af5b-c36bf54a49e8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.200.0.0/13 Signature Algorithm: sha256WithRSAEncryption 93:47:c9:a8:16:a7:91:b8:e0:ef:6e:5d:7c:bc:fb:25:48:21: 86:84:a2:b4:d9:f6:f8:81:dc:da:e1:09:9e:fa:2c:e9:47:b8: 26:d8:9d:10:a0:43:65:2d:5f:d1:b2:c7:6c:0b:bb:34:47:fd: f0:55:7d:dc:81:14:37:f3:05:78:8c:f4:e0:b9:21:c2:35:7d: b6:34:8b:97:35:2d:35:43:de:3f:92:55:ef:0a:de:5a:5b:48: 42:21:6f:cb:b7:7a:65:1e:78:36:9c:3d:d4:51:31:1e:dc:f7: 20:36:a0:a7:80:13:bd:72:ec:4c:97:c5:d7:8c:8e:72:76:62: dc:b1:37:1d:ad:5f:83:19:cd:0c:c4:60:6b:63:0d:4d:d3:0c: a2:12:8b:f4:a4:a8:9b:d5:01:7c:90:e5:d9:d0:0f:49:74:cc: 5f:19:fe:f3:20:a2:61:e6:38:ad:05:22:5f:3e:3b:ca:ec:cc: 64:67:89:67:b6:04:b0:5f:31:41:c7:09:dd:91:57:5e:07:9e: fb:23:c7:2d:1b:73:5f:8a:f4:b7:df:7f:bc:48:4a:f0:bb:aa: 3a:a2:2e:29:37:f4:7c:9b:1f:dc:da:cc:f6:45:b5:f4:ba:1e: c6:d4:20:8d:02:a6:0a:48:02:48:6f:40:34:bc:61:49:81:70: 1d:63:e0:8f -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUUS2+r6y11L5XUylZ8lxjc7vHdQIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMzAwMDAxMFoX DTI2MDgxMTIzNTk1OVowejFJMEcGA1UEBRNANGY0YTA0YjY2OWIzYTIxZDEwMmFh MTg3MzUwYjBhZDJjYzExMzA3NzMyZWVmMTRmNjAxODA5MzViMzU5YmNhMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAztRLrH34wIF6em8m20yhZ4h/Q2/K E3dd1LDbq3t8eH2Ly6USyKIccVFw8vdJCodFWp2viiSXqmeIeHKTv9qsCeSCY4Gf FuSkH3k8vuN7YX2Z8/h7KO3DdjBvTkvPKAKyDew7HtqWzgccHtfNyTATk4Fo/ZbU woCKiK8yOTdiL+FIxoQKHSUEiy3WIVX/svOM6SZuRvh9xfr5JCBGslL/IQT35kkY co/dqb7+ndmPnSvMXfp7GNkZeeaLE85AwRNwW8I1giyisPVewNf2Knh9EE+7QHCs XIKkGJaZVrN7okStpuDuvz8R/VTZlKATVVLCwtz2JWCRgdnIbb961P6aCwIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFKEefC+vLnwvpD8/OZA/gq5WNOmdMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzM1ZGZiMzNmLWI3YjktNDAyOC1hZjViLWMzNmJmNTRhNDllOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMDK8gwDQYJKoZIhvcNAQELBQADggEBAJNHyagWp5G44O9uXXy8+yVI IYaEorTZ9viB3NrhCZ76LOlHuCbYnRCgQ2UtX9Gyx2wLuzRH/fBVfdyBFDfzBXiM 9OC5IcI1fbY0i5c1LTVD3j+SVe8K3lpbSEIhb8u3emUeeDacPdRRMR7c9yA2oKeA E71y7EyXxdeMjnJ2YtyxNx2tX4MZzQzEYGtjDU3TDKISi/SkqJvVAXyQ5dnQD0l0 zF8Z/vMgomHmOK0FIl8+O8rszGRniWe2BLBfMUHHCd2RV14Hnvsjxy0bc1+K9Lff f7xISvC7qjqiLik39HybH9zazPZFtfS6HsbUII0CpgpIAkhvQDS8YUmBcB1j4I8= -----END CERTIFICATE-----Generated at Sat Jun 13 08:03:36 2026 by rpki-client