$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/db0824bb-71b2-4f6e-b8ed-c10ee3d427ad.roa File: db0824bb-71b2-4f6e-b8ed-c10ee3d427ad.roa (raw, json) Hash identifier: 3M7EmbBXJhsAeK2WjPtv0elAqEv0V3bnciiFF1JzSlw= Subject key identifier: 29:B9:0E:B7:21:F1:9A:9B:74:A9:EE:76:9B:63:B2:4C:0D:CF:DD:35 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 25CB03FF729E31DDB8E5FB754DDA5989A501BEC1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/db0824bb-71b2-4f6e-b8ed-c10ee3d427ad.roa Signing time: Tue 24 Feb 2026 00:00:26 +0000 ROA not before: Tue 24 Feb 2026 00:00:26 +0000 ROA not after: Mon 25 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 43.216.63.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:cb:03:ff:72:9e:31:dd:b8:e5:fb:75:4d:da:59:89:a5:01:be:c1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 24 00:00:26 2026 GMT Not After : May 25 23:59:59 2026 GMT Subject: serialNumber=0044c779e6a2377d32f5d3ef9aa16e054d6ea6dd092396eed0b29f17747c571f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:ff:48:d1:86:b0:72:4d:fd:61:19:83:47:ac: d1:76:4e:da:4d:8a:e6:24:10:f3:eb:d6:67:f6:90: 12:c6:7a:dd:17:b5:e7:34:d4:20:76:08:f7:22:1d: e0:6a:4d:1b:5d:8e:ec:ed:6b:b8:18:20:d7:61:0a: 55:0b:69:cf:a1:09:0c:2b:59:11:21:c2:b3:f8:f1: 4d:7a:8f:0f:31:7b:c7:78:f9:a9:94:90:15:35:de: e7:a2:c0:3c:14:7d:ce:8e:69:1d:d7:f2:bd:3d:3e: df:c3:02:06:6d:5d:6d:df:43:f8:c2:c2:83:7b:40: 0c:99:b0:56:e5:1c:21:5a:96:9f:ec:23:2c:10:4b: b4:fa:3a:f4:d3:53:57:33:c6:2e:38:36:70:79:c8: 0c:89:6c:fd:97:2e:25:d4:15:a6:2b:c4:a2:c6:e6: f5:a3:bd:e2:b4:05:c8:88:5e:bc:92:4f:44:ad:a0: d3:9a:74:a5:0c:75:a1:30:bb:72:1a:fb:7d:23:2a: 7e:5d:e6:c0:81:13:97:68:a1:16:57:28:44:40:38: 03:27:22:95:51:54:19:40:52:c7:24:8f:31:78:5d: fb:ca:1a:c6:ac:2b:d1:d8:94:10:a3:df:58:47:ca: 66:d8:9c:c1:cc:a3:18:34:5b:fc:93:3e:f5:c0:cc: ce:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:B9:0E:B7:21:F1:9A:9B:74:A9:EE:76:9B:63:B2:4C:0D:CF:DD:35 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/db0824bb-71b2-4f6e-b8ed-c10ee3d427ad.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.216.63.0/24 Signature Algorithm: sha256WithRSAEncryption 0b:4b:ad:c1:fd:de:25:7c:c7:f9:85:90:57:60:98:72:e2:7f: e8:a6:a5:6c:38:5c:5a:ad:30:15:40:45:2a:de:de:b6:28:6f: af:69:00:70:0b:8d:f9:92:09:d7:1b:09:93:01:49:59:00:6a: 80:72:2e:b6:67:a6:06:9a:01:79:ab:28:e8:79:96:09:6d:6f: 58:e0:fb:63:61:a3:37:96:38:7f:b7:a6:63:d0:30:5b:21:c3: 8e:c6:ad:6d:54:65:a4:f7:6a:e4:67:c2:9d:5c:5d:38:fd:52: 3c:8b:a0:81:2c:4f:b8:23:46:9d:c6:46:2c:85:d4:ce:18:50: 39:e0:60:b6:10:81:2e:fb:17:29:d8:84:b8:42:3a:da:97:13: 52:78:0d:2a:7c:4b:79:8f:7b:d0:e8:a4:34:01:1a:18:0f:c3: ff:4a:f0:3e:42:b7:c7:88:f7:5d:36:48:e5:6b:07:f7:fb:94: 37:e1:b0:b2:2d:1b:2b:83:31:b1:0d:c3:b5:cc:90:86:33:64: bd:d6:8e:1d:08:ff:52:d0:39:23:ad:de:a3:a0:25:bf:23:73: 5b:5a:29:a2:f8:7d:57:b7:96:1b:e1:fb:ed:5a:4f:d9:46:39: f3:25:d2:d1:48:3d:98:1d:29:59:f5:02:8c:18:6c:ed:7c:b5: 45:5b:ec:09 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUJcsD/3KeMd245ft1TdpZiaUBvsEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyNDAwMDAyNloX DTI2MDUyNTIzNTk1OVowejFJMEcGA1UEBRNAMDA0NGM3NzllNmEyMzc3ZDMyZjVk M2VmOWFhMTZlMDU0ZDZlYTZkZDA5MjM5NmVlZDBiMjlmMTc3NDdjNTcxZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6f9I0Yawck39YRmDR6zRdk7aTYrm JBDz69Zn9pASxnrdF7XnNNQgdgj3Ih3gak0bXY7s7Wu4GCDXYQpVC2nPoQkMK1kR IcKz+PFNeo8PMXvHePmplJAVNd7nosA8FH3Ojmkd1/K9PT7fwwIGbV1t30P4wsKD e0AMmbBW5RwhWpaf7CMsEEu0+jr001NXM8YuODZwecgMiWz9ly4l1BWmK8Sixub1 o73itAXIiF68kk9EraDTmnSlDHWhMLtyGvt9Iyp+XebAgROXaKEWVyhEQDgDJyKV UVQZQFLHJI8xeF37yhrGrCvR2JQQo99YR8pm2JzBzKMYNFv8kz71wMzOOQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFCm5Drch8ZqbdKnudptjskwNz901MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RiMDgyNGJiLTcxYjItNGY2ZS1iOGVkLWMxMGVlM2Q0MjdhZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9g/MA0GCSqGSIb3DQEBCwUAA4IBAQALS63B/d4lfMf5hZBXYJhy 4n/opqVsOFxarTAVQEUq3t62KG+vaQBwC435kgnXGwmTAUlZAGqAci62Z6YGmgF5 qyjoeZYJbW9Y4PtjYaM3ljh/t6Zj0DBbIcOOxq1tVGWk92rkZ8KdXF04/VI8i6CB LE+4I0adxkYshdTOGFA54GC2EIEu+xcp2IS4QjralxNSeA0qfEt5j3vQ6KQ0ARoY D8P/SvA+QrfHiPddNkjlawf3+5Q34bCyLRsrgzGxDcO1zJCGM2S91o4dCP9S0Dkj rd6joCW/I3NbWimi+H1Xt5Yb4fvtWk/ZRjnzJdLRSD2YHSlZ9QKMGGztfLVFW+wJ -----END CERTIFICATE-----Generated at Mon Mar 2 01:41:36 2026 by rpki-client