$ rpki-client -vvf rpki.apnic.net/member_repository/A9122C94/6AE202A6A1D011EB92A2DF29C4F9AE02/DFA876BAA1D011EB909F3352C4F9AE02.roa File: DFA876BAA1D011EB909F3352C4F9AE02.roa (raw, json) Hash identifier: kx0li/zw87s40T3OezyGkC+0pUIU5Rs0sCA+z6TjHX8= Subject key identifier: 97:E2:F6:4E:A7:1E:4A:57:BF:A6:3F:79:F9:E7:44:2C:9E:84:B1:D1 Certificate issuer: /CN=A9122C94/serialNumber=91772A9A6C39719F8A6E6971636D484EDE43A650 Certificate serial: 06B1 Authority key identifier: 91:77:2A:9A:6C:39:71:9F:8A:6E:69:71:63:6D:48:4E:DE:43:A6:50 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kXcqmmw5cZ-KbmlxY21ITt5DplA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9122C94/6AE202A6A1D011EB92A2DF29C4F9AE02/DFA876BAA1D011EB909F3352C4F9AE02.roa Signing time: Sun 01 Mar 2026 14:08:44 +0000 ROA not before: Wed 10 Sep 2025 22:03:36 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 133066 IP address blocks: 64.224.144.0/20 maxlen: 20 64.224.144.0/24 maxlen: 24 64.224.145.0/24 maxlen: 24 64.224.146.0/24 maxlen: 24 64.224.147.0/24 maxlen: 24 64.224.148.0/24 maxlen: 24 64.224.149.0/24 maxlen: 24 64.224.150.0/24 maxlen: 24 64.224.151.0/24 maxlen: 24 64.224.152.0/24 maxlen: 24 64.224.153.0/24 maxlen: 24 64.224.154.0/24 maxlen: 24 64.224.155.0/24 maxlen: 24 64.224.156.0/24 maxlen: 24 64.224.157.0/24 maxlen: 24 64.224.158.0/24 maxlen: 24 64.224.159.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9122C94/6AE202A6A1D011EB92A2DF29C4F9AE02/kXcqmmw5cZ-KbmlxY21ITt5DplA.crl rsync://rpki.apnic.net/member_repository/A9122C94/6AE202A6A1D011EB92A2DF29C4F9AE02/kXcqmmw5cZ-KbmlxY21ITt5DplA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kXcqmmw5cZ-KbmlxY21ITt5DplA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 20:54:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1713 (0x6b1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9122C94, serialNumber=91772A9A6C39719F8A6E6971636D484EDE43A650 Validity Not Before: Sep 10 22:03:36 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=69a4486c-b02e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:9a:98:8f:67:b3:eb:72:8c:7c:74:e1:88:7a: 88:4b:d3:23:65:c8:41:c7:fb:2b:b7:47:81:88:f7: 71:73:8d:e6:5f:04:3b:2f:de:cd:ce:8f:25:ba:ea: 5b:17:62:7b:9f:50:04:3e:45:09:67:75:44:85:3a: 1d:eb:be:df:86:38:b9:65:0d:2e:b2:94:f4:fe:cf: 82:b7:04:9e:d8:81:c0:55:02:df:a2:ab:3e:c9:c1: 8b:63:ba:93:93:f8:df:11:fb:78:54:36:ec:15:d6: be:fd:7c:2a:f4:2c:bb:5e:de:0c:cf:74:a9:99:f8: 34:4f:41:8b:d6:81:dd:7b:b1:33:5b:e9:75:dc:0e: 15:c8:10:17:27:b6:a8:f8:b8:69:59:93:cc:13:c1: 77:6b:0e:6a:7d:96:14:2c:83:12:00:a7:7b:52:97: e4:d6:c4:b7:f5:6f:f3:9d:4c:ba:15:aa:c8:30:21: bd:88:59:98:a1:4c:7d:a9:6d:76:33:e1:db:e3:83: 24:3f:e6:72:b5:40:61:cd:91:57:46:df:94:2f:59: 7c:76:ea:d6:fc:ba:cb:6a:fb:00:26:29:ad:f7:42: cf:91:c7:02:67:f1:cf:a9:de:5f:4e:f1:98:cd:b4: b2:3a:08:b7:e1:b1:1e:8f:26:40:6c:aa:68:75:ab: 25:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:E2:F6:4E:A7:1E:4A:57:BF:A6:3F:79:F9:E7:44:2C:9E:84:B1:D1 X509v3 Authority Key