$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dbe44f29-2c7d-46ec-898d-c756e1c81196.roa File: dbe44f29-2c7d-46ec-898d-c756e1c81196.roa (raw, json) Hash identifier: p2BGQo5AiCaA9LLKRjYVPNtUkDx9S9SogtiZsfuCcVI= Subject key identifier: 82:5F:35:41:5D:EE:B9:B9:A3:01:F0:78:20:E3:C0:22:66:83:2E:28 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 672E456422BEE5FCD18688519F9BD407BED7B530 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dbe44f29-2c7d-46ec-898d-c756e1c81196.roa Signing time: Tue 24 Feb 2026 00:00:28 +0000 ROA not before: Tue 24 Feb 2026 00:00:28 +0000 ROA not after: Mon 25 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 43.216.52.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:2e:45:64:22:be:e5:fc:d1:86:88:51:9f:9b:d4:07:be:d7:b5:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 24 00:00:28 2026 GMT Not After : May 25 23:59:59 2026 GMT Subject: serialNumber=ff805c54c65bffbf45b7e2524d715139d44c2ccef72c37ff8c03d860ecf3896e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:87:20:e5:39:f2:ca:f7:84:39:b1:c4:f2:ff:03: e7:4e:cc:5b:38:23:49:bd:ca:eb:31:ca:28:c2:50: 4a:90:19:56:86:a4:88:06:11:3d:92:89:8b:5e:00: 32:3f:1c:aa:4c:ef:a9:85:d9:1f:33:bc:94:49:78: d5:95:da:0d:e5:b8:a8:04:84:db:b7:58:d5:84:9f: eb:cd:8b:7f:bc:97:2b:10:7e:55:fa:11:a9:e5:f9: 80:fa:c3:d4:e4:59:8a:b1:15:1e:de:80:97:25:db: 4e:d9:ea:0b:2d:61:e6:1e:4e:c6:70:39:89:89:63: 69:f5:d5:cc:26:a1:34:63:fc:53:3a:86:d9:c3:7e: 86:bb:15:25:05:ec:e9:fb:34:ac:e0:12:5f:7d:04: 47:40:1f:c4:eb:69:99:c1:55:4a:48:9a:38:0d:9d: 33:d6:da:b3:5b:a9:12:5c:a9:96:30:48:56:2d:5a: ad:5b:ba:e3:4a:c1:e8:be:62:7a:22:9f:7c:eb:04: b5:67:db:3e:45:ab:9a:15:68:f5:2f:79:a9:1a:26: d1:d4:f7:d0:6d:f4:91:bd:7b:9d:75:54:bf:55:aa: 9d:e9:fa:63:a6:39:93:59:35:ed:d9:bd:91:fd:37: cb:dc:f1:c6:c8:8f:47:27:78:81:af:36:75:7d:e6: 46:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:5F:35:41:5D:EE:B9:B9:A3:01:F0:78:20:E3:C0:22:66:83:2E:28 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dbe44f29-2c7d-46ec-898d-c756e1c81196.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.216.52.0/23 Signature Algorithm: sha256WithRSAEncryption 1b:07:7a:2f:ba:fd:ab:59:84:a2:88:1a:44:62:0d:a9:b6:4d: 48:83:4d:3e:76:98:f0:eb:be:02:d8:4a:38:31:3c:60:ea:51: 20:fa:7f:f5:63:5a:a2:ae:73:5e:b1:11:d2:1b:c8:0e:c4:fb: 5c:4b:29:ff:60:fa:d8:63:70:91:77:ff:82:b5:21:b0:b3:1a: ca:d8:06:ec:f6:8b:a0:bf:6f:7f:bc:8f:36:c0:9d:5a:a7:33: 8d:60:d1:61:00:9f:c1:a6:e4:11:8b:81:3b:f5:0a:40:da:70: 51:5d:53:83:24:db:0c:7d:d1:4c:ec:1b:f4:ab:6b:aa:ac:14: ef:8b:5a:60:19:58:c8:e8:2c:1e:50:3d:de:1d:7a:e5:e6:8e: 37:98:e3:0d:40:79:2a:48:ec:e3:8d:71:97:1e:9d:f8:1d:73: a6:82:6d:3f:6a:ec:73:e1:be:fe:97:e5:e0:db:da:36:58:b1: e2:af:20:4c:f5:de:b2:17:d4:3e:7f:7e:26:07:bc:02:83:c9: c5:85:27:bf:10:6f:d0:18:41:67:5c:c5:34:3f:ca:78:24:18: a2:0b:78:9e:46:8b:b7:f0:10:d7:bb:4b:d5:bd:6c:5b:e0:52: 8f:71:ab:41:22:6b:a7:64:52:eb:a9:3c:f3:56:0d:c6:c4:86: cc:7e:00:be -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUZy5FZCK+5fzRhohRn5vUB77XtTAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyNDAwMDAyOFoX DTI2MDUyNTIzNTk1OVowejFJMEcGA1UEBRNAZmY4MDVjNTRjNjViZmZiZjQ1Yjdl MjUyNGQ3MTUxMzlkNDRjMmNjZWY3MmMzN2ZmOGMwM2Q4NjBlY2YzODk2ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhyDlOfLK94Q5scTy/wPnTsxbOCNJ vcrrMcoowlBKkBlWhqSIBhE9komLXgAyPxyqTO+phdkfM7yUSXjVldoN5bioBITb t1jVhJ/rzYt/vJcrEH5V+hGp5fmA+sPU5FmKsRUe3oCXJdtO2eoLLWHmHk7GcDmJ iWNp9dXMJqE0Y/xTOobZw36GuxUlBezp+zSs4BJffQRHQB/E62mZwVVKSJo4DZ0z 1tqzW6kSXKmWMEhWLVqtW7rjSsHovmJ6Ip986wS1Z9s+RauaFWj1L3mpGibR1PfQ bfSRvXuddVS/Vaqd6fpjpjmTWTXt2b2R/TfL3PHGyI9HJ3iBrzZ1feZGxwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFIJfNUFd7rm5owHweCDjwCJmgy4oMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RiZTQ0ZjI5LTJjN2QtNDZlYy04OThkLWM3NTZlMWM4MTE5Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQBK9g0MA0GCSqGSIb3DQEBCwUAA4IBAQAbB3ovuv2rWYSiiBpEYg2p tk1Ig00+dpjw674C2Eo4MTxg6lEg+n/1Y1qirnNesRHSG8gOxPtcSyn/YPrYY3CR d/+CtSGwsxrK2Abs9ougv29/vI82wJ1apzONYNFhAJ/BpuQRi4E79QpA2nBRXVOD JNsMfdFM7Bv0q2uqrBTvi1pgGVjI6CweUD3eHXrl5o43mOMNQHkqSOzjjXGXHp34 HXOmgm0/auxz4b7+l+Xg29o2WLHiryBM9d6yF9Q+f34mB7wCg8nFhSe/EG/QGEFn XMU0P8p4JBiiC3ieRou38BDXu0vVvWxb4FKPcatBImunZFLrqTzzVg3GxIbMfgC+ -----END CERTIFICATE-----Generated at Sun Mar 1 21:55:39 2026 by rpki-client