$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9e22e8ea-542f-4e00-9946-45b52a3a47c4.roa File: 9e22e8ea-542f-4e00-9946-45b52a3a47c4.roa (raw, json) Hash identifier: S/QClSmU4dvSVK17GfgAQD0AUwZqqLHqqtFKDe2X62A= Subject key identifier: 6C:0C:71:91:88:53:D4:46:EC:EE:23:70:6F:65:EC:DE:6A:9D:23:81 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3FDDAFEF9F19BAEFF22E7CB3DCFF6666507EAE8B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9e22e8ea-542f-4e00-9946-45b52a3a47c4.roa Signing time: Fri 20 Feb 2026 00:00:16 +0000 ROA not before: Fri 20 Feb 2026 00:00:16 +0000 ROA not after: Thu 21 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 103.246.148.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:dd:af:ef:9f:19:ba:ef:f2:2e:7c:b3:dc:ff:66:66:50:7e:ae:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 20 00:00:16 2026 GMT Not After : May 21 23:59:59 2026 GMT Subject: serialNumber=8d3fc49091592fda09927c259aca5bc8cc79999de94069eb5c82b3fcd5d92ac0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:a8:7f:3e:6b:83:c9:63:12:c3:6c:ef:b9:af: 05:cc:d7:fb:df:d6:f4:1d:f1:5c:dc:af:53:7a:c5: d0:ef:11:4b:f5:26:df:12:53:92:50:55:70:51:65: 7e:17:8c:2f:68:a1:87:35:69:03:a0:22:01:9c:cb: 6f:0e:2a:43:bf:5b:90:45:bc:60:df:43:d0:56:bb: d0:3a:08:39:a6:cd:6f:70:09:90:0b:05:d9:58:be: 5d:2c:e7:e8:50:72:84:dd:b4:04:9c:5a:68:d3:6c: 0c:03:74:50:9f:2f:1d:ef:60:fc:68:e6:a1:9f:01: 8d:2d:7a:60:16:b1:ac:7e:de:02:0c:33:3a:a5:4c: f0:d5:ee:e8:37:e1:d8:21:cc:6b:54:85:11:97:52: 73:d4:05:0a:86:7a:90:96:8d:0d:47:eb:68:6f:66: 80:0f:e4:dd:03:14:01:56:1b:f8:9a:68:f1:15:b1: 65:64:ad:cb:b9:6f:f2:02:3b:87:c7:f7:04:9f:77: 5d:56:35:a6:dc:cc:e2:29:09:c3:2f:1f:0c:2c:84: ce:26:c2:ff:c6:07:24:74:fa:0f:88:d9:27:99:f4: 0a:3c:cc:b1:70:cc:b7:5d:9b:af:5c:a1:77:d7:aa: f7:0c:4c:ae:ab:b9:ed:02:55:d0:4f:34:b6:34:52: c7:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:0C:71:91:88:53:D4:46:EC:EE:23:70:6F:65:EC:DE:6A:9D:23:81 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9e22e8ea-542f-4e00-9946-45b52a3a47c4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.246.148.0/22 Signature Algorithm: sha256WithRSAEncryption 16:89:eb:e8:fc:da:c1:e7:63:8d:ec:6f:28:af:4e:3d:eb:53: f8:1e:78:ac:07:c6:dd:99:3a:8b:c6:c0:41:20:22:1f:f6:69: 25:25:8d:33:f1:9a:bb:12:05:d9:c5:4b:a7:40:4b:05:88:3a: 22:0d:51:48:37:3d:8f:5d:1f:0b:61:f6:29:00:72:88:05:84: 77:bd:ed:a8:44:f1:19:d9:b4:5c:63:da:90:50:09:4a:35:3a: c8:0d:9d:f2:53:46:9d:c0:9b:ec:b3:be:2e:63:fa:6c:78:35: 5d:dc:38:5d:59:27:ac:4f:10:c8:25:d3:68:de:d0:59:fa:2f: 31:f2:d0:a9:a6:6b:1c:c5:50:db:f7:7b:5e:5b:43:d7:a6:8d: ae:ac:ee:82:04:b2:7b:77:7f:72:a3:35:fb:c1:cf:59:84:f0: 05:58:58:b7:40:74:1b:2e:c8:02:ce:be:42:cc:e1:7c:36:39: 63:11:fb:c8:32:15:4d:8e:5e:4b:26:db:89:2b:2b:fc:90:78: 4c:c7:b2:77:0e:2a:34:5f:82:6e:ed:54:17:0e:26:16:1b:87: 3e:23:9a:73:c3:be:88:bc:ea:d5:35:f4:46:7e:5d:b9:bf:0e: d0:ab:26:07:f5:47:5a:c5:35:4a:cf:c4:16:99:1f:cd:12:ee: 17:c2:17:ab -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUP92v758Zuu/yLnyz3P9mZlB+roswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMDAwMDAxNloX DTI2MDUyMTIzNTk1OVowejFJMEcGA1UEBRNAOGQzZmM0OTA5MTU5MmZkYTA5OTI3 YzI1OWFjYTViYzhjYzc5OTk5ZGU5NDA2OWViNWM4MmIzZmNkNWQ5MmFjMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKh/PmuDyWMSw2zvua8FzNf739b0 HfFc3K9TesXQ7xFL9SbfElOSUFVwUWV+F4wvaKGHNWkDoCIBnMtvDipDv1uQRbxg 30PQVrvQOgg5ps1vcAmQCwXZWL5dLOfoUHKE3bQEnFpo02wMA3RQny8d72D8aOah nwGNLXpgFrGsft4CDDM6pUzw1e7oN+HYIcxrVIURl1Jz1AUKhnqQlo0NR+tob2aA D+TdAxQBVhv4mmjxFbFlZK3LuW/yAjuHx/cEn3ddVjWm3MziKQnDLx8MLITOJsL/ xgckdPoPiNknmfQKPMyxcMy3XZuvXKF316r3DEyuq7ntAlXQTzS2NFLHtQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFGwMcZGIU9RG7O4jcG9l7N5qnSOBMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzllMjJlOGVhLTU0MmYtNGUwMC05OTQ2LTQ1YjUyYTNhNDdjNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCZ/aUMA0GCSqGSIb3DQEBCwUAA4IBAQAWievo/NrB52ON7G8or049 61P4HnisB8bdmTqLxsBBICIf9mklJY0z8Zq7EgXZxUunQEsFiDoiDVFINz2PXR8L YfYpAHKIBYR3ve2oRPEZ2bRcY9qQUAlKNTrIDZ3yU0adwJvss74uY/pseDVd3Dhd WSesTxDIJdNo3tBZ+i8x8tCppmscxVDb93teW0PXpo2urO6CBLJ7d39yozX7wc9Z hPAFWFi3QHQbLsgCzr5CzOF8NjljEfvIMhVNjl5LJtuJKyv8kHhMx7J3Dio0X4Ju 7VQXDiYWG4c+I5pzw76IvOrVNfRGfl25vw7QqyYH9UdaxTVKz8QWmR/NEu4Xwher -----END CERTIFICATE-----Generated at Sun Mar 1 21:54:01 2026 by rpki-client