$ rpki-client -vvf rpki.apnic.net/member_repository/A91709F5/3283E7D4DFDA11EF8B478624C4F9AE02/A42925E8DFDA11EFB5E94125C4F9AE02.roa File: A42925E8DFDA11EFB5E94125C4F9AE02.roa (raw, json) Hash identifier: OFV7TAeYTwMYk3v0VLj9doRdmglLiVsQ3XZ6eBJ4Cug= Subject key identifier: 3F:23:24:3F:41:7C:91:86:CB:72:0B:13:B4:CB:90:27:C8:67:38:F0 Certificate issuer: /CN=A91709F5/serialNumber=F12895792117E90703A0020F4F359831DB2F937A Certificate serial: CF Authority key identifier: F1:28:95:79:21:17:E9:07:03:A0:02:0F:4F:35:98:31:DB:2F:93:7A Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/8SiVeSEX6QcDoAIPTzWYMdsvk3o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91709F5/3283E7D4DFDA11EF8B478624C4F9AE02/A42925E8DFDA11EFB5E94125C4F9AE02.roa Signing time: Tue 03 Mar 2026 06:42:51 +0000 ROA not before: Tue 03 Mar 2026 06:42:51 +0000 ROA not after: Sat 01 May 2027 00:00:00 +0000 asID: 153527 IP address blocks: 161.248.202.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91709F5/3283E7D4DFDA11EF8B478624C4F9AE02/8SiVeSEX6QcDoAIPTzWYMdsvk3o.crl rsync://rpki.apnic.net/member_repository/A91709F5/3283E7D4DFDA11EF8B478624C4F9AE02/8SiVeSEX6QcDoAIPTzWYMdsvk3o.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/8SiVeSEX6QcDoAIPTzWYMdsvk3o.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 10 Mar 2026 06:42:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 207 (0xcf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91709F5, serialNumber=F12895792117E90703A0020F4F359831DB2F937A Validity Not Before: Mar 3 06:42:51 2026 GMT Not After : May 1 00:00:00 2027 GMT Subject: CN=69a682eb-4b75 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:60:6a:75:27:e0:18:49:06:b0:00:d2:3e:1c: d6:d3:c0:16:b4:e8:2d:03:54:fc:04:25:81:f0:6f: d7:45:90:ad:4e:09:67:b8:51:86:60:7c:aa:81:bf: 79:32:d4:c6:e4:b0:49:5d:d2:ec:92:0c:bc:34:ce: e2:4a:9e:63:37:58:07:9c:db:92:d4:19:78:29:39: 10:51:62:30:f2:90:17:eb:a7:8a:d1:3d:0e:9f:d4: d0:b0:00:9a:1a:76:21:8c:7b:f5:72:7d:49:0b:c1: 73:36:64:7e:58:dc:de:ba:38:82:9a:2a:a6:e1:a8: 09:60:b8:af:80:96:07:af:27:94:ef:6e:f3:d3:2e: 97:14:8a:6b:00:70:05:4d:8f:37:81:42:b3:d3:eb: 8a:37:a7:b2:74:08:e0:fc:de:bc:c4:0f:7d:d2:c1: 25:c7:80:f7:ab:53:a6:76:11:40:a2:56:49:8e:92: e6:6b:ea:85:a6:12:2e:67:50:05:ac:dc:05:2f:b6: ef:f0:fe:f2:b1:c5:ae:b4:2b:d2:46:5d:6c:43:fd: 70:c0:e2:09:b3:8d:b5:62:1f:ee:78:36:a5:52:12: b6:1e:f3:43:c1:c6:65:be:32:0c:c4:c5:23:82:d5: 9f:6f:df:7b:e8:12:79:31:0a:ad:3f:e2:bf:99:f2: 8d:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:23:24:3F:41:7C:91:86:CB:72:0B:13:B4:CB:90:27:C8:67:38:F0 X509v3 Authority Key Identifier: