$ rpki-client -vvf rpki.apnic.net/member_repository/A9157D67/60286638442A11EB9599AD38C4F9AE02/AA3A944A27EA11ECB1EBEA82C4F9AE02.roa File: AA3A944A27EA11ECB1EBEA82C4F9AE02.roa (raw, json) Hash identifier: 9U65FM23v8O9dYjo5/Exe3XZ6tEjV3iATa5RpxrfVNA= Subject key identifier: BE:CB:BD:8E:B6:E9:DB:5F:F0:66:A0:F9:0B:09:16:C6:7C:FC:56:C6 Certificate issuer: /CN=A9157D67/serialNumber=029B8CE2E95F45858462E9070B1B5153AC913FE8 Certificate serial: 07B2 Authority key identifier: 02:9B:8C:E2:E9:5F:45:85:84:62:E9:07:0B:1B:51:53:AC:91:3F:E8 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ApuM4ulfRYWEYukHCxtRU6yRP-g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157D67/60286638442A11EB9599AD38C4F9AE02/AA3A944A27EA11ECB1EBEA82C4F9AE02.roa Signing time: Sun 01 Mar 2026 14:10:50 +0000 ROA not before: Tue 10 Jun 2025 22:10:04 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 132203 IP address blocks: 129.226.144.0/20 maxlen: 20 129.226.152.0/24 maxlen: 24 162.62.48.0/20 maxlen: 24 162.62.64.0/20 maxlen: 24 162.62.80.0/20 maxlen: 23 162.62.96.0/19 maxlen: 24 162.62.128.0/19 maxlen: 24 162.62.208.0/20 maxlen: 20 162.62.255.0/24 maxlen: 24 170.106.149.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157D67/60286638442A11EB9599AD38C4F9AE02/ApuM4ulfRYWEYukHCxtRU6yRP-g.crl rsync://rpki.apnic.net/member_repository/A9157D67/60286638442A11EB9599AD38C4F9AE02/ApuM4ulfRYWEYukHCxtRU6yRP-g.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ApuM4ulfRYWEYukHCxtRU6yRP-g.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 03:02:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1970 (0x7b2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157D67, serialNumber=029B8CE2E95F45858462E9070B1B5153AC913FE8 Validity Not Before: Jun 10 22:10:04 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=69a448ea-44da Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:b3:f4:77:e8:ed:7f:6c:5b:2a:26:37:a4:b5: 42:fb:05:1e:ac:48:2d:67:5c:b0:e9:34:88:72:fe: 31:e1:3f:0f:fa:d4:7a:60:95:98:31:02:b5:cf:b7: 56:a9:a0:c5:13:9f:38:3e:b6:c9:dd:8e:ad:d8:25: e9:9b:e6:c6:c2:03:6f:3b:e6:5a:7d:16:d1:10:84: 47:00:d9:04:ee:61:2c:da:b1:89:82:c3:57:c4:fb: 5f:2d:2f:3f:d9:78:b6:d8:7b:35:ac:ba:5d:42:0b: ff:41:d0:a9:ac:46:cb:88:aa:c2:09:89:67:11:6a: ea:5d:cc:68:de:17:da:8b:16:df:21:63:43:50:4a: ed:6b:9c:16:58:35:17:b1:f7:cf:ab:83:64:be:8d: 5c:27:31:79:f7:73:c5:a5:34:27:ea:97:56:9b:04: fc:3c:fd:a7:88:f5:c5:e3:e7:80:cc:69:22:3f:58: 41:10:d8:58:b3:2f:1d:f9:59:b7:e9:d9:ff:ff:99: 1b:38:61:2b:3a:65:dd:d9:59:79:26:0c:f2:9c:44: 21:6d:84:08:8e:7e:70:b7:e5:27:13:7c:24:4b:58: 45:cd:86:cb:e9:42:bd:8e:ef:6d:22:ca:8a:22:a8: 75:89:b4:09:41:bc:15:1b:74:36:74:3c:6f:94:c7: a9:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:CB:BD:8E:B6:E9:DB:5F:F0:66:A0:F9:0B:09:16:C6:7C:FC:56:C6 X509v3 Authority Key Identifier: