$ rpki-client -vvf rpki.apnic.net/member_repository/A917576D/2E767E3282CD11EA895C7B5CC4F9AE02/7DE09496DDD911EA90D9B84CC4F9AE02.roa File: 7DE09496DDD911EA90D9B84CC4F9AE02.roa (raw, json) Hash identifier: 2SRueJuk/oI2Z3RrQ/efGcxSLtCYpUo5HpcBPACZQGM= Subject key identifier: D6:D1:AE:B9:9E:2D:A0:01:05:9F:8D:3A:20:C0:7E:99:6B:8A:CB:FD Certificate issuer: /CN=A917576D/serialNumber=B70318D71AA0E804324E013C3097FDBCD60134D4 Certificate serial: 0A98 Authority key identifier: B7:03:18:D7:1A:A0:E8:04:32:4E:01:3C:30:97:FD:BC:D6:01:34:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/twMY1xqg6AQyTgE8MJf9vNYBNNQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917576D/2E767E3282CD11EA895C7B5CC4F9AE02/7DE09496DDD911EA90D9B84CC4F9AE02.roa Signing time: Sun 01 Mar 2026 17:22:37 +0000 ROA not before: Thu 20 Nov 2025 19:10:08 +0000 ROA not after: Sun 31 Jan 2027 00:00:00 +0000 asID: 23764 IP address blocks: 63.140.3.0/24 maxlen: 24 63.140.4.0/24 maxlen: 24 63.140.5.0/24 maxlen: 24 63.140.6.0/24 maxlen: 24 63.140.7.0/24 maxlen: 24 63.140.8.0/24 maxlen: 24 63.140.9.0/24 maxlen: 24 63.140.10.0/24 maxlen: 24 63.140.11.0/24 maxlen: 24 63.140.13.0/24 maxlen: 24 63.140.14.0/24 maxlen: 24 63.140.15.0/24 maxlen: 24 69.194.160.0/24 maxlen: 24 69.194.161.0/24 maxlen: 24 69.194.162.0/24 maxlen: 24 69.194.163.0/24 maxlen: 24 69.194.164.0/24 maxlen: 24 69.194.165.0/24 maxlen: 24 69.194.166.0/24 maxlen: 24 69.194.167.0/24 maxlen: 24 69.194.168.0/24 maxlen: 24 69.194.170.0/24 maxlen: 24 69.194.171.0/24 maxlen: 24 69.194.172.0/24 maxlen: 24 69.194.173.0/24 maxlen: 24 69.194.174.0/24 maxlen: 24 69.194.175.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917576D/2E767E3282CD11EA895C7B5CC4F9AE02/twMY1xqg6AQyTgE8MJf9vNYBNNQ.crl rsync://rpki.apnic.net/member_repository/A917576D/2E767E3282CD11EA895C7B5CC4F9AE02/twMY1xqg6AQyTgE8MJf9vNYBNNQ.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/twMY1xqg6AQyTgE8MJf9vNYBNNQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 19 Mar 2026 17:57:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2712 (0xa98) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917576D, serialNumber=B70318D71AA0E804324E013C3097FDBCD60134D4 Validity Not Before: Nov 20 19:10:08 2025 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=69a475dd-7a48 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:19:31:12:60:8c:53:4d:c8:3f:b9:3c:02:bd: e1:f6:e2:09:53:74:f7:5e:1f:85:65:bf:34:41:0c: ef:20:5e:e8:3f:21:7f:3e:cf:29:2a:17:d2:88:b1: 29:be:d4:c8:af:1e:99:0c:ef:62:5c:7c:43:61:00: e5:18:1b:09:a2:c4:74:07:8c:26:55:ed:36:65:8a: 4e:f7:f4:6e:f2:0b:74:5b:21:3a:cd:50:c0:0c:8f: 3f:92:18:94:a7:e4:6d:28:81:43:67:71:bc:ce:a7: a9:14:6a:b4:f6:99:39:b6:18:22:01:99:dc:49:b0: 79:da:37:ef:f6:2f:c7:b5:22:d4:77:bc:de:a3:fe: d3:8d:9b:d9:cb:91:82:ef:05:a1:f3:be:e3:20:24: df:15:fa:0f:34:15:51:c5:51:90:fc:04:4b:af:3f: 49:4b:46:a2:a5:f1:99:ce:0c:fe:c8:e8:a7:e5:ae: 33:84:b0:43:a7:10:fe:25:6a:68:e9:c1:34:d1:34: eb:db:ce:ad:c5:45:fa:66:36:be:6c:80:2b:f3:b9: a5:16:d1:e3:53:c8:00:1e:71:49:00:95:fc:de:5c: 7b:1a:37:e0:15:a6:ad:c3:96:0d:8c:15:da:f6:3d: f4:75:f2:a2:0a:da:64:82:1d:ca:1e:76:96:bd:20: 41:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:D1:AE:B9:9E:2D:A0:01:05:9F:8D:3A:20:C0:7E:99:6B:8A:CB:FD