$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0bce91dc-229b-42a7-9c92-722aa69f577e.roa File: 0bce91dc-229b-42a7-9c92-722aa69f577e.roa (raw, json) Hash identifier: pYXjPV8l8ylOcLmBagFBOkV1UNQdWz4VCZOXsw+nJCU= Subject key identifier: 49:33:53:32:E5:C7:FA:3A:79:01:3F:78:24:93:DA:CB:23:83:08:5C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4859AC0D84507C6D3530FE9EBD1F2569073EB590 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0bce91dc-229b-42a7-9c92-722aa69f577e.roa Signing time: Sun 22 Feb 2026 00:20:16 +0000 ROA not before: Sun 22 Feb 2026 00:20:16 +0000 ROA not after: Sat 23 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 43.198.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:59:ac:0d:84:50:7c:6d:35:30:fe:9e:bd:1f:25:69:07:3e:b5:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 22 00:20:16 2026 GMT Not After : May 23 23:59:59 2026 GMT Subject: serialNumber=d8d54ad8f45fd3d5b46a88429e72d04ee268eb2a17569a9c37cb69a84ed6b561, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:a8:f0:15:7a:2a:88:70:3e:4b:5d:d6:09:51: 7e:f9:c5:55:1b:b0:9b:af:68:e3:b1:ab:02:c9:dd: f9:93:3b:ca:70:c5:a2:38:5b:49:2d:b7:80:4e:24: ac:49:52:33:67:cc:e5:b4:69:cf:5a:60:fa:3c:89: 8d:17:fb:7f:89:4f:d6:6c:6e:69:40:c9:6a:87:97: 36:26:d4:9c:c3:7f:54:84:1b:88:68:e1:ce:53:22: e0:39:6c:68:a2:91:7a:cc:78:56:39:6e:7d:62:b1: e5:6f:31:4b:c0:91:97:4f:eb:6f:fa:fb:d6:0a:65: 5f:54:2b:6c:60:93:50:c3:4c:48:66:58:85:61:ca: 04:b7:18:5f:21:47:a8:a5:46:9b:3e:d2:f8:ed:5e: 39:b4:35:3b:3d:29:ca:7f:43:5f:3c:ec:cd:9e:70: c1:f0:53:d8:ff:fa:0e:d5:9d:30:07:11:85:e3:8b: 61:7b:59:2a:f3:ef:f1:ca:e3:59:4a:a8:5d:ef:fd: f4:56:29:cd:11:0d:66:42:3c:ac:f3:46:95:0e:29: fe:6c:ae:5f:d5:78:53:8f:dd:b2:93:01:46:b0:e2: 32:da:9c:b7:35:2a:fb:18:c6:da:7e:3b:f2:ec:db: ad:95:3f:5b:02:c5:c5:35:7e:5b:e9:51:ea:a5:a4: 75:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:33:53:32:E5:C7:FA:3A:79:01:3F:78:24:93:DA:CB:23:83:08:5C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0bce91dc-229b-42a7-9c92-722aa69f577e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.198.0.0/15 Signature Algorithm: sha256WithRSAEncryption 00:79:76:67:00:bb:b8:79:1a:65:f4:f4:18:46:ec:e1:17:28: 14:52:bb:0e:08:00:02:ec:c9:01:a2:9a:e7:c2:17:7b:26:fc: 0d:0f:cf:7d:ff:fd:32:62:82:13:fc:28:84:e3:e0:89:31:7d: 02:ce:66:79:15:1b:71:af:81:16:15:da:06:34:b3:13:5f:2b: 55:37:57:c0:f3:05:b9:29:5c:01:c3:89:05:0b:c6:e4:df:10: 2f:4e:5d:84:e8:53:58:0e:31:f3:5b:9e:14:fb:a6:5a:0c:6e: ef:c9:fe:86:30:9d:9a:4f:0d:39:9a:cd:17:4a:42:1d:4c:03: 1a:69:c5:64:16:c7:45:66:31:b1:b6:ee:13:58:ec:54:eb:96: 35:4a:87:0b:fc:13:8e:e1:ec:6a:f6:7d:a0:77:f6:2f:9a:0b: b8:fa:e4:47:ff:cf:9d:26:0c:4f:ec:30:f4:8c:77:e3:61:f9: cc:c5:0b:e5:d7:66:5d:c8:66:bf:b6:3a:7c:e8:85:71:25:5e: 54:c7:05:01:de:b5:8d:d1:56:ec:c2:b4:7f:33:19:b1:1a:9b: c9:4d:5b:bf:02:db:0a:4f:a2:97:03:dc:9f:e5:43:a7:7d:3e: b0:98:ec:bc:40:e4:e7:ae:82:51:fd:97:ce:31:1a:85:9b:55: be:73:53:f4 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUSFmsDYRQfG01MP6evR8laQc+tZAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMjAwMjAxNloX DTI2MDUyMzIzNTk1OVowejFJMEcGA1UEBRNAZDhkNTRhZDhmNDVmZDNkNWI0NmE4 ODQyOWU3MmQwNGVlMjY4ZWIyYTE3NTY5YTljMzdjYjY5YTg0ZWQ2YjU2MTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx6jwFXoqiHA+S13WCVF++cVVG7Cb r2jjsasCyd35kzvKcMWiOFtJLbeATiSsSVIzZ8zltGnPWmD6PImNF/t/iU/WbG5p QMlqh5c2JtScw39UhBuIaOHOUyLgOWxoopF6zHhWOW59YrHlbzFLwJGXT+tv+vvW CmVfVCtsYJNQw0xIZliFYcoEtxhfIUeopUabPtL47V45tDU7PSnKf0NfPOzNnnDB 8FPY//oO1Z0wBxGF44the1kq8+/xyuNZSqhd7/30VinNEQ1mQjys80aVDin+bK5f 1XhTj92ykwFGsOIy2py3NSr7GMbafjvy7NutlT9bAsXFNX5b6VHqpaR1WwIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFEkzUzLlx/o6eQE/eCST2ssjgwhcMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzBiY2U5MWRjLTIyOWItNDJhNy05YzkyLTcyMmFhNjlmNTc3ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMBK8YwDQYJKoZIhvcNAQELBQADggEBAAB5dmcAu7h5GmX09BhG7OEX KBRSuw4IAALsyQGimufCF3sm/A0Pz33//TJighP8KITj4IkxfQLOZnkVG3GvgRYV 2gY0sxNfK1U3V8DzBbkpXAHDiQULxuTfEC9OXYToU1gOMfNbnhT7ploMbu/J/oYw nZpPDTmazRdKQh1MAxppxWQWx0VmMbG27hNY7FTrljVKhwv8E47h7Gr2faB39i+a C7j65Ef/z50mDE/sMPSMd+Nh+czFC+XXZl3IZr+2OnzohXElXlTHBQHetY3RVuzC tH8zGbEam8lNW78C2wpPopcD3J/lQ6d9PrCY7LxA5OeuglH9l84xGoWbVb5zU/Q= -----END CERTIFICATE-----Generated at Sun Mar 1 23:48:06 2026 by rpki-client