$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9489db20-95e0-4921-9118-b2516a901b12.roa File: 9489db20-95e0-4921-9118-b2516a901b12.roa (raw, json) Hash identifier: UH3XoYz0zFjroFzBngsCK5ZUNlGwdrgtHIQ79idQkYk= Subject key identifier: 95:D2:4F:79:5F:21:A2:73:3B:90:AB:FC:18:97:DF:35:DE:DC:FB:5A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 43C0494E371CAEE60ADD8DD95E98ED76D0B63780 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9489db20-95e0-4921-9118-b2516a901b12.roa Signing time: Tue 24 Feb 2026 00:00:04 +0000 ROA not before: Tue 24 Feb 2026 00:00:04 +0000 ROA not after: Mon 25 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 43.216.72.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:c0:49:4e:37:1c:ae:e6:0a:dd:8d:d9:5e:98:ed:76:d0:b6:37:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 24 00:00:04 2026 GMT Not After : May 25 23:59:59 2026 GMT Subject: serialNumber=2aed1b1b5953f77f7110d0f3f76c22a661384e326dcd3a2dc1371c98c2e8ef2a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:55:19:b0:32:50:ff:ae:e1:21:35:23:27:d5: fe:02:40:2d:ea:e5:ba:d2:a9:bb:61:9c:a7:24:cb: 87:c7:e6:3c:48:75:d4:34:08:8f:11:01:59:31:69: 80:ad:ff:78:4b:63:d9:5d:16:51:b2:77:1e:51:e9: 0d:5b:f7:17:c5:49:d4:3d:4f:63:15:6e:fc:96:d0: 1c:b0:6e:dc:e9:0e:af:bb:d9:00:e8:85:72:9e:0c: cc:c0:ae:54:5a:d3:fd:d9:e3:8d:ce:c7:53:7e:20: 8a:d3:7f:13:c9:5a:f9:2d:20:d5:ed:9a:c2:13:da: 4d:e5:8c:18:63:b5:4b:24:bf:88:79:dd:b9:8e:4c: 5a:eb:2c:bd:13:05:e5:a2:fe:f6:1e:a3:eb:ba:54: 52:ed:1c:3a:24:34:08:0b:ec:88:c2:8d:78:bb:9e: 0a:2b:1d:af:0f:0b:d9:71:a7:31:6c:b6:aa:2d:41: 85:ed:c3:f7:e7:7d:f0:fd:77:40:66:a6:33:fb:45: d5:3b:51:7f:25:50:29:ba:e6:d6:18:2a:b2:4a:ce: 43:b1:d0:a8:d3:dc:31:ff:69:b9:54:7f:30:de:fe: f3:ad:a0:ff:eb:c6:fb:d4:c1:ac:67:2d:db:1e:8d: 60:3a:55:86:95:fd:1c:0f:83:91:ca:cb:b8:57:a1: d2:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:D2:4F:79:5F:21:A2:73:3B:90:AB:FC:18:97:DF:35:DE:DC:FB:5A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9489db20-95e0-4921-9118-b2516a901b12.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.216.72.0/24 Signature Algorithm: sha256WithRSAEncryption 19:70:5a:7a:3d:b4:ef:50:cb:95:ce:d1:be:66:ab:2f:3b:44: 2d:f7:93:85:89:83:f0:1c:68:a7:12:e2:63:db:bd:43:e8:11: 25:19:11:18:8e:0d:1f:cf:6d:e8:f9:44:2a:fd:83:df:ea:9b: 47:a0:0f:b9:5e:8f:8a:30:28:68:7c:ab:d7:7f:9e:29:44:b4: 58:ea:c3:bb:99:13:5c:ad:d6:0a:17:af:95:7c:17:ad:7d:6b: 1c:ef:aa:fc:b3:af:2e:3c:79:7d:5a:3a:f6:b3:6c:6d:f5:61: 7b:57:dd:9f:c0:d9:4e:1e:25:50:bb:4a:90:23:76:a7:fe:48: 24:c6:70:49:72:34:35:70:0f:ad:4f:32:62:8f:4d:87:2d:47: a8:be:76:04:44:08:4e:fb:af:c9:34:f0:5a:bf:92:45:e6:fd: 23:bc:75:cb:97:14:42:4b:7b:cf:15:4f:76:08:03:c6:d0:3f: df:93:a9:1c:e4:86:a0:b1:a0:c9:d5:5d:78:03:3f:d7:90:9d: 11:5a:00:f1:2d:4a:f0:8f:aa:37:08:fc:9c:26:32:e6:90:18: 01:fc:1c:9c:ea:c7:61:e4:fc:9b:5e:84:bd:ea:f1:aa:86:f9: 9b:45:c0:4d:f8:ef:9b:81:ee:8e:b6:c5:ba:80:0f:f1:14:0c: cd:11:be:c9 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUQ8BJTjccruYK3Y3ZXpjtdtC2N4AwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyNDAwMDAwNFoX DTI2MDUyNTIzNTk1OVowejFJMEcGA1UEBRNAMmFlZDFiMWI1OTUzZjc3ZjcxMTBk MGYzZjc2YzIyYTY2MTM4NGUzMjZkY2QzYTJkYzEzNzFjOThjMmU4ZWYyYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1UZsDJQ/67hITUjJ9X+AkAt6uW6 0qm7YZynJMuHx+Y8SHXUNAiPEQFZMWmArf94S2PZXRZRsnceUekNW/cXxUnUPU9j FW78ltAcsG7c6Q6vu9kA6IVyngzMwK5UWtP92eONzsdTfiCK038TyVr5LSDV7ZrC E9pN5YwYY7VLJL+Ied25jkxa6yy9EwXlov72HqPrulRS7Rw6JDQIC+yIwo14u54K Kx2vDwvZcacxbLaqLUGF7cP3533w/XdAZqYz+0XVO1F/JVApuubWGCqySs5DsdCo 09wx/2m5VH8w3v7zraD/68b71MGsZy3bHo1gOlWGlf0cD4ORysu4V6HSvwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFJXST3lfIaJzO5Cr/BiX3zXe3PtaMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzk0ODlkYjIwLTk1ZTAtNDkyMS05MTE4LWIyNTE2YTkwMWIxMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9hIMA0GCSqGSIb3DQEBCwUAA4IBAQAZcFp6PbTvUMuVztG+Zqsv O0Qt95OFiYPwHGinEuJj271D6BElGREYjg0fz23o+UQq/YPf6ptHoA+5Xo+KMCho fKvXf54pRLRY6sO7mRNcrdYKF6+VfBetfWsc76r8s68uPHl9Wjr2s2xt9WF7V92f wNlOHiVQu0qQI3an/kgkxnBJcjQ1cA+tTzJij02HLUeovnYERAhO+6/JNPBav5JF 5v0jvHXLlxRCS3vPFU92CAPG0D/fk6kc5IagsaDJ1V14Az/XkJ0RWgDxLUrwj6o3 CPycJjLmkBgB/Byc6sdh5PybXoS96vGqhvmbRcBN+O+bge6OtsW6gA/xFAzNEb7J -----END CERTIFICATE-----Generated at Mon Mar 2 00:16:28 2026 by rpki-client