$ rpki-client -vvf rpki.apnic.net/member_repository/A91570D9/2ECB2FFA7D8011F0A9785423C4F9AE02/AA3F24B67D8011F083953324C4F9AE02.roa File: AA3F24B67D8011F083953324C4F9AE02.roa (raw, json) Hash identifier: jpFnK8zVyNjnf/ogEum40gO9rvhMUFJcUISF9Dfv6jM= Subject key identifier: E0:7A:A8:FC:69:D8:D4:12:40:A2:5A:F6:E7:F2:C3:E0:BA:72:07:2B Certificate issuer: /CN=A91570D9/serialNumber=9EAC54E9F9F59E6838F4846042105633066D208E Certificate serial: 6D Authority key identifier: 9E:AC:54:E9:F9:F5:9E:68:38:F4:84:60:42:10:56:33:06:6D:20:8E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nqxU6fn1nmg49IRgQhBWMwZtII4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91570D9/2ECB2FFA7D8011F0A9785423C4F9AE02/AA3F24B67D8011F083953324C4F9AE02.roa Signing time: Sun 01 Mar 2026 06:28:05 +0000 ROA not before: Wed 20 Aug 2025 04:50:37 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 153757 IP address blocks: 163.227.214.0/23 maxlen: 23 163.227.214.0/24 maxlen: 24 163.227.215.0/24 maxlen: 24 2402:720::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91570D9/2ECB2FFA7D8011F0A9785423C4F9AE02/nqxU6fn1nmg49IRgQhBWMwZtII4.crl rsync://rpki.apnic.net/member_repository/A91570D9/2ECB2FFA7D8011F0A9785423C4F9AE02/nqxU6fn1nmg49IRgQhBWMwZtII4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nqxU6fn1nmg49IRgQhBWMwZtII4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 09:20:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 109 (0x6d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91570D9, serialNumber=9EAC54E9F9F59E6838F4846042105633066D208E Validity Not Before: Aug 20 04:50:37 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=69a3dc75-b0eb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:0d:5e:a4:d6:25:2e:48:f5:ec:1c:b2:25:7c: 63:c6:ce:97:2f:24:81:f3:84:7c:8d:a6:71:17:93: 66:c6:55:f1:97:ae:6f:93:04:ea:61:29:12:48:83: 57:20:1f:61:01:4a:be:ea:36:18:f8:18:97:81:ad: 55:a5:d6:94:9c:f0:27:c0:bd:52:2a:b2:7c:76:70: a8:62:a8:27:17:14:cd:2a:85:7d:c7:a6:79:90:09: 13:25:65:2c:d7:02:85:d2:35:d5:73:cc:ab:65:5f: 87:69:41:8b:b0:01:dd:7b:c6:74:f4:1e:91:0d:8b: fa:23:9f:c1:33:27:9c:80:61:37:5d:bf:4a:01:55: 2d:ab:90:60:2e:04:2c:85:3c:93:1e:cc:30:d3:bd: ab:f5:ea:46:65:0c:e1:02:1c:e6:db:09:5a:5d:69: 28:07:da:12:f5:1e:d4:e1:90:9d:00:c8:08:c1:de: cf:6c:32:b0:63:d7:d3:75:6b:dd:f3:bd:c3:64:40: 3f:64:c6:40:1e:1c:fa:8a:ce:63:1c:20:dc:fb:71: 34:3f:ce:3b:28:db:1d:67:d5:f9:22:e0:ce:8c:70: bf:e1:f7:91:d4:0a:bb:70:b7:b7:a8:26:ac:47:b3: 48:25:4f:6d:2a:0c:6a:78:a0:0d:e6:aa:92:ea:2d: c9:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:7A:A8:FC:69:D8:D4:12:40:A2:5A:F6:E7:F2:C3:E0:BA:72:07:2B X509v3 Authority Key Identifier: