$ rpki-client -vvf rpki.apnic.net/member_repository/A9174685/2D159182A97311EA9AABE923C4F9AE02/8BBD25F4EAE311EF95C23D4DC4F9AE02.roa File: 8BBD25F4EAE311EF95C23D4DC4F9AE02.roa (raw, json) Hash identifier: KwmNhu5rUPuchUZhsnJbF0ZKPoHrpjaspO6PL7DH0vg= Subject key identifier: 33:D7:29:D1:B1:C4:E5:F5:53:B6:82:B7:FC:42:6A:97:A8:D9:A1:AA Certificate issuer: /CN=A9174685/serialNumber=A5F065FCC9EDA11DCA4D0DFC6D7C99075298D7FF Certificate serial: 09AF Authority key identifier: A5:F0:65:FC:C9:ED:A1:1D:CA:4D:0D:FC:6D:7C:99:07:52:98:D7:FF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pfBl_MntoR3KTQ38bXyZB1KY1_8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9174685/2D159182A97311EA9AABE923C4F9AE02/8BBD25F4EAE311EF95C23D4DC4F9AE02.roa Signing time: Sun 01 Mar 2026 15:40:50 +0000 ROA not before: Tue 14 Oct 2025 21:50:18 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 9441 IP address blocks: 202.58.252.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9174685/2D159182A97311EA9AABE923C4F9AE02/pfBl_MntoR3KTQ38bXyZB1KY1_8.crl rsync://rpki.apnic.net/member_repository/A9174685/2D159182A97311EA9AABE923C4F9AE02/pfBl_MntoR3KTQ38bXyZB1KY1_8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pfBl_MntoR3KTQ38bXyZB1KY1_8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 23:21:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2479 (0x9af) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9174685, serialNumber=A5F065FCC9EDA11DCA4D0DFC6D7C99075298D7FF Validity Not Before: Oct 14 21:50:18 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=69a45e02-7947 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:46:2a:5d:ea:7e:c3:16:91:95:d7:f1:d6:96: d3:c6:5b:c9:15:b6:85:d1:d2:d6:99:c7:4a:d3:af: 35:a6:82:78:28:1f:c6:0e:f9:e7:8a:43:13:4b:d4: d8:67:63:18:c7:c3:1d:b1:31:ec:3e:69:63:95:07: 84:3c:9d:98:51:93:b6:e5:50:20:fc:25:26:e8:39: f3:da:59:47:12:f2:b7:b5:5b:94:b0:f5:87:c6:03: a7:41:42:63:7a:0b:24:1a:b7:ab:22:fc:a7:0c:d8: f7:25:53:fb:64:13:e8:9f:52:ac:13:85:f8:47:27: 54:50:69:0f:b1:53:97:15:1e:88:58:48:e6:79:6d: 40:97:4f:dd:39:f1:ab:32:9f:9d:ab:b5:3e:38:c5: 8b:92:00:64:cb:f3:b5:59:e2:07:6b:cc:1c:80:f3: 8e:37:e0:8e:58:8a:7a:e3:0b:a5:1a:d4:b9:e4:60: 27:c7:29:dd:a3:f5:41:53:1a:ed:83:38:3f:0f:da: a8:22:44:cc:3c:72:8a:d3:4a:28:c9:47:c5:c9:c3: 9b:68:dd:b4:ea:c7:e0:8d:f3:bb:b1:ee:5a:41:b0: 67:21:e5:fe:65:05:03:4c:bf:b0:8c:43:28:48:a1: 0f:66:29:bc:8f:23:92:42:6b:60:73:5e:e5:da:24: 57:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:D7:29:D1:B1:C4:E5:F5:53:B6:82:B7:FC:42:6A:97:A8:D9:A1:AA X509v3 Authority Key Identifier: