$ rpki-client -vvf rpki.apnic.net/member_repository/A919A777/0BA572B0EC4F11EEA1B38866C4F9AE02/D43F20C6C70F11F0BEE61E6CC4F9AE02.roa File: D43F20C6C70F11F0BEE61E6CC4F9AE02.roa (raw, json) Hash identifier: lU5HELzK1HgvUgy9a8UOHW1aya85BnCwdaSrvas6AAk= Subject key identifier: 29:EA:FE:12:20:1A:B0:BD:3C:87:32:A2:BA:7B:F7:5D:0F:60:EB:97 Certificate issuer: /CN=A919A777/serialNumber=647D0927DB3B178E2F654A3268557FE5B5D6729C Certificate serial: 01C2 Authority key identifier: 64:7D:09:27:DB:3B:17:8E:2F:65:4A:32:68:55:7F:E5:B5:D6:72:9C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZH0JJ9s7F44vZUoyaFV_5bXWcpw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919A777/0BA572B0EC4F11EEA1B38866C4F9AE02/D43F20C6C70F11F0BEE61E6CC4F9AE02.roa Signing time: Sun 01 Mar 2026 18:14:37 +0000 ROA not before: Fri 21 Nov 2025 19:25:25 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 4766 IP address blocks: 202.168.152.0/24 maxlen: 24 202.168.153.0/24 maxlen: 24 202.168.154.0/24 maxlen: 24 202.168.155.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919A777/0BA572B0EC4F11EEA1B38866C4F9AE02/ZH0JJ9s7F44vZUoyaFV_5bXWcpw.crl rsync://rpki.apnic.net/member_repository/A919A777/0BA572B0EC4F11EEA1B38866C4F9AE02/ZH0JJ9s7F44vZUoyaFV_5bXWcpw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZH0JJ9s7F44vZUoyaFV_5bXWcpw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 12 Mar 2026 03:46:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 450 (0x1c2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919A777, serialNumber=647D0927DB3B178E2F654A3268557FE5B5D6729C Validity Not Before: Nov 21 19:25:25 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=69a4820d-a116 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:07:29:cd:cd:9b:7f:27:74:3c:19:2e:de:23: 60:7f:0a:d6:51:fe:de:de:c8:27:aa:46:ac:4a:2b: 96:b4:b2:3c:c4:71:0b:88:e9:33:63:6e:16:8c:68: 20:79:0d:27:08:75:a6:1c:86:a8:3a:80:c4:58:7c: 7c:31:d4:6a:22:f4:a4:49:e6:f0:f4:75:1d:b7:43: ea:ab:90:ec:e7:9d:d4:eb:ae:bb:56:c0:bb:ea:b2: 3a:cc:0c:51:ba:22:f9:13:e9:b1:91:a6:11:12:4d: e7:81:1b:30:d1:db:25:ca:4c:5c:d8:b5:37:03:5e: 24:0b:8a:82:37:8c:41:d7:40:b7:89:e5:72:9a:da: 58:ba:9d:4a:55:40:06:fe:88:6c:70:80:ca:2a:5f: a4:ff:8a:53:fb:ec:07:fe:55:46:35:23:de:e8:09: c4:11:07:02:56:e1:61:0a:e2:b9:34:6d:e7:5e:5d: aa:97:5d:de:fb:61:2f:e4:64:96:19:39:4d:be:6b: 40:2e:93:ec:d4:c9:53:6b:56:4a:39:c1:ca:68:c5: 09:12:42:49:f1:0c:74:61:9b:20:af:de:91:5b:8e: 16:ec:34:d1:8e:fc:0c:3e:4f:08:c4:e4:69:fa:f5: 6a:39:e6:0a:ef:33:76:6d:88:dd:26:49:4a:b5:ec: a6:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:EA:FE:12:20:1A:B0:BD:3C:87:32:A2:BA:7B:F7:5D:0F:60:EB:97 X509v3 Authority Key Identifier: keyid:64:7D:09:27:DB:3B:17:8E:2F:65:4A:32:68:55:7F:E5:B5:D6:72:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919A777/0BA572B0EC4F11EEA1B38866C4F9AE02/ZH0JJ9s7F44vZUoyaFV_5bXWcpw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZH0JJ9s7F44vZUoyaFV_5bXWcpw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919A777/0BA572B0EC4F11EEA1B38866C4F9AE02/D43F20C6C70F11F0BEE61E6CC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 202.168.152.0/22 Signature Algorithm: sha256WithRSAEncryption 4b:1b:85:0b:76:62:9b:65:36:28:b8:fe:99:47:0f:3d:3f:2f: 1a:3a:23:8d:d4:6e:ea:33:2b:95:f3:d6:6d:92:7c:40:9c:64: 4e:1f:5a:f4:bf:bc:da:c3:ae:6b:24:3c:f1:f3:23:50:01:ef: 22:d7:b7:bf:b8:ec:14:bb:2f:e1:45:1b:b6:5d:d9:82:e9:ff: 05:f3:cd:6e:14:1c:03:35:f1:c0:62:50:aa:3e:66:96:f9:c7: 5b:a6:fc:e5:02:82:b3:3a:0f:d9:c2:01:c0:9c:24:f6:ff:f1: 6d:c6:34:b3:fe:ca:d8:cd:ed:0a:97:c1:8d:79:01:96:ff:7e: 7d:db:d1:fa:01:e6:40:97:84:62:6a:23:29:b9:d6:ee:7f:3e: 85:1f:43:cc:99:84:b7:30:76:01:6c:89:f0:01:8f:b9:6b:19: d9:dd:5f:32:82:cb:05:9d:fc:bd:e8:b0:e1:ff:ce:76:2e:b5: 80:61:20:14:6d:56:20:56:34:fc:7f:a7:34:d2:6a:2b:55:cd: 40:bc:23:bf:9d:2d:ad:29:30:2b:c1:94:3e:46:20:87:6f:d9: e7:79:c5:a6:dc:43:f6:3c:24:39:2c:42:28:9c:75:20:91:c4: a5:5f:7e:77:8a:20:57:18:81:b6:5d:ec:da:2b:9e:e7:32:ad: 83:c3:a3:1d -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgICAcIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUE3NzcxMTAvBgNVBAUTKDY0N0QwOTI3REIzQjE3OEUyRjY1NEEzMjY4NTU3RkU1 QjVENjcyOUMwHhcNMjUxMTIxMTkyNTI1WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0ODIwZC1hMTE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1wcpzc2bfyd0PBku3iNgfwrWUf7e3sgnqkasSiuWtLI8xHELiOkzY24WjGgg eQ0nCHWmHIaoOoDEWHx8MdRqIvSkSebw9HUdt0Pqq5Ds553U6667VsC76rI6zAxR uiL5E+mxkaYREk3ngRsw0dslykxc2LU3A14kC4qCN4xB10C3ieVymtpYup1KVUAG /ohscIDKKl+k/4pT++wH/lVGNSPe6AnEEQcCVuFhCuK5NG3nXl2ql13e+2Ev5GSW GTlNvmtALpPs1MlTa1ZKOcHKaMUJEkJJ8Qx0YZsgr96RW44W7DTRjvwMPk8IxORp +vVqOeYK7zN2bYjdJklKteymgwIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFCnq/hIg GrC9PIcyorp7910PYOuXMB8GA1UdIwQYMBaAFGR9CSfbOxeOL2VKMmhVf+W11nKc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QTc3Ny8wQkE1NzJCMEVD NEYxMUVFQTFCMzg4NjZDNEY5QUUwMi9aSDBKSjlzN0Y0NHZaVW95YUZWXzViWFdj cHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1pIMEpKOXM3RjQ0dlpVb3lhRlZfNWJYV2Nwdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OUE3NzcvMEJBNTcyQjBFQzRGMTFFRUExQjM4ODY2QzRGOUFFMDIvRDQzRjIwQzZD NzBGMTFGMEJFRTYxRTZDQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCyqiYMA0GCSqGSIb3DQEBCwUAA4IBAQBLG4ULdmKbZTYouP6ZRw89 Py8aOiON1G7qMyuV89ZtknxAnGROH1r0v7zaw65rJDzx8yNQAe8i17e/uOwUuy/h RRu2XdmC6f8F881uFBwDNfHAYlCqPmaW+cdbpvzlAoKzOg/ZwgHAnCT2//FtxjSz /srYze0Kl8GNeQGW/35929H6AeZAl4RiaiMpudbufz6FH0PMmYS3MHYBbInwAY+5 axnZ3V8ygssFnfy96LDh/852LrWAYSAUbVYgVjT8f6c00morVc1AvCO/nS2tKTAr wZQ+RiCHb9nnecWm3EP2PCQ5LEIonHUgkcSlX353iiBXGIG2XezaK57nMq2Dw6Md -----END CERTIFICATE-----Generated at Thu Mar 5 14:02:59 2026 by rpki-client