$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa File: cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa (raw, json) Hash identifier: zVg+chZsOqM0G5PhFIXsidezF7tDS/5injSaQlsHP78= Subject key identifier: 4D:E7:88:4A:D9:F4:75:B9:78:6B:AF:72:6C:6B:F3:B3:9C:1F:04:74 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 02C9A25C219243F0B64B8D6168D63F36C1EBEEB5 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa Signing time: Mon 23 Feb 2026 00:00:06 +0000 ROA not before: Mon 23 Feb 2026 00:00:06 +0000 ROA not after: Sun 24 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 43.250.192.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Mar 2026 00:01:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:c9:a2:5c:21:92:43:f0:b6:4b:8d:61:68:d6:3f:36:c1:eb:ee:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Feb 23 00:00:06 2026 GMT Not After : May 24 23:59:59 2026 GMT Subject: serialNumber=915ab5433832b6209c0ae30dbdacce87ae2f5a527439b12460f5788a411d0fd9, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:53:27:b0:49:dc:2d:29:39:f9:76:85:32:97: ba:3e:98:e2:3a:ae:35:62:5e:ff:2a:b5:cf:3d:f7: 69:d9:e7:95:e6:7e:c6:72:28:ac:79:dd:e7:74:73: 0f:5a:fc:e0:d1:da:1d:68:ea:c3:71:f6:75:cf:40: 46:0d:e0:d0:e8:44:55:8f:c0:12:f8:a7:15:ce:c6: b8:de:e2:72:d8:3e:b3:2e:aa:7e:ed:56:e1:be:aa: 03:7c:c4:74:d3:46:e2:9c:3f:80:34:96:1a:4b:63: 13:e7:8a:e6:14:5f:6e:57:00:c1:96:b0:f4:71:d0: bf:ff:ca:89:0a:d3:c4:4a:2a:78:87:a6:4d:df:76: 7f:24:b2:6d:dd:7a:69:95:1a:20:76:a4:39:37:00: ab:72:bb:01:1b:aa:d4:41:cb:f9:b7:17:0d:51:e1: a1:c9:5b:5e:04:1d:b6:ca:58:06:17:9e:9b:52:37: de:d3:3a:42:02:71:f7:51:d3:b1:e4:c2:71:79:be: 0a:47:09:3f:e1:db:99:d9:4e:f6:7b:c5:d2:3e:9b: ac:2f:3d:06:a4:36:7a:19:80:42:4a:83:53:e6:6a: 43:a1:a4:1c:40:49:5a:d8:5b:08:b0:3a:7a:fe:04: 0b:a5:a4:59:87:79:7e:69:af:ef:d5:0e:fd:61:06: a9:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:E7:88:4A:D9:F4:75:B9:78:6B:AF:72:6C:6B:F3:B3:9C:1F:04:74 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.192.0/22 Signature Algorithm: sha256WithRSAEncryption 20:70:65:f8:ee:8c:fc:b3:5a:ee:a1:ce:cf:09:db:74:5f:75: 22:fc:7f:73:2a:c5:71:17:a5:ac:5a:9b:42:7c:66:86:dd:97: 3f:6e:08:a2:56:cd:46:fd:df:35:61:10:a7:ae:0d:7a:c7:33: 18:b2:b6:12:e5:95:49:5a:c5:f4:a7:c4:28:4e:f2:9f:3a:21: 1a:83:55:3b:be:e2:f5:14:a9:0f:3b:d4:51:06:87:d7:dc:87: b7:4c:79:c5:a1:04:93:20:09:fd:87:bd:6d:67:9e:52:51:29: 97:d5:a3:f1:4a:70:4c:de:21:0c:bf:9a:c1:c4:09:74:eb:97: 29:df:c8:5e:fa:73:01:8b:47:bb:b2:bb:bf:27:0d:49:5d:93: 36:8e:79:9c:54:6d:43:25:ec:a1:2b:83:31:66:3d:85:3d:9e: 5b:01:76:9f:f9:ec:72:9a:af:79:c1:27:77:f8:aa:ae:8b:14: 00:65:08:34:38:d3:72:14:dc:b5:2c:d9:91:a6:72:ca:5c:d6: 27:0e:80:c3:dd:2b:23:70:27:aa:73:e0:45:2b:01:fd:88:d1: 4a:78:2f:cb:3d:f5:f7:a8:1c:e4:f7:bc:c0:20:b9:2a:d7:e0: 5e:0c:3a:1f:c1:4e:32:31:bf:c6:bd:61:d7:14:92:2e:ff:c9: 37:59:1c:7b -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUAsmiXCGSQ/C2S41haNY/NsHr7rUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI2MDIyMzAwMDAwNloX DTI2MDUyNDIzNTk1OVowejFJMEcGA1UEBRNAOTE1YWI1NDMzODMyYjYyMDljMGFl MzBkYmRhY2NlODdhZTJmNWE1Mjc0MzliMTI0NjBmNTc4OGE0MTFkMGZkOTEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1MnsEncLSk5+XaFMpe6PpjiOq41 Yl7/KrXPPfdp2eeV5n7Gciised3ndHMPWvzg0dodaOrDcfZ1z0BGDeDQ6ERVj8AS +KcVzsa43uJy2D6zLqp+7VbhvqoDfMR000binD+ANJYaS2MT54rmFF9uVwDBlrD0 cdC//8qJCtPESip4h6ZN33Z/JLJt3XpplRogdqQ5NwCrcrsBG6rUQcv5txcNUeGh yVteBB22ylgGF56bUjfe0zpCAnH3UdOx5MJxeb4KRwk/4duZ2U72e8XSPpusLz0G pDZ6GYBCSoNT5mpDoaQcQEla2FsIsDp6/gQLpaRZh3l+aa/v1Q79YQaptQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFE3niErZ9HW5eGuvcmxr87OcHwR0MB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2NiMmU1YThjLTIxZjEtNDY3OS1hMzcyLTYxNzczMmZjM2VhNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/rAMA0GCSqGSIb3DQEBCwUAA4IBAQAgcGX47oz8s1ruoc7PCdt0 X3Ui/H9zKsVxF6WsWptCfGaG3Zc/bgiiVs1G/d81YRCnrg16xzMYsrYS5ZVJWsX0 p8QoTvKfOiEag1U7vuL1FKkPO9RRBofX3Ie3THnFoQSTIAn9h71tZ55SUSmX1aPx SnBM3iEMv5rBxAl065cp38he+nMBi0e7sru/Jw1JXZM2jnmcVG1DJeyhK4MxZj2F PZ5bAXaf+exymq95wSd3+KquixQAZQg0ONNyFNy1LNmRpnLKXNYnDoDD3SsjcCeq c+BFKwH9iNFKeC/LPfX3qBzk97zAILkq1+BeDDofwU4yMb/GvWHXFJIu/8k3WRx7 -----END CERTIFICATE-----Generated at Mon Mar 2 03:03:19 2026 by rpki-client