$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4cb3e9f9-46a2-41eb-a4b7-75b53d791f33.roa File: 4cb3e9f9-46a2-41eb-a4b7-75b53d791f33.roa (raw, json) Hash identifier: e73sGTbu5FZ2lz0mPWzoXcq+IxeUu4jdraf1fBClxjY= Subject key identifier: 23:03:04:0C:BF:5E:24:20:26:4B:40:9E:08:FB:07:19:9E:6E:57:BD Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 1D314F132213069B404CAB1F1F93B2D5C49E01F9 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4cb3e9f9-46a2-41eb-a4b7-75b53d791f33.roa Signing time: Sat 16 May 2026 00:00:52 +0000 ROA not before: Sat 16 May 2026 00:00:52 +0000 ROA not after: Fri 14 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.200.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Jun 2026 00:07:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:31:4f:13:22:13:06:9b:40:4c:ab:1f:1f:93:b2:d5:c4:9e:01:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: May 16 00:00:52 2026 GMT Not After : Aug 14 23:59:59 2026 GMT Subject: serialNumber=8b15ad1bb32503ed567b15ed8164fa61045bb1b074dbb0187000d63440616a44, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:57:1c:44:5d:97:83:04:7f:b0:1d:2b:16:d8: 69:97:4b:1e:b1:c8:66:14:b9:f6:a9:df:c4:54:ae: db:f5:f5:f0:47:6d:f1:eb:d7:86:38:23:00:56:f7: 5b:9d:e0:57:16:d7:3d:dd:21:27:0d:f4:e8:e5:e5: 17:c9:22:f5:74:8e:31:0d:11:43:eb:d2:f2:a1:ce: b6:ca:21:80:e6:a7:2a:a5:8e:f0:a6:b3:b6:7e:d6: 93:56:78:0f:ea:a4:ae:b5:a2:d3:01:7f:cc:57:4b: 3f:e4:b9:8d:f7:28:43:a8:84:14:6b:74:40:68:18: 39:c8:ee:aa:a2:dc:75:f3:01:c6:d8:ee:8d:a0:76: fb:46:a1:09:2b:6c:88:4f:df:18:45:56:7b:71:72: 55:2f:31:06:71:2c:72:eb:e7:f0:dc:62:b0:46:3f: b8:53:82:9a:3a:a1:1b:38:90:39:da:35:e6:bf:11: 5b:e6:db:49:45:ea:fe:1f:7a:6d:c5:27:d2:33:c3: 56:5d:73:02:54:49:5d:2e:4b:81:ff:c0:2f:5a:01: 21:47:5a:75:7f:4c:29:7f:0d:e1:eb:01:46:e2:c4: 25:26:29:68:d7:e5:3c:fd:4c:d3:ab:19:17:df:d3: 89:1c:36:04:03:98:b8:f3:59:39:07:6c:18:2d:cd: f0:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:03:04:0C:BF:5E:24:20:26:4B:40:9E:08:FB:07:19:9E:6E:57:BD X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4cb3e9f9-46a2-41eb-a4b7-75b53d791f33.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.200.0/21 Signature Algorithm: sha256WithRSAEncryption 70:c5:b8:a5:5d:30:36:67:3f:0c:02:68:37:11:6b:fb:fa:64: a6:eb:78:ec:28:18:4d:ca:32:5f:a8:af:0b:41:e6:f1:27:5b: ca:dd:59:c5:5b:c5:d6:c1:e3:4f:47:89:e3:20:b6:e3:52:4e: 0b:8b:14:1b:6a:41:2a:fa:65:c0:d9:53:42:8e:f6:22:b1:95: 4c:a6:f5:56:b4:89:b3:be:19:83:6f:75:b8:b1:63:74:ca:68: ef:61:4e:f4:3f:d1:c7:91:7e:0e:f2:da:e1:cc:de:df:90:0d: 35:35:c2:8f:d4:76:ab:a7:98:68:ab:fb:3d:f7:6c:30:c1:af: 04:55:e5:8f:9e:a3:a8:9d:40:bf:22:06:ff:3d:45:a1:dc:84: c4:57:b8:df:69:bd:c0:6c:f8:a8:2c:c9:3e:49:86:5b:77:9d: 93:94:63:7a:37:31:e6:f3:49:cb:da:19:03:be:8c:bb:31:a0: cf:d4:90:0f:60:13:86:67:83:b0:36:1a:95:4b:5e:68:64:4c: 8c:eb:41:90:33:88:1a:6c:3d:a0:f0:c0:8a:5b:9a:26:f3:f3: ab:38:98:62:97:ec:cf:68:0d:65:2b:63:06:39:8b:d4:79:1a: db:c8:f4:70:2d:34:c1:08:28:dd:63:7d:49:26:55:d6:51:7c: c7:20:ad:1e -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUHTFPEyITBptATKsfH5Oy1cSeAfkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI2MDUxNjAwMDA1MloX DTI2MDgxNDIzNTk1OVowejFJMEcGA1UEBRNAOGIxNWFkMWJiMzI1MDNlZDU2N2Ix NWVkODE2NGZhNjEwNDViYjFiMDc0ZGJiMDE4NzAwMGQ2MzQ0MDYxNmE0NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy1ccRF2XgwR/sB0rFthpl0seschm FLn2qd/EVK7b9fXwR23x69eGOCMAVvdbneBXFtc93SEnDfTo5eUXySL1dI4xDRFD 69Lyoc62yiGA5qcqpY7wprO2ftaTVngP6qSutaLTAX/MV0s/5LmN9yhDqIQUa3RA aBg5yO6qotx18wHG2O6NoHb7RqEJK2yIT98YRVZ7cXJVLzEGcSxy6+fw3GKwRj+4 U4KaOqEbOJA52jXmvxFb5ttJRer+H3ptxSfSM8NWXXMCVEldLkuB/8AvWgEhR1p1 f0wpfw3h6wFG4sQlJilo1+U8/UzTqxkX39OJHDYEA5i481k5B2wYLc3wzwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFCMDBAy/XiQgJktAngj7Bxmeble9MB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRjYjNlOWY5LTQ2YTItNDFlYi1hNGI3LTc1YjUzZDc5MWYzMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDn/jIMA0GCSqGSIb3DQEBCwUAA4IBAQBwxbilXTA2Zz8MAmg3EWv7 +mSm63jsKBhNyjJfqK8LQebxJ1vK3VnFW8XWweNPR4njILbjUk4LixQbakEq+mXA 2VNCjvYisZVMpvVWtImzvhmDb3W4sWN0ymjvYU70P9HHkX4O8trhzN7fkA01NcKP 1Harp5hoq/s992wwwa8EVeWPnqOonUC/Igb/PUWh3ITEV7jfab3AbPioLMk+SYZb d52TlGN6NzHm80nL2hkDvoy7MaDP1JAPYBOGZ4OwNhqVS15oZEyM60GQM4gabD2g 8MCKW5om8/OrOJhil+zPaA1lK2MGOYvUeRrbyPRwLTTBCCjdY31JJlXWUXzHIK0e -----END CERTIFICATE-----Generated at Wed Jun 17 08:39:34 2026 by rpki-client