$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9489db20-95e0-4921-9118-b2516a901b12.roa File: 9489db20-95e0-4921-9118-b2516a901b12.roa (raw, json) Hash identifier: 7kXonUmnlp9qy7nx4BTzxPfU9HmZmsNx4fyaRHB996k= Subject key identifier: 45:C2:59:14:15:C6:E1:E1:47:93:CC:1B:9C:E2:4B:97:AD:BA:CB:16 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0736625C1D9C9CBF75AF1CEC20F1DC06B3AA5C6E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9489db20-95e0-4921-9118-b2516a901b12.roa Signing time: Fri 15 May 2026 00:00:11 +0000 ROA not before: Fri 15 May 2026 00:00:11 +0000 ROA not after: Thu 13 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 43.216.72.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 17 Jun 2026 00:02:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:36:62:5c:1d:9c:9c:bf:75:af:1c:ec:20:f1:dc:06:b3:aa:5c:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 15 00:00:11 2026 GMT Not After : Aug 13 23:59:59 2026 GMT Subject: serialNumber=026f348de4344df557d68a97a0ee403d06162e56e8b99ed444b31b072ba736cc, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:9c:b5:1a:20:c0:7e:f9:57:a1:e3:3b:e0:10: a3:c2:76:15:d6:e0:83:df:6d:57:be:f3:19:82:66: 86:d2:6f:c8:5f:d3:97:8d:f9:a1:5c:0e:61:c2:bb: 78:77:2a:e5:82:88:e7:75:11:a3:0f:f4:e1:6c:7b: ae:26:94:5d:be:12:1f:10:30:7e:0f:e0:de:dc:21: 7f:f4:9c:68:c3:ff:0a:f5:d8:52:42:de:3b:c0:0a: 4b:25:aa:b9:d0:6e:5f:e0:8d:ec:b4:d5:39:ec:e4: e8:4b:52:bd:ff:81:5d:02:35:b4:8d:b5:bf:a9:df: 4c:ba:c6:7b:57:f3:ab:5e:d9:b5:9a:13:d4:ee:0e: e3:02:50:0d:3a:57:20:e6:57:7d:ac:6f:71:8d:c5: ce:42:96:11:2f:5f:53:34:35:43:63:87:02:21:c0: 2e:f0:87:e3:56:ad:af:f7:bb:06:13:a7:c0:2f:fc: db:db:4c:32:3b:e5:ed:29:d7:d3:4b:18:b3:15:0d: 7f:d9:f9:56:12:ad:68:f1:a9:1a:a2:76:b5:e6:30: 4f:03:57:86:9a:73:f7:aa:3f:dc:4d:38:ed:af:86: f7:e5:e3:17:f0:76:a4:8d:b0:51:8a:8a:1c:2f:56: 0a:23:78:b3:ce:d0:af:61:00:ba:a1:0a:ea:28:7e: 4b:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:C2:59:14:15:C6:E1:E1:47:93:CC:1B:9C:E2:4B:97:AD:BA:CB:16 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9489db20-95e0-4921-9118-b2516a901b12.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.216.72.0/24 Signature Algorithm: sha256WithRSAEncryption 91:89:0b:0f:07:54:48:01:19:69:be:20:6a:1e:0f:6a:bb:ea: b8:84:8e:45:f2:29:56:6b:e5:28:32:cc:71:14:36:04:fe:ed: ad:32:68:49:df:85:2f:e4:f4:53:5e:b3:3c:2d:1f:ec:7a:e6: 88:89:65:77:6c:0d:71:d9:df:25:9c:6d:e6:04:fe:66:e2:9f: f6:9b:5c:64:36:4a:ff:b4:2a:bc:27:9c:2b:01:24:39:7d:5e: 76:23:f0:0f:71:14:5f:db:62:46:ae:90:21:cc:0b:30:48:b5: 8a:f9:30:6d:07:48:30:17:3f:bb:20:50:83:cf:8b:ba:f3:97: 04:a0:68:a5:b8:6b:4b:b2:bc:b8:49:95:d4:92:0d:04:e4:25: f3:eb:bd:79:9f:1c:b0:af:9c:ef:e4:05:83:93:c4:0b:79:02: b2:13:a5:b0:6a:d2:34:82:0b:45:37:b2:22:a4:5d:da:41:dd: 06:28:dd:50:f4:44:59:6c:e1:00:d5:d6:63:db:66:55:c6:5e: db:87:c7:4d:15:a8:b5:55:9f:7a:8e:8a:7c:73:14:5b:f9:6c: 12:05:48:81:ea:34:9f:eb:09:bc:71:a5:11:f6:d5:14:dc:99: d0:59:68:ad:82:b1:30:04:6d:ac:03:f2:63:f0:8e:12:33:5c: 18:40:22:1e -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUBzZiXB2cnL91rxzsIPHcBrOqXG4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxNTAwMDAxMVoX DTI2MDgxMzIzNTk1OVowejFJMEcGA1UEBRNAMDI2ZjM0OGRlNDM0NGRmNTU3ZDY4 YTk3YTBlZTQwM2QwNjE2MmU1NmU4Yjk5ZWQ0NDRiMzFiMDcyYmE3MzZjYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Zy1GiDAfvlXoeM74BCjwnYV1uCD 321XvvMZgmaG0m/IX9OXjfmhXA5hwrt4dyrlgojndRGjD/ThbHuuJpRdvhIfEDB+ D+De3CF/9Jxow/8K9dhSQt47wApLJaq50G5f4I3stNU57OToS1K9/4FdAjW0jbW/ qd9MusZ7V/OrXtm1mhPU7g7jAlANOlcg5ld9rG9xjcXOQpYRL19TNDVDY4cCIcAu 8IfjVq2v97sGE6fAL/zb20wyO+XtKdfTSxizFQ1/2flWEq1o8akaona15jBPA1eG mnP3qj/cTTjtr4b35eMX8HakjbBRioocL1YKI3izztCvYQC6oQrqKH5LbQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFEXCWRQVxuHhR5PMG5ziS5etussWMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzk0ODlkYjIwLTk1ZTAtNDkyMS05MTE4LWIyNTE2YTkwMWIxMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9hIMA0GCSqGSIb3DQEBCwUAA4IBAQCRiQsPB1RIARlpviBqHg9q u+q4hI5F8ilWa+UoMsxxFDYE/u2tMmhJ34Uv5PRTXrM8LR/seuaIiWV3bA1x2d8l nG3mBP5m4p/2m1xkNkr/tCq8J5wrASQ5fV52I/APcRRf22JGrpAhzAswSLWK+TBt B0gwFz+7IFCDz4u685cEoGiluGtLsry4SZXUkg0E5CXz6715nxywr5zv5AWDk8QL eQKyE6WwatI0ggtFN7IipF3aQd0GKN1Q9ERZbOEA1dZj22ZVxl7bh8dNFai1VZ96 jop8cxRb+WwSBUiB6jSf6wm8caUR9tUU3JnQWWitgrEwBG2sA/Jj8I4SM1wYQCIe -----END CERTIFICATE-----Generated at Sat Jun 13 08:10:51 2026 by rpki-client