keyid:F1:28:95:79:21:17:E9:07:03:A0:02:0F:4F:35:98:31:DB:2F:93:7A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91709F5/3283E7D4DFDA11EF8B478624C4F9AE02/8SiVeSEX6QcDoAIPTzWYMdsvk3o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/8SiVeSEX6QcDoAIPTzWYMdsvk3o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91709F5/3283E7D4DFDA11EF8B478624C4F9AE02/A42925E8DFDA11EFB5E94125C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 161.248.202.0/24 Signature Algorithm: sha256WithRSAEncryption 2c:df:76:ba:38:a1:03:2f:98:81:b2:70:7a:e3:6f:99:2c:a5: e7:6e:19:7f:b1:b0:e2:03:2a:60:45:29:e5:22:e5:2a:4a:62: 6e:b1:40:8e:4a:5d:46:7f:07:b2:a3:19:ed:eb:83:55:38:6f: 04:b1:78:bb:fa:82:49:f7:fa:ad:9c:f9:55:c8:fa:f3:0e:4c: e4:10:3e:5c:a5:c3:ea:07:e7:a4:29:f9:d6:cd:35:d9:ab:3d: a7:52:39:d5:16:2a:62:3b:25:69:63:48:dc:06:9c:cf:67:ea: ce:35:6c:02:88:99:fa:ea:fa:c4:41:da:65:dc:1d:38:81:81: 81:ef:49:c7:54:8e:7e:a8:ce:8f:97:12:f7:40:23:de:93:8e: 1f:6d:56:0b:52:67:ac:db:32:48:6a:21:62:2a:a9:8a:01:fd: 54:59:53:5a:27:24:2e:38:07:0c:06:30:a4:88:e2:60:04:84: 70:06:33:23:da:57:d2:c7:15:c5:5f:2d:c0:38:29:af:10:39: cf:25:f8:6c:dc:8c:8a:b2:48:44:7f:fb:19:14:b9:0e:d5:6b: 25:01:6f:fe:e3:b2:b9:74:ea:c0:bd:db:11:95:2b:54:ff:bb: 45:51:30:b5:c2:af:30:ef:04:51:35:63:85:b0:9a:c3:df:4c: 63:2f:a3:eb -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgICAM8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzA5RjUxMTAvBgNVBAUTKEYxMjg5NTc5MjExN0U5MDcwM0EwMDIwRjRGMzU5ODMx REIyRjkzN0EwHhcNMjYwMzAzMDY0MjUxWhcNMjcwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE2ODJlYi00Yjc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAl2BqdSfgGEkGsADSPhzW08AWtOgtA1T8BCWB8G/XRZCtTglnuFGGYHyqgb95 MtTG5LBJXdLskgy8NM7iSp5jN1gHnNuS1Bl4KTkQUWIw8pAX66eK0T0On9TQsACa GnYhjHv1cn1JC8FzNmR+WNzeujiCmiqm4agJYLivgJYHryeU727z0y6XFIprAHAF TY83gUKz0+uKN6eydAjg/N68xA990sElx4D3q1OmdhFAolZJjpLma+qFphIuZ1AF rNwFL7bv8P7yscWutCvSRl1sQ/1wwOIJs421Yh/ueDalUhK2HvNDwcZlvjIMxMUj gtWfb9976BJ5MQqtP+K/mfKN4wIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFD8jJD9B fJGGy3ILE7TLkCfIZzjwMB8GA1UdIwQYMBaAFPEolXkhF+kHA6ACD081mDHbL5N6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MDlGNS8zMjgzRTdENERG REExMUVGOEI0Nzg2MjRDNEY5QUUwMi84U2lWZVNFWDZRY0RvQUlQVHpXWU1kc3Zr M28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzhTaVZlU0VYNlFjRG9BSVBUeldZTWRzdmszby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzA5RjUvMzI4M0U3RDRERkRBMTFFRjhCNDc4NjI0QzRGOUFFMDIvQTQyOTI1RThE RkRBMTFFRkI1RTk0MTI1QzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAofjKMA0GCSqGSIb3DQEBCwUAA4IBAQAs33a6OKEDL5iBsnB642+Z LKXnbhl/sbDiAypgRSnlIuUqSmJusUCOSl1Gfweyoxnt64NVOG8EsXi7+oJJ9/qt nPlVyPrzDkzkED5cpcPqB+ekKfnWzTXZqz2nUjnVFipiOyVpY0jcBpzPZ+rONWwC iJn66vrEQdpl3B04gYGB70nHVI5+qM6PlxL3QCPek44fbVYLUmes2zJIaiFiKqmK Af1UWVNaJyQuOAcMBjCkiOJgBIRwBjMj2lfSxxXFXy3AOCmvEDnPJfhs3IyKskhE f/sZFLkO1WslAW/+47K5dOrAvdsRlStU/7tFUTC1wq8w7wRRNWOFsJrD30xjL6Pr -----END CERTIFICATE-----Generated at Wed Mar 4 09:47:56 2026 by rpki-client