$ rpki-client -vvf rpki.apnic.net/member_repository/A91847A2/AED3D35E594211EA936FCE43C4F9AE02/54EDB8542E1811EBB4E80B1FC4F9AE02.roa File: 54EDB8542E1811EBB4E80B1FC4F9AE02.roa (raw, json) Hash identifier: U8LPi0ztG0viQT8FjnrvYf4D9AeaJJe8T9chhBCJepM= Subject key identifier: C0:85:79:E5:8D:B4:66:AD:A4:E0:3F:4B:A9:40:E6:16:E7:D1:B2:60 Certificate issuer: /CN=A91847A2/serialNumber=909516597C76FA3CFFAB15208C0AE9886634AA03 Certificate serial: 0B44 Authority key identifier: 90:95:16:59:7C:76:FA:3C:FF:AB:15:20:8C:0A:E9:88:66:34:AA:03 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kJUWWXx2-jz_qxUgjArpiGY0qgM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91847A2/AED3D35E594211EA936FCE43C4F9AE02/54EDB8542E1811EBB4E80B1FC4F9AE02.roa Signing time: Wed 18 Mar 2026 19:25:04 +0000 ROA not before: Wed 18 Mar 2026 19:25:04 +0000 ROA not after: Fri 28 May 2027 00:00:00 +0000 asID: 4628 IP address blocks: 192.154.17.0/24 maxlen: 24 192.154.18.0/23 maxlen: 24 192.154.20.0/22 maxlen: 24 192.169.32.0/24 maxlen: 24 192.169.34.0/24 maxlen: 24 192.169.37.0/24 maxlen: 24 192.169.38.0/24 maxlen: 24 192.169.41.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91847A2/AED3D35E594211EA936FCE43C4F9AE02/kJUWWXx2-jz_qxUgjArpiGY0qgM.crl rsync://rpki.apnic.net/member_repository/A91847A2/AED3D35E594211EA936FCE43C4F9AE02/kJUWWXx2-jz_qxUgjArpiGY0qgM.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kJUWWXx2-jz_qxUgjArpiGY0qgM.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 19:05:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2884 (0xb44) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91847A2, serialNumber=909516597C76FA3CFFAB15208C0AE9886634AA03 Validity Not Before: Mar 18 19:25:04 2026 GMT Not After : May 28 00:00:00 2027 GMT Subject: CN=69bafc10-2c4d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:84:38:0e:05:4e:7b:d5:46:11:53:0a:a7:29: 11:13:60:8c:9b:36:37:54:dd:b7:0a:fb:af:f5:38: 50:71:ed:43:d4:12:b4:1a:2b:9e:1c:f3:29:f6:93: 4a:ff:43:a6:87:34:b3:79:bc:9b:a8:8b:27:96:1a: c4:b3:1f:f0:d7:10:b6:6f:34:6d:96:31:47:48:69: ed:e2:96:ce:0f:2c:25:cc:9b:28:8f:68:87:ed:81: e6:75:ad:d8:2d:60:b5:14:d2:65:12:82:44:74:f5: 7f:33:35:3b:21:0b:5d:51:f0:93:dd:25:75:e4:aa: f1:c5:1b:48:62:31:e2:e1:76:a8:8d:2e:d1:6c:24: e0:4d:eb:d5:b7:30:1f:61:be:bc:8b:7b:c4:47:2c: 58:d6:45:f0:aa:b5:73:0e:b1:5a:a2:1e:25:4a:ac: bf:c9:d4:16:b5:4a:3c:6b:9d:25:95:97:4e:eb:ea: 18:aa:2e:c9:61:fc:bc:99:db:a7:a7:b6:3e:5e:7a: 07:0a:24:48:37:cb:c6:23:22:db:9c:c0:11:6f:8f: 71:b5:31:7b:d7:ed:1c:24:14:a6:1e:4b:6a:d7:32: 86:38:62:8a:6f:02:04:9f:ea:fd:a7:a8:44:21:30: 30:02:59:10:d8:7b:17:73:53:34:2d:02:a6:81:89: 93:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:85:79:E5:8D:B4:66:AD:A4:E0:3F:4B:A9:40:E6:16:E7:D1:B2:60 X509v3 Authority Key Identifier: keyid:90:95:16:59:7C:76:FA:3C:FF:AB:15:20:8C:0A:E9:88:66:34:AA:03 