$ rpki-client -vvf rpki.apnic.net/member_repository/A91417B0/E1AC8210D88311EF954A3D70C4F9AE02/5909D86203DB11F0B7D5DD29C4F9AE02.roa File: 5909D86203DB11F0B7D5DD29C4F9AE02.roa (raw, json) Hash identifier: XcWLcqq81azP3U6TBivGOyYKJ0IUJVaAPBiEqjAnhx8= Subject key identifier: 35:52:4D:C5:8B:04:BD:05:AB:97:B9:BA:FD:8A:6A:CE:7E:54:74:6E Certificate issuer: /CN=A91417B0/serialNumber=CA297747430A1BEB340BCA39D6222FD26419B7DB Certificate serial: D3 Authority key identifier: CA:29:77:47:43:0A:1B:EB:34:0B:CA:39:D6:22:2F:D2:64:19:B7:DB Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/yil3R0MKG-s0C8o51iIv0mQZt9s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91417B0/E1AC8210D88311EF954A3D70C4F9AE02/5909D86203DB11F0B7D5DD29C4F9AE02.roa Signing time: Sun 01 Mar 2026 06:57:53 +0000 ROA not before: Tue 18 Mar 2025 09:31:15 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 153550 IP address blocks: 161.248.244.0/23 maxlen: 23 161.248.244.0/24 maxlen: 24 161.248.245.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91417B0/E1AC8210D88311EF954A3D70C4F9AE02/yil3R0MKG-s0C8o51iIv0mQZt9s.crl rsync://rpki.apnic.net/member_repository/A91417B0/E1AC8210D88311EF954A3D70C4F9AE02/yil3R0MKG-s0C8o51iIv0mQZt9s.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/yil3R0MKG-s0C8o51iIv0mQZt9s.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 07:56:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 211 (0xd3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91417B0, serialNumber=CA297747430A1BEB340BCA39D6222FD26419B7DB Validity Not Before: Mar 18 09:31:15 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=69a3e371-6f2d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:29:ae:c7:a9:b6:82:1b:51:5f:e4:c0:e5:50: 04:74:75:2e:da:19:b3:47:cc:6d:29:f8:ef:36:ec: 35:59:f1:68:8f:cf:f5:37:a7:4f:ff:6b:89:47:f3: 29:71:1a:45:9e:ed:cd:c2:96:bc:fb:37:76:a9:01: f2:ba:a4:d0:f2:c0:29:6d:9d:a6:7f:0a:25:ec:7a: 3f:8b:60:87:0f:14:86:b3:d0:28:62:d5:bf:35:08: 60:7c:f9:77:dd:7e:f0:35:54:29:b3:43:c8:8d:96: fe:98:18:72:e6:c8:56:56:c1:7a:e3:e4:bb:1c:ed: 9f:00:7e:d0:91:45:92:34:32:f6:d7:61:de:66:33: 0a:d8:1e:9e:6e:3a:74:34:ce:9d:68:7a:77:5c:f0: 78:6d:55:6a:62:89:d3:18:1a:f2:6d:5e:1f:89:2d: 3a:2a:e3:b9:de:cf:8e:cb:d0:20:b7:74:ec:7a:22: 56:14:fb:79:e9:ce:db:74:1f:68:71:6c:8d:9b:85: aa:2d:d8:1f:f8:15:4d:4f:f4:57:27:69:1a:78:78: f5:68:24:48:3a:35:08:ca:a7:00:35:30:1c:19:19: 0e:07:87:52:1e:c0:1c:40:9d:84:1c:50:63:a8:8f: 36:27:43:32:45:0e:9d:81:29:2f:93:d9:36:36:1b: 57:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:52:4D:C5:8B:04:BD:05:AB:97:B9:BA:FD:8A:6A:CE:7E:54:74:6E X509v3 Authority Key Identifier: