$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa File: 9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa (raw, json) Hash identifier: IFPWZLYqICCTZpiAlPV0uS3SJy8BLcnhhBvheTkomoI= Subject key identifier: 2F:E3:50:C6:66:F8:21:64:DD:70:A9:E6:F5:88:6C:AA:F3:A7:91:D0 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 6F73E60C4AD6EF7D3F5772437DE2B27B178DC7B5 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa Signing time: Mon 27 Apr 2026 00:00:36 +0000 ROA not before: Mon 27 Apr 2026 00:00:36 +0000 ROA not after: Sun 26 Jul 2026 23:59:59 +0000 asID: 7224 IP address blocks: 43.250.196.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:03:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:73:e6:0c:4a:d6:ef:7d:3f:57:72:43:7d:e2:b2:7b:17:8d:c7:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Apr 27 00:00:36 2026 GMT Not After : Jul 26 23:59:59 2026 GMT Subject: serialNumber=dbe571e58e4254007d1a3da635fe0f9ad19ee5a7e2335e2392438af1fdfb8177, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:8a:f0:82:37:91:01:9b:b8:72:5a:c7:aa:0e: bb:25:61:72:39:ff:e3:34:a6:7e:0d:79:c5:67:2d: 96:d8:bd:f5:bd:6e:b3:6c:f6:38:00:c3:53:41:eb: 9d:df:32:84:cc:59:74:cd:b8:0a:2b:6e:6e:e0:f5: e9:4a:c5:de:c9:63:c3:23:9d:23:6f:d6:80:d7:ac: 2e:c3:f1:5d:8a:7c:7e:5b:c6:e7:21:05:f1:41:77: d3:bf:fa:d6:53:e0:47:0d:d5:45:ec:91:d1:ea:92: cc:46:82:7a:a6:82:e6:03:1c:69:90:9a:b2:a1:9f: 47:25:21:9f:66:c1:40:17:e6:37:3b:55:11:ca:1b: 17:a7:5c:f8:dd:94:5f:db:01:54:fc:b6:ee:b4:2d: e4:33:50:f9:34:2b:ea:b1:87:93:ba:a4:9e:64:b5: ca:ac:e1:fc:6c:7f:50:5a:ef:f1:67:0d:d5:97:ab: bd:65:a5:ce:5b:9b:61:ea:09:0b:21:9e:09:f4:bb: f1:8c:3a:8c:6e:29:49:06:60:8f:97:4c:db:b3:30: 94:a8:f1:5a:9a:7a:73:59:98:05:ce:e1:7e:22:ff: 1a:ee:35:a1:b1:bd:82:7a:53:0f:70:10:0e:5e:31: 4e:1e:f0:57:e9:69:4c:e0:95:92:42:ab:2b:78:ad: 6f:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:E3:50:C6:66:F8:21:64:DD:70:A9:E6:F5:88:6C:AA:F3:A7:91:D0 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.196.0/22 Signature Algorithm: sha256WithRSAEncryption 50:52:1b:9c:bd:d7:52:7b:b4:ed:46:5a:43:18:6c:15:87:ee: 7b:d1:70:4a:a7:27:17:a0:f7:6f:46:3b:bd:6c:bd:21:7f:54: 55:93:6e:47:13:78:e6:fe:98:3d:96:de:11:40:4b:f1:3f:6d: c7:87:95:cd:a6:19:62:92:ca:d5:81:6e:b5:a6:d1:9c:7c:88: 32:4c:9e:f3:69:71:59:eb:84:78:36:f4:92:1b:e4:86:72:06: 6f:66:73:59:04:57:36:02:ab:69:54:e6:94:f1:ed:66:97:fc: e2:3f:57:65:81:cf:ea:fb:4f:c7:f4:ba:17:7f:ac:15:b9:d8: 62:d0:bd:42:99:13:35:bd:35:60:2e:f8:82:f0:61:8a:8d:1c: d8:74:64:e9:65:62:f0:48:bb:c8:64:b0:c3:d3:8b:cc:3e:78: 65:d0:76:b9:15:de:c8:71:6d:0d:e5:79:f1:35:d5:9e:81:ee: d6:be:dd:b5:be:4e:63:7c:ad:25:40:af:b5:a6:fa:00:fd:90: a2:6a:31:ab:f8:25:3b:bc:5f:1a:17:8e:37:02:4b:75:02:e2: f1:93:34:c6:cd:02:86:9f:97:2b:08:78:91:cb:b6:a9:94:b4: e2:fa:db:d4:6f:a5:96:73:82:bc:3f:22:86:90:85:6a:be:d5: b8:e5:15:53 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUb3PmDErW730/V3JDfeKyexeNx7UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI2MDQyNzAwMDAzNloX DTI2MDcyNjIzNTk1OVowejFJMEcGA1UEBRNAZGJlNTcxZTU4ZTQyNTQwMDdkMWEz ZGE2MzVmZTBmOWFkMTllZTVhN2UyMzM1ZTIzOTI0MzhhZjFmZGZiODE3NzEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqorwgjeRAZu4clrHqg67JWFyOf/j NKZ+DXnFZy2W2L31vW6zbPY4AMNTQeud3zKEzFl0zbgKK25u4PXpSsXeyWPDI50j b9aA16wuw/Fdinx+W8bnIQXxQXfTv/rWU+BHDdVF7JHR6pLMRoJ6poLmAxxpkJqy oZ9HJSGfZsFAF+Y3O1URyhsXp1z43ZRf2wFU/LbutC3kM1D5NCvqsYeTuqSeZLXK rOH8bH9QWu/xZw3Vl6u9ZaXOW5th6gkLIZ4J9LvxjDqMbilJBmCPl0zbszCUqPFa mnpzWZgFzuF+Iv8a7jWhsb2CelMPcBAOXjFOHvBX6WlM4JWSQqsreK1vMQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFC/jUMZm+CFk3XCp5vWIbKrzp5HQMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzliOGU5NjNlLTdmYTItNGJhMS1hNzhhLTRkMWZkNzk4OWIzMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/rEMA0GCSqGSIb3DQEBCwUAA4IBAQBQUhucvddSe7TtRlpDGGwV h+570XBKpycXoPdvRju9bL0hf1RVk25HE3jm/pg9lt4RQEvxP23Hh5XNphliksrV gW61ptGcfIgyTJ7zaXFZ64R4NvSSG+SGcgZvZnNZBFc2AqtpVOaU8e1ml/ziP1dl gc/q+0/H9LoXf6wVudhi0L1CmRM1vTVgLviC8GGKjRzYdGTpZWLwSLvIZLDD04vM Pnhl0Ha5Fd7IcW0N5XnxNdWege7Wvt21vk5jfK0lQK+1pvoA/ZCiajGr+CU7vF8a F443Akt1AuLxkzTGzQKGn5crCHiRy7aplLTi+tvUb6WWc4K8PyKGkIVqvtW45RVT -----END CERTIFICATE-----Generated at Wed May 13 01:06:05 2026 by rpki-client