$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/840736df-cd98-4b5b-a4f2-5615993fc74d.roa File: 840736df-cd98-4b5b-a4f2-5615993fc74d.roa (raw, json) Hash identifier: sjhedanhIT69u3QGXMV3XtJ1G9qRnmR8tianfLbCBKc= Subject key identifier: C4:38:04:4E:C4:68:1D:7C:A5:02:94:26:49:DB:61:56:86:D4:24:50 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 21660CC2B6C41C82194622D9F5475A573E3B79F9 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/840736df-cd98-4b5b-a4f2-5615993fc74d.roa Signing time: Mon 11 May 2026 00:21:33 +0000 ROA not before: Mon 11 May 2026 00:21:33 +0000 ROA not after: Sun 09 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.0.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 17 May 2026 00:21:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:66:0c:c2:b6:c4:1c:82:19:46:22:d9:f5:47:5a:57:3e:3b:79:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: May 11 00:21:33 2026 GMT Not After : Aug 9 23:59:59 2026 GMT Subject: serialNumber=691826139550d73e2af3c83a7cf23aa462a915caee919cb520e5f9df314e29ac, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:30:15:be:ce:52:a8:5d:07:5e:13:db:dc:51: 2a:50:5e:de:4d:a1:dd:53:d2:43:fe:a5:c2:87:e8: 83:3c:7b:74:dc:f9:dd:ab:49:2d:49:2e:4c:17:3d: 13:80:10:74:7e:69:2c:bc:dc:91:de:02:54:51:81: 0e:44:35:25:21:5d:55:1f:73:02:6f:d3:09:4f:1e: 07:3f:d6:11:91:25:1d:62:56:11:87:b2:47:e5:26: 77:57:76:61:f3:a6:81:47:da:90:97:32:8c:64:da: 36:91:d7:09:82:70:57:c5:83:ea:7b:dd:1a:e7:d6: 82:e1:80:2e:5b:2c:0b:aa:62:77:c6:56:43:5f:b5: 9b:ec:8a:cf:b7:1e:41:54:6b:d3:64:d0:4a:06:44: d8:6b:58:ca:59:fe:c0:cd:bd:eb:7b:c9:57:c4:d3: 27:a0:cc:d6:12:62:c0:99:df:eb:c2:40:71:dc:aa: 27:8f:28:20:49:31:b8:17:68:5e:9a:6e:2d:a5:4c: 2b:ce:ee:0b:d7:3d:68:ce:5e:df:70:e7:23:13:20: 75:01:33:54:09:d6:40:67:32:6b:cf:80:11:91:9e: 84:14:77:57:87:80:ba:5b:ef:87:c2:83:27:86:0f: fc:df:e0:0f:4e:7f:69:72:f8:c1:8a:26:1f:a1:1c: cd:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:38:04:4E:C4:68:1D:7C:A5:02:94:26:49:DB:61:56:86:D4:24:50 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/840736df-cd98-4b5b-a4f2-5615993fc74d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.0.0/24 Signature Algorithm: sha256WithRSAEncryption 8b:1d:84:f4:62:bd:5b:f7:75:a2:65:7d:45:f9:b1:18:e2:9e: 97:bf:fe:60:61:40:04:40:57:d3:70:07:73:bf:86:7e:dd:73: df:b2:cd:76:9e:30:38:da:1e:5d:22:30:5e:9d:95:b3:34:83: 37:f2:e9:10:72:0e:83:9a:65:26:7c:93:49:54:00:79:fe:90: 8f:b7:8b:c7:d4:8d:d4:44:d2:31:0e:e5:e8:2a:70:55:a7:61: 62:dd:0d:65:79:34:6e:cb:74:5e:4b:d8:6b:22:06:bf:9a:b8: 40:30:0a:99:59:ae:2c:14:0e:fe:ca:99:a4:d6:84:b6:0c:40: 75:0e:78:ed:a0:7c:e0:65:a7:e3:fa:bb:41:3b:a2:ff:0a:58: ce:e9:0e:44:2a:2c:a6:34:e8:30:a0:3f:38:4f:ad:1f:a4:81: 88:af:4c:d4:f8:64:d9:cd:80:74:2e:fb:b9:34:c8:e0:d8:dd: 10:e8:2a:68:5b:ff:85:9b:08:0b:b3:70:ff:e4:d2:4d:d2:0e: 2b:94:ed:4e:6b:99:1a:4e:3a:84:42:6b:ab:73:cb:a3:2a:ed: 0b:8a:1d:36:c4:c6:a6:36:79:b9:f6:fe:b0:87:d4:14:00:6e: 36:8e:57:a1:0a:be:52:c7:af:29:44:b4:be:a0:9c:49:cb:27: 47:fa:10:46 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUIWYMwrbEHIIZRiLZ9UdaVz47efkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI2MDUxMTAwMjEzM1oX DTI2MDgwOTIzNTk1OVowejFJMEcGA1UEBRNANjkxODI2MTM5NTUwZDczZTJhZjNj ODNhN2NmMjNhYTQ2MmE5MTVjYWVlOTE5Y2I1MjBlNWY5ZGYzMTRlMjlhYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDAVvs5SqF0HXhPb3FEqUF7eTaHd U9JD/qXCh+iDPHt03Pndq0ktSS5MFz0TgBB0fmksvNyR3gJUUYEORDUlIV1VH3MC b9MJTx4HP9YRkSUdYlYRh7JH5SZ3V3Zh86aBR9qQlzKMZNo2kdcJgnBXxYPqe90a 59aC4YAuWywLqmJ3xlZDX7Wb7IrPtx5BVGvTZNBKBkTYa1jKWf7Azb3re8lXxNMn oMzWEmLAmd/rwkBx3KonjyggSTG4F2hemm4tpUwrzu4L1z1ozl7fcOcjEyB1ATNU CdZAZzJrz4ARkZ6EFHdXh4C6W++HwoMnhg/83+APTn9pcvjBiiYfoRzNWwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFMQ4BE7EaB18pQKUJknbYVaG1CRQMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg0MDczNmRmLWNkOTgtNGI1Yi1hNGYyLTU2MTU5OTNmYzc0ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAn/gAMA0GCSqGSIb3DQEBCwUAA4IBAQCLHYT0Yr1b93WiZX1F+bEY 4p6Xv/5gYUAEQFfTcAdzv4Z+3XPfss12njA42h5dIjBenZWzNIM38ukQcg6DmmUm fJNJVAB5/pCPt4vH1I3URNIxDuXoKnBVp2Fi3Q1leTRuy3ReS9hrIga/mrhAMAqZ Wa4sFA7+ypmk1oS2DEB1DnjtoHzgZafj+rtBO6L/CljO6Q5EKiymNOgwoD84T60f pIGIr0zU+GTZzYB0Lvu5NMjg2N0Q6CpoW/+FmwgLs3D/5NJN0g4rlO1Oa5kaTjqE Qmurc8ujKu0Lih02xMamNnm59v6wh9QUAG42jlehCr5Sx68pRLS+oJxJyydH+hBG -----END CERTIFICATE-----Generated at Wed May 13 05:05:55 2026 by rpki-client