$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/084fc721-60a4-414f-b72d-dc01788e0fc2.roa File: 084fc721-60a4-414f-b72d-dc01788e0fc2.roa (raw, json) Hash identifier: Qgz5sR0Vig1ppgu8tnTCWngTlM2hHLZmy/F2C/XKfkA= Subject key identifier: CF:F0:8D:17:55:64:1F:22:A2:17:8A:49:73:44:71:27:29:E4:7F:1C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 63ECF17F13EB3CB0B6CA3F1937FBEEC4ADFAD5C8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/084fc721-60a4-414f-b72d-dc01788e0fc2.roa Signing time: Tue 24 Feb 2026 00:10:08 +0000 ROA not before: Tue 24 Feb 2026 00:10:08 +0000 ROA not after: Mon 25 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 43.216.61.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:ec:f1:7f:13:eb:3c:b0:b6:ca:3f:19:37:fb:ee:c4:ad:fa:d5:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 24 00:10:08 2026 GMT Not After : May 25 23:59:59 2026 GMT Subject: serialNumber=ea1fd2e02ef1d3fa911e6cc25d6d0f992e4b531473d313277b13c6431f18e39e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:1e:00:f9:66:b9:45:a5:08:ab:47:e3:c6:cd: 78:fe:56:f5:b7:8f:2f:af:1f:b1:94:aa:a6:b0:d3: 32:b3:b8:6d:b2:0d:01:59:13:6c:c6:99:18:50:75: 54:fd:82:5e:fd:ad:0d:94:f2:f7:ae:d6:df:4a:10: 91:ec:ee:a0:e1:ad:a6:61:ba:0a:e6:c4:40:a5:68: b0:9b:c7:b8:8d:96:b8:04:38:59:28:12:93:89:d2: 53:8f:55:b1:e2:50:ec:dd:5c:50:cf:f6:61:4a:62: ca:56:57:17:1e:a8:99:cf:8d:69:78:75:ad:54:49: cf:3f:c3:55:7b:62:e1:a4:17:d0:28:cb:ea:18:03: 51:66:80:f6:34:57:fd:78:18:aa:2e:60:55:ee:8b: ac:da:6c:5d:f0:ff:17:70:3b:1e:64:11:21:69:ca: 01:d9:f0:4a:f4:e8:9e:f5:7c:34:c0:e5:b7:23:60: 68:40:2e:1e:4a:ce:64:85:c0:4d:1d:5c:e0:dc:9f: 77:af:2a:a5:c6:78:ce:37:68:fc:43:9c:5a:02:76: 4a:f7:02:53:45:13:bb:5f:27:5a:50:af:99:04:c4: 59:3f:79:c8:80:f2:76:b3:fe:7c:24:b5:61:c4:22: 30:dd:f8:a4:32:0c:43:90:b2:a2:fa:2b:34:a7:9c: 94:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:F0:8D:17:55:64:1F:22:A2:17:8A:49:73:44:71:27:29:E4:7F:1C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/084fc721-60a4-414f-b72d-dc01788e0fc2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.216.61.0/24 Signature Algorithm: sha256WithRSAEncryption 9e:fa:da:36:78:bf:cf:0b:d8:53:d5:43:1f:1c:cd:7e:d9:16: 25:f7:9c:4e:65:8b:73:9d:b0:50:96:0a:6b:40:de:47:2d:b2: b6:53:c7:d2:51:ec:56:d3:70:b1:e2:09:6a:40:fb:fe:bf:2b: 4c:47:73:92:e1:4d:22:02:21:6e:0f:25:00:30:02:51:7b:82: 47:a1:49:b2:b0:77:40:ea:bd:c0:aa:fa:f0:c0:7a:f1:e6:ce: fc:01:5a:e4:db:5f:ef:70:40:13:3f:64:9e:71:d1:94:ef:25: 9c:3f:67:81:5c:17:a3:f3:da:33:40:1c:9e:c0:a3:73:cb:69: 83:14:1b:e7:dc:f1:f4:8b:39:b5:8b:03:99:0c:ab:7a:19:46: 9b:4c:b8:24:67:f0:bc:05:b5:7f:2d:bb:65:d9:1c:f1:a2:42: 77:b5:1f:3e:22:ff:8e:a0:a5:1c:f3:10:10:73:78:6a:65:fa: 5f:c0:65:4d:6c:47:1d:24:ac:c5:15:d2:95:dc:22:e9:25:6a: da:19:07:93:b3:60:6f:df:db:ee:40:b4:e2:a9:13:43:32:41: b8:94:af:e9:35:41:b8:d3:50:17:83:0b:1f:61:b8:cd:d8:f4: 53:b7:d4:50:cc:b2:c9:f3:65:98:c7:a4:b6:83:59:c5:c7:2f: 69:1b:63:4f -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUY+zxfxPrPLC2yj8ZN/vuxK361cgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyNDAwMTAwOFoX DTI2MDUyNTIzNTk1OVowejFJMEcGA1UEBRNAZWExZmQyZTAyZWYxZDNmYTkxMWU2 Y2MyNWQ2ZDBmOTkyZTRiNTMxNDczZDMxMzI3N2IxM2M2NDMxZjE4ZTM5ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxx4A+Wa5RaUIq0fjxs14/lb1t48v rx+xlKqmsNMys7htsg0BWRNsxpkYUHVU/YJe/a0NlPL3rtbfShCR7O6g4a2mYboK 5sRApWiwm8e4jZa4BDhZKBKTidJTj1Wx4lDs3VxQz/ZhSmLKVlcXHqiZz41peHWt VEnPP8NVe2LhpBfQKMvqGANRZoD2NFf9eBiqLmBV7ous2mxd8P8XcDseZBEhacoB 2fBK9Oie9Xw0wOW3I2BoQC4eSs5khcBNHVzg3J93ryqlxnjON2j8Q5xaAnZK9wJT RRO7XydaUK+ZBMRZP3nIgPJ2s/58JLVhxCIw3fikMgxDkLKi+is0p5yU4wIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFM/wjRdVZB8ioheKSXNEcScp5H8cMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzA4NGZjNzIxLTYwYTQtNDE0Zi1iNzJkLWRjMDE3ODhlMGZjMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9g9MA0GCSqGSIb3DQEBCwUAA4IBAQCe+to2eL/PC9hT1UMfHM1+ 2RYl95xOZYtznbBQlgprQN5HLbK2U8fSUexW03Cx4glqQPv+vytMR3OS4U0iAiFu DyUAMAJRe4JHoUmysHdA6r3AqvrwwHrx5s78AVrk21/vcEATP2SecdGU7yWcP2eB XBej89ozQByewKNzy2mDFBvn3PH0izm1iwOZDKt6GUabTLgkZ/C8BbV/Lbtl2Rzx okJ3tR8+Iv+OoKUc8xAQc3hqZfpfwGVNbEcdJKzFFdKV3CLpJWraGQeTs2Bv39vu QLTiqRNDMkG4lK/pNUG401AXgwsfYbjN2PRTt9RQzLLJ82WYx6S2g1nFxy9pG2NP -----END CERTIFICATE-----Generated at Sun Mar 1 21:57:24 2026 by rpki-client