$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c64b3ce2-0670-4f0c-b5b6-f94ce6bf7a57.roa File: c64b3ce2-0670-4f0c-b5b6-f94ce6bf7a57.roa (raw, json) Hash identifier: WsP3FAMRIW8GcXd9JFTcEtUhIRQteEsNfXXIZpGx0Zg= Subject key identifier: 00:3B:85:C4:C6:C8:B1:F6:08:A8:69:B9:CB:D0:98:F1:49:72:DB:D6 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2EB73CADB2A0BE2BABB937D60B4F85AB2E8D3FFC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c64b3ce2-0670-4f0c-b5b6-f94ce6bf7a57.roa Signing time: Tue 05 May 2026 00:01:00 +0000 ROA not before: Tue 05 May 2026 00:01:00 +0000 ROA not after: Mon 03 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 43.213.154.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 17 May 2026 00:21:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:b7:3c:ad:b2:a0:be:2b:ab:b9:37:d6:0b:4f:85:ab:2e:8d:3f:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 5 00:01:00 2026 GMT Not After : Aug 3 23:59:59 2026 GMT Subject: serialNumber=d8d76ae92ea4d7504f64f916c4e5699ffea18da8a13103104ce11a7b3e0cd96c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:51:8b:58:d9:fb:50:a0:f8:fa:49:a7:b5:4d: 8b:42:d1:9b:f6:42:6d:b7:77:65:aa:06:f6:c3:b8: 7b:9b:9b:cb:2a:ab:39:43:4f:20:71:b7:c8:b8:7a: c8:08:76:87:da:d2:17:fd:7f:61:d9:a4:d4:00:3b: 78:b5:7b:0e:5a:4a:8a:1a:89:f9:86:47:49:cf:64: fa:f8:6e:f8:33:93:fa:ba:a2:06:10:12:58:e6:b1: 11:32:9a:ab:8d:35:7c:76:48:48:95:cd:76:d1:20: 8e:cb:c8:d0:cf:fe:72:c6:70:68:c3:34:d7:5f:81: 71:83:1a:a6:51:5b:19:c0:56:37:ab:90:84:4a:d0: df:22:97:93:c0:02:a9:bc:4b:7c:03:1e:64:0f:85: 76:b5:ae:20:aa:33:52:4d:e7:81:6a:cf:b9:e3:33: a1:1c:79:29:bb:63:76:a5:24:b4:d6:8d:89:3d:0d: 46:47:e3:ba:72:7a:b9:8e:a5:5e:00:40:cd:a7:67: 11:b7:53:51:23:0f:f5:63:03:c2:83:d3:b9:56:79: 6c:a3:43:8c:bc:5f:c8:d0:3e:96:44:98:10:b4:80: 03:08:e4:89:5e:fc:c2:ec:cc:4a:df:49:58:9c:20: b5:cf:12:53:9b:87:d6:95:cc:55:3f:08:41:c9:2b: b4:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:3B:85:C4:C6:C8:B1:F6:08:A8:69:B9:CB:D0:98:F1:49:72:DB:D6 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c64b3ce2-0670-4f0c-b5b6-f94ce6bf7a57.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.213.154.0/24 Signature Algorithm: sha256WithRSAEncryption 3d:36:bc:ec:82:70:0d:3a:d4:be:6a:4b:04:1c:de:3d:54:17: bb:8d:bd:c9:e9:11:be:ca:5e:85:4f:e5:50:6e:9f:47:8d:c2: 10:b9:de:34:83:59:65:3a:a0:5d:e7:ca:e8:d8:f3:a5:39:79: 95:09:69:67:02:26:1e:bb:5c:fb:eb:e5:5d:6f:0b:32:ce:b0: 1c:36:e1:03:e3:0e:8d:90:08:ec:9e:65:4c:b5:26:1d:e0:4a: 28:2a:f0:93:42:de:9d:db:2b:f9:12:87:e1:9e:77:4f:d3:05: 5a:2e:74:2d:25:32:75:b1:69:bb:7d:d5:d4:88:fd:c1:e6:27: 89:fe:0a:2e:15:ed:b0:36:f9:6a:bb:c9:9e:58:6a:4b:1d:3c: ae:fc:50:85:34:3d:47:05:c5:25:92:d5:d9:87:e1:5b:0e:c5: 4f:b3:28:31:46:a1:e0:fb:c5:23:7a:7f:b0:77:e4:5e:84:a0: be:b1:c8:da:18:64:82:96:19:0e:6e:40:81:71:81:1a:32:0a: 85:ec:5d:8b:dd:3d:04:a9:5d:d4:2a:c4:6e:07:2e:43:80:5d: 3e:36:8f:d4:79:5a:f9:dc:24:46:a9:b3:56:eb:94:08:bd:e5: 9d:64:46:be:4f:b0:99:fc:1c:9e:65:3c:e6:80:1b:fe:d3:a3: 8d:6d:55:16 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIULrc8rbKgviuruTfWC0+Fqy6NP/wwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwNTAwMDEwMFoX DTI2MDgwMzIzNTk1OVowejFJMEcGA1UEBRNAZDhkNzZhZTkyZWE0ZDc1MDRmNjRm OTE2YzRlNTY5OWZmZWExOGRhOGExMzEwMzEwNGNlMTFhN2IzZTBjZDk2YzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlGLWNn7UKD4+kmntU2LQtGb9kJt t3dlqgb2w7h7m5vLKqs5Q08gcbfIuHrICHaH2tIX/X9h2aTUADt4tXsOWkqKGon5 hkdJz2T6+G74M5P6uqIGEBJY5rERMpqrjTV8dkhIlc120SCOy8jQz/5yxnBowzTX X4FxgxqmUVsZwFY3q5CEStDfIpeTwAKpvEt8Ax5kD4V2ta4gqjNSTeeBas+54zOh HHkpu2N2pSS01o2JPQ1GR+O6cnq5jqVeAEDNp2cRt1NRIw/1YwPCg9O5Vnlso0OM vF/I0D6WRJgQtIADCOSJXvzC7MxK30lYnCC1zxJTm4fWlcxVPwhBySu0uwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFAA7hcTGyLH2CKhpucvQmPFJctvWMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2M2NGIzY2UyLTA2NzAtNGYwYy1iNWI2LWY5NGNlNmJmN2E1Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9WaMA0GCSqGSIb3DQEBCwUAA4IBAQA9NrzsgnANOtS+aksEHN49 VBe7jb3J6RG+yl6FT+VQbp9HjcIQud40g1llOqBd58ro2POlOXmVCWlnAiYeu1z7 6+VdbwsyzrAcNuED4w6NkAjsnmVMtSYd4EooKvCTQt6d2yv5EofhnndP0wVaLnQt JTJ1sWm7fdXUiP3B5ieJ/gouFe2wNvlqu8meWGpLHTyu/FCFND1HBcUlktXZh+Fb DsVPsygxRqHg+8Ujen+wd+RehKC+scjaGGSClhkObkCBcYEaMgqF7F2L3T0EqV3U KsRuBy5DgF0+No/UeVr53CRGqbNW65QIveWdZEa+T7CZ/ByeZTzmgBv+06ONbVUW -----END CERTIFICATE-----Generated at Wed May 13 02:23:27 2026 by rpki-client