$ rpki-client -vvf rpki.apnic.net/member_repository/A91597E8/7A0FE7FA1D9211E2B5BC74F508B02CD2/67AAC7161D1411F1B0E2BAD80C3D8C67.roa File: 67AAC7161D1411F1B0E2BAD80C3D8C67.roa (raw, json) Hash identifier: CHdRjKAYDzl4mARbLMEIedXV1bESXGd76YlTxW4AhVo= Subject key identifier: 00:9A:62:90:A1:B8:C4:B0:9C:DB:F9:B1:7A:93:01:22:73:D2:5D:D3 Certificate issuer: /CN=A91597E8/serialNumber=C9C28F990B627412C97C2DCEC7C906E61AD325AC Certificate serial: 353E Authority key identifier: C9:C2:8F:99:0B:62:74:12:C9:7C:2D:CE:C7:C9:06:E6:1A:D3:25:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ycKPmQtidBLJfC3Ox8kG5hrTJaw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91597E8/7A0FE7FA1D9211E2B5BC74F508B02CD2/67AAC7161D1411F1B0E2BAD80C3D8C67.roa Signing time: Wed 11 Mar 2026 06:57:12 +0000 ROA not before: Wed 11 Mar 2026 06:57:12 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 13335 IP address blocks: 45.64.52.0/22 maxlen: 24 103.1.40.0/22 maxlen: 24 112.213.96.0/19 maxlen: 24 117.18.0.0/20 maxlen: 24 121.54.168.0/21 maxlen: 24 121.127.224.0/19 maxlen: 24 210.56.48.0/21 maxlen: 24 210.56.56.0/21 maxlen: 24 2403:ea00::/32 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91597E8/7A0FE7FA1D9211E2B5BC74F508B02CD2/ycKPmQtidBLJfC3Ox8kG5hrTJaw.crl rsync://rpki.apnic.net/member_repository/A91597E8/7A0FE7FA1D9211E2B5BC74F508B02CD2/ycKPmQtidBLJfC3Ox8kG5hrTJaw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ycKPmQtidBLJfC3Ox8kG5hrTJaw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 02 Apr 2026 14:46:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13630 (0x353e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91597E8, serialNumber=C9C28F990B627412C97C2DCEC7C906E61AD325AC Validity Not Before: Mar 11 06:57:12 2026 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=69b11248-a0ed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:7e:7a:a6:55:58:59:03:ba:b6:fb:d1:bb:eb: 07:d6:a2:ed:b5:a1:6d:2e:f6:5e:07:70:6d:1a:c0: 2a:32:0a:e3:6a:c3:87:5f:21:1d:70:1a:56:04:fa: f3:25:03:20:07:37:90:04:4a:b4:2b:a2:b2:75:50: 4e:eb:59:fb:62:ca:45:4e:c8:0d:37:13:b7:71:de: 5e:76:11:ff:09:92:50:27:94:6a:79:3a:b6:db:2a: 07:5b:fe:7b:bc:5f:80:0e:31:0d:a8:bf:92:e7:51: 26:5d:d4:82:df:3a:84:df:82:33:ad:28:b8:64:cc: 6f:2d:08:8c:a1:d7:82:b0:67:1c:10:af:9a:b7:58: be:d6:8d:e2:20:16:06:53:3c:99:74:1c:63:bd:89: c7:8b:e8:02:c3:c1:a2:db:e3:ef:bb:60:13:4a:f1: 3a:f2:65:39:0d:40:4b:94:32:5c:c1:4c:eb:27:8a: 9f:84:52:dd:67:e5:8d:88:39:39:55:d9:4a:78:13: 96:b2:3a:1b:13:1b:30:82:ca:45:3b:d1:83:90:68: 72:e5:f4:40:3b:a7:02:de:9d:59:d4:78:00:ba:38: c9:c0:0a:e8:5a:dc:f0:d8:34:26:62:c5:2f:64:4b: 40:6a:9c:4d:87:29:e8:3e:35:e5:6f:7b:27:a0:07: 04:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:9A:62:90:A1:B8:C4:B0:9C:DB:F9:B1:7A:93:01:22:73:D2:5D:D3 X509v3 Authority Key Identifier: keyid:C9:C2:8F:99:0B:62:74:12:C9:7C:2D:CE:C7:C9:06:E6:1A:D3:25:AC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91597E8/7A0FE7FA1D9211E2B5BC74F508B02CD2/ycKPmQtidBLJfC3Ox8kG5hrTJaw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ycKPmQtidBLJfC3Ox8kG5hrTJaw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91597E8/7A0FE7FA1D9211E2B5BC74F508B02CD2/67AAC7161D1411F1B0E2BAD80C3D8C67.roa sbgp-ipAddrBlock: critical IPv4: 45.64.52.0/22 103.1.40.0/22 112.213.96.0/19 117.18.0.0/20 121.54.168.0/21 121.127.224.0/19 210.56.48.0/20 IPv6: 2403:ea00::/32 Signature Algorithm: sha256WithRSAEncryption 4a:09:1f:5a:d2:6b:28:e8:f0:e4:1c:56:44:04:b3:a2:3b:76: 7f:e5:b2:2f:53:78:0b:48:6a:05:c1:02:bc:a9:2d:c5:49:73: 53:56:39:33:ae:d4:e2:78:c1:b8:c1:ba:70:9a:d2:ca:2c:01: 08:96:60:84:90:b2:d8:b0:cd:b2:c9:4a:48:d0:12:0f:ad:16: b6:ce:08:cc:39:3b:63:44:7c:d5:99:4a:12:5d:a6:09:24:be: 9b:32:18:03:6b:77:9e:23:ef:b9:5a:d1:ba:5a:49:07:ef:e7: fa:b4:e4:f0:ab:77:d1:c3:ad:8e:aa:6f:24:6b:a1:2c:c7:83: 8d:4f:b5:3a:34:ac:a6:3c:64:fe:4e:37:38:f2:b8:91:62:1b: 56:a6:ef:6a:20:3e:28:72:19:33:5f:11:84:54:b3:6f:94:a3: af:a2:3b:a8:ac:e5:7e:b7:b6:58:69:a3:a9:1d:cd:1d:60:21: 47:78:e6:bc:f5:13:93:de:ec:35:13:c9:f2:5c:d3:cb:eb:06: d7:3b:ff:c1:cc:3b:9a:4e:14:5f:ad:d6:a9:37:75:a9:a9:95: 58:d2:8c:82:40:06:e8:8f:bc:36:e5:1a:20:b4:6b:b6:7b:5f: b8:60:56:9f:57:19:94:88:fa:8d:95:76:10:16:9f:dc:ac:32: df:0c:5f:11 -----BEGIN CERTIFICATE----- MIIFbzCCBFegAwIBAgICNT4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTk3RTgxMTAvBgNVBAUTKEM5QzI4Rjk5MEI2Mjc0MTJDOTdDMkRDRUM3QzkwNkU2 MUFEMzI1QUMwHhcNMjYwMzExMDY1NzEyWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWIxMTI0OC1hMGVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7X56plVYWQO6tvvRu+sH1qLttaFtLvZeB3BtGsAqMgrjasOHXyEdcBpWBPrz JQMgBzeQBEq0K6KydVBO61n7YspFTsgNNxO3cd5edhH/CZJQJ5RqeTq22yoHW/57 vF+ADjENqL+S51EmXdSC3zqE34IzrSi4ZMxvLQiModeCsGccEK+at1i+1o3iIBYG UzyZdBxjvYnHi+gCw8Gi2+Pvu2ATSvE68mU5DUBLlDJcwUzrJ4qfhFLdZ+WNiDk5 VdlKeBOWsjobExswgspFO9GDkGhy5fRAO6cC3p1Z1HgAujjJwAroWtzw2DQmYsUv ZEtAapxNhynoPjXlb3snoAcEZQIDAQABo4ICkzCCAo8wHQYDVR0OBBYEFACaYpCh uMSwnNv5sXqTASJz0l3TMB8GA1UdIwQYMBaAFMnCj5kLYnQSyXwtzsfJBuYa0yWs MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OTdFOC83QTBGRTdGQTFE OTIxMUUyQjVCQzc0RjUwOEIwMkNEMi95Y0tQbVF0aWRCTEpmQzNPeDhrRzVoclRK YXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ljS1BtUXRpZEJMSmZDM094OGtHNWhyVEphdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTk3RTgvN0EwRkU3RkExRDkyMTFFMkI1QkM3NEY1MDhCMDJDRDIvNjdBQUM3MTYx RDE0MTFGMUIwRTJCQUQ4MEMzRDhDNjcucm9hMFIGCCsGAQUFBwEHAQH/BEMwQTAw BAIAATAqAwQCLUA0AwQCZwEoAwQFcNVgAwQEdRIAAwQDeTaoAwQFeX/gAwQE0jgw MA0EAgACMAcDBQAkA+oAMA0GCSqGSIb3DQEBCwUAA4IBAQBKCR9a0mso6PDkHFZE BLOiO3Z/5bIvU3gLSGoFwQK8qS3FSXNTVjkzrtTieMG4wbpwmtLKLAEIlmCEkLLY sM2yyUpI0BIPrRa2zgjMOTtjRHzVmUoSXaYJJL6bMhgDa3eeI++5WtG6WkkH7+f6 tOTwq3fRw62Oqm8ka6Esx4ONT7U6NKymPGT+Tjc48riRYhtWpu9qID4ochkzXxGE VLNvlKOvojuorOV+t7ZYaaOpHc0dYCFHeOa89ROT3uw1E8nyXNPL6wbXO//BzDua ThRfrdapN3WpqZVY0oyCQAboj7w25RogtGu2e1+4YFafVxmUiPqNlXYQFp/crDLf DF8R -----END CERTIFICATE-----Generated at Thu Mar 26 21:32:00 2026 by rpki-client