$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/15f0df98-8d36-4eb8-8d73-6075251475ae.roa File: 15f0df98-8d36-4eb8-8d73-6075251475ae.roa (raw, json) Hash identifier: BXpeu+FBjPU9nzTs8/aIQtGKu5JUDvyawZ5wcDcUr3w= Subject key identifier: 5C:9B:15:29:97:E3:41:CD:E3:AE:EE:0D:F7:A4:70:A2:FB:CA:B9:86 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 49CA6C1A1ADE910A334516B503F731C2CD75E0E6 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/15f0df98-8d36-4eb8-8d73-6075251475ae.roa Signing time: Sun 22 Feb 2026 00:20:15 +0000 ROA not before: Sun 22 Feb 2026 00:20:15 +0000 ROA not after: Sat 23 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 43.220.0.0/15 maxlen: 15 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:ca:6c:1a:1a:de:91:0a:33:45:16:b5:03:f7:31:c2:cd:75:e0:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 22 00:20:15 2026 GMT Not After : May 23 23:59:59 2026 GMT Subject: serialNumber=bc50594016f1fc378e3063d93c47b479a71c1eabe9d16ac97c01ca796b365656, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:d0:3e:49:b2:e6:2d:c8:3e:03:13:a6:a1:43: 9b:b9:b5:ef:d9:66:08:15:8a:22:4d:92:43:dc:70: 39:68:fc:17:23:54:39:cd:d3:44:9b:eb:39:b2:7a: 65:31:c1:22:17:3c:d0:21:df:8e:02:05:b3:e8:f0: 6e:83:82:2c:a8:50:65:85:67:34:d5:7b:95:a5:ad: de:42:77:82:b1:1a:35:0b:7f:7b:f4:05:15:99:57: 37:ae:f9:18:27:dd:a2:ab:fe:49:fe:58:ed:77:3c: 24:29:a4:10:00:f6:af:b6:04:d3:c4:c0:2e:95:11: f5:3d:23:46:84:8e:70:d6:c4:ac:be:f6:7d:3e:64: 2c:fc:3e:29:94:27:d7:ac:ef:e8:96:55:fd:da:7e: 0f:ab:c3:0b:91:8e:39:4c:2b:13:90:09:42:62:ac: 50:64:c0:1e:63:34:e8:64:19:f2:75:8d:02:d1:f5: 9f:e1:7c:76:2a:13:2f:f0:86:11:79:16:5d:be:89: 3d:ca:52:94:70:5a:a7:d7:56:7f:d4:49:5c:b1:6b: c1:46:dc:6d:7c:f8:f8:f3:b6:2d:86:b4:51:c9:24: d6:68:99:86:62:52:81:dd:c2:35:3c:c2:6d:e6:3a: 41:38:94:28:a6:f5:98:dc:e0:39:c1:1b:02:d8:9b: 81:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:9B:15:29:97:E3:41:CD:E3:AE:EE:0D:F7:A4:70:A2:FB:CA:B9:86 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/15f0df98-8d36-4eb8-8d73-6075251475ae.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.220.0.0/15 Signature Algorithm: sha256WithRSAEncryption 1b:f9:05:c3:64:bd:52:e0:64:7a:1f:8c:3b:17:2a:e4:f6:7e: a7:3e:00:62:4c:d0:4e:5f:91:e9:b4:3b:90:fc:88:ed:f5:37: 4d:b7:87:13:30:cb:7a:df:6e:2c:a7:a4:fc:e2:92:85:d2:a0: d4:ef:72:30:77:75:18:6c:87:bb:49:f1:a0:1a:3e:bd:76:12: 50:95:29:a1:04:ab:f5:a7:00:81:27:9b:4e:98:aa:35:17:9b: 62:90:13:c7:6a:36:13:e0:d2:8f:a1:0e:b0:77:01:06:fd:fa: c1:53:c0:9d:48:de:26:65:24:38:c8:de:ab:89:67:88:f2:8b: a9:de:f0:a5:b4:35:6d:14:88:13:86:8b:38:ae:b8:e6:93:cb: 0c:b2:b2:88:77:93:04:9b:34:e4:e2:fe:f9:08:02:c2:1b:66: 7f:fb:2e:39:3d:09:f7:e8:7d:04:0b:af:96:ab:ff:51:70:48: fd:a5:fb:fe:f5:e0:55:f4:d5:70:50:8e:64:5a:88:59:2a:ba: 9b:4b:d8:3b:e9:5e:1e:97:8f:1d:cc:53:11:ea:af:b3:20:dd: 28:c2:25:39:82:e8:50:8a:88:40:3e:fa:e9:19:5d:ac:aa:41: b2:23:b4:46:0d:6a:59:d5:1e:e9:d3:c1:0f:8f:c1:25:e0:0e: 48:05:fd:8b -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUScpsGhrekQozRRa1A/cxws114OYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMjAwMjAxNVoX DTI2MDUyMzIzNTk1OVowejFJMEcGA1UEBRNAYmM1MDU5NDAxNmYxZmMzNzhlMzA2 M2Q5M2M0N2I0NzlhNzFjMWVhYmU5ZDE2YWM5N2MwMWNhNzk2YjM2NTY1NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9NA+SbLmLcg+AxOmoUObubXv2WYI FYoiTZJD3HA5aPwXI1Q5zdNEm+s5snplMcEiFzzQId+OAgWz6PBug4IsqFBlhWc0 1XuVpa3eQneCsRo1C3979AUVmVc3rvkYJ92iq/5J/ljtdzwkKaQQAPavtgTTxMAu lRH1PSNGhI5w1sSsvvZ9PmQs/D4plCfXrO/ollX92n4Pq8MLkY45TCsTkAlCYqxQ ZMAeYzToZBnydY0C0fWf4Xx2KhMv8IYReRZdvok9ylKUcFqn11Z/1ElcsWvBRtxt fPj487YthrRRySTWaJmGYlKB3cI1PMJt5jpBOJQopvWY3OA5wRsC2JuBhQIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFFybFSmX40HN467uDfekcKL7yrmGMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzE1ZjBkZjk4LThkMzYtNGViOC04ZDczLTYwNzUyNTE0NzVhZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMBK9wwDQYJKoZIhvcNAQELBQADggEBABv5BcNkvVLgZHofjDsXKuT2 fqc+AGJM0E5fkem0O5D8iO31N023hxMwy3rfbiynpPzikoXSoNTvcjB3dRhsh7tJ 8aAaPr12ElCVKaEEq/WnAIEnm06YqjUXm2KQE8dqNhPg0o+hDrB3AQb9+sFTwJ1I 3iZlJDjI3quJZ4jyi6ne8KW0NW0UiBOGiziuuOaTywyysoh3kwSbNOTi/vkIAsIb Zn/7Ljk9CffofQQLr5ar/1FwSP2l+/714FX01XBQjmRaiFkquptL2DvpXh6Xjx3M UxHqr7Mg3SjCJTmC6FCKiEA++ukZXayqQbIjtEYNalnVHunTwQ+PwSXgDkgF/Ys= -----END CERTIFICATE-----Generated at Sun Mar 1 23:54:46 2026 by rpki-client