$ rpki-client -vvf rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/8109B4CA9DF211F0B1ED220FC4F9AE02.roa File: 8109B4CA9DF211F0B1ED220FC4F9AE02.roa (raw, json) Hash identifier: NZ+/GSvl3rIYgZ++28JcUl1KBHhXLG/2k0TsQyDQa4Q= Subject key identifier: 18:D1:99:BC:21:42:28:07:75:E6:F3:77:05:E5:AB:AF:A3:A6:64:95 Certificate issuer: /CN=A9166AFF/serialNumber=357A179CDD0AF9A3FB03E177D6A43FB8A57754E0 Certificate serial: 0187 Authority key identifier: 35:7A:17:9C:DD:0A:F9:A3:FB:03:E1:77:D6:A4:3F:B8:A5:77:54:E0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NXoXnN0K-aP7A-F31qQ_uKV3VOA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/8109B4CA9DF211F0B1ED220FC4F9AE02.roa Signing time: Mon 02 Mar 2026 13:10:28 +0000 ROA not before: Tue 30 Sep 2025 11:43:08 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 152648 IP address blocks: 202.71.180.0/24 maxlen: 24 202.71.181.0/24 maxlen: 24 2001:df3:8e40::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.crl rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NXoXnN0K-aP7A-F31qQ_uKV3VOA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 13:10:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 391 (0x187) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9166AFF, serialNumber=357A179CDD0AF9A3FB03E177D6A43FB8A57754E0 Validity Not Before: Sep 30 11:43:08 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=69a58c43-45cc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:3c:67:6d:a7:9f:57:16:56:8e:33:97:eb:ca: 47:05:2a:58:2c:ec:09:d0:60:a5:b5:47:de:02:c8: 63:88:57:db:b1:ae:a8:52:f0:b3:7d:8d:48:ac:3d: f4:c7:10:55:48:3b:31:7f:f7:52:53:18:87:36:69: 84:3a:74:cf:9e:5b:b4:05:d6:40:54:d9:2d:45:c0: 9a:8f:8b:0c:bf:e4:66:fb:28:b2:6b:20:27:ae:ae: f3:6a:38:0b:c7:24:52:fc:d2:18:aa:4b:b2:65:3a: a8:bd:ca:06:f1:8f:35:08:7b:3a:74:a5:52:fe:24: 86:0a:1e:6b:23:4e:3e:9f:a1:9d:b9:b7:35:d4:74: d8:fb:fc:2a:07:97:75:b8:d0:e0:c0:fe:29:d7:d1: 16:2f:a5:1c:87:1e:38:9e:d0:c3:53:62:1c:62:61: 2e:f4:2f:e7:cb:63:a9:5d:61:6c:63:3c:6f:27:b5: f8:03:42:3f:5a:52:97:14:63:4e:81:e4:70:3e:14: 0a:ee:0c:0f:00:66:96:a0:bc:80:a4:4c:ae:b9:a3: 53:c1:ab:d6:76:2b:b9:19:ab:01:8f:3e:b7:40:1d: d0:66:95:ca:20:d9:4b:10:1b:3f:c4:a6:5a:95:2d: 56:2c:d9:a2:30:d9:4c:1d:64:50:2f:cb:01:f0:22: e4:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:D1:99:BC:21:42:28:07:75:E6:F3:77:05:E5:AB:AF:A3:A6:64:95 X509v3 Authority Key Identifier: keyid:35:7A:17:9C:DD:0A:F9:A3:FB:03:E1:77:D6:A4:3F:B8:A5:77:54:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NXoXnN0K-aP7A-F31qQ_uKV3VOA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/8109B4CA9DF211F0B1ED220FC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 