$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f25672a7-b221-4701-959a-7ba11013fac0.roa File: f25672a7-b221-4701-959a-7ba11013fac0.roa (raw, json) Hash identifier: CtX2vRDH+X5pWGcDkTkiYOElv+JST3xk6C33mv8GJy8= Subject key identifier: 0C:D3:81:56:2B:CD:FC:19:71:51:D5:79:DB:2A:EA:77:6F:DC:12:C5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1336FE4BFE92CD0F985CA814BEBD585FF2F49BD1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f25672a7-b221-4701-959a-7ba11013fac0.roa Signing time: Tue 12 May 2026 00:01:18 +0000 ROA not before: Tue 12 May 2026 00:01:18 +0000 ROA not after: Mon 10 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 43.251.180.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:36:fe:4b:fe:92:cd:0f:98:5c:a8:14:be:bd:58:5f:f2:f4:9b:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 12 00:01:18 2026 GMT Not After : Aug 10 23:59:59 2026 GMT Subject: serialNumber=6bf6ba7abcdad99a4cde2f0c188790dd7ad5c60a222322608d3debfa44051b4c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:d4:61:73:8c:65:32:a4:5d:a2:45:bf:ec:6d: 27:47:51:d7:43:94:af:1d:2b:aa:e5:4f:2f:bc:c9: 13:5e:a8:13:54:19:22:ec:de:30:de:70:38:b4:7e: 57:c4:d7:5c:78:b1:b1:4c:5d:99:83:dc:a4:ba:2b: 2a:f1:2b:b8:17:a7:5d:f9:6c:9b:ec:b9:30:db:34: bc:bc:f8:e7:b2:e3:b8:22:ec:eb:1b:2e:7b:70:76: a6:3f:f2:40:25:15:9f:38:d0:4b:e0:aa:fb:ed:12: cb:f3:01:73:bd:24:05:cb:84:8f:38:c3:6a:e7:b1: 40:76:da:b0:6b:75:47:f9:28:12:29:42:51:2a:86: 65:34:49:0b:8a:ef:9c:f5:4d:61:92:e6:53:86:0d: cb:49:af:8a:d3:7e:17:a8:72:2e:c6:28:fd:52:d3: e8:91:31:68:d9:3b:92:0d:b1:98:54:cf:f5:12:e0: 28:22:63:6c:06:1f:b8:fc:ae:81:11:05:1b:7c:d1: 7a:ea:81:77:6f:51:6c:26:eb:19:56:2c:76:55:eb: 84:e8:f8:df:25:2e:57:7e:1d:b9:81:22:0d:e0:6f: a9:f1:06:49:04:bc:42:c1:8c:97:9c:dc:5f:08:6c: 25:5a:8b:22:55:f7:28:fd:6e:b8:2e:fa:0c:fd:fc: 97:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:D3:81:56:2B:CD:FC:19:71:51:D5:79:DB:2A:EA:77:6F:DC:12:C5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f25672a7-b221-4701-959a-7ba11013fac0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.251.180.0/22 Signature Algorithm: sha256WithRSAEncryption c2:22:55:f7:62:a0:d8:2e:02:3e:f5:a9:f9:4b:8e:da:b9:32: 5a:bc:ef:68:a1:2e:97:bb:d1:3c:8f:c3:ca:8f:ac:1d:6a:eb: 09:ca:47:e6:da:94:04:2a:34:60:8d:f4:c5:ca:d3:6b:8a:04: cd:cb:e2:3c:31:54:a8:a9:1a:c0:97:b4:44:0b:b0:d7:cd:cc: c3:e8:d3:38:dc:a5:bd:04:92:4a:86:ca:c2:b4:99:18:07:58: 05:a4:2b:fe:ad:0d:69:ef:75:37:e6:4a:84:2d:c7:29:6a:27: 45:6a:f2:91:d8:49:22:84:87:96:76:7f:7c:39:e6:ef:ee:22: f8:01:ec:9d:7a:0d:a4:19:af:b5:53:c9:13:dc:49:ed:ce:23: a4:86:d8:da:dd:43:e3:16:db:67:a5:15:36:0d:b1:cf:ac:1c: c2:16:ec:15:09:65:b1:5d:ec:60:83:09:51:6b:95:bd:be:85: 47:09:72:53:22:c6:0e:08:55:96:e5:ea:6d:e6:d9:b1:55:d3: 24:bf:d6:d3:5e:de:0a:ae:15:19:b2:e5:3a:f5:78:6b:af:8c: f8:6a:4f:fb:ba:8e:79:28:3b:78:b1:9f:89:cd:48:5f:ad:e7: 5f:e8:a8:c2:5b:1f:ae:c9:66:e2:03:65:41:d8:4b:52:97:9a: f2:ec:8c:1a -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUEzb+S/6SzQ+YXKgUvr1YX/L0m9EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMjAwMDExOFoX DTI2MDgxMDIzNTk1OVowejFJMEcGA1UEBRNANmJmNmJhN2FiY2RhZDk5YTRjZGUy ZjBjMTg4NzkwZGQ3YWQ1YzYwYTIyMjMyMjYwOGQzZGViZmE0NDA1MWI0YzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAztRhc4xlMqRdokW/7G0nR1HXQ5Sv HSuq5U8vvMkTXqgTVBki7N4w3nA4tH5XxNdceLGxTF2Zg9ykuisq8Su4F6dd+Wyb 7Lkw2zS8vPjnsuO4IuzrGy57cHamP/JAJRWfONBL4Kr77RLL8wFzvSQFy4SPOMNq 57FAdtqwa3VH+SgSKUJRKoZlNEkLiu+c9U1hkuZThg3LSa+K034XqHIuxij9UtPo kTFo2TuSDbGYVM/1EuAoImNsBh+4/K6BEQUbfNF66oF3b1FsJusZVix2VeuE6Pjf JS5Xfh25gSIN4G+p8QZJBLxCwYyXnNxfCGwlWosiVfco/W64LvoM/fyXLwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFAzTgVYrzfwZcVHVedsq6ndv3BLFMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2YyNTY3MmE3LWIyMjEtNDcwMS05NTlhLTdiYTExMDEzZmFjMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/u0MA0GCSqGSIb3DQEBCwUAA4IBAQDCIlX3YqDYLgI+9an5S47a uTJavO9ooS6Xu9E8j8PKj6wdausJykfm2pQEKjRgjfTFytNrigTNy+I8MVSoqRrA l7REC7DXzczD6NM43KW9BJJKhsrCtJkYB1gFpCv+rQ1p73U35kqELccpaidFavKR 2EkihIeWdn98Oebv7iL4Aeydeg2kGa+1U8kT3EntziOkhtja3UPjFttnpRU2DbHP rBzCFuwVCWWxXexggwlRa5W9voVHCXJTIsYOCFWW5ept5tmxVdMkv9bTXt4KrhUZ suU69Xhrr4z4ak/7uo55KDt4sZ+JzUhfredf6KjCWx+uyWbiA2VB2EtSl5ry7Iwa -----END CERTIFICATE-----Generated at Wed May 13 00:05:59 2026 by rpki-client