$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ea00a163-31aa-4894-aa58-c2946b21cd7e.roa File: ea00a163-31aa-4894-aa58-c2946b21cd7e.roa (raw, json) Hash identifier: 51GM5PyOPHUC2R87bxljumM0NUeMdBlWMrEl57TCrKE= Subject key identifier: EA:50:D0:39:9F:DE:AD:4A:55:6F:EF:C5:E8:2B:DA:F0:0C:19:DA:5B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5D5615DAD0C913B80953711402649A6FE48B2970 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ea00a163-31aa-4894-aa58-c2946b21cd7e.roa Signing time: Wed 25 Feb 2026 00:00:50 +0000 ROA not before: Wed 25 Feb 2026 00:00:50 +0000 ROA not after: Tue 26 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 43.208.60.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:56:15:da:d0:c9:13:b8:09:53:71:14:02:64:9a:6f:e4:8b:29:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 25 00:00:50 2026 GMT Not After : May 26 23:59:59 2026 GMT Subject: serialNumber=17188aa2bd366adad31d23d8ea1f9b4fb6aab6b6cff10ec2bb6c737263bfb1af, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:07:99:7e:d0:d8:b6:d3:26:63:d6:1f:13:1f: a2:6f:7e:88:7a:61:cc:30:ef:4a:21:d1:86:09:de: c2:ee:b5:1c:9e:f8:0b:69:8c:e8:70:8e:fc:f8:fb: a9:c7:6c:4c:e6:6f:c8:99:bf:ad:fd:94:b4:c0:ed: 07:a5:57:f7:48:1a:ac:11:ac:d1:0b:ee:40:2e:2b: 43:30:98:67:0d:8d:ec:cf:f5:1b:60:6f:18:9e:7e: 60:a0:f4:aa:34:db:5c:0d:32:df:a1:dd:6e:b1:70: 3e:09:e7:f5:99:f9:7d:e5:ae:76:14:7a:2e:8c:0c: 6b:51:1c:06:4d:fc:09:a3:08:7b:03:7c:25:d0:d8: 1c:d2:9d:3f:3f:59:6a:77:56:20:29:42:f4:7c:26: e7:0e:bc:09:6a:6e:e4:5f:b3:6b:4c:f8:5f:37:9a: a4:9e:cb:92:5c:60:4a:ab:a2:f3:b5:ec:56:c7:d3: 87:6e:5b:12:10:51:4c:b4:2c:97:50:64:ae:96:70: 0c:cc:25:8d:bf:45:f9:97:22:cc:a9:b7:e0:24:0f: bb:bb:a5:34:fb:8c:05:2f:a4:ac:e3:e2:a9:c1:99: 65:4c:f1:31:7e:fa:81:d1:7a:27:8f:d3:0b:55:cd: 9f:14:66:52:0c:20:63:fb:98:b2:4e:9e:aa:08:52: b8:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:50:D0:39:9F:DE:AD:4A:55:6F:EF:C5:E8:2B:DA:F0:0C:19:DA:5B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ea00a163-31aa-4894-aa58-c2946b21cd7e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.208.60.0/24 Signature Algorithm: sha256WithRSAEncryption a7:7e:56:a0:de:26:3d:71:4a:34:3f:c3:ba:31:19:8c:28:85: 00:71:4d:8e:8a:b2:b3:97:7f:5c:00:5b:15:c2:4b:13:a2:02: 8c:00:ae:6b:9b:47:b4:ec:f7:48:4f:4e:12:4c:78:85:2b:cc: 98:47:fc:49:0f:e4:5b:a0:4e:48:18:35:7b:e0:88:4a:92:a4: 04:97:97:18:f3:b6:e6:c1:1a:c2:08:64:6f:7c:6c:f5:e1:a9: 86:3f:be:e7:29:e3:8d:0c:d4:f3:22:e7:f0:42:68:95:b2:79: 13:37:1d:a7:48:06:3e:31:42:4a:78:3c:3c:7a:69:00:a4:bd: 31:d1:be:49:7b:6b:e8:5f:16:a4:80:77:a7:70:b3:6a:3d:0d: 41:13:2c:76:7c:e0:de:63:3f:dc:b4:1e:51:49:26:2f:f4:74: 27:c0:4b:62:03:7f:e9:98:1e:93:d1:71:30:e4:cc:3d:36:07: 81:35:85:5e:39:e9:4f:54:f2:b8:65:37:5f:16:6f:86:5d:65: 57:02:3a:24:58:e1:d1:5d:c7:de:5f:00:4f:9a:3e:c2:a4:e0: f8:ed:52:81:9f:18:11:da:31:4d:a0:3c:96:87:51:50:93:3f: bd:8b:72:9f:10:a0:e4:29:61:ba:24:4e:ba:67:74:6a:7c:28: b3:81:75:83 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUXVYV2tDJE7gJU3EUAmSab+SLKXAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyNTAwMDA1MFoX DTI2MDUyNjIzNTk1OVowejFJMEcGA1UEBRNAMTcxODhhYTJiZDM2NmFkYWQzMWQy M2Q4ZWExZjliNGZiNmFhYjZiNmNmZjEwZWMyYmI2YzczNzI2M2JmYjFhZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQeZftDYttMmY9YfEx+ib36IemHM MO9KIdGGCd7C7rUcnvgLaYzocI78+Pupx2xM5m/Imb+t/ZS0wO0HpVf3SBqsEazR C+5ALitDMJhnDY3sz/UbYG8Ynn5goPSqNNtcDTLfod1usXA+Cef1mfl95a52FHou jAxrURwGTfwJowh7A3wl0Ngc0p0/P1lqd1YgKUL0fCbnDrwJam7kX7NrTPhfN5qk nsuSXGBKq6LztexWx9OHblsSEFFMtCyXUGSulnAMzCWNv0X5lyLMqbfgJA+7u6U0 +4wFL6Ss4+KpwZllTPExfvqB0Xonj9MLVc2fFGZSDCBj+5iyTp6qCFK4vwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFOpQ0Dmf3q1KVW/vxegr2vAMGdpbMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2VhMDBhMTYzLTMxYWEtNDg5NC1hYTU4LWMyOTQ2YjIxY2Q3ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9A8MA0GCSqGSIb3DQEBCwUAA4IBAQCnflag3iY9cUo0P8O6MRmM KIUAcU2OirKzl39cAFsVwksTogKMAK5rm0e07PdIT04STHiFK8yYR/xJD+RboE5I GDV74IhKkqQEl5cY87bmwRrCCGRvfGz14amGP77nKeONDNTzIufwQmiVsnkTNx2n SAY+MUJKeDw8emkApL0x0b5Je2voXxakgHencLNqPQ1BEyx2fODeYz/ctB5RSSYv 9HQnwEtiA3/pmB6T0XEw5Mw9NgeBNYVeOelPVPK4ZTdfFm+GXWVXAjokWOHRXcfe XwBPmj7CpOD47VKBnxgR2jFNoDyWh1FQkz+9i3KfEKDkKWG6JE66Z3RqfCizgXWD -----END CERTIFICATE-----Generated at Sun Mar 1 21:46:14 2026 by rpki-client