$ rpki-client -vvf rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/C8C64A4AED4D11EA895BC037C4F9AE02.roa File: C8C64A4AED4D11EA895BC037C4F9AE02.roa (raw, json) Hash identifier: LxOE3iZIwIwbWUQyl4az6q7pcoRLSjG1pe6jKOrSfF0= Subject key identifier: 34:06:4E:13:D7:E4:6D:8F:BA:AC:8E:C4:3A:AE:CE:F6:13:93:53:DE Certificate issuer: /CN=A91E96D9/serialNumber=219EA63C6AC966DDB285886BD711C78A14DF512B Certificate serial: 090D Authority key identifier: 21:9E:A6:3C:6A:C9:66:DD:B2:85:88:6B:D7:11:C7:8A:14:DF:51:2B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IZ6mPGrJZt2yhYhr1xHHihTfUSs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/C8C64A4AED4D11EA895BC037C4F9AE02.roa Signing time: Sun 01 Mar 2026 18:09:01 +0000 ROA not before: Wed 22 Oct 2025 21:39:52 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 38488 IP address blocks: 116.0.42.0/24 maxlen: 24 202.123.240.0/24 maxlen: 24 202.123.242.0/24 maxlen: 24 202.123.243.0/24 maxlen: 24 202.123.244.0/24 maxlen: 24 202.123.245.0/24 maxlen: 24 202.123.246.0/24 maxlen: 24 2400:a960::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/IZ6mPGrJZt2yhYhr1xHHihTfUSs.crl rsync://rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/IZ6mPGrJZt2yhYhr1xHHihTfUSs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IZ6mPGrJZt2yhYhr1xHHihTfUSs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 19 Mar 2026 20:14:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2317 (0x90d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E96D9, serialNumber=219EA63C6AC966DDB285886BD711C78A14DF512B Validity Not Before: Oct 22 21:39:52 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=69a480bd-1ab6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:90:b3:11:01:5d:a2:61:ea:f0:da:36:6d:55: fe:b8:7f:87:58:fa:48:da:99:48:00:1d:f3:bb:8f: 49:a7:ee:9a:50:53:00:a6:fd:8f:e4:08:5f:6f:3c: 1f:ce:94:bc:77:f1:13:4b:6e:f0:ed:c6:7e:5e:47: 72:90:ce:1f:20:5b:fc:96:0d:62:cb:ac:86:6a:ad: 30:ef:4d:66:11:18:d1:7a:be:59:83:6b:b5:d9:05: 22:a3:a7:27:a0:8e:ba:79:de:0f:e1:5d:6d:15:a1: b6:a0:8b:a8:80:34:e8:cb:ff:50:cf:1a:71:ae:88: e1:95:58:69:e9:30:bf:8f:51:9a:50:f7:03:07:b0: d5:1e:63:45:da:9b:b7:7e:35:5e:e3:90:c7:4e:f4: a7:ef:97:4b:8a:2c:ed:0f:22:51:a3:cf:1f:bf:95: f1:2c:c2:46:6a:cc:4f:ab:73:21:25:a3:9c:a4:05: 06:04:7e:a1:4c:d2:33:c9:5b:a2:de:7c:d9:67:89: 04:50:72:eb:ee:0f:ec:d3:83:ce:99:5e:3a:a5:9b: 2b:97:52:d5:c4:8a:8d:0c:cc:e6:bb:17:4d:69:ac: de:17:ea:df:86:e9:85:2b:da:44:e4:68:6b:c4:4c: 41:84:a7:97:0f:e9:0f:ba:a7:a3:2c:18:59:0b:1e: 7c:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:06:4E:13:D7:E4:6D:8F:BA:AC:8E:C4:3A:AE:CE:F6:13:93:53:DE X509v3 Authority Key Identifier: keyid:21:9E:A6:3C:6A:C9:66:DD:B2:85:88:6B:D7:11:C7:8A:14:DF:51:2B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/IZ6mPGrJZt2yhYhr1xHHihTfUSs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IZ6mPGrJZt2yhYhr1xHHihTfUSs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/C8C64A4AED4D11EA895BC037C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 116.0.42.0/24 202.123.240.0/24 202.123.242.0-202.123.246.255 IPv6: 2400:a960::/48 Signature Algorithm: sha256WithRSAEncryption 9a:74:1f:2c:33:46:d2:22:bb:2c:94:7b:ce:de:41:37:a8:d2: 00:b2:52:4a:62:5c:e3:55:a8:a4:a9:7a:55:c3:47:8c:50:8e: 8b:13:69:6e:c4:81:bf:08:8d:bc:5e:1e:3c:ee:d8:e7:f3:99: d0:f7:95:23:43:41:97:3d:e3:2b:87:fc:52:42:4c:ea:5b:34: fd:97:9f:cd:20:3d:97:7b:fc:dd:76:0e:7d:ae:5d:ab:3a:7c: 51:f2:c8:c4:31:97:25:0e:f4:33:38:0a:a5:21:23:30:a0:5a: ee:3e:00:f8:17:8b:6b:e6:cf:30:e2:9c:2c:21:bf:87:1f:bd: 44:86:ef:94:7e:69:af:e4:0f:dd:73:70:0d:82:fc:4e:d5:cc: de:d0:31:12:d7:76:98:8b:9a:99:25:0c:4a:7c:6e:2d:86:e6: 24:38:4b:c3:92:c1:b3:ae:12:d2:64:60:a2:bf:51:8c:41:be: ab:b0:de:75:5c:c6:29:2c:2d:e2:5a:a7:cb:94:36:73:bd:32: 47:dc:09:e8:d8:9b:ff:25:09:65:00:22:47:ad:3c:19:30:74: 97:15:bc:d7:b9:04:d2:e1:4d:fb:87:d8:67:dc:08:4b:fe:83: 14:50:b9:da:95:0b:29:1c:bc:e6:63:58:1e:eb:17:7d:62:5b: 88:6e:fc:88 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgICCQ0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTk2RDkxMTAvBgNVBAUTKDIxOUVBNjNDNkFDOTY2RERCMjg1ODg2QkQ3MTFDNzhB MTRERjUxMkIwHhcNMjUxMDIyMjEzOTUyWhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0ODBiZC0xYWI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwZCzEQFdomHq8No2bVX+uH+HWPpI2plIAB3zu49Jp+6aUFMApv2P5Ahfbzwf zpS8d/ETS27w7cZ+XkdykM4fIFv8lg1iy6yGaq0w701mERjRer5Zg2u12QUio6cn oI66ed4P4V1tFaG2oIuogDToy/9QzxpxrojhlVhp6TC/j1GaUPcDB7DVHmNF2pu3 fjVe45DHTvSn75dLiiztDyJRo88fv5XxLMJGasxPq3MhJaOcpAUGBH6hTNIzyVui 3nzZZ4kEUHLr7g/s04POmV46pZsrl1LVxIqNDMzmuxdNaazeF+rfhumFK9pE5Ghr xExBhKeXD+kPuqejLBhZCx58LwIDAQABo4IChTCCAoEwHQYDVR0OBBYEFDQGThPX 5G2PuqyOxDquzvYTk1PeMB8GA1UdIwQYMBaAFCGepjxqyWbdsoWIa9cRx4oU31Er MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOTZEOS84MERGREVDMEU1 REQxMUVBQjI0NjhENjVDNEY5QUUwMi9JWjZtUEdySlp0MnloWWhyMXhISGloVGZV U3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0laNm1QR3JKWnQyeWhZaHIxeEhIaWhUZlVTcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTk2RDkvODBERkRFQzBFNUREMTFFQUIyNDY4RDY1QzRGOUFFMDIvQzhDNjRBNEFF RDREMTFFQTg5NUJDMDM3QzRGOUFFMDIucm9hMEQGCCsGAQUFBwEHAQH/BDUwMzAg BAIAATAaAwQAdAAqAwQAynvwMAwDBAHKe/IDBADKe/YwDwQCAAIwCQMHACQAqWAA ADANBgkqhkiG9w0BAQsFAAOCAQEAmnQfLDNG0iK7LJR7zt5BN6jSALJSSmJc41Wo pKl6VcNHjFCOixNpbsSBvwiNvF4ePO7Y5/OZ0PeVI0NBlz3jK4f8UkJM6ls0/Zef zSA9l3v83XYOfa5dqzp8UfLIxDGXJQ70MzgKpSEjMKBa7j4A+BeLa+bPMOKcLCG/ hx+9RIbvlH5pr+QP3XNwDYL8TtXM3tAxEtd2mIuamSUMSnxuLYbmJDhLw5LBs64S 0mRgor9RjEG+q7DedVzGKSwt4lqny5Q2c70yR9wJ6Nib/yUJZQAiR608GTB0lxW8 17kE0uFN+4fYZ9wIS/6DFFC52pULKRy85mNYHusXfWJbiG78iA== -----END CERTIFICATE-----Generated at Fri Mar 13 13:51:35 2026 by rpki-client