$ rpki-client -vvf rpki.apnic.net/member_repository/A91288D9/F83E3FCEADBC11EFB302983EC4F9AE02/8D431594FFDF11EF8DF72930C4F9AE02.roa File: 8D431594FFDF11EF8DF72930C4F9AE02.roa (raw, json) Hash identifier: pkoy3XTlYyZ8zRpQAksJG/nCLkfVOV6ccFZKSXm/Z5A= Subject key identifier: 27:73:4E:F8:F4:FB:A3:96:C3:AD:31:35:71:63:52:83:77:B5:43:16 Certificate issuer: /CN=A91288D9/serialNumber=A64BE44ACB00E4BDAE4491B0FA0CD7099D2C727C Certificate serial: F1 Authority key identifier: A6:4B:E4:4A:CB:00:E4:BD:AE:44:91:B0:FA:0C:D7:09:9D:2C:72:7C Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/pkvkSssA5L2uRJGw-gzXCZ0scnw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91288D9/F83E3FCEADBC11EFB302983EC4F9AE02/8D431594FFDF11EF8DF72930C4F9AE02.roa Signing time: Sun 01 Mar 2026 11:45:06 +0000 ROA not before: Tue 24 Jun 2025 19:14:36 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 58935 IP address blocks: 160.250.89.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91288D9/F83E3FCEADBC11EFB302983EC4F9AE02/pkvkSssA5L2uRJGw-gzXCZ0scnw.crl rsync://rpki.apnic.net/member_repository/A91288D9/F83E3FCEADBC11EFB302983EC4F9AE02/pkvkSssA5L2uRJGw-gzXCZ0scnw.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/pkvkSssA5L2uRJGw-gzXCZ0scnw.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 01:07:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 241 (0xf1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91288D9, serialNumber=A64BE44ACB00E4BDAE4491B0FA0CD7099D2C727C Validity Not Before: Jun 24 19:14:36 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=69a426c2-63e8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:2d:fd:3b:56:52:96:b5:cd:db:c2:44:0c:02: 17:71:5f:24:f9:c1:d7:03:b7:db:7a:bb:5a:70:b3: bf:2b:b7:e4:2c:f4:3e:cd:9d:af:6e:4d:e3:ff:d2: 5c:60:82:8a:5f:29:a1:b2:e8:40:57:5f:28:c3:52: 5c:bc:80:cc:6f:f0:ce:89:9f:50:96:f8:66:77:8e: 57:28:ef:5f:04:60:d8:c0:0e:8c:d2:1a:00:3b:0b: fd:4f:86:bc:41:fd:43:52:41:bf:63:7e:ea:08:85: c7:8e:fd:9d:60:6f:1c:0c:42:32:2a:ae:c3:33:2c: d0:3b:b9:16:66:92:8e:62:9c:27:c7:56:18:9e:68: 4d:e7:d3:2a:a7:a2:9d:cf:02:7b:1e:9b:8c:39:05: 4f:06:72:ce:61:98:64:73:46:2a:54:40:90:a2:10: 18:67:35:4c:f0:f9:cd:61:18:cf:d5:eb:e4:a2:c5: b5:5f:7e:cf:9d:60:33:c5:00:80:90:53:54:14:d8: 0a:f1:a8:12:0c:1e:6d:a4:34:f5:65:cd:24:b8:3c: cf:0e:27:65:44:b8:46:d0:cf:23:b2:1b:df:ae:4f: 8b:1d:88:66:1d:f4:a4:73:dc:5a:48:aa:2a:42:62: cc:bb:05:bb:71:de:0a:8e:69:29:e4:de:f2:26:99: 84:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:73:4E:F8:F4:FB:A3:96:C3:AD:31:35:71:63:52:83:77:B5:43:16 X509v3 Authority Key Identifier: keyid:A6:4B:E4:4A:CB:00:E4:BD:AE:44:91:B0:FA:0C:D7:09:9D:2C:72:7C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91288D9/F83E3FCEADBC11EFB302983EC4F9AE02/pkvkSssA5L2uRJGw-gzXCZ0scnw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/pkvkSssA5L2uRJGw-gzXCZ0scnw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91288D9/F83E3FCEADBC11EFB302983EC4F9AE02/8D431594FFDF11EF8DF72930C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 160.250.89.0/24 Signature Algorithm: sha256WithRSAEncryption 33:c7:02:e5:b2:98:f2:97:ed:c9:58:30:8c:eb:4d:8d:d5:83: 58:3c:ec:69:cc:0e:fe:47:8b:dc:6b:c9:85:f9:87:48:62:27: a4:b7:bd:06:97:3a:70:1c:d3:f8:98:f7:2b:19:52:d5:47:07: 65:6f:e3:ff:f6:9f:89:8d:cb:0b:7e:c1:f0:e6:d4:88:be:6a: b6:ca:9c:70:8b:55:54:dd:b2:1a:a1:9f:bc:c3:15:48:2a:9b: 43:80:b2:80:3e:f2:e9:61:a9:74:8c:74:43:0a:de:6a:1e:b7: a2:ad:2d:58:5b:1e:7b:24:7c:40:b8:02:b9:3a:ff:a4:7a:0b: ed:bd:cd:52:1d:1b:33:bc:cb:5b:c8:90:45:a2:14:fc:7a:24: 16:70:6f:3c:15:59:32:fc:12:42:2c:a0:76:d6:09:cd:a3:d2: 58:eb:5f:dc:a0:31:bd:7b:db:23:0b:82:ab:e3:30:22:7b:4c: fa:d1:60:7a:da:aa:d0:76:98:7e:b9:8e:0a:d9:1b:9a:60:6c: b2:1e:1a:6f:7c:69:87:46:06:6f:ea:32:cd:5d:8c:9d:0e:06: 14:39:79:87:5c:ab:a8:c9:40:d3:ec:a0:00:db:06:ac:ec:65: a9:20:e1:c6:f8:bc:a4:f2:cd:d2:a2:2b:3d:d1:17:bd:22:d0: 54:64:9c:24 -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgICAPEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Mjg4RDkxMTAvBgNVBAUTKEE2NEJFNDRBQ0IwMEU0QkRBRTQ0OTFCMEZBMENENzA5 OUQyQzcyN0MwHhcNMjUwNjI0MTkxNDM2WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MjZjMi02M2U4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzi39O1ZSlrXN28JEDAIXcV8k+cHXA7fbertacLO/K7fkLPQ+zZ2vbk3j/9Jc YIKKXymhsuhAV18ow1JcvIDMb/DOiZ9Qlvhmd45XKO9fBGDYwA6M0hoAOwv9T4a8 Qf1DUkG/Y37qCIXHjv2dYG8cDEIyKq7DMyzQO7kWZpKOYpwnx1YYnmhN59Mqp6Kd zwJ7HpuMOQVPBnLOYZhkc0YqVECQohAYZzVM8PnNYRjP1evkosW1X37PnWAzxQCA kFNUFNgK8agSDB5tpDT1Zc0kuDzPDidlRLhG0M8jshvfrk+LHYhmHfSkc9xaSKoq QmLMuwW7cd4Kjmkp5N7yJpmEiQIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFCdzTvj0 +6OWw60xNXFjUoN3tUMWMB8GA1UdIwQYMBaAFKZL5ErLAOS9rkSRsPoM1wmdLHJ8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyODhEOS9GODNFM0ZDRUFE QkMxMUVGQjMwMjk4M0VDNEY5QUUwMi9wa3ZrU3NzQTVMMnVSSkd3LWd6WENaMHNj bncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3BrdmtTc3NBNUwydVJKR3ctZ3pYQ1owc2Nudy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Mjg4RDkvRjgzRTNGQ0VBREJDMTFFRkIzMDI5ODNFQzRGOUFFMDIvOEQ0MzE1OTRG RkRGMTFFRjhERjcyOTMwQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAoPpZMA0GCSqGSIb3DQEBCwUAA4IBAQAzxwLlspjyl+3JWDCM602N 1YNYPOxpzA7+R4vca8mF+YdIYiekt70GlzpwHNP4mPcrGVLVRwdlb+P/9p+JjcsL fsHw5tSIvmq2ypxwi1VU3bIaoZ+8wxVIKptDgLKAPvLpYal0jHRDCt5qHreirS1Y Wx57JHxAuAK5Ov+kegvtvc1SHRszvMtbyJBFohT8eiQWcG88FVky/BJCLKB21gnN o9JY61/coDG9e9sjC4Kr4zAie0z60WB62qrQdph+uY4K2RuaYGyyHhpvfGmHRgZv 6jLNXYydDgYUOXmHXKuoyUDT7KAA2was7GWpIOHG+Lyk8s3Sois90Re9ItBUZJwk -----END CERTIFICATE-----Generated at Mon Mar 2 20:56:55 2026 by rpki-client