keyid:02:9B:8C:E2:E9:5F:45:85:84:62:E9:07:0B:1B:51:53:AC:91:3F:E8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157D67/60286638442A11EB9599AD38C4F9AE02/ApuM4ulfRYWEYukHCxtRU6yRP-g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ApuM4ulfRYWEYukHCxtRU6yRP-g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157D67/60286638442A11EB9599AD38C4F9AE02/AA3A944A27EA11ECB1EBEA82C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 129.226.144.0/20 162.62.48.0-162.62.159.255 162.62.208.0/20 162.62.255.0/24 170.106.149.0/24 Signature Algorithm: sha256WithRSAEncryption 8d:73:5e:dd:ff:ff:cf:a4:6f:41:b5:13:33:6c:b5:ff:be:f5: d4:da:63:29:ce:e6:09:9e:6d:74:df:5c:b9:aa:52:b9:f6:86: b6:c3:e5:ba:8c:c2:f0:a8:ec:42:3b:42:5f:37:85:fe:fe:cd: 49:79:43:b0:1c:f7:27:61:fe:40:9d:03:dc:3c:89:d5:e4:b1: 58:55:38:66:61:b2:5a:3a:e1:f7:0d:de:24:0f:b5:99:33:94: 4a:48:29:3a:42:01:91:33:de:aa:8e:93:5e:77:38:5a:d9:8a: 21:d5:b0:94:49:bd:21:fb:cc:a6:af:fd:7c:92:cb:97:1f:c3: ab:2e:e9:06:78:23:99:90:0a:7a:d5:47:04:3f:d4:30:37:05: 7b:48:8d:88:19:bf:a5:af:4c:ce:68:fd:2a:e7:f6:3d:e8:ad: b0:44:97:9e:dc:7c:f7:8b:66:d9:d6:8d:ed:07:4d:bd:ce:d1: 8e:60:f0:96:48:16:84:a4:8f:b4:7d:5c:d0:f7:67:98:83:8c: 59:62:6e:c8:19:a9:58:a1:bf:02:ec:af:2a:ad:62:eb:b5:1e: 99:2d:61:8a:7f:bf:5d:5b:16:f8:56:d4:17:11:ed:7d:65:51: 9a:95:a8:c2:2b:94:de:ba:dc:0c:93:67:7b:4b:4f:ab:ab:8a: 65:25:8e:fb -----BEGIN CERTIFICATE----- MIIFXDCCBESgAwIBAgICB7IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdENjcxMTAvBgNVBAUTKDAyOUI4Q0UyRTk1RjQ1ODU4NDYyRTkwNzBCMUI1MTUz QUM5MTNGRTgwHhcNMjUwNjEwMjIxMDA0WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NDhlYS00NGRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApLP0d+jtf2xbKiY3pLVC+wUerEgtZ1yw6TSIcv4x4T8P+tR6YJWYMQK1z7dW qaDFE584PrbJ3Y6t2CXpm+bGwgNvO+ZafRbREIRHANkE7mEs2rGJgsNXxPtfLS8/ 2Xi22Hs1rLpdQgv/QdCprEbLiKrCCYlnEWrqXcxo3hfaixbfIWNDUErta5wWWDUX sffPq4Nkvo1cJzF593PFpTQn6pdWmwT8PP2niPXF4+eAzGkiP1hBENhYsy8d+Vm3 6dn//5kbOGErOmXd2Vl5JgzynEQhbYQIjn5wt+UnE3wkS1hFzYbL6UK9ju9tIsqK Iqh1ibQJQbwVG3Q2dDxvlMepjQIDAQABo4ICgDCCAnwwHQYDVR0OBBYEFL7LvY62 6dtf8Gag+QsJFsZ8/FbGMB8GA1UdIwQYMBaAFAKbjOLpX0WFhGLpBwsbUVOskT/o MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0Q2Ny82MDI4NjYzODQ0 MkExMUVCOTU5OUFEMzhDNEY5QUUwMi9BcHVNNHVsZlJZV0VZdWtIQ3h0UlU2eVJQ LWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0FwdU00dWxmUllXRVl1a0hDeHRSVTZ5UlAtZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTdENjcvNjAyODY2Mzg0NDJBMTFFQjk1OTlBRDM4QzRGOUFFMDIvQUEzQTk0NEEy N0VBMTFFQ0IxRUJFQTgyQzRGOUFFMDIucm9hMD8GCCsGAQUFBwEHAQH/BDAwLjAs BAIAATAmAwQEgeKQMAwDBASiPjADBAWiPoADBASiPtADBACiPv8DBACqapUwDQYJ KoZIhvcNAQELBQADggEBAI1zXt3//8+kb0G1EzNstf++9dTaYynO5gmebXTfXLmq Urn2hrbD5bqMwvCo7EI7Ql83hf7+zUl5Q7Ac9ydh/kCdA9w8idXksVhVOGZhslo6 4fcN3iQPtZkzlEpIKTpCAZEz3qqOk153OFrZiiHVsJRJvSH7zKav/XySy5cfw6su 6QZ4I5mQCnrVRwQ/1DA3BXtIjYgZv6WvTM5o/Srn9j3orbBEl57cfPeLZtnWje0H Tb3O0Y5g8JZIFoSkj7R9XND3Z5iDjFlibsgZqVihvwLsryqtYuu1HpktYYp/v11b FvhW1BcR7X1lUZqVqMIrlN663AyTZ3tLT6urimUljvs= -----END CERTIFICATE-----Generated at Mon Mar 2 18:35:41 2026 by rpki-client