keyid:9E:AC:54:E9:F9:F5:9E:68:38:F4:84:60:42:10:56:33:06:6D:20:8E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91570D9/2ECB2FFA7D8011F0A9785423C4F9AE02/nqxU6fn1nmg49IRgQhBWMwZtII4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nqxU6fn1nmg49IRgQhBWMwZtII4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91570D9/2ECB2FFA7D8011F0A9785423C4F9AE02/AA3F24B67D8011F083953324C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 163.227.214.0/23 IPv6: 2402:720::/32 Signature Algorithm: sha256WithRSAEncryption b8:59:57:ec:09:00:c8:6f:b5:85:e8:34:9c:bd:46:f0:53:5e: 03:fa:58:62:3d:31:1b:51:12:96:61:34:16:91:11:1b:4c:5a: 27:9b:e8:ba:d9:2e:fb:c6:ae:f2:20:02:7e:2a:5c:6a:17:43: 20:2e:d0:aa:4f:a7:71:e1:5f:34:2e:6b:dc:f7:ac:5f:ba:8c: 77:6b:90:a3:14:1c:1f:9a:2b:b8:5f:1a:14:3c:a3:60:33:69: 6f:39:64:30:69:ff:4d:79:fd:91:42:63:7c:5b:31:3b:d8:5d: e2:00:9f:0e:f5:1d:2d:62:cf:ce:61:02:24:9c:b8:c6:02:19: 2c:74:c9:7a:07:79:a3:82:e5:43:60:a1:a6:36:bb:11:f5:bf: e3:81:9b:05:47:f3:b4:a0:fe:90:56:a5:ba:95:1d:44:11:ee: fd:a0:2e:25:96:d8:77:0f:83:7a:c2:28:c6:40:7c:73:48:dd: a6:fb:59:fd:5f:3e:13:06:b6:da:42:e6:e8:d5:be:6d:60:da: 2a:f7:a5:8e:68:31:ee:6f:4c:2f:84:9d:7b:fb:ef:e3:b3:86: e8:9c:1c:25:51:a0:3f:60:fd:f8:de:22:f6:1c:62:18:c7:e3: 68:d0:b7:62:cf:65:c0:22:fb:3c:a8:11:f4:dc:f2:b3:0a:07: 91:d8:bc:b7 -----BEGIN CERTIFICATE----- MIIFSjCCBDKgAwIBAgIBbTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1 NzBEOTExMC8GA1UEBRMoOUVBQzU0RTlGOUY1OUU2ODM4RjQ4NDYwNDIxMDU2MzMw NjZEMjA4RTAeFw0yNTA4MjAwNDUwMzdaFw0yNjA3MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY5YTNkYzc1LWIwZWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDLDV6k1iUuSPXsHLIlfGPGzpcvJIHzhHyNpnEXk2bGVfGXrm+TBOphKRJIg1cg H2EBSr7qNhj4GJeBrVWl1pSc8CfAvVIqsnx2cKhiqCcXFM0qhX3HpnmQCRMlZSzX AoXSNdVzzKtlX4dpQYuwAd17xnT0HpENi/ojn8EzJ5yAYTddv0oBVS2rkGAuBCyF PJMezDDTvav16kZlDOECHObbCVpdaSgH2hL1HtThkJ0AyAjB3s9sMrBj19N1a93z vcNkQD9kxkAeHPqKzmMcINz7cTQ/zjso2x1n1fki4M6McL/h95HUCrtwt7eoJqxH s0glT20qDGp4oA3mqpLqLckrAgMBAAGjggJvMIICazAdBgNVHQ4EFgQU4Hqo/GnY 1BJAolr25/LD4LpyByswHwYDVR0jBBgwFoAUnqxU6fn1nmg49IRgQhBWMwZtII4w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU3MEQ5LzJFQ0IyRkZBN0Q4 MDExRjBBOTc4NTQyM0M0RjlBRTAyL25xeFU2Zm4xbm1nNDlJUmdRaEJXTXdadElJ NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvbnF4VTZmbjFubWc0OUlSZ1FoQldNd1p0SUk0LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgZYGCCsGAQUFBwELBIGJMIGGMIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 NzBEOS8yRUNCMkZGQTdEODAxMUYwQTk3ODU0MjNDNEY5QUUwMi9BQTNGMjRCNjdE ODAxMUYwODM5NTMzMjRDNEY5QUUwMi5yb2EwLgYIKwYBBQUHAQcBAf8EHzAdMAwE AgABMAYDBAGj49YwDQQCAAIwBwMFACQCByAwDQYJKoZIhvcNAQELBQADggEBALhZ V+wJAMhvtYXoNJy9RvBTXgP6WGI9MRtREpZhNBaRERtMWieb6LrZLvvGrvIgAn4q XGoXQyAu0KpPp3HhXzQua9z3rF+6jHdrkKMUHB+aK7hfGhQ8o2AzaW85ZDBp/015 /ZFCY3xbMTvYXeIAnw71HS1iz85hAiScuMYCGSx0yXoHeaOC5UNgoaY2uxH1v+OB mwVH87Sg/pBWpbqVHUQR7v2gLiWW2HcPg3rCKMZAfHNI3ab7Wf1fPhMGttpC5ujV vm1g2ir3pY5oMe5vTC+EnXv77+OzhuicHCVRoD9g/fjeIvYcYhjH42jQt2LPZcAi +zyoEfTc8rMKB5HYvLc= -----END CERTIFICATE-----Generated at Mon Mar 2 21:10:53 2026 by rpki-client