$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32bf2c39-b536-43d0-b557-f68d8ee64091.roa File: 32bf2c39-b536-43d0-b557-f68d8ee64091.roa (raw, json) Hash identifier: R/QKXPq5qLhFIabDpt7jqk1FIjprU0/TFPidwEL+QgA= Subject key identifier: E1:0D:48:F4:68:34:09:23:5E:96:1D:E4:2D:94:21:00:63:58:34:74 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 7BBA4DE18499154C4527005D722E865198DC52DB Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32bf2c39-b536-43d0-b557-f68d8ee64091.roa Signing time: Mon 11 May 2026 00:10:27 +0000 ROA not before: Mon 11 May 2026 00:10:27 +0000 ROA not after: Sun 09 Aug 2026 23:59:59 +0000 asID: 7224 IP address blocks: 159.248.128.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 17 May 2026 00:21:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:ba:4d:e1:84:99:15:4c:45:27:00:5d:72:2e:86:51:98:dc:52:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: May 11 00:10:27 2026 GMT Not After : Aug 9 23:59:59 2026 GMT Subject: serialNumber=0d9e1c7bdfd5eaf64ed3fe5c3f9f696a23d763a0d4baac6222f99c3aba119fbf, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:cb:ac:96:bc:6a:e9:80:67:b9:85:72:fc:e8: 05:ec:c1:e7:7b:0b:70:6b:33:41:5f:aa:7b:4f:ea: 67:e9:b3:b7:ac:79:8c:e9:32:9c:59:11:4f:9b:6b: 55:d2:18:89:59:58:73:40:83:b1:89:90:27:d4:a6: 5c:6e:51:e8:37:04:b1:89:67:01:bc:3b:8a:b1:df: f1:de:d9:0a:f3:37:7a:e3:d7:68:4d:f7:33:7c:85: 96:34:47:e4:02:b7:28:43:3f:9b:49:4d:0b:55:af: 68:18:62:24:95:9e:e7:2a:70:db:29:e4:6b:b8:31: 59:63:b8:53:db:ae:00:ff:9f:89:89:57:54:3f:40: 80:90:58:12:5f:91:5b:fd:15:ba:a0:2e:b2:0e:33: 11:77:48:ce:e3:49:25:20:4f:a7:8f:88:fa:7d:3c: 54:0f:c6:b4:56:87:35:a7:dc:01:d6:b5:b3:bc:e1: 5e:a2:eb:b4:5b:b0:5f:03:11:7c:34:2c:fc:d0:32: dd:09:51:c8:f6:fb:4e:bd:25:41:9d:f3:f1:ee:2d: d0:5a:78:42:9d:d8:d8:53:36:2b:c5:2e:a1:a1:8e: fc:48:70:ea:e5:e6:11:45:2c:37:42:3f:30:92:b9: 9d:b5:97:28:5a:2d:7f:a8:b3:7d:6a:75:ba:5f:61: b9:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:0D:48:F4:68:34:09:23:5E:96:1D:E4:2D:94:21:00:63:58:34:74 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32bf2c39-b536-43d0-b557-f68d8ee64091.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.128.0/22 Signature Algorithm: sha256WithRSAEncryption 03:b6:39:da:b3:f4:ee:ae:a7:d8:3f:da:fa:ec:59:fd:5b:94: 64:ed:8c:66:12:10:59:d0:90:33:de:c4:73:5d:71:49:d5:68: 85:b6:2c:90:6f:38:95:d5:35:a8:99:bb:65:8c:d1:d2:72:67: fd:1c:50:43:1d:4a:54:7d:bc:9a:37:b0:cb:ec:20:36:d5:ab: 51:bb:fb:20:78:b3:72:a3:60:bf:48:cb:d6:94:a1:28:3f:6d: ca:32:aa:b9:b7:99:c3:8f:0d:ed:36:f5:42:56:43:21:27:37: 03:43:33:b9:ba:91:82:12:30:7b:66:25:c4:60:bc:99:ee:cd: e9:fb:27:10:be:8d:81:dd:be:63:90:33:69:7f:2e:f3:8b:f5: 5e:99:f0:84:0f:a0:c9:0a:87:1b:3a:1a:c0:19:22:e5:72:5f: 55:12:b0:5e:b4:6b:db:bf:1b:e9:00:2a:70:06:4f:3f:a7:37: 59:d4:47:81:74:cf:a5:d5:2e:ad:49:94:97:33:41:f9:61:9c: aa:1d:cd:bd:75:ff:17:33:66:72:1a:32:90:c6:ab:1a:03:e9: ef:b4:b6:dc:be:31:c1:bb:b9:06:ac:37:34:85:99:5e:0b:4c: aa:59:76:3a:75:6c:6c:cb:97:32:e0:c9:ac:e0:c8:c9:68:aa: 11:05:ea:f2 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUe7pN4YSZFUxFJwBdci6GUZjcUtswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI2MDUxMTAwMTAyN1oX DTI2MDgwOTIzNTk1OVowejFJMEcGA1UEBRNAMGQ5ZTFjN2JkZmQ1ZWFmNjRlZDNm ZTVjM2Y5ZjY5NmEyM2Q3NjNhMGQ0YmFhYzYyMjJmOTljM2FiYTExOWZiZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMuslrxq6YBnuYVy/OgF7MHnewtw azNBX6p7T+pn6bO3rHmM6TKcWRFPm2tV0hiJWVhzQIOxiZAn1KZcblHoNwSxiWcB vDuKsd/x3tkK8zd649doTfczfIWWNEfkArcoQz+bSU0LVa9oGGIklZ7nKnDbKeRr uDFZY7hT264A/5+JiVdUP0CAkFgSX5Fb/RW6oC6yDjMRd0jO40klIE+nj4j6fTxU D8a0Voc1p9wB1rWzvOFeouu0W7BfAxF8NCz80DLdCVHI9vtOvSVBnfPx7i3QWnhC ndjYUzYrxS6hoY78SHDq5eYRRSw3Qj8wkrmdtZcoWi1/qLN9anW6X2G5ZwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFOENSPRoNAkjXpYd5C2UIQBjWDR0MB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzMyYmYyYzM5LWI1MzYtNDNkMC1iNTU3LWY2OGQ4ZWU2NDA5MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCn/iAMA0GCSqGSIb3DQEBCwUAA4IBAQADtjnas/TurqfYP9r67Fn9 W5Rk7YxmEhBZ0JAz3sRzXXFJ1WiFtiyQbziV1TWombtljNHScmf9HFBDHUpUfbya N7DL7CA21atRu/sgeLNyo2C/SMvWlKEoP23KMqq5t5nDjw3tNvVCVkMhJzcDQzO5 upGCEjB7ZiXEYLyZ7s3p+ycQvo2B3b5jkDNpfy7zi/VemfCED6DJCocbOhrAGSLl cl9VErBetGvbvxvpACpwBk8/pzdZ1EeBdM+l1S6tSZSXM0H5YZyqHc29df8XM2Zy GjKQxqsaA+nvtLbcvjHBu7kGrDc0hZleC0yqWXY6dWxsy5cy4Mms4MjJaKoRBery -----END CERTIFICATE-----Generated at Wed May 13 03:40:01 2026 by rpki-client