$ rpki-client -vvf rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/3CE7D21201A311F1A14FC5D2686F56BC.roa File: 3CE7D21201A311F1A14FC5D2686F56BC.roa (raw, json) Hash identifier: o8Efs0Zmsyf+yPslQE6u+yFKAm4P6NONEQAjk5sGm4c= Subject key identifier: 52:1E:35:CC:E1:B0:20:71:40:D8:6E:03:16:CF:2F:58:3D:4A:A5:DA Certificate issuer: /CN=A9157D67/serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD Certificate serial: 0C25 Authority key identifier: 39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/3CE7D21201A311F1A14FC5D2686F56BC.roa Signing time: Sun 01 Mar 2026 18:48:52 +0000 ROA not before: Wed 04 Feb 2026 08:26:44 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 23693 IP address blocks: 43.168.222.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 21:14:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3109 (0xc25) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157D67, serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD Validity Not Before: Feb 4 08:26:44 2026 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=69a48a14-53c3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:a6:b7:ae:aa:c0:2c:f1:88:53:bd:8f:67:24: 56:10:39:3f:dd:30:3f:24:58:38:54:74:b6:f9:67: 5b:6a:ca:4a:f0:be:42:88:5f:a1:8f:e0:d3:fc:60: 6d:4f:88:92:d6:88:57:5b:e1:21:98:d0:7e:48:ef: 32:b6:bb:dc:c9:04:df:6c:be:2d:ea:ab:d8:ee:24: 69:18:27:84:07:23:a5:b8:2b:40:44:7d:82:19:c4: 49:6b:0b:4b:4a:1e:dc:b6:27:15:61:7f:cd:a1:1c: b6:6d:17:20:14:b6:9b:f8:e2:af:1e:06:cd:2e:a3: e0:42:1e:dd:79:99:78:82:07:d3:f2:7e:49:95:a0: 23:4d:7c:fd:95:33:f2:f9:de:c8:e1:5b:54:2b:5d: 86:53:05:8e:ee:70:3f:c0:be:d5:d0:8a:90:98:79: e5:a2:73:7e:a0:9a:50:87:dc:90:a9:5e:2e:8d:df: a2:ea:61:98:5d:1e:94:a2:b1:f9:e1:88:31:b3:0b: 64:e2:ef:44:8d:58:58:37:60:5f:ee:0e:1c:ff:75: 54:25:63:83:14:ef:80:e1:ac:74:be:fd:74:50:de: 97:a7:29:85:c1:5d:b1:c9:c5:f3:8d:ba:08:b0:13: 03:1d:e6:1d:ff:ff:83:a0:5c:3e:3a:a6:ba:d1:1f: 1f:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:1E:35:CC:E1:B0:20:71:40:D8:6E:03:16:CF:2F:58:3D:4A:A5:DA X509v3 Authority Key Identifier: keyid:39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/3CE7D21201A311F1A14FC5D2686F56BC.roa sbgp-ipAddrBlock: critical IPv4: 43.168.222.0/24 Signature Algorithm: sha256WithRSAEncryption 8e:21:45:07:d9:8c:e7:36:72:a4:a9:9e:32:32:52:b0:76:22: f2:91:83:c0:71:4e:9f:05:77:e6:bb:55:4d:37:92:60:6e:26: 5d:3c:6e:b4:01:ed:64:a9:48:0a:8a:d6:53:5f:7d:c3:8d:a7: e8:a6:c6:58:30:f5:ab:85:a7:5c:9b:40:67:90:71:6c:52:55: 60:cb:18:6e:e6:44:c9:7e:08:69:01:1c:96:95:6f:d9:52:f2: 76:c9:35:dd:81:5e:51:fc:e2:f2:7b:d4:6c:6f:b7:b3:49:54: 19:5f:0e:9f:cd:89:7e:d9:2d:7f:ab:44:96:27:0b:56:14:c4: 49:ee:14:d1:27:dc:c2:b0:94:f6:37:f2:30:15:e6:36:71:eb: 61:31:c8:1a:54:eb:c0:39:8d:b1:23:45:07:52:c7:50:5b:f8: 52:cb:1b:00:24:e6:e2:43:59:47:af:a5:c2:c8:e2:59:91:85: a7:12:4d:b2:5c:b5:5b:42:12:7e:1b:8b:ed:c5:7c:7f:4a:c9: 61:a7:79:bf:58:57:ef:30:11:fb:e2:3c:54:2c:6b:81:a0:b8: ba:99:86:06:e1:7b:16:6e:3a:56:9b:7f:8b:a5:20:31:3d:9a: 9c:95:6a:ac:f9:0a:2a:a1:52:19:95:9f:d4:79:97:68:64:6c: d9:f4:90:b4 -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgICDCUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdENjcxMTAvBgNVBAUTKDM5QzQzOTY3NTcwMDg3RjU4M0U0MjVBOUZFOUI2OUI5 NTA2QTU5QkQwHhcNMjYwMjA0MDgyNjQ0WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0OGExNC01M2MzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnqa3rqrALPGIU72PZyRWEDk/3TA/JFg4VHS2+WdbaspK8L5CiF+hj+DT/GBt T4iS1ohXW+EhmNB+SO8ytrvcyQTfbL4t6qvY7iRpGCeEByOluCtARH2CGcRJawtL Sh7cticVYX/NoRy2bRcgFLab+OKvHgbNLqPgQh7deZl4ggfT8n5JlaAjTXz9lTPy +d7I4VtUK12GUwWO7nA/wL7V0IqQmHnlonN+oJpQh9yQqV4ujd+i6mGYXR6UorH5 4Ygxswtk4u9EjVhYN2Bf7g4c/3VUJWODFO+A4ax0vv10UN6XpymFwV2xycXzjboI sBMDHeYd//+DoFw+Oqa60R8f9wIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFFIeNczh sCBxQNhuAxbPL1g9SqXaMB8GA1UdIwQYMBaAFDnEOWdXAIf1g+Qlqf6bablQalm9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0Q2Ny82OUU2QzE2QTQ0 MkExMUVCOTU5OUFEMzhDNEY5QUUwMi9PY1E1WjFjQWhfV0Q1Q1dwX3B0cHVWQnFX YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09jUTVaMWNBaF9XRDVDV3BfcHRwdVZCcVdiMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTdENjcvNjlFNkMxNkE0NDJBMTFFQjk1OTlBRDM4QzRGOUFFMDIvM0NFN0QyMTIw MUEzMTFGMUExNEZDNUQyNjg2RjU2QkMucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK6jeMA0GCSqGSIb3DQEBCwUAA4IBAQCOIUUH2YznNnKkqZ4yMlKw diLykYPAcU6fBXfmu1VNN5JgbiZdPG60Ae1kqUgKitZTX33DjafopsZYMPWrhadc m0BnkHFsUlVgyxhu5kTJfghpARyWlW/ZUvJ2yTXdgV5R/OLye9Rsb7ezSVQZXw6f zYl+2S1/q0SWJwtWFMRJ7hTRJ9zCsJT2N/IwFeY2cethMcgaVOvAOY2xI0UHUsdQ W/hSyxsAJObiQ1lHr6XCyOJZkYWnEk2yXLVbQhJ+G4vtxXx/Sslhp3m/WFfvMBH7 4jxULGuBoLi6mYYG4XsWbjpWm3+LpSAxPZqclWqs+QoqoVIZlZ/UeZdoZGzZ9JC0 -----END CERTIFICATE-----Generated at Thu Mar 26 11:27:26 2026 by rpki-client