$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2B47/E88E9C7E33AF11EDB6107434C4F9AE02/1030CBF02BE911F1BE5DE9B7C4833773.roa File: 1030CBF02BE911F1BE5DE9B7C4833773.roa (raw, json) Hash identifier: EpKA0Qcr8+YCVzQw+n1+P9eI1+6tzWoY6uRcXseyDfg= Subject key identifier: 6E:89:E8:60:3E:4A:90:F7:C8:5A:18:89:35:CD:E5:A1:98:6E:F6:59 Certificate issuer: /CN=A91F2B47/serialNumber=17D5FE323EBFD9A8D344E77B73799A8E75624352 Certificate serial: 02FE Authority key identifier: 17:D5:FE:32:3E:BF:D9:A8:D3:44:E7:7B:73:79:9A:8E:75:62:43:52 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/F9X-Mj6_2ajTROd7c3majnViQ1I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F2B47/E88E9C7E33AF11EDB6107434C4F9AE02/1030CBF02BE911F1BE5DE9B7C4833773.roa Signing time: Mon 30 Mar 2026 03:32:22 +0000 ROA not before: Mon 30 Mar 2026 03:32:22 +0000 ROA not after: Sat 01 May 2027 00:00:00 +0000 asID: 9426 IP address blocks: 166.120.0.0/22 maxlen: 24 166.120.4.0/22 maxlen: 24 166.120.8.0/24 maxlen: 24 166.120.64.0/19 maxlen: 19 166.120.64.0/22 maxlen: 24 166.120.68.0/23 maxlen: 24 166.120.70.0/23 maxlen: 24 166.120.72.0/22 maxlen: 23 166.120.74.0/23 maxlen: 24 166.120.76.0/22 maxlen: 22 166.120.76.0/23 maxlen: 24 166.120.80.0/20 maxlen: 22 166.120.164.0/22 maxlen: 24 166.120.202.0/23 maxlen: 24 166.120.212.0/23 maxlen: 24 166.120.216.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F2B47/E88E9C7E33AF11EDB6107434C4F9AE02/F9X-Mj6_2ajTROd7c3majnViQ1I.crl rsync://rpki.apnic.net/member_repository/A91F2B47/E88E9C7E33AF11EDB6107434C4F9AE02/F9X-Mj6_2ajTROd7c3majnViQ1I.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/F9X-Mj6_2ajTROd7c3majnViQ1I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 Apr 2026 01:10:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 766 (0x2fe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F2B47, serialNumber=17D5FE323EBFD9A8D344E77B73799A8E75624352 Validity Not Before: Mar 30 03:32:22 2026 GMT Not After : May 1 00:00:00 2027 GMT Subject: CN=69c9eec6-d291 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:35:53:9c:b4:b7:46:aa:56:36:8a:f5:1d:36: be:51:90:42:3e:2e:3a:96:47:f5:9a:b7:c6:96:4a: 40:3d:61:53:42:2e:52:7e:a3:32:a6:4e:f7:58:3d: 4e:dc:94:7f:14:31:55:96:0e:70:04:f4:41:01:b8: 94:6e:50:19:7a:b7:68:8b:55:21:65:3a:e6:1f:5f: 93:39:df:fb:1a:16:56:d9:f1:9f:25:83:c4:14:c9: 1a:7a:f1:51:32:78:88:74:2d:54:a3:a3:9c:51:e6: 6b:c5:1a:fb:05:4c:ac:9a:93:aa:21:0e:c2:2c:e6: 4d:41:9b:8f:b6:fb:92:c8:38:e1:04:e2:29:69:c2: b4:1d:90:87:c9:dd:88:60:9e:65:cc:b9:e1:59:73: 4b:6a:61:5f:e2:5d:57:b2:b4:6a:ed:ac:f3:36:40: 7e:3d:67:f4:11:fc:f9:bd:9d:2c:a0:9e:53:30:dc: 0c:05:b1:95:28:cc:18:dc:c7:9d:0b:50:7e:73:e9: 91:6a:3c:cb:5d:3c:29:06:6f:c5:b8:83:92:5c:e2: e5:d4:aa:21:87:1a:cc:08:ba:cc:98:e9:09:a6:f7: e2:db:ad:5e:cb:2c:e0:5f:4c:05:ac:7f:6e:91:64: f7:c9:e3:27:f0:65:ce:6e:6d:38:73:2c:1c:ba:fc: 10:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:89:E8:60:3E:4A:90:F7:C8:5A:18:89:35:CD:E5:A1:98:6E:F6:59 X509v3 Authority Key Identifier: keyid:17:D5:FE:32:3E:BF:D9:A8:D3:44:E7:7B:73:79:9A:8E:75:62:43:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F2B47/E88E9C7E33AF11EDB6107434C4F9AE02/F9X-Mj6_2ajTROd7c3majnViQ1I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/F9X-Mj6_2ajTROd7c3majnViQ1I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2B47/E88E9C7E33AF11EDB6107434C4F9AE02/1030CBF02BE911F1BE5DE9B7C4833773.roa sbgp-ipAddrBlock: critical IPv4: 166.120.0.0-166.120.8.255 166.120.64.0/19 166.120.164.0/22 166.120.202.0/23 166.120.212.0/23 166.120.216.0/23 Signature Algorithm: sha256WithRSAEncryption a3:d3:fa:4d:d3:b4:81:b6:21:50:46:31:56:79:94:c3:b9:bc: 74:51:1a:ab:90:4a:db:28:97:0a:5c:6b:e1:96:45:3d:82:0f: ec:47:23:bb:50:0f:cf:1a:dd:3a:e0:b2:c2:76:fa:33:f7:92: 3b:07:44:71:93:2b:31:99:79:d0:34:88:80:34:96:3d:b6:cd: 9f:56:0f:b1:ed:86:c5:cb:21:19:b5:87:13:4a:c9:58:53:5b: 28:74:7c:27:8e:13:95:8e:71:d5:48:e2:6f:d6:a1:01:64:0f: de:95:6c:a0:54:89:c1:dd:40:d7:2d:ac:73:2a:bc:be:9e:d6: 86:f2:de:43:e7:a5:7e:11:f9:a0:cf:8c:1f:47:0b:c8:b1:4c: 89:15:e0:58:75:2d:41:22:10:42:a0:1f:99:72:61:d0:45:c1: 78:fd:08:2a:15:60:72:a4:2a:00:9c:c4:7b:1b:dd:f5:fb:19: 30:23:41:c7:2a:1f:1f:dc:dc:c7:e4:98:aa:3c:df:f0:1e:e2: 25:47:41:45:0c:9e:24:bf:81:b4:bd:45:34:e3:52:34:d0:82: ac:35:c7:6b:79:4f:08:74:4e:93:8e:f1:39:4a:6a:23:43:eb: 84:12:dd:0a:53:d2:7a:34:b8:c1:b9:38:97:4a:98:db:e8:1b: a8:0d:c8:80 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgICAv4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjJCNDcxMTAvBgNVBAUTKDE3RDVGRTMyM0VCRkQ5QThEMzQ0RTc3QjczNzk5QThF NzU2MjQzNTIwHhcNMjYwMzMwMDMzMjIyWhcNMjcwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWM5ZWVjNi1kMjkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyTVTnLS3RqpWNor1HTa+UZBCPi46lkf1mrfGlkpAPWFTQi5SfqMypk73WD1O 3JR/FDFVlg5wBPRBAbiUblAZerdoi1UhZTrmH1+TOd/7GhZW2fGfJYPEFMkaevFR MniIdC1Uo6OcUeZrxRr7BUysmpOqIQ7CLOZNQZuPtvuSyDjhBOIpacK0HZCHyd2I YJ5lzLnhWXNLamFf4l1XsrRq7azzNkB+PWf0Efz5vZ0soJ5TMNwMBbGVKMwY3Med C1B+c+mRajzLXTwpBm/FuIOSXOLl1KohhxrMCLrMmOkJpvfi261eyyzgX0wFrH9u kWT3yeMn8GXObm04cywcuvwQ5QIDAQABo4IChTCCAoEwHQYDVR0OBBYEFG6J6GA+ SpD3yFoYiTXN5aGYbvZZMB8GA1UdIwQYMBaAFBfV/jI+v9mo00Tne3N5mo51YkNS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMkI0Ny9FODhFOUM3RTMz QUYxMUVEQjYxMDc0MzRDNEY5QUUwMi9GOVgtTWo2XzJhalRST2Q3YzNtYWpuVmlR MUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0Y5WC1NajZfMmFqVFJPZDdjM21ham5WaVExSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjJCNDcvRTg4RTlDN0UzM0FGMTFFREI2MTA3NDM0QzRGOUFFMDIvMTAzMENCRjAy QkU5MTFGMUJFNURFOUI3QzQ4MzM3NzMucm9hMEQGCCsGAQUFBwEHAQH/BDUwMzAx BAIAATArMAsDAwOmeAMEAKZ4CAMEBaZ4QAMEAqZ4pAMEAaZ4ygMEAaZ41AMEAaZ4 2DANBgkqhkiG9w0BAQsFAAOCAQEAo9P6TdO0gbYhUEYxVnmUw7m8dFEaq5BK2yiX Clxr4ZZFPYIP7Ecju1APzxrdOuCywnb6M/eSOwdEcZMrMZl50DSIgDSWPbbNn1YP se2GxcshGbWHE0rJWFNbKHR8J44TlY5x1Ujib9ahAWQP3pVsoFSJwd1A1y2scyq8 vp7WhvLeQ+elfhH5oM+MH0cLyLFMiRXgWHUtQSIQQqAfmXJh0EXBeP0IKhVgcqQq AJzEexvd9fsZMCNBxyofH9zcx+SYqjzf8B7iJUdBRQyeJL+BtL1FNONSNNCCrDXH a3lPCHROk47xOUpqI0PrhBLdClPSejS4wbk4l0qY2+gbqA3IgA== -----END CERTIFICATE-----Generated at Mon Apr 6 15:15:21 2026 by rpki-client