keyid:A5:F0:65:FC:C9:ED:A1:1D:CA:4D:0D:FC:6D:7C:99:07:52:98:D7:FF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9174685/2D159182A97311EA9AABE923C4F9AE02/pfBl_MntoR3KTQ38bXyZB1KY1_8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pfBl_MntoR3KTQ38bXyZB1KY1_8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9174685/2D159182A97311EA9AABE923C4F9AE02/8BBD25F4EAE311EF95C23D4DC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 202.58.252.0/24 Signature Algorithm: sha256WithRSAEncryption 9b:49:73:92:fb:29:4e:f1:35:9d:5a:8e:b9:5a:9e:dd:5d:d6: 37:e3:11:cb:46:e1:82:1f:e2:5e:6a:fd:a7:39:76:d5:d3:3c: 54:c1:10:91:1a:69:e8:a2:96:95:e9:58:f1:44:26:d5:28:59: 76:4a:47:04:ad:b0:04:5d:ca:ad:71:df:85:c4:de:4b:cf:f9: 81:08:b4:80:96:64:e9:df:99:c0:e3:2f:f3:e1:84:54:a4:a4: 3b:e2:a6:d1:e4:a4:c5:96:0e:26:4a:9a:7d:c9:19:9e:cc:47: a5:f3:22:bf:ea:0d:8d:4d:e8:fb:71:9d:55:8a:bc:5f:16:8c: 86:66:57:7b:b3:17:76:9c:85:32:4e:8e:9e:c6:37:e6:0b:b3: e9:a4:64:58:c3:a6:ab:70:73:36:f4:7e:e6:32:9f:f1:bf:a4: 8e:8f:97:b8:be:44:2d:53:2b:a8:b5:48:2f:b7:42:35:88:31: e8:5b:73:fe:10:de:74:4e:1b:96:22:5d:55:a8:ab:93:60:66: 37:af:34:d0:17:05:70:90:f8:fb:28:fb:a4:8c:bd:c8:74:e0: 15:07:c3:d2:69:28:93:19:10:ce:26:82:81:9f:33:9f:53:0f: 27:27:4b:d9:2c:24:b5:e9:50:61:81:eb:b8:d4:cf:e5:68:69: 00:64:db:41 -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgICCa8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzQ2ODUxMTAvBgNVBAUTKEE1RjA2NUZDQzlFREExMURDQTREMERGQzZEN0M5OTA3 NTI5OEQ3RkYwHhcNMjUxMDE0MjE1MDE4WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NWUwMi03OTQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmkYqXep+wxaRldfx1pbTxlvJFbaF0dLWmcdK0681poJ4KB/GDvnnikMTS9TY Z2MYx8MdsTHsPmljlQeEPJ2YUZO25VAg/CUm6Dnz2llHEvK3tVuUsPWHxgOnQUJj egskGrerIvynDNj3JVP7ZBPon1KsE4X4RydUUGkPsVOXFR6IWEjmeW1Al0/dOfGr Mp+dq7U+OMWLkgBky/O1WeIHa8wcgPOON+COWIp64wulGtS55GAnxyndo/VBUxrt gzg/D9qoIkTMPHKK00ooyUfFycObaN206sfgjfO7se5aQbBnIeX+ZQUDTL+wjEMo SKEPZim8jyOSQmtgc17l2iRX2QIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFDPXKdGx xOX1U7aCt/xCapeo2aGqMB8GA1UdIwQYMBaAFKXwZfzJ7aEdyk0N/G18mQdSmNf/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NDY4NS8yRDE1OTE4MkE5 NzMxMUVBOUFBQkU5MjNDNEY5QUUwMi9wZkJsX01udG9SM0tUUTM4Ylh5WkIxS1kx XzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3BmQmxfTW50b1IzS1RRMzhiWHlaQjFLWTFfOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzQ2ODUvMkQxNTkxODJBOTczMTFFQTlBQUJFOTIzQzRGOUFFMDIvOEJCRDI1RjRF QUUzMTFFRjk1QzIzRDREQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAyjr8MA0GCSqGSIb3DQEBCwUAA4IBAQCbSXOS+ylO8TWdWo65Wp7d XdY34xHLRuGCH+Jeav2nOXbV0zxUwRCRGmnoopaV6VjxRCbVKFl2SkcErbAEXcqt cd+FxN5Lz/mBCLSAlmTp35nA4y/z4YRUpKQ74qbR5KTFlg4mSpp9yRmezEel8yK/ 6g2NTej7cZ1VirxfFoyGZld7sxd2nIUyTo6exjfmC7PppGRYw6arcHM29H7mMp/x v6SOj5e4vkQtUyuotUgvt0I1iDHoW3P+EN50ThuWIl1VqKuTYGY3rzTQFwVwkPj7 KPukjL3IdOAVB8PSaSiTGRDOJoKBnzOfUw8nJ0vZLCS16VBhgeu41M/laGkAZNtB -----END CERTIFICATE-----Generated at Mon Mar 2 16:09:23 2026 by rpki-client