keyid:CA:29:77:47:43:0A:1B:EB:34:0B:CA:39:D6:22:2F:D2:64:19:B7:DB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91417B0/E1AC8210D88311EF954A3D70C4F9AE02/yil3R0MKG-s0C8o51iIv0mQZt9s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/yil3R0MKG-s0C8o51iIv0mQZt9s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91417B0/E1AC8210D88311EF954A3D70C4F9AE02/5909D86203DB11F0B7D5DD29C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 161.248.244.0/23 Signature Algorithm: sha256WithRSAEncryption b3:8b:9a:ec:b2:f6:f7:4f:f4:38:7d:58:ba:b9:f6:8f:d8:93: e5:aa:6d:f7:8a:36:8b:f3:18:ff:9b:32:aa:33:c2:09:ce:e5: 3b:32:e7:71:c0:65:5e:13:be:c1:e3:15:9e:61:a3:6a:fc:58: 04:e5:16:9c:d5:d6:b0:cf:b1:a9:76:f2:19:22:a0:2e:3d:0b: c1:fb:bc:66:74:e6:15:0d:40:c7:59:4c:a2:8b:81:f2:0f:ec: 21:1c:69:a8:ff:30:2b:d9:95:b4:5e:e5:e7:a5:a6:10:db:cb: fd:b3:f9:3b:81:21:b4:f9:51:b0:ee:d2:09:17:92:d5:77:cc: e0:6b:1e:8e:14:40:66:35:b0:a0:10:a7:30:d0:ff:d4:54:cd: 52:bf:e3:cd:09:4e:0d:28:f8:a0:31:ba:b2:c2:0e:37:69:b5: d9:cf:e4:51:c4:7c:9b:ae:da:7e:74:c7:f7:7a:51:94:b4:fd: b8:8c:1d:9b:bf:8d:72:d5:7f:8e:fe:69:79:5c:d0:6c:33:20: 7a:bd:db:60:cb:95:51:66:00:d5:65:04:e9:e5:4c:f8:e1:12: c7:16:71:2e:5f:4c:51:37:40:45:c3:6b:63:74:fe:1a:79:8c: 10:a6:df:32:72:47:54:b9:0a:25:01:71:8e:32:84:0e:e8:0a: 4f:11:13:5b -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgICANMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDE3QjAxMTAvBgNVBAUTKENBMjk3NzQ3NDMwQTFCRUIzNDBCQ0EzOUQ2MjIyRkQy NjQxOUI3REIwHhcNMjUwMzE4MDkzMTE1WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWEzZTM3MS02ZjJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoymux6m2ghtRX+TA5VAEdHUu2hmzR8xtKfjvNuw1WfFoj8/1N6dP/2uJR/Mp cRpFnu3Nwpa8+zd2qQHyuqTQ8sApbZ2mfwol7Ho/i2CHDxSGs9AoYtW/NQhgfPl3 3X7wNVQps0PIjZb+mBhy5shWVsF64+S7HO2fAH7QkUWSNDL212HeZjMK2B6ebjp0 NM6daHp3XPB4bVVqYonTGBrybV4fiS06KuO53s+Oy9Agt3TseiJWFPt56c7bdB9o cWyNm4WqLdgf+BVNT/RXJ2kaeHj1aCRIOjUIyqcANTAcGRkOB4dSHsAcQJ2EHFBj qI82J0MyRQ6dgSkvk9k2NhtXGQIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFDVSTcWL BL0Fq5e5uv2Kas5+VHRuMB8GA1UdIwQYMBaAFMopd0dDChvrNAvKOdYiL9JkGbfb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MTdCMC9FMUFDODIxMEQ4 ODMxMUVGOTU0QTNENzBDNEY5QUUwMi95aWwzUjBNS0ctczBDOG81MWlJdjBtUVp0 OXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3lpbDNSME1LRy1zMEM4bzUxaUl2MG1RWnQ5cy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDE3QjAvRTFBQzgyMTBEODgzMTFFRjk1NEEzRDcwQzRGOUFFMDIvNTkwOUQ4NjIw M0RCMTFGMEI3RDVERDI5QzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQBofj0MA0GCSqGSIb3DQEBCwUAA4IBAQCzi5rssvb3T/Q4fVi6ufaP 2JPlqm33ijaL8xj/mzKqM8IJzuU7MudxwGVeE77B4xWeYaNq/FgE5Rac1dawz7Gp dvIZIqAuPQvB+7xmdOYVDUDHWUyii4HyD+whHGmo/zAr2ZW0XuXnpaYQ28v9s/k7 gSG0+VGw7tIJF5LVd8zgax6OFEBmNbCgEKcw0P/UVM1Sv+PNCU4NKPigMbqywg43 abXZz+RRxHybrtp+dMf3elGUtP24jB2bv41y1X+O/ml5XNBsMyB6vdtgy5VRZgDV ZQTp5Uz44RLHFnEuX0xRN0BFw2tjdP4aeYwQpt8yckdUuQolAXGOMoQO6ApPERNb -----END CERTIFICATE-----Generated at Mon Mar 2 21:10:52 2026 by rpki-client