$ rpki-client -vvf rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/7DFD24A0A69D11ED970A2E1EC4F9AE02.roa File: 7DFD24A0A69D11ED970A2E1EC4F9AE02.roa (raw, json) Hash identifier: 6caEdCnhzmI2hwVR8XFxrGjD5Z484ugUGSA346QGS2I= Subject key identifier: 35:19:4E:1A:C6:4D:3B:EE:61:10:F9:78:5C:54:32:5B:D9:29:D9:AC Certificate issuer: /CN=A91406AA/serialNumber=218A8AA050267B0805E3FDC8A939BF8FBCB00101 Certificate serial: 074E Authority key identifier: 21:8A:8A:A0:50:26:7B:08:05:E3:FD:C8:A9:39:BF:8F:BC:B0:01:01 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IYqKoFAmewgF4_3IqTm_j7ywAQE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/7DFD24A0A69D11ED970A2E1EC4F9AE02.roa Signing time: Sun 01 Mar 2026 18:09:22 +0000 ROA not before: Wed 08 Oct 2025 22:24:20 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 16625 IP address blocks: 131.203.4.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/IYqKoFAmewgF4_3IqTm_j7ywAQE.crl rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/IYqKoFAmewgF4_3IqTm_j7ywAQE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IYqKoFAmewgF4_3IqTm_j7ywAQE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 14:59:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1870 (0x74e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91406AA, serialNumber=218A8AA050267B0805E3FDC8A939BF8FBCB00101 Validity Not Before: Oct 8 22:24:20 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=69a480d2-2591 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:1e:40:a5:8d:c7:45:a9:64:aa:59:56:bc:21: cb:b4:53:8e:83:2f:51:bd:5f:2c:01:59:c5:a7:a7: d7:8a:6e:63:4d:bf:7b:58:f7:a5:bc:6a:63:9a:cc: 52:39:2e:41:6d:13:f9:30:72:ac:c7:bc:8a:15:f8: 98:30:29:fb:3e:b8:aa:83:c5:80:f1:a3:b3:0e:ed: 24:4e:4f:c3:47:38:7b:58:7e:26:84:e5:5a:39:57: cf:2c:95:8f:9e:93:a8:07:68:aa:54:3e:0e:4a:98: a0:5e:d4:ad:c8:58:e5:c2:4a:66:46:d8:9d:4f:6b: 1b:da:ac:1c:99:c5:3b:e5:51:9d:bb:85:cb:c3:cf: 90:31:d6:7d:c2:b2:2e:99:0e:ac:65:d4:f2:39:75: f5:5e:e0:a7:75:cf:81:1f:61:4d:54:90:69:b3:2c: 93:e2:ec:d3:1a:ad:ab:4a:e3:a5:db:33:0e:d3:f7: 80:50:cf:5e:83:3e:7b:7c:76:d1:57:df:ab:95:e0: 34:45:c8:dd:11:79:82:b4:45:18:f3:7a:a8:f3:22: 4f:3b:cd:db:de:6a:33:59:76:68:65:73:0c:cd:4f: 53:1e:8f:5c:5b:22:3a:1e:88:cf:82:95:6e:cb:fb: 97:44:8d:58:e7:15:e0:37:ad:82:e3:5c:af:85:ba: 8f:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:19:4E:1A:C6:4D:3B:EE:61:10:F9:78:5C:54:32:5B:D9:29:D9:AC X509v3 Authority Key Identifier: keyid:21:8A:8A:A0:50:26:7B:08:05:E3:FD:C8:A9:39:BF:8F:BC:B0:01:01 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/IYqKoFAmewgF4_3IqTm_j7ywAQE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IYqKoFAmewgF4_3IqTm_j7ywAQE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/7DFD24A0A69D11ED970A2E1EC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 