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91847A2/AED3D35E594211EA936FCE43C4F9AE02/kJUWWXx2-jz_qxUgjArpiGY0qgM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kJUWWXx2-jz_qxUgjArpiGY0qgM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91847A2/AED3D35E594211EA936FCE43C4F9AE02/54EDB8542E1811EBB4E80B1FC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 192.154.17.0-192.154.23.255 192.169.32.0/24 192.169.34.0/24 192.169.37.0-192.169.38.255 192.169.41.0/24 Signature Algorithm: sha256WithRSAEncryption 1c:40:3b:5c:da:d9:78:af:9a:af:97:5f:81:c5:cb:00:20:43: d3:25:fd:09:1b:3c:28:9f:c7:56:73:ef:4a:30:e9:64:89:02: 32:f9:81:8f:14:03:74:bc:8c:25:d5:1e:e8:01:6c:98:a2:85: 70:46:a4:f2:ea:1c:4e:0e:80:93:0d:45:44:94:e3:c6:ca:d5: 3c:ca:9e:fc:e4:c7:ad:d6:a0:65:b9:78:f3:af:19:b6:09:62: b8:53:e3:35:57:db:f2:d1:7f:b5:85:db:2d:32:c8:dd:62:b5: 48:79:0b:29:01:5e:ed:16:84:6a:41:61:af:91:33:40:99:3c: 74:34:1a:97:a9:ed:f2:90:ba:f1:d4:55:ef:d0:31:85:24:3e: 73:ee:bb:31:d4:35:28:89:cb:85:d7:f9:b6:f8:c7:21:84:d3: b8:42:00:e2:a1:fc:64:4d:64:3b:b9:c9:92:a6:8d:d4:de:8e: 9c:70:b2:95:74:9e:60:f1:49:bc:fa:5a:84:0b:74:4d:08:5f: 79:62:42:a8:be:ca:b3:8e:84:ee:5a:1d:5c:cc:eb:4e:12:91: 12:56:6f:28:e6:ac:1a:bf:86:3e:22:d5:17:86:e1:a7:42:7e: 7b:71:5b:bb:b3:5c:16:21:49:ae:ca:bc:2f:3c:6c:3e:1c:5a: 5b:87:5a:cb -----BEGIN CERTIFICATE----- MIIFZDCCBEygAwIBAgICC0QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODQ3QTIxMTAvBgNVBAUTKDkwOTUxNjU5N0M3NkZBM0NGRkFCMTUyMDhDMEFFOTg4 NjYzNEFBMDMwHhcNMjYwMzE4MTkyNTA0WhcNMjcwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02OWJhZmMxMC0yYzRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA9IQ4DgVOe9VGEVMKpykRE2CMmzY3VN23Cvuv9ThQce1D1BK0GiueHPMp9pNK /0OmhzSzebybqIsnlhrEsx/w1xC2bzRtljFHSGnt4pbODywlzJsoj2iH7YHmda3Y LWC1FNJlEoJEdPV/MzU7IQtdUfCT3SV15KrxxRtIYjHi4XaojS7RbCTgTevVtzAf Yb68i3vERyxY1kXwqrVzDrFaoh4lSqy/ydQWtUo8a50llZdO6+oYqi7JYfy8mdun p7Y+XnoHCiRIN8vGIyLbnMARb49xtTF71+0cJBSmHktq1zKGOGKKbwIEn+r9p6hE ITAwAlkQ2HsXc1M0LQKmgYmT5QIDAQABo4ICiDCCAoQwHQYDVR0OBBYEFMCFeeWN tGatpOA/S6lA5hbn0bJgMB8GA1UdIwQYMBaAFJCVFll8dvo8/6sVIIwK6YhmNKoD MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NDdBMi9BRUQzRDM1RTU5 NDIxMUVBOTM2RkNFNDNDNEY5QUUwMi9rSlVXV1h4Mi1qel9xeFVnakFycGlHWTBx Z00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2tKVVdXWHgyLWp6X3F4VWdqQXJwaUdZMHFnTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODQ3QTIvQUVEM0QzNUU1OTQyMTFFQTkzNkZDRTQzQzRGOUFFMDIvNTRFREI4NTQy RTE4MTFFQkI0RTgwQjFGQzRGOUFFMDIucm9hMEcGCCsGAQUFBwEHAQH/BDgwNjA0 BAIAATAuMAwDBADAmhEDBAPAmhADBADAqSADBADAqSIwDAMEAMCpJQMEAMCpJgME AMCpKTANBgkqhkiG9w0BAQsFAAOCAQEAHEA7XNrZeK+ar5dfgcXLACBD0yX9CRs8 KJ/HVnPvSjDpZIkCMvmBjxQDdLyMJdUe6AFsmKKFcEak8uocTg6Akw1FRJTjxsrV PMqe/OTHrdagZbl4868ZtgliuFPjNVfb8tF/tYXbLTLI3WK1SHkLKQFe7RaEakFh r5EzQJk8dDQal6nt8pC68dRV79AxhSQ+c+67MdQ1KInLhdf5tvjHIYTTuEIA4qH8 ZE1kO7nJkqaN1N6OnHCylXSeYPFJvPpahAt0TQhfeWJCqL7Ks46E7lodXMzrThKR ElZvKOasGr+GPiLVF4bhp0J+e3Fbu7NcFiFJrsq8LzxsPhxaW4dayw== -----END CERTIFICATE-----Generated at Thu Mar 26 21:00:18 2026 by rpki-client