$ rpki-client -vvf rpki.apnic.net/member_repository/A91FFEDB/34D5D7E6550211ED964B7A4AC4F9AE02/3CE5C23A550611ED96C8F350C4F9AE02.roa File: 3CE5C23A550611ED96C8F350C4F9AE02.roa (raw, json) Hash identifier: Q0Na7uz+8/SY8dENTuHd10OmIdY+SANtmNHmLdr0v6s= Subject key identifier: DE:69:A5:75:BF:64:6F:A8:64:52:14:F0:08:C8:2D:23:76:19:8E:93 Certificate issuer: /CN=A91FFEDB/serialNumber=594F7A0BA9BD1C1386847CE8963963FE4E71636C Certificate serial: 0280 Authority key identifier: 59:4F:7A:0B:A9:BD:1C:13:86:84:7C:E8:96:39:63:FE:4E:71:63:6C Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/WU96C6m9HBOGhHzoljlj_k5xY2w.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FFEDB/34D5D7E6550211ED964B7A4AC4F9AE02/3CE5C23A550611ED96C8F350C4F9AE02.roa Signing time: Sun 01 Mar 2026 10:56:30 +0000 ROA not before: Sun 09 Nov 2025 00:17:28 +0000 ROA not after: Sun 31 Jan 2027 00:00:00 +0000 asID: 38327 IP address blocks: 158.89.0.0/16 maxlen: 16 158.89.0.0/17 maxlen: 17 158.89.128.0/17 maxlen: 17 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FFEDB/34D5D7E6550211ED964B7A4AC4F9AE02/WU96C6m9HBOGhHzoljlj_k5xY2w.crl rsync://rpki.apnic.net/member_repository/A91FFEDB/34D5D7E6550211ED964B7A4AC4F9AE02/WU96C6m9HBOGhHzoljlj_k5xY2w.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/WU96C6m9HBOGhHzoljlj_k5xY2w.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Apr 2026 01:16:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 640 (0x280) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FFEDB, serialNumber=594F7A0BA9BD1C1386847CE8963963FE4E71636C Validity Not Before: Nov 9 00:17:28 2025 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=69a41b5e-9a1f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:d1:8d:7a:6a:e7:b3:99:c6:17:54:4a:75:80: ad:fa:7e:92:58:8e:59:97:d9:cb:8a:98:26:b0:77: e1:7d:6e:d1:49:d1:f3:d8:dc:8c:bd:fe:ae:a2:ca: b1:af:4a:a5:70:87:6c:8c:42:12:28:e6:85:2e:57: bb:58:01:11:cc:b2:08:0b:90:24:b6:bc:6e:37:1a: 1e:db:d8:cc:a2:f6:aa:90:6a:a3:7f:90:dc:b0:d6: 45:d6:78:ac:ad:13:58:92:e4:fe:fb:89:62:d5:69: fc:3a:16:8d:a1:b3:bd:60:d6:be:40:17:aa:45:82: db:0d:15:8c:c6:9b:57:5d:bd:41:2c:7f:69:cb:8f: d0:a4:a1:f1:4c:89:d3:04:8e:6e:f6:71:cb:36:d7: be:71:f9:f4:39:45:6e:14:b6:fd:17:38:1b:6b:0e: 40:73:88:9e:3f:c2:be:88:77:87:63:8e:8c:06:f4: 9d:c5:32:dc:f2:e2:e2:3b:a3:1e:c0:95:dd:d1:d7: 92:70:c9:e6:e0:53:45:fa:fd:d3:10:71:21:95:1b: 68:33:54:c7:cc:1a:be:5a:98:41:0f:83:5a:49:b5: ff:39:08:8e:e8:29:a6:0b:42:66:41:a1:0c:c3:31: 62:b8:ed:5b:af:ea:41:1e:32:7d:c0:4e:49:48:8c: e1:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:69:A5:75:BF:64:6F:A8:64:52:14:F0:08:C8:2D:23:76:19:8E:93 X509v3 Authority Key Identifier: keyid:59:4F:7A:0B:A9:BD:1C:13:86:84:7C:E8:96:39:63:FE:4E:71:63:6C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FFEDB/34D5D7E6550211ED964B7A4AC4F9AE02/WU96C6m9HBOGhHzoljlj_k5xY2w.