$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f25672a7-b221-4701-959a-7ba11013fac0.roa File: f25672a7-b221-4701-959a-7ba11013fac0.roa (raw, json) Hash identifier: /QEL5E9sVOs77eWvc/CrTitVtsAsIjulwJX9CULzuu0= Subject key identifier: 7C:82:BE:BF:E4:50:4D:76:A2:DA:CF:33:C0:D0:94:89:A9:EC:FA:17 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 750004C6702F214692B31CFACECB82B05D64E64B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f25672a7-b221-4701-959a-7ba11013fac0.roa Signing time: Sat 21 Feb 2026 00:00:08 +0000 ROA not before: Sat 21 Feb 2026 00:00:08 +0000 ROA not after: Fri 22 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 43.251.180.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Mar 2026 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75:00:04:c6:70:2f:21:46:92:b3:1c:fa:ce:cb:82:b0:5d:64:e6:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 21 00:00:08 2026 GMT Not After : May 22 23:59:59 2026 GMT Subject: serialNumber=d0ed71225c8b064f356a6b2ac496b73dedf45f4c14200bddf4b8bd0e3592f83e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:a8:ef:da:86:d6:a0:cf:32:77:3d:39:37:8c: 80:b7:91:00:19:ae:75:a3:4d:06:bc:96:dd:2c:c8: 53:9b:eb:f6:e3:87:5f:07:3a:ea:9a:91:a9:aa:78: 95:f7:60:1f:7a:aa:75:5b:dd:cc:3f:4b:2b:dc:c8: 28:87:24:5d:84:a5:d6:29:3e:22:13:ae:cd:bf:9d: 6a:b4:83:1b:c4:78:e5:fa:d4:b1:d2:94:f1:95:76: ca:ed:91:b2:55:59:59:5b:10:f9:d1:88:70:a5:10: f8:ea:fa:7b:89:5e:d7:79:e3:a6:2c:aa:e6:92:ad: 2f:4d:e0:49:86:d0:e1:b0:ea:c7:73:b0:f5:9c:d2: 35:45:e0:8e:8d:d8:d0:a6:43:eb:83:da:8d:80:40: e4:ac:49:41:af:cd:99:b2:3f:00:7b:d3:60:87:9c: 8b:f9:ec:2d:d5:71:4e:cc:bb:f4:9b:29:32:c6:0b: 0a:7f:db:f8:6c:e7:c0:c5:13:b3:5b:f0:6c:75:57: 6a:0a:9a:c2:98:3c:be:ca:79:97:c2:94:6a:3a:98: 92:80:48:a5:09:fe:5b:d7:b0:a5:10:6a:f5:54:b4: 8e:bb:58:22:23:9e:ea:5a:35:97:48:13:b3:f9:51: 29:09:ef:54:74:bd:cb:01:35:10:6e:11:5c:80:36: 01:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:82:BE:BF:E4:50:4D:76:A2:DA:CF:33:C0:D0:94:89:A9:EC:FA:17 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f25672a7-b221-4701-959a-7ba11013fac0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.251.180.0/22 Signature Algorithm: sha256WithRSAEncryption 34:9c:78:ca:34:c2:2e:17:f0:e4:e7:66:99:77:e9:f1:e4:d4: 99:a1:21:5e:12:da:f4:e3:eb:5c:d3:fd:2f:1f:a1:fb:af:91: 4d:b1:c3:de:eb:ac:1e:8a:a2:69:52:bf:db:d0:08:b5:d9:c4: ee:55:76:e2:fc:e2:ee:d6:6d:97:a2:dd:22:20:97:69:c0:7b: 62:71:99:d7:00:1c:0b:e2:23:b7:e5:d7:1f:f9:32:de:10:d0: 62:05:d9:d2:ab:6b:42:b5:59:fd:03:81:31:3f:cc:e2:f5:3e: 07:51:a5:fe:d9:11:ea:9c:80:b6:27:4c:66:7f:ac:b1:ac:05: 40:ce:69:8f:82:f7:65:13:c3:5b:d3:e9:10:6e:51:4a:0e:af: 21:09:6a:5b:97:2f:35:47:f5:ed:42:2d:04:a8:17:2e:df:dc: 7f:a3:f5:73:9b:db:50:e0:20:2d:c5:e7:41:05:f0:98:92:d9: b4:1d:d1:6f:4f:96:2b:75:4f:f6:13:53:09:a2:fe:59:2f:ac: 0b:52:af:ab:ff:4f:b1:88:af:f7:4f:ce:4e:c3:30:29:6e:65: dc:c5:87:d9:89:8b:fc:77:f7:2f:56:40:ba:31:9c:f0:36:a7: 88:ab:c0:87:cf:8e:c6:46:b3:26:30:30:c1:4d:1c:f9:db:41: 03:13:05:f9 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUdQAExnAvIUaSsxz6zsuCsF1k5kswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMTAwMDAwOFoX DTI2MDUyMjIzNTk1OVowejFJMEcGA1UEBRNAZDBlZDcxMjI1YzhiMDY0ZjM1NmE2 YjJhYzQ5NmI3M2RlZGY0NWY0YzE0MjAwYmRkZjRiOGJkMGUzNTkyZjgzZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6jv2obWoM8ydz05N4yAt5EAGa51 o00GvJbdLMhTm+v244dfBzrqmpGpqniV92Afeqp1W93MP0sr3MgohyRdhKXWKT4i E67Nv51qtIMbxHjl+tSx0pTxlXbK7ZGyVVlZWxD50YhwpRD46vp7iV7XeeOmLKrm kq0vTeBJhtDhsOrHc7D1nNI1ReCOjdjQpkPrg9qNgEDkrElBr82Zsj8Ae9Ngh5yL +ewt1XFOzLv0mykyxgsKf9v4bOfAxROzW/BsdVdqCprCmDy+ynmXwpRqOpiSgEil Cf5b17ClEGr1VLSOu1giI57qWjWXSBOz+VEpCe9UdL3LATUQbhFcgDYBeQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFHyCvr/kUE12otrPM8DQlImp7PoXMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2YyNTY3MmE3LWIyMjEtNDcwMS05NTlhLTdiYTExMDEzZmFjMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/u0MA0GCSqGSIb3DQEBCwUAA4IBAQA0nHjKNMIuF/Dk52aZd+nx 5NSZoSFeEtr04+tc0/0vH6H7r5FNscPe66weiqJpUr/b0Ai12cTuVXbi/OLu1m2X ot0iIJdpwHticZnXABwL4iO35dcf+TLeENBiBdnSq2tCtVn9A4ExP8zi9T4HUaX+ 2RHqnIC2J0xmf6yxrAVAzmmPgvdlE8Nb0+kQblFKDq8hCWpbly81R/XtQi0EqBcu 39x/o/Vzm9tQ4CAtxedBBfCYktm0HdFvT5YrdU/2E1MJov5ZL6wLUq+r/0+xiK/3 T85OwzApbmXcxYfZiYv8d/cvVkC6MZzwNqeIq8CHz47GRrMmMDDBTRz520EDEwX5 -----END CERTIFICATE-----Generated at Mon Mar 2 10:36:22 2026 by rpki-client