$ rpki-client -vvf rpki.apnic.net/member_repository/A9170ADF/B85F0E8C3ACB11EBA225AD17C4F9AE02/AC53A55C7B3611EBB7C5F122C4F9AE02.roa File: AC53A55C7B3611EBB7C5F122C4F9AE02.roa (raw, json) Hash identifier: cbziy5kL+sj+D8P7UhXxl7JFukexlK2Ww4yA68qkd2s= Subject key identifier: B1:B9:30:01:60:A6:90:CF:0B:38:A3:90:93:55:1F:04:47:25:74:89 Certificate issuer: /CN=A9170ADF/serialNumber=C70BF79E88E3119AE96BB761A293BB51A486173C Certificate serial: 07C1 Authority key identifier: C7:0B:F7:9E:88:E3:11:9A:E9:6B:B7:61:A2:93:BB:51:A4:86:17:3C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xwv3nojjEZrpa7dhopO7UaSGFzw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170ADF/B85F0E8C3ACB11EBA225AD17C4F9AE02/AC53A55C7B3611EBB7C5F122C4F9AE02.roa Signing time: Sun 01 Mar 2026 14:10:30 +0000 ROA not before: Fri 30 Jan 2026 21:18:49 +0000 ROA not after: Wed 31 Mar 2027 00:00:00 +0000 asID: 141474 IP address blocks: 103.159.218.0/23 maxlen: 23 103.159.218.0/24 maxlen: 24 103.159.219.0/24 maxlen: 24 120.89.64.0/22 maxlen: 22 120.89.64.0/24 maxlen: 24 120.89.65.0/24 maxlen: 24 120.89.66.0/24 maxlen: 24 120.89.67.0/24 maxlen: 24 2407:1a40::/32 maxlen: 32 2407:1a40::/48 maxlen: 48 2407:1a40:6::/48 maxlen: 48 2407:1a40:7::/48 maxlen: 48 2407:1a40:8::/48 maxlen: 48 2407:1a40:9::/48 maxlen: 48 2407:1a40:a::/48 maxlen: 48 2407:1a40:b::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170ADF/B85F0E8C3ACB11EBA225AD17C4F9AE02/xwv3nojjEZrpa7dhopO7UaSGFzw.crl rsync://rpki.apnic.net/member_repository/A9170ADF/B85F0E8C3ACB11EBA225AD17C4F9AE02/xwv3nojjEZrpa7dhopO7UaSGFzw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xwv3nojjEZrpa7dhopO7UaSGFzw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 23:46:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1985 (0x7c1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170ADF, serialNumber=C70BF79E88E3119AE96BB761A293BB51A486173C Validity Not Before: Jan 30 21:18:49 2026 GMT Not After : Mar 31 00:00:00 2027 GMT Subject: CN=69a448d6-74bb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:8b:f0:d7:39:b0:81:fa:ab:7d:39:13:a9:e8: c4:f3:70:d0:56:7d:54:52:64:5c:47:33:7f:f0:18: 7f:21:c0:0b:bf:e5:fc:e9:b7:4e:5e:5d:22:fc:d0: e6:64:3e:fb:ff:5f:d9:c2:fd:d3:64:21:1d:56:55: e1:1e:9f:4d:1b:2b:70:d1:2c:cc:cb:02:9c:ea:5a: c3:aa:32:43:32:67:25:04:ee:2b:cd:c5:af:d6:fa: 1e:5e:cf:34:e0:5f:03:3c:00:04:11:c0:01:dd:4e: 1f:a9:47:9f:a5:06:e7:a2:48:cb:4e:9a:c8:41:ae: af:f8:c7:7c:c9:72:d0:97:21:25:fb:a0:a7:2b:78: 54:5b:bb:b2:45:d9:4d:5d:0f:87:c5:c9:9e:5a:6d: fc:9d:13:d8:e6:c7:7c:47:ff:cb:1d:14:9e:71:1b: 2c:a6:0f:b0:94:2f:f1:7d:a8:f2:76:0e:2b:2e:bc: bf:1d:ac:90:31:55:a5:c7:d1:c2:46:bf:21:49:fb: cd:38:03:ba:93:a1:9a:d2:2d:e3:de:f3:97:04:a7: 41:93:b3:dd:13:68:46:ca:73:eb:0b:91:49:a6:7e: 51:9e:10:17:db:35:8d:55:9c:eb:b1:bd:3b:c8:94: 53:ad:a0:3a:79:97:47:49:e8:38:0f:26:a6:18:38: 51:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:B9:30:01:60:A6:90:CF:0B:38:A3:90:93:55:1F:04:47:25:74:89 X509v3 Authority Key Identifier: keyid:C7:0B:F7:9E:88:E3:11:9A:E9:6B:B7:61:A2:93:BB:51:A4:86:17:3C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170ADF/B85F0E8C3ACB11EBA225AD17C4F9AE02/xwv3nojjEZrpa7dhopO7UaSGFzw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xwv3nojjEZrpa7dhopO7UaSGFzw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170ADF/B85F0E8C3ACB11EBA225AD17C4F9AE02/AC53A55C7B3611EBB7C5F122C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.159.218.0/23 120.89.64.0/22 IPv6: 2407:1a40::/32 Signature Algorithm: sha256WithRSAEncryption 3f:d2:a3:b9:38:43:ad:ab:4b:c4:55:2b:7a:ac:5e:51:14:d8: 79:97:21:b3:49:35:84:fd:7b:a7:7d:be:a6:6c:89:ed:50:e2: 07:a4:df:84:0d:45:be:57:be:5f:0f:2c:a3:cd:11:70:46:e7: 91:cd:4f:fb:07:64:e8:1d:de:e5:8a:1d:f8:fe:f5:4c:b8:7c: 28:e5:07:f7:43:66:a0:e1:85:3d:47:f5:14:1e:e3:bd:3c:4f: f1:63:57:f2:31:5c:79:1b:1e:05:b3:39:18:f8:76:6d:23:19: 92:54:10:76:69:d3:31:68:42:9a:cc:60:3d:65:4c:ab:35:a7: 34:f0:4a:85:7d:4e:10:80:09:97:8a:69:9e:93:35:cb:c6:82: 2f:a0:67:40:f1:01:ef:cd:61:fe:11:79:7c:fc:52:b2:69:d1: 86:e2:0b:78:34:3d:f1:79:31:9d:4a:e5:00:4a:c7:4b:2e:10: 7f:06:4e:66:66:66:d5:62:66:a6:bb:06:af:36:ef:96:b2:fd: 64:ba:c1:59:78:6c:c3:f1:ca:a4:6f:70:00:60:de:15:85:8c: c4:9e:f9:c0:eb:86:03:68:58:72:f8:fa:d6:9d:38:16:2d:d9: 23:05:41:04:dd:46:37:bd:e1:45:5e:33:6b:1a:d6:05:9a:d9: fe:d8:3e:92 -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgICB8EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzBBREYxMTAvBgNVBAUTKEM3MEJGNzlFODhFMzExOUFFOTZCQjc2MUEyOTNCQjUx QTQ4NjE3M0MwHhcNMjYwMTMwMjExODQ5WhcNMjcwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NDhkNi03NGJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5ovw1zmwgfqrfTkTqejE83DQVn1UUmRcRzN/8Bh/IcALv+X86bdOXl0i/NDm ZD77/1/Zwv3TZCEdVlXhHp9NGytw0SzMywKc6lrDqjJDMmclBO4rzcWv1voeXs80 4F8DPAAEEcAB3U4fqUefpQbnokjLTprIQa6v+Md8yXLQlyEl+6CnK3hUW7uyRdlN XQ+HxcmeWm38nRPY5sd8R//LHRSecRsspg+wlC/xfajydg4rLry/HayQMVWlx9HC Rr8hSfvNOAO6k6Ga0i3j3vOXBKdBk7PdE2hGynPrC5FJpn5RnhAX2zWNVZzrsb07 yJRTraA6eZdHSeg4DyamGDhRFwIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFLG5MAFg ppDPCzijkJNVHwRHJXSJMB8GA1UdIwQYMBaAFMcL956I4xGa6Wu3YaKTu1Gkhhc8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MEFERi9CODVGMEU4QzNB Q0IxMUVCQTIyNUFEMTdDNEY5QUUwMi94d3Yzbm9qakVacnBhN2Rob3BPN1VhU0dG encuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3h3djNub2pqRVpycGE3ZGhvcE83VWFTR0Z6dy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzBBREYvQjg1RjBFOEMzQUNCMTFFQkEyMjVBRDE3QzRGOUFFMDIvQUM1M0E1NUM3 QjM2MTFFQkI3QzVGMTIyQzRGOUFFMDIucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS BAIAATAMAwQBZ5/aAwQCeFlAMA0EAgACMAcDBQAkBxpAMA0GCSqGSIb3DQEBCwUA A4IBAQA/0qO5OEOtq0vEVSt6rF5RFNh5lyGzSTWE/Xunfb6mbIntUOIHpN+EDUW+ V75fDyyjzRFwRueRzU/7B2ToHd7lih34/vVMuHwo5Qf3Q2ag4YU9R/UUHuO9PE/x Y1fyMVx5Gx4FszkY+HZtIxmSVBB2adMxaEKazGA9ZUyrNac08EqFfU4QgAmXimme kzXLxoIvoGdA8QHvzWH+EXl8/FKyadGG4gt4ND3xeTGdSuUASsdLLhB/Bk5mZmbV YmamuwavNu+Wsv1kusFZeGzD8cqkb3AAYN4VhYzEnvnA64YDaFhy+PrWnTgWLdkj BUEE3UY3veFFXjNrGtYFmtn+2D6S -----END CERTIFICATE-----Generated at Mon Mar 2 17:04:51 2026 by rpki-client