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/WU96C6m9HBOGhHzoljlj_k5xY2w.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FFEDB/34D5D7E6550211ED964B7A4AC4F9AE02/3CE5C23A550611ED96C8F350C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 158.89.0.0/16 Signature Algorithm: sha256WithRSAEncryption 00:4e:f3:b8:4d:4f:26:a4:f4:85:d0:73:6f:1c:63:7b:a9:21: 5b:1d:7f:5c:27:7d:75:a5:29:ad:41:38:b0:43:91:bb:6b:3c: ae:03:0f:58:5b:bc:28:82:a6:f8:20:ad:68:11:be:8d:39:7d: 4c:8b:ec:97:a5:35:ad:26:ca:b0:0b:49:06:6f:83:00:1d:64: 04:03:e5:21:0d:8c:f3:82:3c:c3:fe:d8:9d:49:91:ec:0a:bd: 7d:fb:8d:a8:04:aa:ed:7c:a1:c2:5f:b4:09:f5:3d:98:b2:4d: 6e:4c:de:88:8d:e7:b9:4f:3c:34:9d:87:9c:63:46:81:3a:a3: 96:58:0f:23:b5:18:d3:75:f7:34:94:1b:09:92:d6:ad:ce:da: b0:e8:66:0d:f3:22:b5:0b:ea:b9:a6:65:81:cf:d6:e9:9a:08: a0:7a:d5:16:5c:0d:3f:a7:3b:2a:be:8c:37:c9:87:b6:ca:d8: 72:56:b2:21:8e:1c:80:0a:fd:7f:5b:56:68:25:40:1f:2b:9c: 28:fd:9e:e8:0d:26:89:33:31:29:5b:3d:49:15:ad:85:4d:d3: 5c:75:58:da:95:63:31:3e:ac:0c:bb:6f:61:d8:ed:f2:69:78: 01:b8:29:8c:fc:59:0b:ad:e6:f3:a4:3e:7a:1c:96:b2:e0:be: 92:36:29:50 -----BEGIN CERTIFICATE----- MIIFOzCCBCOgAwIBAgICAoAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkZFREIxMTAvBgNVBAUTKDU5NEY3QTBCQTlCRDFDMTM4Njg0N0NFODk2Mzk2M0ZF NEU3MTYzNkMwHhcNMjUxMTA5MDAxNzI4WhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MWI1ZS05YTFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx9GNemrns5nGF1RKdYCt+n6SWI5Zl9nLipgmsHfhfW7RSdHz2NyMvf6uosqx r0qlcIdsjEISKOaFLle7WAERzLIIC5AktrxuNxoe29jMovaqkGqjf5DcsNZF1nis rRNYkuT++4li1Wn8OhaNobO9YNa+QBeqRYLbDRWMxptXXb1BLH9py4/QpKHxTInT BI5u9nHLNte+cfn0OUVuFLb9Fzgbaw5Ac4ieP8K+iHeHY46MBvSdxTLc8uLiO6Me wJXd0deScMnm4FNF+v3TEHEhlRtoM1THzBq+WphBD4NaSbX/OQiO6CmmC0JmQaEM wzFiuO1br+pBHjJ9wE5JSIzhNQIDAQABo4ICXzCCAlswHQYDVR0OBBYEFN5ppXW/ ZG+oZFIU8AjILSN2GY6TMB8GA1UdIwQYMBaAFFlPegupvRwThoR86JY5Y/5OcWNs MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRkVEQi8zNEQ1RDdFNjU1 MDIxMUVEOTY0QjdBNEFDNEY5QUUwMi9XVTk2QzZtOUhCT0doSHpvbGpsal9rNXhZ MncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1dVOTZDNm05SEJPR2hIem9samxqX2s1eFkydy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RkZFREIvMzRENUQ3RTY1NTAyMTFFRDk2NEI3QTRBQzRGOUFFMDIvM0NFNUMyM0E1 NTA2MTFFRDk2QzhGMzUwQzRGOUFFMDIucm9hMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMAnlkwDQYJKoZIhvcNAQELBQADggEBAABO87hNTyak9IXQc28cY3up IVsdf1wnfXWlKa1BOLBDkbtrPK4DD1hbvCiCpvggrWgRvo05fUyL7JelNa0myrAL SQZvgwAdZAQD5SENjPOCPMP+2J1JkewKvX37jagEqu18ocJftAn1PZiyTW5M3oiN 57lPPDSdh5xjRoE6o5ZYDyO1GNN19zSUGwmS1q3O2rDoZg3zIrUL6rmmZYHP1uma CKB61RZcDT+nOyq+jDfJh7bK2HJWsiGOHIAK/X9bVmglQB8rnCj9nugNJokzMSlb PUkVrYVN01x1WNqVYzE+rAy7b2HY7fJpeAG4KYz8WQut5vOkPnoclrLgvpI2KVA= -----END CERTIFICATE-----Generated at Thu Mar 26 12:59:43 2026 by rpki-client