$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/10466492-6e57-4b27-906d-531139de21f0.roa File: 10466492-6e57-4b27-906d-531139de21f0.roa (raw, json) Hash identifier: XcNRRafGHpZ6iP+X5vEMgzzC2f7fasQ9DCBG6ozVS5M= Subject key identifier: F7:47:A9:8F:F6:24:81:63:A6:CB:C3:54:5C:B0:5A:23:CD:FC:9F:84 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 31D02940BE95AFC3B5DAE609955805AD86170701 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/10466492-6e57-4b27-906d-531139de21f0.roa Signing time: Tue 24 Feb 2026 00:00:30 +0000 ROA not before: Tue 24 Feb 2026 00:00:30 +0000 ROA not after: Mon 25 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 43.218.156.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:d0:29:40:be:95:af:c3:b5:da:e6:09:95:58:05:ad:86:17:07:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 24 00:00:30 2026 GMT Not After : May 25 23:59:59 2026 GMT Subject: serialNumber=370da5d9798de4f3da3eb320a5745cd3c3501c976c5e8631fa8e86cfa06c8eae, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:2e:c1:92:97:46:27:ff:68:df:66:51:f9:83: 9d:e3:93:cd:fa:0c:57:fe:0b:ec:56:88:21:36:33: 5f:68:16:35:b1:6b:31:70:b2:8b:35:2a:b0:ad:78: a6:3e:68:16:59:85:39:ee:37:63:1d:d4:88:55:8f: bf:6e:31:2f:98:62:25:c1:02:51:67:4f:1b:e9:0d: aa:8b:fd:5f:d9:39:b0:c1:fb:a7:db:c0:1e:9c:bd: 02:5f:67:42:3c:f7:b9:cc:09:53:31:96:4f:38:bb: be:aa:ef:9e:9a:73:30:7b:f3:cd:8a:48:78:68:8b: 61:44:24:f8:6c:8f:65:80:a6:f0:04:28:69:57:07: f6:6f:7e:85:ad:e0:f0:ff:ba:3a:68:71:42:4c:78: ad:0d:bd:34:76:60:82:60:0f:22:5c:c1:6f:06:1d: 83:72:23:d9:1b:5e:5f:9a:84:8e:30:cb:b3:5a:14: 29:fa:cf:cf:7f:22:2b:a8:61:7b:33:31:c1:f1:8c: 13:d2:08:16:e0:d7:f6:69:69:7a:e6:88:79:54:cd: ac:c9:74:16:db:ac:c0:49:a8:92:9f:f1:6a:e1:17: ce:a2:be:ea:88:a2:4a:7c:1d:8d:77:c6:47:5d:9f: 57:b0:2d:ff:06:6e:86:af:78:a2:cc:bf:a4:f5:8f: 52:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:47:A9:8F:F6:24:81:63:A6:CB:C3:54:5C:B0:5A:23:CD:FC:9F:84 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/10466492-6e57-4b27-906d-531139de21f0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.218.156.0/24 Signature Algorithm: sha256WithRSAEncryption 1d:9d:7e:91:60:99:6e:d8:3d:ef:90:41:a8:32:e2:40:0d:c2: 39:3a:8a:06:72:90:c6:4d:c0:66:6b:ac:d2:30:c7:7a:2c:64: d8:5a:98:de:92:03:03:1c:87:66:7e:d1:5f:41:1c:0a:69:80: f8:63:27:34:fa:60:b6:34:e0:46:da:17:3e:48:8c:07:c9:a0: 2b:9f:2a:12:ac:ba:f2:e7:24:09:c9:46:e1:09:88:64:14:75: bd:d1:81:2e:6f:b4:22:08:f1:2f:93:5c:34:45:74:a9:83:06: 74:15:92:0d:9e:1b:a5:bd:f6:83:d1:e4:ce:ea:ed:88:5f:f5: 92:31:78:48:55:4d:5f:33:5f:51:f6:ce:ea:c7:d5:b7:34:48: 96:19:67:74:fa:69:b2:15:b2:9f:3f:0d:9e:f2:0a:fe:95:c1: 9e:f6:2e:b5:ed:9a:ce:a7:cc:33:74:17:0e:af:06:05:0a:64: e5:46:1a:c9:aa:71:53:ff:be:b3:12:37:a2:9a:68:cc:50:47: ec:46:4c:01:a7:75:df:2e:8d:d9:05:0b:df:f6:a5:39:c9:43: 10:c6:cc:b1:d2:9d:0b:e6:73:5a:eb:46:08:3a:a3:ab:ee:9c: 61:1a:73:3f:6d:ad:32:79:52:68:0a:4a:34:bf:a6:77:46:5d: c4:bf:dd:45 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUMdApQL6Vr8O12uYJlVgFrYYXBwEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyNDAwMDAzMFoX DTI2MDUyNTIzNTk1OVowejFJMEcGA1UEBRNAMzcwZGE1ZDk3OThkZTRmM2RhM2Vi MzIwYTU3NDVjZDNjMzUwMWM5NzZjNWU4NjMxZmE4ZTg2Y2ZhMDZjOGVhZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0i7BkpdGJ/9o32ZR+YOd45PN+gxX /gvsVoghNjNfaBY1sWsxcLKLNSqwrXimPmgWWYU57jdjHdSIVY+/bjEvmGIlwQJR Z08b6Q2qi/1f2Tmwwfun28AenL0CX2dCPPe5zAlTMZZPOLu+qu+emnMwe/PNikh4 aIthRCT4bI9lgKbwBChpVwf2b36FreDw/7o6aHFCTHitDb00dmCCYA8iXMFvBh2D ciPZG15fmoSOMMuzWhQp+s/PfyIrqGF7MzHB8YwT0ggW4Nf2aWl65oh5VM2syXQW 26zASaiSn/Fq4RfOor7qiKJKfB2Nd8ZHXZ9XsC3/Bm6Gr3iizL+k9Y9SHwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFPdHqY/2JIFjpsvDVFywWiPN/J+EMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzEwNDY2NDkyLTZlNTctNGIyNy05MDZkLTUzMTEzOWRlMjFmMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9qcMA0GCSqGSIb3DQEBCwUAA4IBAQAdnX6RYJlu2D3vkEGoMuJA DcI5OooGcpDGTcBma6zSMMd6LGTYWpjekgMDHIdmftFfQRwKaYD4Yyc0+mC2NOBG 2hc+SIwHyaArnyoSrLry5yQJyUbhCYhkFHW90YEub7QiCPEvk1w0RXSpgwZ0FZIN nhulvfaD0eTO6u2IX/WSMXhIVU1fM19R9s7qx9W3NEiWGWd0+mmyFbKfPw2e8gr+ lcGe9i617ZrOp8wzdBcOrwYFCmTlRhrJqnFT/76zEjeimmjMUEfsRkwBp3XfLo3Z BQvf9qU5yUMQxsyx0p0L5nNa60YIOqOr7pxhGnM/ba0yeVJoCko0v6Z3Rl3Ev91F -----END CERTIFICATE-----Generated at Sun Mar 1 23:57:45 2026 by rpki-client