$ rpki-client -vvf rpki.apnic.net/member_repository/A91DCD09/EAC7EEA0112D11EC8D87057DC4F9AE02/43AB9FC641A311ECA73C8C0EC4F9AE02.roa File: 43AB9FC641A311ECA73C8C0EC4F9AE02.roa (raw, json) Hash identifier: /rUJMh30ecAZJtef/1j5fUYrkpMN5VcKfJkxNOsXqME= Subject key identifier: BB:7C:42:18:BA:16:DF:F0:70:99:09:B7:05:0B:8F:DF:3D:4F:6C:89 Certificate issuer: /CN=A91DCD09/serialNumber=ADB98978FD751F99D9A8EB2AE72D3C0C550453A4 Certificate serial: 05FC Authority key identifier: AD:B9:89:78:FD:75:1F:99:D9:A8:EB:2A:E7:2D:3C:0C:55:04:53:A4 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/rbmJeP11H5nZqOsq5y08DFUEU6Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DCD09/EAC7EEA0112D11EC8D87057DC4F9AE02/43AB9FC641A311ECA73C8C0EC4F9AE02.roa Signing time: Mon 02 Mar 2026 05:21:36 +0000 ROA not before: Mon 22 Sep 2025 16:35:21 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 16509 IP address blocks: 213.170.156.0/24 maxlen: 24 213.170.157.0/24 maxlen: 24 213.170.158.0/24 maxlen: 24 213.170.159.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DCD09/EAC7EEA0112D11EC8D87057DC4F9AE02/rbmJeP11H5nZqOsq5y08DFUEU6Q.crl rsync://rpki.apnic.net/member_repository/A91DCD09/EAC7EEA0112D11EC8D87057DC4F9AE02/rbmJeP11H5nZqOsq5y08DFUEU6Q.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/rbmJeP11H5nZqOsq5y08DFUEU6Q.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 13 Mar 2026 16:12:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1532 (0x5fc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DCD09, serialNumber=ADB98978FD751F99D9A8EB2AE72D3C0C550453A4 Validity Not Before: Sep 22 16:35:21 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=69a51e60-901a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:a1:4c:5b:21:7e:ad:2c:b2:32:db:fd:16:c1: 91:8f:41:b2:77:36:49:fd:8b:da:86:86:09:93:ed: 61:0c:ba:41:da:7c:a2:0e:ab:f8:81:a0:cf:9f:a4: a8:17:28:3b:6e:e8:89:4f:ea:cf:da:da:88:97:e0: 6f:11:f0:9f:65:f8:72:2f:4d:ed:bc:d7:f1:48:39: af:03:a6:ff:40:e6:cf:57:7a:41:32:65:50:90:c9: 70:8e:3f:a9:a5:05:53:f8:c8:28:30:b9:36:e3:a1: 22:37:a3:1d:07:b6:34:83:99:60:2d:21:ed:69:8e: 55:cb:ee:07:9a:39:dd:a4:85:34:49:db:23:0c:c7: 32:78:4c:dc:09:19:45:3b:42:23:90:c9:e9:ed:82: 47:a6:45:2a:2b:f0:c4:88:02:2d:bd:61:30:9f:b3: c6:95:27:74:16:d5:9b:e3:6c:b9:8c:27:e7:86:dc: 1b:05:52:45:b0:af:d2:c0:b5:59:87:cb:84:0b:c8: f4:4e:6e:e5:7d:59:a7:87:45:83:90:3f:2a:26:18: 3d:8a:98:90:1a:9c:c2:1b:51:f1:75:6c:37:20:cb: d4:0f:e9:79:f5:4e:cc:4b:87:fa:15:9b:6d:cf:aa: 28:14:8b:9e:18:95:97:b6:08:91:9d:cb:e5:68:f8: 20:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:7C:42:18:BA:16:DF:F0:70:99:09:B7:05:0B:8F:DF:3D:4F:6C:89 X509v3 Authority Key Identifier: keyid:AD:B9:89:78:FD:75:1F:99:D9:A8:EB:2A:E7:2D:3C:0C:55:04:53:A4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DCD09/EAC7EEA0112D11EC8D87057DC4F9AE02/rbmJeP11H5nZqOsq5y08DFUEU6Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/rbmJeP11H5nZqOsq5y08DFUEU6Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DCD09/EAC7EEA0112D11EC8D87057DC4F9AE02/43AB9FC641A311ECA73C8C0EC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 213.170.156.0/22 Signature Algorithm: sha256WithRSAEncryption ec:60:e8:f6:7d:56:7c:3e:3d:ea:95:81:a2:18:b9:a6:dd:02: aa:f0:03:88:26:6a:76:12:9f:aa:9f:d1:64:a6:95:b7:68:45: ce:c2:cb:3b:f9:f7:0e:15:f8:89:01:21:fd:4d:7f:0b:fb:0e: f7:44:28:f7:76:24:2c:bc:ff:6d:a8:b0:c6:dd:f7:c5:de:8e: d7:e1:94:e2:da:04:9a:92:9e:0a:97:fe:d9:73:55:a6:95:70: 91:7b:79:34:95:b9:26:bd:aa:b7:21:3d:ad:5c:14:a2:7b:27: 4f:f5:81:66:4a:90:6b:5b:af:a9:0d:01:71:25:0e:f8:9d:b6: df:f0:d9:84:5f:4a:f8:65:63:82:6e:21:5e:b4:70:e2:52:52: 25:19:15:2d:45:f1:f1:bd:34:7b:77:03:72:86:5e:a0:1a:e1: 0e:43:c5:e8:24:8d:de:b8:7c:16:f5:a0:02:bd:00:03:c4:fa: 6b:3a:b2:6f:2f:2a:d2:7e:45:4c:af:ed:15:18:50:00:94:35: b1:1b:97:f4:35:0b:99:5e:f6:f7:cf:f5:eb:f0:b5:4b:cc:bd: fa:fe:b2:ec:b9:69:f8:1e:51:14:73:87:03:69:dd:2c:9f:d3: 53:80:6b:b8:fd:83:74:4e:45:41:0e:7b:b4:ef:f0:40:0b:b8: 36:fe:77:62 -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgICBfwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RENEMDkxMTAvBgNVBAUTKEFEQjk4OTc4RkQ3NTFGOTlEOUE4RUIyQUU3MkQzQzBD NTUwNDUzQTQwHhcNMjUwOTIyMTYzNTIxWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE1MWU2MC05MDFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8aFMWyF+rSyyMtv9FsGRj0GydzZJ/YvahoYJk+1hDLpB2nyiDqv4gaDPn6So Fyg7buiJT+rP2tqIl+BvEfCfZfhyL03tvNfxSDmvA6b/QObPV3pBMmVQkMlwjj+p pQVT+MgoMLk246EiN6MdB7Y0g5lgLSHtaY5Vy+4HmjndpIU0SdsjDMcyeEzcCRlF O0IjkMnp7YJHpkUqK/DEiAItvWEwn7PGlSd0FtWb42y5jCfnhtwbBVJFsK/SwLVZ h8uEC8j0Tm7lfVmnh0WDkD8qJhg9ipiQGpzCG1HxdWw3IMvUD+l59U7MS4f6FZtt z6ooFIueGJWXtgiRncvlaPggUwIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFLt8Qhi6 Ft/wcJkJtwULj989T2yJMB8GA1UdIwQYMBaAFK25iXj9dR+Z2ajrKuctPAxVBFOk MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQ0QwOS9FQUM3RUVBMDEx MkQxMUVDOEQ4NzA1N0RDNEY5QUUwMi9yYm1KZVAxMUg1blpxT3NxNXkwOERGVUVV NlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL3JibUplUDExSDVuWnFPc3E1eTA4REZVRVU2US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RENEMDkvRUFDN0VFQTAxMTJEMTFFQzhEODcwNTdEQzRGOUFFMDIvNDNBQjlGQzY0 MUEzMTFFQ0E3M0M4QzBFQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQC1aqcMA0GCSqGSIb3DQEBCwUAA4IBAQDsYOj2fVZ8Pj3qlYGiGLmm 3QKq8AOIJmp2Ep+qn9FkppW3aEXOwss7+fcOFfiJASH9TX8L+w73RCj3diQsvP9t qLDG3ffF3o7X4ZTi2gSakp4Kl/7Zc1WmlXCRe3k0lbkmvaq3IT2tXBSieydP9YFm SpBrW6+pDQFxJQ74nbbf8NmEX0r4ZWOCbiFetHDiUlIlGRUtRfHxvTR7dwNyhl6g GuEOQ8XoJI3euHwW9aACvQADxPprOrJvLyrSfkVMr+0VGFAAlDWxG5f0NQuZXvb3 z/Xr8LVLzL36/rLsuWn4HlEUc4cDad0sn9NTgGu4/YN0TkVBDnu07/BAC7g2/ndi -----END CERTIFICATE-----Generated at Sat Mar 7 16:12:08 2026 by rpki-client