$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa File: b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa (raw, json) Hash identifier: bEDP7S/ywUipJKWAzBTd34AFBXtmjt92LipoOMsISMA= Subject key identifier: 54:37:59:E2:81:55:76:D6:5D:F1:24:08:91:E7:50:79:37:44:C2:4B Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 728F235C32071B90F7EBEC975BC565E5DEA4ACA2 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa Signing time: Tue 28 Apr 2026 00:00:40 +0000 ROA not before: Tue 28 Apr 2026 00:00:40 +0000 ROA not after: Mon 27 Jul 2026 23:59:59 +0000 asID: 16509 IP address blocks: 43.224.144.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:03:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:8f:23:5c:32:07:1b:90:f7:eb:ec:97:5b:c5:65:e5:de:a4:ac:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Apr 28 00:00:40 2026 GMT Not After : Jul 27 23:59:59 2026 GMT Subject: serialNumber=428d812a24a5d6f66d6bde2406cfb439b7e71863f02ef366cb37ba3265e30d56, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:a1:a8:81:9c:88:19:44:d6:85:ca:d7:2e:ca: 42:b1:66:d0:e6:82:ed:81:22:77:a4:17:05:7f:80: 2c:02:b9:83:ab:4e:13:4b:51:b8:64:bf:8b:4a:92: b2:31:49:54:e6:62:6e:1c:74:27:a5:07:d7:23:72: 09:28:fd:60:a1:71:7a:bc:8f:11:95:75:88:65:15: f4:c3:16:aa:b3:32:51:cd:6f:cc:5a:29:fb:47:63: 2c:f4:30:42:bb:c8:42:65:03:77:87:59:ee:df:f9: d6:8d:2d:c7:5a:e7:b9:82:bf:d1:c6:a5:57:14:9f: b4:9c:90:88:72:f9:be:59:cf:59:76:09:4e:1b:22: cb:b9:d9:8a:82:dc:08:35:3f:00:b1:04:b5:5c:09: 95:82:87:b8:83:0a:35:f1:ef:26:85:92:39:ee:f2: 52:b5:77:fc:7b:cc:07:87:87:05:67:52:0c:17:dd: 05:fd:0f:b3:72:a4:bf:d7:c1:d9:c1:f4:aa:12:52: ff:ce:d6:b1:32:f9:22:23:bb:8b:9d:0d:53:09:dd: ff:2f:e1:8b:54:d2:be:69:32:8f:3c:b5:89:df:8d: 07:39:d3:69:b7:8d:83:f0:1d:2e:f2:51:df:cf:a8: ec:d4:29:78:f2:bc:47:89:26:a5:d6:9a:29:40:86: f2:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:37:59:E2:81:55:76:D6:5D:F1:24:08:91:E7:50:79:37:44:C2:4B X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.224.144.0/22 Signature Algorithm: sha256WithRSAEncryption 21:eb:2a:49:d0:13:f2:d4:37:99:56:e4:97:54:f9:04:47:c0: 95:73:de:e0:6d:1b:3f:cb:27:7e:57:ae:34:b8:f3:51:09:98: 0d:3d:06:a6:15:36:be:b6:4e:4c:c3:21:49:1b:9d:01:ca:c1: 05:06:8c:60:c4:e6:e7:16:3a:1f:8f:2f:b7:ca:5a:e5:6a:de: 57:03:b6:98:8e:c2:24:7a:69:19:62:fc:04:88:07:de:2f:b3: 48:04:df:f8:83:3f:18:24:c3:06:14:cb:50:8b:6b:1a:f6:4a: 9e:15:a2:ec:1a:8d:78:6c:0a:62:6c:e0:52:d5:e0:cb:b6:4c: c7:12:64:40:83:67:64:23:e5:ff:09:47:30:ba:34:5a:c3:11: a9:19:96:a9:18:d2:36:d6:5c:07:fc:01:5a:d5:99:45:d1:8e: b3:f9:62:64:21:3a:03:4f:58:77:58:83:85:68:09:f6:83:83: ab:5d:d6:16:40:8e:b5:ec:1d:a2:09:da:13:e4:eb:b7:66:fc: 92:07:b9:4d:51:2f:27:ee:a8:d0:15:f0:14:70:e7:8a:95:6d: 2c:24:23:dc:76:af:39:59:19:43:e5:eb:21:40:e3:87:62:b3: bd:10:76:f1:c2:60:b1:fe:60:28:9c:0d:3f:b9:44:70:a9:b2: c1:be:d1:73 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUco8jXDIHG5D36+yXW8Vl5d6krKIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI2MDQyODAwMDA0MFoX DTI2MDcyNzIzNTk1OVowejFJMEcGA1UEBRNANDI4ZDgxMmEyNGE1ZDZmNjZkNmJk ZTI0MDZjZmI0MzliN2U3MTg2M2YwMmVmMzY2Y2IzN2JhMzI2NWUzMGQ1NjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8qGogZyIGUTWhcrXLspCsWbQ5oLt gSJ3pBcFf4AsArmDq04TS1G4ZL+LSpKyMUlU5mJuHHQnpQfXI3IJKP1goXF6vI8R lXWIZRX0wxaqszJRzW/MWin7R2Ms9DBCu8hCZQN3h1nu3/nWjS3HWue5gr/RxqVX FJ+0nJCIcvm+Wc9ZdglOGyLLudmKgtwINT8AsQS1XAmVgoe4gwo18e8mhZI57vJS tXf8e8wHh4cFZ1IMF90F/Q+zcqS/18HZwfSqElL/ztaxMvkiI7uLnQ1TCd3/L+GL VNK+aTKPPLWJ340HOdNpt42D8B0u8lHfz6js1Cl48rxHiSal1popQIby8wIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFFQ3WeKBVXbWXfEkCJHnUHk3RMJLMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2IwYzM4ZjAzLTNjZWQtNDg0ZS1hYTViLTdiMDZmMTI1YWQ3NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK+CQMA0GCSqGSIb3DQEBCwUAA4IBAQAh6ypJ0BPy1DeZVuSXVPkE R8CVc97gbRs/yyd+V640uPNRCZgNPQamFTa+tk5MwyFJG50BysEFBoxgxObnFjof jy+3ylrlat5XA7aYjsIkemkZYvwEiAfeL7NIBN/4gz8YJMMGFMtQi2sa9kqeFaLs Go14bApibOBS1eDLtkzHEmRAg2dkI+X/CUcwujRawxGpGZapGNI21lwH/AFa1ZlF 0Y6z+WJkIToDT1h3WIOFaAn2g4OrXdYWQI617B2iCdoT5Ou3ZvySB7lNUS8n7qjQ FfAUcOeKlW0sJCPcdq85WRlD5eshQOOHYrO9EHbxwmCx/mAonA0/uURwqbLBvtFz -----END CERTIFICATE-----Generated at Tue May 12 22:29:28 2026 by rpki-client