Identifier: keyid:91:77:2A:9A:6C:39:71:9F:8A:6E:69:71:63:6D:48:4E:DE:43:A6:50 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9122C94/6AE202A6A1D011EB92A2DF29C4F9AE02/kXcqmmw5cZ-KbmlxY21ITt5DplA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kXcqmmw5cZ-KbmlxY21ITt5DplA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9122C94/6AE202A6A1D011EB92A2DF29C4F9AE02/DFA876BAA1D011EB909F3352C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 64.224.144.0/20 Signature Algorithm: sha256WithRSAEncryption a9:8b:30:54:44:69:8a:35:0f:aa:c3:6e:fa:2e:15:32:a6:3f: 8c:77:72:32:fb:cd:e2:6e:ce:fa:b0:a4:58:aa:7a:1a:7c:36: d1:81:6b:5c:66:6a:0f:40:d1:aa:41:ee:cf:c5:e6:63:80:3a: 96:ef:04:ff:2e:f1:f2:25:3a:df:c0:66:76:af:3f:a9:74:0d: 47:f3:4e:b2:c5:a1:fd:69:84:88:f1:d0:7a:8d:dd:80:e1:e1: 01:3f:a5:30:44:54:13:d1:85:05:90:36:de:9a:48:18:89:ed: 0b:6c:26:19:b0:71:d8:a5:fc:64:ec:ab:e3:2d:97:07:d0:88: 35:d7:79:49:9c:f6:60:42:25:d8:1d:a0:59:61:5f:f4:1e:53: e7:ef:28:71:d5:2b:2f:96:3a:95:60:63:86:19:27:6a:f7:f9: 2b:f6:dc:1a:98:fd:d5:9e:f9:5c:f8:93:0f:0d:de:a7:1b:cb: 1d:db:f4:17:fb:ba:ef:22:69:07:bb:9e:f9:a7:be:5d:84:40: 12:a8:fb:45:b1:6c:e3:2a:ed:2d:63:82:e5:b5:c3:6e:95:23: ae:14:ad:18:63:f3:34:5d:85:2a:6c:9d:2d:04:83:e8:73:e3: 83:1b:f8:31:67:61:9c:e8:b7:66:1e:6b:27:e7:19:14:17:b9: 7b:03:60:ca -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgICBrEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjJDOTQxMTAvBgNVBAUTKDkxNzcyQTlBNkMzOTcxOUY4QTZFNjk3MTYzNkQ0ODRF REU0M0E2NTAwHhcNMjUwOTEwMjIwMzM2WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NDg2Yy1iMDJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6JqYj2ez63KMfHThiHqIS9MjZchBx/srt0eBiPdxc43mXwQ7L97Nzo8luupb F2J7n1AEPkUJZ3VEhTod677fhji5ZQ0uspT0/s+CtwSe2IHAVQLfoqs+ycGLY7qT k/jfEft4VDbsFda+/Xwq9Cy7Xt4Mz3Spmfg0T0GL1oHde7EzW+l13A4VyBAXJ7ao +LhpWZPME8F3aw5qfZYULIMSAKd7Upfk1sS39W/znUy6FarIMCG9iFmYoUx9qW12 M+Hb44MkP+ZytUBhzZFXRt+UL1l8durW/LrLavsAJimt90LPkccCZ/HPqd5fTvGY zbSyOgi34bEejyZAbKpodaslqwIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFJfi9k6n HkpXv6Y/efnnRCyehLHRMB8GA1UdIwQYMBaAFJF3KppsOXGfim5pcWNtSE7eQ6ZQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMkM5NC82QUUyMDJBNkEx RDAxMUVCOTJBMkRGMjlDNEY5QUUwMi9rWGNxbW13NWNaLUtibWx4WTIxSVR0NURw bEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2tYY3FtbXc1Y1otS2JtbHhZMjFJVHQ1RHBsQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MjJDOTQvNkFFMjAyQTZBMUQwMTFFQjkyQTJERjI5QzRGOUFFMDIvREZBODc2QkFB MUQwMTFFQjkwOUYzMzUyQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQEQOCQMA0GCSqGSIb3DQEBCwUAA4IBAQCpizBURGmKNQ+qw276LhUy pj+Md3Iy+83ibs76sKRYqnoafDbRgWtcZmoPQNGqQe7PxeZjgDqW7wT/LvHyJTrf wGZ2rz+pdA1H806yxaH9aYSI8dB6jd2A4eEBP6UwRFQT0YUFkDbemkgYie0LbCYZ sHHYpfxk7KvjLZcH0Ig113lJnPZgQiXYHaBZYV/0HlPn7yhx1SsvljqVYGOGGSdq 9/kr9twamP3Vnvlc+JMPDd6nG8sd2/QX+7rvImkHu575p75dhEASqPtFsWzjKu0t Y4LltcNulSOuFK0YY/M0XYUqbJ0tBIPoc+ODG/gxZ2Gc6LdmHmsn5xkUF7l7A2DK -----END CERTIFICATE-----Generated at Thu Mar 26 10:05:44 2026 by rpki-client