$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c18b0845-fc95-41d6-b476-af4e1e466849.roa File: c18b0845-fc95-41d6-b476-af4e1e466849.roa (raw, json) Hash identifier: RzCD7581ODd0G/PaE75k0bTCDiHj2ugi5EIEr8jr/z0= Subject key identifier: 2C:EB:2F:20:56:AF:D2:89:93:ED:F0:B8:69:14:7A:08:61:84:7A:89 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 5AC11F50B46E5573403F1191755F378CD289E4B0 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c18b0845-fc95-41d6-b476-af4e1e466849.roa Signing time: Sat 02 May 2026 00:10:05 +0000 ROA not before: Sat 02 May 2026 00:10:05 +0000 ROA not after: Fri 31 Jul 2026 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.133.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 17 May 2026 00:21:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:c1:1f:50:b4:6e:55:73:40:3f:11:91:75:5f:37:8c:d2:89:e4:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: May 2 00:10:05 2026 GMT Not After : Jul 31 23:59:59 2026 GMT Subject: serialNumber=04267efbd75cf61c3676d2640c833eacb8c85c031d3093a681f535d4c6a08da3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:ca:64:18:ec:68:1f:0a:a1:4f:5d:a9:fd:09: 39:e9:42:a0:43:9c:66:6a:d3:6e:1f:ab:bd:13:f7: ee:78:aa:b9:22:e2:7f:63:fc:d0:cc:fc:2c:e9:c9: df:4e:1a:5a:cf:01:98:7a:44:0a:80:1d:7a:53:26: 40:68:f5:f5:fa:39:da:bf:92:20:0b:c8:49:09:ee: 6e:6d:03:08:b1:8f:47:5e:98:6c:c6:f7:9b:a3:b9: 4e:b7:ac:cc:89:53:4a:6e:a9:6d:57:45:04:f3:66: 51:10:e2:d1:e1:33:e0:c1:e0:fb:d1:cc:d1:87:9a: 45:cd:ad:70:91:f1:81:c2:11:dc:72:d6:3b:4c:fa: 88:76:7c:1a:95:d4:cc:bc:e8:74:76:eb:97:58:9e: 97:d6:9f:b7:3e:93:33:c6:45:9b:5d:09:9b:e4:b1: 0b:6f:39:ca:4c:73:16:8d:16:1e:9c:cd:bb:7e:4b: ab:13:89:71:95:c8:b3:3c:0e:a8:93:53:6e:f1:63: 82:d4:86:63:e6:6e:16:c3:af:15:64:62:25:08:f5: f0:fd:63:e8:14:bb:72:b0:83:4c:63:12:52:79:b7: a0:02:df:ab:93:94:e2:26:42:c2:ba:ce:f8:85:12: 0c:03:3e:5d:c4:44:d7:8f:bc:b4:2d:03:54:0b:fa: b1:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:EB:2F:20:56:AF:D2:89:93:ED:F0:B8:69:14:7A:08:61:84:7A:89 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c18b0845-fc95-41d6-b476-af4e1e466849.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.133.0/24 Signature Algorithm: sha256WithRSAEncryption 25:23:90:d8:42:90:c1:55:bd:34:93:7c:b5:ee:f4:70:d8:fe: b7:c9:95:a0:05:c2:e4:a4:46:3d:4d:86:54:a7:15:b4:78:e9: 63:86:b2:15:ea:ff:f9:bf:b4:33:9c:67:df:2d:f2:dc:cc:4a: 6f:82:14:59:ca:d1:ee:42:1b:86:42:03:1d:fa:89:d3:12:6a: 0c:2a:b1:3a:40:0c:60:f6:77:52:d8:d5:19:48:87:f8:6c:6b: 70:f8:a1:e1:ae:9a:c4:ea:af:49:55:17:4e:48:06:71:4a:51: 78:73:47:2c:a1:7a:55:b0:13:55:18:c8:36:21:23:27:ea:2e: 03:5c:af:71:20:03:58:ec:31:f6:8f:62:41:9a:73:b3:02:e8: ad:6d:4b:5c:d8:cc:79:f4:02:55:b0:6f:d5:a0:08:2e:d9:dc: 86:c9:c0:30:b0:9f:26:d6:14:bd:6f:16:38:d0:31:63:04:5e: a0:37:09:7e:d1:44:2c:e7:ba:68:7d:a1:c8:1c:b3:53:1d:dc: 7b:48:8d:0e:9c:fa:67:d8:b2:bc:74:90:68:57:73:eb:a7:03: e0:cd:22:83:8c:2c:a9:2d:fe:1a:47:e6:1c:01:5e:57:18:94: 99:15:65:d8:10:44:fb:86:a5:7a:23:c3:73:ec:62:47:fd:e2: 63:a4:8d:a3 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUWsEfULRuVXNAPxGRdV83jNKJ5LAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI2MDUwMjAwMTAwNVoX DTI2MDczMTIzNTk1OVowejFJMEcGA1UEBRNAMDQyNjdlZmJkNzVjZjYxYzM2NzZk MjY0MGM4MzNlYWNiOGM4NWMwMzFkMzA5M2E2ODFmNTM1ZDRjNmEwOGRhMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcpkGOxoHwqhT12p/Qk56UKgQ5xm atNuH6u9E/fueKq5IuJ/Y/zQzPws6cnfThpazwGYekQKgB16UyZAaPX1+jnav5Ig C8hJCe5ubQMIsY9HXphsxvebo7lOt6zMiVNKbqltV0UE82ZREOLR4TPgweD70czR h5pFza1wkfGBwhHcctY7TPqIdnwaldTMvOh0duuXWJ6X1p+3PpMzxkWbXQmb5LEL bznKTHMWjRYenM27fkurE4lxlcizPA6ok1Nu8WOC1IZj5m4Ww68VZGIlCPXw/WPo FLtysINMYxJSebegAt+rk5TiJkLCus74hRIMAz5dxETXj7y0LQNUC/qx2QIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFCzrLyBWr9KJk+3wuGkUeghhhHqJMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2MxOGIwODQ1LWZjOTUtNDFkNi1iNDc2LWFmNGUxZTQ2Njg0OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAn/iFMA0GCSqGSIb3DQEBCwUAA4IBAQAlI5DYQpDBVb00k3y17vRw 2P63yZWgBcLkpEY9TYZUpxW0eOljhrIV6v/5v7QznGffLfLczEpvghRZytHuQhuG QgMd+onTEmoMKrE6QAxg9ndS2NUZSIf4bGtw+KHhrprE6q9JVRdOSAZxSlF4c0cs oXpVsBNVGMg2ISMn6i4DXK9xIANY7DH2j2JBmnOzAuitbUtc2Mx59AJVsG/VoAgu 2dyGycAwsJ8m1hS9bxY40DFjBF6gNwl+0UQs57pofaHIHLNTHdx7SI0OnPpn2LK8 dJBoV3PrpwPgzSKDjCypLf4aR+YcAV5XGJSZFWXYEET7hqV6I8Nz7GJH/eJjpI2j -----END CERTIFICATE-----Generated at Wed May 13 05:05:33 2026 by rpki-client