$ rpki-client -vvf rpki.apnic.net/member_repository/A916CDAC/78D593188F3911F08632A039C4F9AE02/7AA2F5228F4411F0830D0B1EC4F9AE02.roa File: 7AA2F5228F4411F0830D0B1EC4F9AE02.roa (raw, json) Hash identifier: wZA4/4bMMzyJpfxKqGciBuzuLo+xJsHik2HMyxfURfw= Subject key identifier: 08:35:6F:D1:D0:51:C0:F9:DC:84:0E:B6:D6:C3:29:19:59:B7:3F:65 Certificate issuer: /CN=A916CDAC/serialNumber=DDFCA9D034945A5924116137D62877F0CE52BF1B Certificate serial: 76 Authority key identifier: DD:FC:A9:D0:34:94:5A:59:24:11:61:37:D6:28:77:F0:CE:52:BF:1B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3fyp0DSUWlkkEWE31ih38M5Svxs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916CDAC/78D593188F3911F08632A039C4F9AE02/7AA2F5228F4411F0830D0B1EC4F9AE02.roa Signing time: Thu 19 Mar 2026 19:33:54 +0000 ROA not before: Thu 19 Mar 2026 19:33:54 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 31898 IP address blocks: 140.83.32.0/21 maxlen: 21 140.83.40.0/22 maxlen: 22 140.83.44.0/22 maxlen: 22 140.83.48.0/20 maxlen: 20 140.83.80.0/21 maxlen: 21 140.83.94.0/24 maxlen: 24 140.83.95.0/24 maxlen: 24 146.56.32.0/20 maxlen: 20 146.56.48.0/21 maxlen: 21 146.56.61.0/24 maxlen: 24 146.56.96.0/20 maxlen: 20 146.56.112.0/21 maxlen: 21 146.56.120.0/22 maxlen: 22 146.56.124.0/22 maxlen: 22 146.56.128.0/18 maxlen: 18 146.56.178.0/24 maxlen: 24 161.118.0.0/24 maxlen: 24 161.118.2.0/24 maxlen: 24 161.118.6.0/24 maxlen: 24 161.118.128.0/19 maxlen: 19 161.118.160.0/19 maxlen: 19 161.118.192.0/18 maxlen: 18 192.188.171.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916CDAC/78D593188F3911F08632A039C4F9AE02/3fyp0DSUWlkkEWE31ih38M5Svxs.crl rsync://rpki.apnic.net/member_repository/A916CDAC/78D593188F3911F08632A039C4F9AE02/3fyp0DSUWlkkEWE31ih38M5Svxs.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3fyp0DSUWlkkEWE31ih38M5Svxs.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Apr 2026 07:10:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 118 (0x76) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916CDAC, serialNumber=DDFCA9D034945A5924116137D62877F0CE52BF1B Validity Not Before: Mar 19 19:33:54 2026 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=69bc4fa2-5e67 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:f2:75:0f:d5:c5:2f:81:1e:40:5d:60:0e:5c: a0:d2:64:c6:1a:64:7a:d3:79:a4:ef:d8:f5:8e:c8: 3e:3b:8c:ad:91:c8:94:5d:c2:97:0d:c6:41:e9:cd: 37:21:66:7d:7f:50:7c:6e:4d:ae:75:15:5c:28:94: c1:6e:71:ff:90:a2:40:50:f2:25:02:f1:cd:74:f6: d1:a1:1d:e1:dd:3b:3f:b5:ca:a7:78:88:fd:e0:2a: 4a:a7:65:5c:33:5e:46:4b:df:2f:56:01:f9:a6:25: d6:8e:fe:cc:c2:4e:92:52:9f:a1:ee:ad:18:59:9b: 14:cc:93:8e:36:7a:41:43:18:4f:90:67:35:a4:bc: 79:3b:3b:c1:50:a0:1c:a8:e4:e7:f3:7d:74:e8:69: 2e:a4:e9:2d:0f:13:35:7d:96:42:13:c0:39:fc:7b: a7:4a:49:94:15:53:bd:e0:ea:8f:19:d0:c2:ff:a6: ff:c7:2a:77:b6:26:99:9e:0c:09:b1:b2:0b:30:5a: 1f:46:80:c9:64:ef:c2:d2:1e:72:14:1a:f6:31:f0: 1f:11:00:ad:db:7a:43:75:9f:aa:b8:0f:8c:f1:1e: 77:35:c8:02:f9:78:91:e1:5d:1a:fb:29:97:b2:c5: 14:2c:e1:09:27:27:87:fc:30:a0:97:4f:78:46:4d: 4f:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:35:6F:D1:D0:51:C0:F9:DC:84:0E:B6:D6:C3:29:19:59:B7:3F:65 X509v3 Authority Key Identifier: keyid:DD:FC:A9:D0:34:94:5A:59:24:11:61:37:D6:28:77:F0:CE:52:BF:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916CDAC/78D593188F3911F08632A039C4F9AE02/3fyp0DSUWlkkEWE31ih38M5Svxs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3fyp0DSUWlkkEWE31ih38M5Svxs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916CDAC/78D593188F3911F08632A039C4F9AE02/7AA2F5228F4411F0830D0B1EC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 140.83.32.0/19 140.83.80.0/21 140.83.94.0/23 146.56.32.0-146.56.55.255 146.56.61.0/24 146.56.96.0-146.56.191.255 161.118.0.0/24 161.118.2.0/24 161.118.6.0/24 161.118.128.0/17 192.188.171.0/24 Signature Algorithm: sha256WithRSAEncryption 48:e2:dd:24:3c:d9:2e:f8:14:6d:e8:46:78:aa:bf:ce:24:cf: 08:99:25:25:bd:a0:4f:bc:62:51:35:9b:ee:10:6f:da:95:b5: 79:d0:aa:da:a4:90:ac:3c:ee:25:cc:10:28:d6:8a:60:6a:b8: 65:05:de:b4:69:00:3b:02:b7:75:46:99:cf:f5:5d:76:28:25: 8e:77:2a:67:76:c7:f4:8e:5d:23:38:29:48:36:02:6f:c9:84: a5:68:8e:8c:2b:04:65:58:cb:0a:c2:4f:a9:1c:3a:bf:4d:1b: 9a:dc:42:8e:e5:a1:b8:b2:cd:46:d4:ee:a7:f4:36:17:74:19: ad:19:90:95:d7:57:a5:cb:44:74:9f:3c:07:ee:91:e1:ab:e8: e4:2d:4b:5f:0a:43:85:ed:69:00:f9:23:27:24:77:da:f1:f3: be:1c:b5:cd:e2:82:47:bd:f6:27:51:83:9e:0b:b5:94:ed:67: d0:c4:2f:34:79:80:11:3d:99:00:b2:ed:28:9f:39:62:db:56: be:c4:60:19:9c:9e:73:ab:e6:02:59:85:54:05:f1:08:76:99: 90:cd:27:e8:1c:b6:08:d1:2f:3d:a0:ab:a5:b5:ac:d0:e7:02: 74:78:c6:95:bd:4e:2f:d5:4c:71:6b:55:55:7a:22:1a:98:4d: a7:95:76:cb -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgIBdjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 Q0RBQzExMC8GA1UEBRMoRERGQ0E5RDAzNDk0NUE1OTI0MTE2MTM3RDYyODc3RjBD RTUyQkYxQjAeFw0yNjAzMTkxOTMzNTRaFw0yNjA1MjgwMDAwMDBaMBgxFjAUBgNV BAMTDTY5YmM0ZmEyLTVlNjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCQ8nUP1cUvgR5AXWAOXKDSZMYaZHrTeaTv2PWOyD47jK2RyJRdwpcNxkHpzTch Zn1/UHxuTa51FVwolMFucf+QokBQ8iUC8c109tGhHeHdOz+1yqd4iP3gKkqnZVwz XkZL3y9WAfmmJdaO/szCTpJSn6HurRhZmxTMk442ekFDGE+QZzWkvHk7O8FQoByo 5OfzfXToaS6k6S0PEzV9lkITwDn8e6dKSZQVU73g6o8Z0ML/pv/HKne2JpmeDAmx sgswWh9GgMlk78LSHnIUGvYx8B8RAK3bekN1n6q4D4zxHnc1yAL5eJHhXRr7KZey xRQs4QknJ4f8MKCXT3hGTU/tAgMBAAGjggKsMIICqDAdBgNVHQ4EFgQUCDVv0dBR wPnchA621sMpGVm3P2UwHwYDVR0jBBgwFoAU3fyp0DSUWlkkEWE31ih38M5Svxsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTZDREFDLzc4RDU5MzE4OEYz OTExRjA4NjMyQTAzOUM0RjlBRTAyLzNmeXAwRFNVV2xra0VXRTMxaWgzOE01U3Z4 cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvM2Z5cDBEU1VXbGtrRVdFMzFpaDM4TTVTdnhzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgZYGCCsGAQUFBwELBIGJMIGGMIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 Q0RBQy83OEQ1OTMxODhGMzkxMUYwODYzMkEwMzlDNEY5QUUwMi83QUEyRjUyMjhG NDQxMUYwODMwRDBCMUVDNEY5QUUwMi5yb2EwawYIKwYBBQUHAQcBAf8EXDBaMFgE AgABMFIDBAWMUyADBAOMU1ADBAGMU14wDAMEBZI4IAMEA5I4MAMEAJI4PTAMAwQF kjhgAwQGkjiAAwQAoXYAAwQAoXYCAwQAoXYGAwQHoXaAAwQAwLyrMA0GCSqGSIb3 DQEBCwUAA4IBAQBI4t0kPNku+BRt6EZ4qr/OJM8ImSUlvaBPvGJRNZvuEG/albV5 0KrapJCsPO4lzBAo1opgarhlBd60aQA7Ard1RpnP9V12KCWOdypndsf0jl0jOClI NgJvyYSlaI6MKwRlWMsKwk+pHDq/TRua3EKO5aG4ss1G1O6n9DYXdBmtGZCV11el y0R0nzwH7pHhq+jkLUtfCkOF7WkA+SMnJHfa8fO+HLXN4oJHvfYnUYOeC7WU7WfQ xC80eYARPZkAsu0onzli21a+xGAZnJ5zq+YCWYVUBfEIdpmQzSfoHLYI0S89oKul tazQ5wJ0eMaVvU4v1Uxxa1VVeiIamE2nlXbL -----END CERTIFICATE-----Generated at Thu Mar 26 06:46:25 2026 by rpki-client