$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4eebfe87-ebaa-4640-b26f-714c512d27da.roa File: 4eebfe87-ebaa-4640-b26f-714c512d27da.roa (raw, json) Hash identifier: ARfk80/cJAsv/5piM0O9OMG7v0jlOO3Hrtf1GHD2V8E= Subject key identifier: FC:A1:4C:3A:2E:CF:5B:90:FC:01:4B:C8:5D:8A:EE:7E:1B:72:29:2C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5799D171D5651894AE607E454A775C2F2E6B2676 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4eebfe87-ebaa-4640-b26f-714c512d27da.roa Signing time: Mon 27 Apr 2026 00:00:35 +0000 ROA not before: Mon 27 Apr 2026 00:00:35 +0000 ROA not after: Sun 26 Jul 2026 23:59:59 +0000 asID: 16509 IP address blocks: 43.217.174.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:99:d1:71:d5:65:18:94:ae:60:7e:45:4a:77:5c:2f:2e:6b:26:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 27 00:00:35 2026 GMT Not After : Jul 26 23:59:59 2026 GMT Subject: serialNumber=f1d15505f2209193425ac27bd385e8d0ea44b41f6295d4b36c192b53cb9fba1b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:e6:a4:57:3b:c8:79:3d:ba:12:e4:03:cd:7c: 69:db:73:bf:27:b2:2a:e8:2d:5b:b6:db:9f:bd:55: 8e:6a:49:08:52:bb:15:89:5a:6d:38:c3:12:b1:31: 23:a6:98:64:73:50:65:12:63:58:dd:d8:4e:c9:f6: de:f7:5a:47:82:4e:4f:ff:bf:f8:b8:3d:d9:8c:c9: 7a:a2:f9:e4:24:6a:f4:32:f1:1a:9b:75:32:67:a9: 7e:25:04:94:d1:be:a4:6a:66:ac:9f:c9:ce:5e:3b: b2:6a:54:57:d5:7b:8b:e3:71:b0:95:b3:59:39:f4: 19:56:dd:a7:cd:14:1b:2a:d2:de:64:02:47:8c:91: be:a5:e5:03:9b:d2:0f:e3:75:28:99:da:bd:31:e3: 96:75:95:be:d1:fd:75:4c:3f:e7:4b:7a:d1:65:67: 86:2b:b1:bc:4e:cb:fb:79:f4:77:ea:47:14:e4:23: 41:89:40:22:94:3c:3c:8e:fd:41:fc:45:f3:00:34: 9c:6e:b0:27:b3:f1:d7:75:c8:d8:81:90:c9:87:da: b4:ca:9d:1d:b3:97:e7:db:0d:de:aa:97:85:28:31: 00:fc:7b:0f:8a:02:dd:89:9e:11:f4:05:80:e5:5e: 69:c3:e0:6b:b1:b6:fa:60:ec:ff:29:4e:29:0b:13: 69:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:A1:4C:3A:2E:CF:5B:90:FC:01:4B:C8:5D:8A:EE:7E:1B:72:29:2C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4eebfe87-ebaa-4640-b26f-714c512d27da.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.217.174.0/23 Signature Algorithm: sha256WithRSAEncryption a5:ba:e4:96:ec:d5:af:cb:e5:7c:b6:28:e0:37:1c:c6:a9:ed: 74:49:8d:c9:02:46:c0:59:bf:38:4d:e6:33:b9:10:11:64:6a: 52:79:f6:53:5a:b2:0b:0e:b5:f8:fb:80:92:ef:7b:59:d4:50: 01:5b:90:31:70:f5:44:80:37:0b:6b:99:bc:56:9f:f6:fc:46: 37:24:2b:2f:63:7a:2d:28:e8:47:91:07:12:a8:55:f3:6b:5b: 99:45:5a:5e:29:e5:f3:c1:2c:9e:7c:99:93:c2:a5:e4:fd:f6: be:c6:df:37:26:0d:86:69:23:73:24:7d:4e:74:83:9f:92:a7: a1:6d:a8:98:3b:42:c8:72:ef:b6:41:1a:bf:38:92:41:41:d8: 16:7d:1a:04:19:ca:ad:38:bf:cf:38:8a:15:22:0a:5c:1d:c6: f1:cd:76:f4:64:04:a4:ba:79:c4:54:e6:d3:9f:fd:8c:ef:a7: 8e:ea:76:ae:44:ed:0f:40:b7:e9:1c:a9:63:3a:a9:5c:68:2c: 52:78:a9:71:b5:32:af:ac:44:e6:1f:97:81:54:eb:90:96:f3: 76:6e:c9:b6:f9:a9:52:6f:ca:2d:fa:21:d0:72:85:db:e0:0b: 7c:40:12:57:25:f8:43:13:0f:cd:f5:a2:77:d6:42:4d:6c:be: 16:5c:44:f2 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUV5nRcdVlGJSuYH5FSndcLy5rJnYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDQyNzAwMDAzNVoX DTI2MDcyNjIzNTk1OVowejFJMEcGA1UEBRNAZjFkMTU1MDVmMjIwOTE5MzQyNWFj MjdiZDM4NWU4ZDBlYTQ0YjQxZjYyOTVkNGIzNmMxOTJiNTNjYjlmYmExYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0eakVzvIeT26EuQDzXxp23O/J7Iq 6C1bttufvVWOakkIUrsViVptOMMSsTEjpphkc1BlEmNY3dhOyfbe91pHgk5P/7/4 uD3ZjMl6ovnkJGr0MvEam3UyZ6l+JQSU0b6kamasn8nOXjuyalRX1XuL43GwlbNZ OfQZVt2nzRQbKtLeZAJHjJG+peUDm9IP43Uomdq9MeOWdZW+0f11TD/nS3rRZWeG K7G8Tsv7efR36kcU5CNBiUAilDw8jv1B/EXzADScbrAns/HXdcjYgZDJh9q0yp0d s5fn2w3eqpeFKDEA/HsPigLdiZ4R9AWA5V5pw+Brsbb6YOz/KU4pCxNpjQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFPyhTDouz1uQ/AFLyF2K7n4bciksMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRlZWJmZTg3LWViYWEtNDY0MC1iMjZmLTcxNGM1MTJkMjdkYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQBK9muMA0GCSqGSIb3DQEBCwUAA4IBAQCluuSW7NWvy+V8tijgNxzG qe10SY3JAkbAWb84TeYzuRARZGpSefZTWrILDrX4+4CS73tZ1FABW5AxcPVEgDcL a5m8Vp/2/EY3JCsvY3otKOhHkQcSqFXza1uZRVpeKeXzwSyefJmTwqXk/fa+xt83 Jg2GaSNzJH1OdIOfkqehbaiYO0LIcu+2QRq/OJJBQdgWfRoEGcqtOL/POIoVIgpc HcbxzXb0ZASkunnEVObTn/2M76eO6nauRO0PQLfpHKljOqlcaCxSeKlxtTKvrETm H5eBVOuQlvN2bsm2+alSb8ot+iHQcoXb4At8QBJXJfhDEw/N9aJ31kJNbL4WXETy -----END CERTIFICATE-----Generated at Wed May 13 01:04:50 2026 by rpki-client