202.71.180.0/23 IPv6: 2001:df3:8e40::/48 Signature Algorithm: sha256WithRSAEncryption 14:26:0c:25:f6:05:15:cf:ee:1d:80:5c:91:48:4a:df:22:10: 0f:a3:5a:57:78:44:d2:2a:74:84:86:a6:b9:bc:e2:8f:7d:cd: b3:77:21:a0:9c:7b:a9:bc:bc:10:50:b3:07:ac:d3:21:b6:37: 5d:e8:9f:fe:4d:9b:52:34:3b:fa:84:76:75:52:02:8b:b1:08: 28:bb:e1:73:01:48:c6:0a:a6:b6:ce:7d:48:ea:99:76:26:fe: 14:b2:87:9e:da:e2:98:f9:48:9f:a6:53:bd:58:41:83:95:7d: d1:0a:a6:88:6e:b2:8e:cc:60:bf:4e:63:e2:e7:2e:76:a4:fb: 03:e9:ef:c0:a6:02:d8:b2:15:e7:41:38:c8:58:b0:f3:83:c1: a4:89:8a:6a:ee:16:42:c1:03:bb:d6:6c:bb:11:d8:3d:29:5a: 2b:29:cb:29:ae:0d:e5:ed:21:ad:8a:5b:cc:44:0a:7f:23:8c: 67:ad:16:cd:69:dd:13:d0:09:9b:89:38:14:b5:40:bf:bc:18: ee:63:19:aa:56:ea:79:63:49:f3:6d:fe:19:96:7d:36:8b:ff: 6a:bd:07:02:e0:d7:ca:c8:7f:53:b8:c6:18:62:b3:b7:f7:f5: fa:ac:02:6d:48:3a:3c:d1:6d:11:22:dd:a9:b8:98:6c:f8:8d: f5:b0:e4:fc -----BEGIN CERTIFICATE----- MIIFTTCCBDWgAwIBAgICAYcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjZBRkYxMTAvBgNVBAUTKDM1N0ExNzlDREQwQUY5QTNGQjAzRTE3N0Q2QTQzRkI4 QTU3NzU0RTAwHhcNMjUwOTMwMTE0MzA4WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02OWE1OGM0My00NWNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2TxnbaefVxZWjjOX68pHBSpYLOwJ0GCltUfeAshjiFfbsa6oUvCzfY1IrD30 xxBVSDsxf/dSUxiHNmmEOnTPnlu0BdZAVNktRcCaj4sMv+Rm+yiyayAnrq7zajgL xyRS/NIYqkuyZTqovcoG8Y81CHs6dKVS/iSGCh5rI04+n6Gdubc11HTY+/wqB5d1 uNDgwP4p19EWL6Uchx44ntDDU2IcYmEu9C/ny2OpXWFsYzxvJ7X4A0I/WlKXFGNO geRwPhQK7gwPAGaWoLyApEyuuaNTwavWdiu5GasBjz63QB3QZpXKINlLEBs/xKZa lS1WLNmiMNlMHWRQL8sB8CLkTQIDAQABo4ICcTCCAm0wHQYDVR0OBBYEFBjRmbwh QigHdebzdwXlq6+jpmSVMB8GA1UdIwQYMBaAFDV6F5zdCvmj+wPhd9akP7ild1Tg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NkFGRi80MENEMUI1NEU1 MDIxMUVFOUFCRjc2NTVDNEY5QUUwMi9OWG9Ybk4wSy1hUDdBLUYzMXFRX3VLVjNW T0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05Yb1huTjBLLWFQN0EtRjMxcVFfdUtWM1ZPQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NjZBRkYvNDBDRDFCNTRFNTAyMTFFRTlBQkY3NjU1QzRGOUFFMDIvODEwOUI0Q0E5 REYyMTFGMEIxRUQyMjBGQzRGOUFFMDIucm9hMDAGCCsGAQUFBwEHAQH/BCEwHzAM BAIAATAGAwQByke0MA8EAgACMAkDBwAgAQ3zjkAwDQYJKoZIhvcNAQELBQADggEB ABQmDCX2BRXP7h2AXJFISt8iEA+jWld4RNIqdISGprm84o99zbN3IaCce6m8vBBQ swes0yG2N13on/5Nm1I0O/qEdnVSAouxCCi74XMBSMYKprbOfUjqmXYm/hSyh57a 4pj5SJ+mU71YQYOVfdEKpohuso7MYL9OY+LnLnak+wPp78CmAtiyFedBOMhYsPOD waSJimruFkLBA7vWbLsR2D0pWispyymuDeXtIa2KW8xECn8jjGetFs1p3RPQCZuJ OBS1QL+8GO5jGapW6nljSfNt/hmWfTaL/2q9BwLg18rIf1O4xhhis7f39fqsAm1I OjzRbREi3am4mGz4jfWw5Pw= -----END CERTIFICATE-----Generated at Mon Mar 2 18:26:30 2026 by rpki-client