131.203.4.0/22 Signature Algorithm: sha256WithRSAEncryption 4d:98:15:ed:6a:3f:ee:4f:74:41:e8:3c:6a:17:28:ca:66:65: ac:dd:01:a5:04:9a:e0:96:3b:55:a4:c7:d6:03:5e:5e:c6:78: 63:a4:60:ab:16:8a:7a:8d:db:4f:be:90:6a:05:17:f6:cd:a4: cb:0c:0c:a1:3b:6c:f1:60:e2:12:bf:3e:06:65:dc:11:34:ce: b9:dc:0a:56:a3:bf:d7:d8:37:51:4a:e6:c8:83:78:ca:e6:4e: b3:06:68:cb:2f:4a:8f:a4:23:05:28:0a:e2:cf:c5:c0:1e:70: 7d:89:91:e5:fd:9e:cd:7f:3a:b1:2b:6d:19:5e:83:b3:96:c2: a2:02:61:15:07:f9:89:d6:a1:a6:c6:8c:3e:df:4b:90:88:b5: e5:81:ff:f7:59:f6:2f:9d:41:9b:87:09:41:37:59:b1:c1:14: 64:fd:a0:c9:7f:da:12:82:5d:25:79:50:32:ef:1f:03:93:1d: 15:b4:84:91:8f:ab:ad:cf:36:d4:ee:89:2d:20:11:a9:8a:36: ba:2a:ac:75:ab:8b:1c:44:21:a2:3c:94:4d:e2:c9:62:ee:5a: 2f:5e:ec:88:3f:dd:47:28:55:25:da:f4:9c:51:f6:89:bd:e8: 6e:77:70:1e:9c:07:e2:6f:9e:da:b9:bb:cf:00:bd:d4:9c:78: 21:74:3b:79 -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgICB04wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDA2QUExMTAvBgNVBAUTKDIxOEE4QUEwNTAyNjdCMDgwNUUzRkRDOEE5MzlCRjhG QkNCMDAxMDEwHhcNMjUxMDA4MjIyNDIwWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0ODBkMi0yNTkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2h5ApY3HRalkqllWvCHLtFOOgy9RvV8sAVnFp6fXim5jTb97WPelvGpjmsxS OS5BbRP5MHKsx7yKFfiYMCn7Priqg8WA8aOzDu0kTk/DRzh7WH4mhOVaOVfPLJWP npOoB2iqVD4OSpigXtStyFjlwkpmRtidT2sb2qwcmcU75VGdu4XLw8+QMdZ9wrIu mQ6sZdTyOXX1XuCndc+BH2FNVJBpsyyT4uzTGq2rSuOl2zMO0/eAUM9egz57fHbR V9+rleA0RcjdEXmCtEUY83qo8yJPO83b3mozWXZoZXMMzU9THo9cWyI6HojPgpVu y/uXRI1Y5xXgN62C41yvhbqPUQIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFDUZThrG TTvuYRD5eFxUMlvZKdmsMB8GA1UdIwQYMBaAFCGKiqBQJnsIBeP9yKk5v4+8sAEB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDZBQS84NjU4RTQ2Njg2 QzExMUVCQkFCMzE4NEJDNEY5QUUwMi9JWXFLb0ZBbWV3Z0Y0XzNJcVRtX2o3eXdB UUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0lZcUtvRkFtZXdnRjRfM0lxVG1fajd5d0FRRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDA2QUEvODY1OEU0NjY4NkMxMTFFQkJBQjMxODRCQzRGOUFFMDIvN0RGRDI0QTBB NjlEMTFFRDk3MEEyRTFFQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCg8sEMA0GCSqGSIb3DQEBCwUAA4IBAQBNmBXtaj/uT3RB6DxqFyjK ZmWs3QGlBJrgljtVpMfWA15exnhjpGCrFop6jdtPvpBqBRf2zaTLDAyhO2zxYOIS vz4GZdwRNM653ApWo7/X2DdRSubIg3jK5k6zBmjLL0qPpCMFKAriz8XAHnB9iZHl /Z7NfzqxK20ZXoOzlsKiAmEVB/mJ1qGmxow+30uQiLXlgf/3WfYvnUGbhwlBN1mx wRRk/aDJf9oSgl0leVAy7x8Dkx0VtISRj6utzzbU7oktIBGpija6Kqx1q4scRCGi PJRN4sli7lovXuyIP91HKFUl2vScUfaJvehud3AenAfib57aubvPAL3UnHghdDt5 -----END CERTIFICATE-----Generated at Mon Mar 2 03:58:45 2026 by rpki-client