$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0e0735d-a91e-478d-82d2-a3f04ee435d2.roa File: c0e0735d-a91e-478d-82d2-a3f04ee435d2.roa (raw, json) Hash identifier: WOtpQMaDaNuKM+DZB5LVINT71pvWNQYG7PFkMy9QZQ8= Subject key identifier: 32:C4:F6:24:42:81:BA:F6:AD:C9:F3:D2:ED:44:D1:1E:70:D8:B6:93 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7D86E9CA721FFD10612E6377FF327E6F88533E42 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0e0735d-a91e-478d-82d2-a3f04ee435d2.roa Signing time: Tue 24 Feb 2026 00:00:32 +0000 ROA not before: Tue 24 Feb 2026 00:00:32 +0000 ROA not after: Mon 25 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 43.218.158.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:86:e9:ca:72:1f:fd:10:61:2e:63:77:ff:32:7e:6f:88:53:3e:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 24 00:00:32 2026 GMT Not After : May 25 23:59:59 2026 GMT Subject: serialNumber=1dca3f10fe7b59015855e7d1a4cbe14771feb4bd4635c51e4df84512cc4e34d8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:12:68:51:f2:fb:5e:cc:b1:83:2c:d3:55:d4: 8e:42:41:79:a9:4d:cf:63:a2:33:5e:bf:f2:9f:91: 51:a2:3b:6b:60:d4:a7:72:4c:de:ba:cd:d5:78:53: a4:19:32:f6:c5:31:03:96:01:42:c0:51:ff:64:c2: 80:98:11:3a:84:c3:ae:59:8b:69:22:bd:54:ea:d3: 5d:0a:f8:a6:6a:5b:70:8b:d5:d1:ac:8c:a6:76:54: 65:74:98:ef:78:ef:38:e3:ca:85:19:ed:17:54:a8: 77:7d:5c:2b:98:22:3a:b2:a7:6e:82:3b:17:9c:97: fd:6a:da:4f:7c:75:f6:10:fb:b0:b7:54:e8:e3:60: 84:ba:18:04:e1:24:ca:09:d5:bb:73:e9:08:5c:24: a9:47:fd:38:ac:d9:8d:1c:6c:9b:84:8d:40:d3:ef: a9:06:b1:0e:52:14:9f:81:b6:5c:09:35:3e:43:7b: a8:a3:cb:7b:0b:db:ea:f7:b0:30:07:62:d7:75:16: 60:de:7d:2f:58:84:29:16:8e:44:64:f2:02:d6:e4: 5b:17:25:71:90:c9:92:09:f6:df:36:2a:05:bd:64: e1:d4:e9:03:c7:cb:f5:ca:fb:7a:01:13:eb:6c:5e: d4:fc:77:ac:dd:5a:cc:c0:7f:8a:d4:a8:db:28:aa: fd:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:C4:F6:24:42:81:BA:F6:AD:C9:F3:D2:ED:44:D1:1E:70:D8:B6:93 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0e0735d-a91e-478d-82d2-a3f04ee435d2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.218.158.0/23 Signature Algorithm: sha256WithRSAEncryption 59:cd:f4:34:73:68:d0:8e:f6:76:51:79:e8:02:d5:4f:50:bb: 6a:c8:9e:48:ab:d4:8d:28:fb:19:bd:9c:50:b9:83:75:fc:8f: e9:5a:ea:c7:2e:28:8a:d9:49:f5:5b:7c:8b:33:45:c6:e8:fd: 5b:97:6b:ef:19:43:c7:f1:df:ac:a2:25:bd:8b:06:10:da:10: e7:f1:6f:b1:82:f4:43:93:ce:e5:53:10:c7:04:1f:ef:21:ce: 4e:2a:03:44:73:27:a8:42:91:86:34:76:8b:7b:2d:06:24:c4: 11:5d:76:d8:83:c8:3f:1f:f5:17:68:d7:ed:4a:b3:e2:fc:e2: 49:2c:31:05:de:11:1c:01:b1:ae:a6:7e:10:c4:fa:bf:1d:3f: 3a:15:45:08:ef:6f:75:27:ba:d8:07:a3:d0:6a:16:00:e8:2a: 54:0f:05:e2:99:f3:56:2a:9a:05:27:ad:22:d6:b6:f7:cf:70: 05:04:bc:ec:f7:3b:8d:58:d6:fe:79:9f:f6:7b:f5:a9:82:12: e2:0e:0f:b1:a8:fc:a6:d0:46:67:8b:97:cd:9b:88:d1:5d:a2: 4c:51:c1:e0:c8:de:52:e7:a6:b4:ab:cf:e8:5d:15:79:e4:2d: cd:ab:44:9a:1c:5d:89:34:63:b1:ea:5d:ad:e0:d2:be:8a:fa: f5:e7:10:5a -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUfYbpynIf/RBhLmN3/zJ+b4hTPkIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyNDAwMDAzMloX DTI2MDUyNTIzNTk1OVowejFJMEcGA1UEBRNAMWRjYTNmMTBmZTdiNTkwMTU4NTVl N2QxYTRjYmUxNDc3MWZlYjRiZDQ2MzVjNTFlNGRmODQ1MTJjYzRlMzRkODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBJoUfL7XsyxgyzTVdSOQkF5qU3P Y6IzXr/yn5FRojtrYNSnckzeus3VeFOkGTL2xTEDlgFCwFH/ZMKAmBE6hMOuWYtp Ir1U6tNdCvimaltwi9XRrIymdlRldJjveO8448qFGe0XVKh3fVwrmCI6sqdugjsX nJf9atpPfHX2EPuwt1To42CEuhgE4STKCdW7c+kIXCSpR/04rNmNHGybhI1A0++p BrEOUhSfgbZcCTU+Q3uoo8t7C9vq97AwB2LXdRZg3n0vWIQpFo5EZPIC1uRbFyVx kMmSCfbfNioFvWTh1OkDx8v1yvt6ARPrbF7U/Hes3VrMwH+K1KjbKKr9SQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFDLE9iRCgbr2rcnz0u1E0R5w2LaTMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2MwZTA3MzVkLWE5MWUtNDc4ZC04MmQyLWEzZjA0ZWU0MzVkMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQBK9qeMA0GCSqGSIb3DQEBCwUAA4IBAQBZzfQ0c2jQjvZ2UXnoAtVP ULtqyJ5Iq9SNKPsZvZxQuYN1/I/pWurHLiiK2Un1W3yLM0XG6P1bl2vvGUPH8d+s oiW9iwYQ2hDn8W+xgvRDk87lUxDHBB/vIc5OKgNEcyeoQpGGNHaLey0GJMQRXXbY g8g/H/UXaNftSrPi/OJJLDEF3hEcAbGupn4QxPq/HT86FUUI7291J7rYB6PQahYA 6CpUDwXimfNWKpoFJ60i1rb3z3AFBLzs9zuNWNb+eZ/2e/WpghLiDg+xqPym0EZn i5fNm4jRXaJMUcHgyN5S56a0q8/oXRV55C3Nq0SaHF2JNGOx6l2t4NK+ivr15xBa -----END CERTIFICATE-----Generated at Sun Mar 1 21:52:19 2026 by rpki-client