$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1a029338-7973-4195-baed-4c6117fce277.roa File: 1a029338-7973-4195-baed-4c6117fce277.roa (raw, json) Hash identifier: h9Jj8TpH66bNybaYwiJx7n8v0OyLEjUPafVYxsG1n3k= Subject key identifier: E9:71:E5:91:D5:11:AE:89:71:41:54:02:8F:74:E6:E9:F8:34:FE:42 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7C550CC12649AF0F008E315EC9645B6FB2FB6136 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1a029338-7973-4195-baed-4c6117fce277.roa Signing time: Sun 22 Feb 2026 00:30:33 +0000 ROA not before: Sun 22 Feb 2026 00:30:33 +0000 ROA not after: Sat 23 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 43.212.69.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:55:0c:c1:26:49:af:0f:00:8e:31:5e:c9:64:5b:6f:b2:fb:61:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 22 00:30:33 2026 GMT Not After : May 23 23:59:59 2026 GMT Subject: serialNumber=000a4c49fcc65a71548820dc89ee966c033a646a30388c46084df0af2e650fe8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:2e:c1:a3:cd:6e:53:af:7b:26:9a:a6:07:5a: 51:75:c9:c7:1e:2c:e5:2b:b1:70:35:96:34:65:28: 25:42:b8:0e:82:5e:54:4e:b3:bf:d3:65:21:6d:1a: fd:28:6a:ba:34:fc:7c:a6:f8:6c:8a:53:4e:d3:5c: 34:65:8f:4b:8c:12:76:54:20:71:42:5f:9f:d3:04: 07:a5:af:ed:46:58:8c:34:e9:e3:32:5a:82:10:4c: 33:55:2d:cf:e2:10:31:98:96:8d:53:20:7d:83:89: f0:74:a5:69:99:00:17:fc:67:ea:44:d1:67:da:dc: e2:57:1b:db:14:23:a7:05:ed:9b:90:99:5d:5f:7b: fa:75:08:36:64:f5:bf:46:78:0a:07:e6:ee:b6:af: 6a:1c:8a:08:4d:7a:1c:8b:f2:6e:3e:68:1d:bf:fa: f1:39:e9:e6:f0:27:b4:bf:2d:9a:e0:34:d0:87:93: 9d:1f:a9:d0:85:84:64:8f:7a:43:29:22:f4:d5:7c: 59:ac:74:90:5c:82:19:37:ab:a7:4c:6e:1f:9f:1a: 08:98:11:18:45:32:3e:5e:4c:f5:42:55:42:46:7e: b9:cf:fd:7f:4c:47:65:a4:9b:ba:2f:2d:7c:96:ac: 84:92:06:fd:e0:06:34:a8:ec:f4:10:ba:67:05:ff: e6:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:71:E5:91:D5:11:AE:89:71:41:54:02:8F:74:E6:E9:F8:34:FE:42 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1a029338-7973-4195-baed-4c6117fce277.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.212.69.0/24 Signature Algorithm: sha256WithRSAEncryption 6d:ee:df:c9:e0:ae:11:57:0b:eb:e3:6d:f2:0d:40:94:fe:8b: 1a:f1:65:6e:24:33:15:f4:d7:88:b4:87:ac:e1:90:22:b0:3c: ee:dc:fe:ab:41:a8:ba:84:2e:7e:55:eb:4b:28:a3:97:ca:06: e9:27:0c:26:c7:a1:b2:5f:6c:cd:5c:c0:cd:13:f5:65:55:28: 85:e5:e0:c3:f4:67:67:43:e9:78:c2:50:ad:22:96:6b:3d:71: 49:dc:e4:b9:bc:93:e8:8a:31:e3:a6:21:0a:f4:dd:fc:ec:38: 51:c2:17:12:8b:e7:42:98:e8:21:dc:67:89:96:26:a8:d9:34: a0:b4:fb:02:80:c5:95:53:03:f1:e9:44:1d:6c:ef:ea:5e:ea: c3:51:66:1d:3e:12:7c:4d:77:8a:4d:c9:aa:ab:1e:cc:c9:72: 01:e7:b1:bd:04:8f:a3:1d:e1:47:45:84:d6:60:3e:61:c0:a9: 39:f1:01:77:95:1a:f0:e2:c5:44:b5:78:fb:49:c2:b9:f0:e6: d1:c6:ab:c6:a6:68:85:bc:80:93:9f:40:d7:e1:ee:83:85:8f: fa:f0:ec:ca:ee:ff:04:14:16:1f:ec:2f:40:90:4f:2b:e7:60: a2:82:69:0e:34:d0:37:3e:a3:f7:81:0c:d9:fc:5a:f5:09:f3: ad:fb:7f:e4 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUfFUMwSZJrw8AjjFeyWRbb7L7YTYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMjAwMzAzM1oX DTI2MDUyMzIzNTk1OVowejFJMEcGA1UEBRNAMDAwYTRjNDlmY2M2NWE3MTU0ODgy MGRjODllZTk2NmMwMzNhNjQ2YTMwMzg4YzQ2MDg0ZGYwYWYyZTY1MGZlODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsS7Bo81uU697JpqmB1pRdcnHHizl K7FwNZY0ZSglQrgOgl5UTrO/02UhbRr9KGq6NPx8pvhsilNO01w0ZY9LjBJ2VCBx Ql+f0wQHpa/tRliMNOnjMlqCEEwzVS3P4hAxmJaNUyB9g4nwdKVpmQAX/GfqRNFn 2tziVxvbFCOnBe2bkJldX3v6dQg2ZPW/RngKB+butq9qHIoITXoci/JuPmgdv/rx Oenm8Ce0vy2a4DTQh5OdH6nQhYRkj3pDKSL01XxZrHSQXIIZN6unTG4fnxoImBEY RTI+Xkz1QlVCRn65z/1/TEdlpJu6Ly18lqyEkgb94AY0qOz0ELpnBf/mUwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFOlx5ZHVEa6JcUFUAo905un4NP5CMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzFhMDI5MzM4LTc5NzMtNDE5NS1iYWVkLTRjNjExN2ZjZTI3Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9RFMA0GCSqGSIb3DQEBCwUAA4IBAQBt7t/J4K4RVwvr423yDUCU /osa8WVuJDMV9NeItIes4ZAisDzu3P6rQai6hC5+VetLKKOXygbpJwwmx6GyX2zN XMDNE/VlVSiF5eDD9GdnQ+l4wlCtIpZrPXFJ3OS5vJPoijHjpiEK9N387DhRwhcS i+dCmOgh3GeJliao2TSgtPsCgMWVUwPx6UQdbO/qXurDUWYdPhJ8TXeKTcmqqx7M yXIB57G9BI+jHeFHRYTWYD5hwKk58QF3lRrw4sVEtXj7ScK58ObRxqvGpmiFvICT n0DX4e6DhY/68OzK7v8EFBYf7C9AkE8r52CigmkONNA3PqP3gQzZ/Fr1CfOt+3/k -----END CERTIFICATE-----Generated at Sun Mar 1 22:26:13 2026 by rpki-client