X509v3 Authority Key Identifier: keyid:B7:03:18:D7:1A:A0:E8:04:32:4E:01:3C:30:97:FD:BC:D6:01:34:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917576D/2E767E3282CD11EA895C7B5CC4F9AE02/twMY1xqg6AQyTgE8MJf9vNYBNNQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/twMY1xqg6AQyTgE8MJf9vNYBNNQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917576D/2E767E3282CD11EA895C7B5CC4F9AE02/7DE09496DDD911EA90D9B84CC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 63.140.3.0-63.140.11.255 63.140.13.0-63.140.15.255 69.194.160.0-69.194.168.255 69.194.170.0-69.194.175.255 Signature Algorithm: sha256WithRSAEncryption 8c:7e:09:94:d9:cb:8d:ee:03:9c:26:8f:73:b1:a7:3a:dd:4b: 64:d1:41:8b:51:b3:b8:9f:b2:24:a3:0a:e8:f3:c3:86:42:68: 54:bd:89:48:cd:d4:46:ca:bd:2f:fd:66:4b:a3:22:c4:a9:a9: 70:2b:d7:c0:09:7e:f0:a0:8c:24:cd:59:4a:19:28:a7:df:8b: a6:a5:db:99:2e:13:0b:6c:2b:96:6c:32:83:56:16:12:5a:81: 31:21:4d:28:46:18:43:24:31:49:d3:05:98:1e:f8:c1:3f:06: c5:68:0a:49:99:82:14:d0:c0:4d:36:39:b6:db:ea:d6:4b:47: 81:0c:5c:8f:6e:d5:d6:45:46:ac:cb:67:87:dc:2f:de:c5:7b: 63:6c:46:bf:74:22:38:dd:c8:12:bf:bd:67:cc:5e:cc:4b:45: a2:36:ad:c2:0c:f1:74:9e:ea:f1:f5:d5:75:97:38:60:22:dd: 6d:54:01:45:a8:b8:76:c1:ec:c3:89:f2:51:23:8e:4b:fe:57: e4:e1:ae:bd:bb:cb:2b:24:fd:dd:55:5b:2c:7f:aa:98:dd:66: c1:c0:38:6e:a4:94:bc:14:31:50:54:61:55:26:fc:93:8c:e6: 33:4a:aa:3e:fa:72:ef:86:41:bb:32:a1:69:71:6b:df:f9:32: 90:61:57:b8 -----BEGIN CERTIFICATE----- MIIFbjCCBFagAwIBAgICCpgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzU3NkQxMTAvBgNVBAUTKEI3MDMxOEQ3MUFBMEU4MDQzMjRFMDEzQzMwOTdGREJD RDYwMTM0RDQwHhcNMjUxMTIwMTkxMDA4WhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NzVkZC03YTQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyRkxEmCMU03IP7k8Ar3h9uIJU3T3Xh+FZb80QQzvIF7oPyF/Ps8pKhfSiLEp vtTIrx6ZDO9iXHxDYQDlGBsJosR0B4wmVe02ZYpO9/Ru8gt0WyE6zVDADI8/khiU p+RtKIFDZ3G8zqepFGq09pk5thgiAZncSbB52jfv9i/HtSLUd7zeo/7TjZvZy5GC 7wWh877jICTfFfoPNBVRxVGQ/ARLrz9JS0aipfGZzgz+yOin5a4zhLBDpxD+JWpo 6cE00TTr286txUX6Zja+bIAr87mlFtHjU8gAHnFJAJX83lx7GjfgFaatw5YNjBXa 9j30dfKiCtpkgh3KHnaWvSBBgQIDAQABo4ICkjCCAo4wHQYDVR0OBBYEFNbRrrme LaABBZ+NOiDAfplrisv9MB8GA1UdIwQYMBaAFLcDGNcaoOgEMk4BPDCX/bzWATTU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NTc2RC8yRTc2N0UzMjgy Q0QxMUVBODk1QzdCNUNDNEY5QUUwMi90d01ZMXhxZzZBUXlUZ0U4TUpmOXZOWUJO TlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3R3TVkxeHFnNkFReVRnRThNSmY5dk5ZQk5OUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzU3NkQvMkU3NjdFMzI4MkNEMTFFQTg5NUM3QjVDQzRGOUFFMDIvN0RFMDk0OTZE REQ5MTFFQTkwRDlCODRDQzRGOUFFMDIucm9hMFEGCCsGAQUFBwEHAQH/BEIwQDA+ BAIAATA4MAwDBAA/jAMDBAI/jAgwDAMEAD+MDQMEBD+MADAMAwQFRcKgAwQARcKo MAwDBAFFwqoDBARFwqAwDQYJKoZIhvcNAQELBQADggEBAIx+CZTZy43uA5wmj3Ox pzrdS2TRQYtRs7ifsiSjCujzw4ZCaFS9iUjN1EbKvS/9ZkujIsSpqXAr18AJfvCg jCTNWUoZKKffi6al25kuEwtsK5ZsMoNWFhJagTEhTShGGEMkMUnTBZge+ME/BsVo CkmZghTQwE02Obbb6tZLR4EMXI9u1dZFRqzLZ4fcL97Fe2NsRr90IjjdyBK/vWfM XsxLRaI2rcIM8XSe6vH11XWXOGAi3W1UAUWouHbB7MOJ8lEjjkv+V+Thrr27yysk /d1VWyx/qpjdZsHAOG6klLwUMVBUYVUm/JOM5jNKqj76cu+GQbsyoWlxa9/5MpBh V7g= -----END CERTIFICATE-----Generated at Fri Mar 13 04:18:05 2026 by rpki-client