$ rpki-client -vvf rpki.apnic.net/member_repository/A9154340/F8E7607CA67711EB8B4BB13EC4F9AE02/8BF559B2A70111EBBAA7C612C4F9AE02.roa File: 8BF559B2A70111EBBAA7C612C4F9AE02.roa (raw, json) Hash identifier: N5/+LdbDSX09Tm0vgYWgPqaG83VSja3xCTK0rs0mm/o= Subject key identifier: 85:EA:24:0B:20:9A:80:2C:8A:55:55:70:22:00:B5:28:D0:15:B1:62 Certificate issuer: /CN=A9154340/serialNumber=196CEE25F7D1B7EA708CE1887337143392CE471C Certificate serial: 069E Authority key identifier: 19:6C:EE:25:F7:D1:B7:EA:70:8C:E1:88:73:37:14:33:92:CE:47:1C Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/GWzuJffRt-pwjOGIczcUM5LORxw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9154340/F8E7607CA67711EB8B4BB13EC4F9AE02/8BF559B2A70111EBBAA7C612C4F9AE02.roa Signing time: Sun 01 Mar 2026 08:45:45 +0000 ROA not before: Thu 24 Apr 2025 22:53:18 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 142002 IP address blocks: 165.154.192.0/24 maxlen: 24 165.154.193.0/24 maxlen: 24 165.154.194.0/24 maxlen: 24 165.154.195.0/24 maxlen: 24 165.154.196.0/24 maxlen: 24 165.154.197.0/24 maxlen: 24 165.154.198.0/24 maxlen: 24 165.154.199.0/24 maxlen: 24 165.154.200.0/24 maxlen: 24 165.154.201.0/24 maxlen: 24 165.154.202.0/24 maxlen: 24 165.154.203.0/24 maxlen: 24 165.154.204.0/24 maxlen: 24 165.154.205.0/24 maxlen: 24 165.154.206.0/24 maxlen: 24 165.154.207.0/24 maxlen: 24 165.154.208.0/24 maxlen: 24 165.154.209.0/24 maxlen: 24 165.154.210.0/24 maxlen: 24 165.154.211.0/24 maxlen: 24 165.154.212.0/24 maxlen: 24 165.154.213.0/24 maxlen: 24 165.154.214.0/24 maxlen: 24 165.154.215.0/24 maxlen: 24 165.154.216.0/24 maxlen: 24 165.154.217.0/24 maxlen: 24 165.154.224.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9154340/F8E7607CA67711EB8B4BB13EC4F9AE02/GWzuJffRt-pwjOGIczcUM5LORxw.crl rsync://rpki.apnic.net/member_repository/A9154340/F8E7607CA67711EB8B4BB13EC4F9AE02/GWzuJffRt-pwjOGIczcUM5LORxw.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/GWzuJffRt-pwjOGIczcUM5LORxw.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:47:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1694 (0x69e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9154340, serialNumber=196CEE25F7D1B7EA708CE1887337143392CE471C Validity Not Before: Apr 24 22:53:18 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=69a3fcb8-f66d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:3c:56:fc:bd:84:d4:91:29:73:d2:ec:1b:df: 73:f6:37:2d:c9:e1:88:bd:13:81:d5:74:62:78:b5: 7e:48:13:6c:52:9c:c4:b2:6e:fd:1a:37:4a:26:88: 99:27:a0:9c:c7:b8:d6:ae:b1:98:fc:7f:99:77:c0: 10:88:08:81:3f:2d:8b:46:d2:ad:3a:0d:f3:1b:ae: 8e:cd:7a:9e:f4:53:03:a5:e3:98:de:f4:b7:5b:a6: e4:f0:bc:1b:47:1f:07:c4:c4:95:16:bc:b2:ff:bb: 44:93:1e:77:3e:bc:e0:67:d3:e2:9d:aa:09:22:de: 3d:44:b7:61:1b:d1:8c:63:f9:89:52:f5:8b:2d:40: bc:23:05:0f:f0:aa:ea:39:d9:45:0e:9b:b8:39:65: f2:fb:19:10:48:56:b0:42:ea:be:01:9d:ad:38:d8: f9:ce:9d:30:eb:8e:b5:a3:fb:95:71:35:9b:e9:36: 33:f6:a8:61:be:95:35:44:13:b0:6d:98:fb:50:16: 97:55:9e:76:a2:6a:6f:b9:5c:89:1b:df:05:92:64: b9:3b:1e:87:80:1c:1f:4c:0c:03:f9:50:f9:1a:9f: 00:30:c9:18:ee:58:c9:ba:7e:ff:be:1e:b2:12:52: 45:06:1c:e9:12:6d:f2:72:80:4f:c5:b8:cd:29:e6: 42:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:EA:24:0B:20:9A:80:2C:8A:55:55:70:22:00:B5:28:D0:15:B1:62 X509v3 Authority Key Identifier: keyid:19:6C:EE:25:F7:D1:B7:EA:70:8C:E1:88:73:37:14:33:92:CE:47:1C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9154340/F8E7607CA67711EB8B4BB13EC4F9AE02/GWzuJffRt-pwjOGIczcUM5LORxw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/GWzuJffRt-pwjOGIczcUM5LORxw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9154340/F8E7607CA67711EB8B4BB13EC4F9AE02/8BF559B2A70111EBBAA7C612C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 165.154.192.0-165.154.217.255 165.154.224.0/19 Signature Algorithm: sha256WithRSAEncryption 4b:f5:76:34:a6:00:7a:09:68:ef:6a:3c:d9:e0:74:01:5e:1a: 11:6d:42:ce:d0:9f:df:9d:b6:eb:fa:b8:96:33:a3:c0:ff:c2: d6:2e:b6:70:a2:c8:14:25:cd:aa:b4:70:c6:88:cc:53:1c:3e: 48:1c:3d:d3:b8:5e:fc:bc:88:4d:71:23:6d:5d:ca:5e:c6:92: 92:0c:98:c5:2f:0a:1c:5e:8d:dd:34:b3:7f:e4:cd:c5:81:48: a4:6f:a2:2b:94:c0:92:7f:26:cf:e1:5e:bf:6c:fc:06:ff:75: 1a:52:e1:d3:f5:35:b9:6c:2b:b7:f5:f5:8a:75:f8:a0:5a:45: eb:d2:65:77:99:80:a7:dd:09:f1:9f:a0:44:58:0d:62:ce:06: a3:cb:9f:66:a8:29:de:b3:27:b5:a1:84:96:53:61:ff:e1:53: 7e:35:cb:e1:ff:d1:41:05:85:3d:d6:f2:7b:e3:03:0c:da:51: b7:2b:69:3c:f2:1a:8c:fd:c4:91:99:a7:6a:7a:37:5c:bd:38: aa:dd:56:14:9a:9f:63:6c:b2:9f:b9:c6:d3:d6:39:79:86:52: f7:e4:6e:fc:66:ed:8a:f0:8e:d7:68:c0:d7:da:62:d9:b5:0e: b5:03:d9:37:dd:0e:69:56:e3:9b:d2:4c:cf:b6:6e:3a:09:fd: d2:60:d6:d9 -----BEGIN CERTIFICATE----- MIIFSjCCBDKgAwIBAgICBp4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTQzNDAxMTAvBgNVBAUTKDE5NkNFRTI1RjdEMUI3RUE3MDhDRTE4ODczMzcxNDMz OTJDRTQ3MUMwHhcNMjUwNDI0MjI1MzE4WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWEzZmNiOC1mNjZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtzxW/L2E1JEpc9LsG99z9jctyeGIvROB1XRieLV+SBNsUpzEsm79GjdKJoiZ J6Ccx7jWrrGY/H+Zd8AQiAiBPy2LRtKtOg3zG66OzXqe9FMDpeOY3vS3W6bk8Lwb Rx8HxMSVFryy/7tEkx53PrzgZ9PinaoJIt49RLdhG9GMY/mJUvWLLUC8IwUP8Krq OdlFDpu4OWXy+xkQSFawQuq+AZ2tONj5zp0w6461o/uVcTWb6TYz9qhhvpU1RBOw bZj7UBaXVZ52ompvuVyJG98FkmS5Ox6HgBwfTAwD+VD5Gp8AMMkY7ljJun7/vh6y ElJFBhzpEm3ycoBPxbjNKeZCxwIDAQABo4ICbjCCAmowHQYDVR0OBBYEFIXqJAsg moAsilVVcCIAtSjQFbFiMB8GA1UdIwQYMBaAFBls7iX30bfqcIzhiHM3FDOSzkcc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NDM0MC9GOEU3NjA3Q0E2 NzcxMUVCOEI0QkIxM0VDNEY5QUUwMi9HV3p1SmZmUnQtcHdqT0dJY3pjVU01TE9S eHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0dXenVKZmZSdC1wd2pPR0ljemNVTTVMT1J4dy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTQzNDAvRjhFNzYwN0NBNjc3MTFFQjhCNEJCMTNFQzRGOUFFMDIvOEJGNTU5QjJB NzAxMTFFQkJBQTdDNjEyQzRGOUFFMDIucm9hMC0GCCsGAQUFBwEHAQH/BB4wHDAa BAIAATAUMAwDBAalmsADBAGlmtgDBAWlmuAwDQYJKoZIhvcNAQELBQADggEBAEv1 djSmAHoJaO9qPNngdAFeGhFtQs7Qn9+dtuv6uJYzo8D/wtYutnCiyBQlzaq0cMaI zFMcPkgcPdO4Xvy8iE1xI21dyl7GkpIMmMUvChxejd00s3/kzcWBSKRvoiuUwJJ/ Js/hXr9s/Ab/dRpS4dP1NblsK7f19Yp1+KBaRevSZXeZgKfdCfGfoERYDWLOBqPL n2aoKd6zJ7WhhJZTYf/hU341y+H/0UEFhT3W8nvjAwzaUbcraTzyGoz9xJGZp2p6 N1y9OKrdVhSan2Nssp+5xtPWOXmGUvfkbvxm7YrwjtdowNfaYtm1DrUD2TfdDmlW 45vSTM+2bjoJ/dJg1tk= -----END CERTIFICATE-----Generated at Mon Mar 2 12:01:41 2026 by rpki-client