$ rpki-client -vvf rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/DF7AF1FC42D811EF8EEF4E51C4F9AE02.roa File: DF7AF1FC42D811EF8EEF4E51C4F9AE02.roa (raw, json) Hash identifier: +VENXKCDJU5tqZ75p1cfT1kgD+4+BvWB+MfDMwUYXIQ= Subject key identifier: CA:46:8F:A0:A7:7E:E2:22:B3:53:1E:7A:CC:03:FD:94:33:E0:6B:C3 Certificate issuer: /CN=A917DEA4/serialNumber=B4D6FFD5DFF9EAC413AB4408E09637B09494DBC8 Certificate serial: 07D1 Authority key identifier: B4:D6:FF:D5:DF:F9:EA:C4:13:AB:44:08:E0:96:37:B0:94:94:DB:C8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNb_1d_56sQTq0QI4JY3sJSU28g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/DF7AF1FC42D811EF8EEF4E51C4F9AE02.roa Signing time: Sun 01 Mar 2026 18:09:40 +0000 ROA not before: Sat 30 Aug 2025 23:15:26 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 134540 IP address blocks: 14.96.64.0/20 maxlen: 24 14.96.80.0/20 maxlen: 24 14.96.96.0/20 maxlen: 20 14.96.96.0/20 maxlen: 24 14.96.112.0/20 maxlen: 24 2406:e00::/48 maxlen: 51 2406:e00:1::/48 maxlen: 51 2406:e00:2::/48 maxlen: 51 2406:e00:3::/48 maxlen: 51 2406:e00:4::/48 maxlen: 51 2406:e00:5::/48 maxlen: 51 2406:e00:6::/48 maxlen: 51 2406:e00:7::/48 maxlen: 51 2406:e00:8::/48 maxlen: 51 2406:e00:a::/48 maxlen: 51 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/tNb_1d_56sQTq0QI4JY3sJSU28g.crl rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/tNb_1d_56sQTq0QI4JY3sJSU28g.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNb_1d_56sQTq0QI4JY3sJSU28g.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 23:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2001 (0x7d1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917DEA4, serialNumber=B4D6FFD5DFF9EAC413AB4408E09637B09494DBC8 Validity Not Before: Aug 30 23:15:26 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=69a480e4-8c8f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:66:6b:c9:ab:9a:fe:8c:c0:38:53:e1:ae:98: e6:b4:cb:9f:22:92:b5:6e:2a:ca:08:f9:0e:b8:c8: d1:56:3a:0c:cb:c1:ab:c5:6f:6f:45:a8:c3:f9:94: a3:aa:8c:53:6e:68:04:c7:1a:6f:0b:c6:ae:cb:f0: 3d:9e:87:73:5c:b1:5a:8f:16:0d:db:e3:25:df:62: b8:ef:d2:2e:81:b6:e7:81:f6:8b:75:8b:ba:7a:86: 46:4f:c0:c1:7d:c1:76:d3:81:e9:ac:bf:06:08:f1: 3f:1c:c3:23:1d:1f:6e:bf:6e:6f:4a:6f:2d:e5:09: db:a6:49:73:1f:62:1c:85:27:86:93:93:41:95:52: 31:be:18:89:06:fb:ce:3e:cd:04:05:c3:99:7d:ef: c9:7e:26:56:fe:9d:3a:e0:13:13:73:31:4a:fc:04: 32:9f:b1:23:97:2b:ca:51:56:db:f1:a6:da:5a:99: 50:bd:47:58:c7:06:c8:7a:0c:16:c4:2f:4e:a1:78: f5:38:86:29:09:2b:a7:5b:9a:f2:c2:82:18:5c:14: 47:94:ed:6f:73:2e:94:d1:48:65:f2:02:af:b0:71: 1a:d8:7e:7b:18:25:e7:93:31:4d:9c:22:3e:a7:06: c0:c0:a1:12:ef:a1:99:fe:f7:b5:b3:d7:df:65:8d: 69:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:46:8F:A0:A7:7E:E2:22:B3:53:1E:7A:CC:03:FD:94:33:E0:6B:C3 X509v3 Authority Key Identifier: keyid:B4:D6:FF:D5:DF:F9:EA:C4:13:AB:44:08:E0:96:37:B0:94:94:DB:C8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/tNb_1d_56sQTq0QI4JY3sJSU28g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNb_1d_56sQTq0QI4JY3sJSU28g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/DF7AF1FC42D811EF8EEF4E51C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 14.96.64.0/18 IPv6: 2406:e00::-2406:e00:8:ffff:ffff:ffff:ffff:ffff 2406:e00:a::/48 Signature Algorithm: sha256WithRSAEncryption 16:81:31:71:49:3d:51:93:08:bf:8f:38:d5:b7:1f:f3:37:4d: 4a:5e:f0:ed:5b:60:25:6c:c7:ec:46:35:50:e4:63:c7:ff:18: e4:76:8c:79:f7:77:21:30:d5:69:ea:31:d4:0c:33:e2:ed:7f: 02:0a:5a:39:2f:f0:68:9c:fd:08:f7:f3:27:ed:0a:cd:15:57: 94:4e:60:6d:bb:5c:99:7b:af:b0:08:7c:d1:c0:24:1c:3e:ef: dc:e9:19:78:4e:c5:d2:da:61:57:44:fe:21:cb:ae:b4:4b:56: be:12:b4:41:f6:15:48:1d:1b:f4:d0:a6:7c:4a:f1:72:58:2b: c5:c8:d3:6e:a1:92:9a:11:2e:4d:2a:8c:d5:3a:63:a7:e7:51: f4:85:3e:a9:2e:35:dc:c5:e7:96:f4:3d:40:d3:bb:10:01:59: 0e:e9:6e:b6:ac:43:f5:12:80:42:cf:f9:17:e6:85:ee:9b:9d: 60:63:2a:1e:a8:6c:2d:1c:13:4f:91:d5:dd:2d:bb:65:2f:81: 85:6e:f9:ba:cf:43:c6:a6:36:22:f8:c3:fc:6c:e3:a0:1b:80: 04:f8:6b:b7:62:58:ab:e8:9e:4a:b3:d7:a7:7e:bc:03:19:a5: 3f:8c:41:05:06:94:a4:05:36:ca:bd:81:7f:5e:c1:c6:5e:d7: 39:57:65:63 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgICB9EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0RFQTQxMTAvBgNVBAUTKEI0RDZGRkQ1REZGOUVBQzQxM0FCNDQwOEUwOTYzN0Iw OTQ5NERCQzgwHhcNMjUwODMwMjMxNTI2WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0ODBlNC04YzhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv2Zryaua/ozAOFPhrpjmtMufIpK1birKCPkOuMjRVjoMy8GrxW9vRajD+ZSj qoxTbmgExxpvC8auy/A9nodzXLFajxYN2+Ml32K479IugbbngfaLdYu6eoZGT8DB fcF204HprL8GCPE/HMMjHR9uv25vSm8t5QnbpklzH2IchSeGk5NBlVIxvhiJBvvO Ps0EBcOZfe/JfiZW/p064BMTczFK/AQyn7EjlyvKUVbb8abaWplQvUdYxwbIegwW xC9OoXj1OIYpCSunW5rywoIYXBRHlO1vcy6U0Uhl8gKvsHEa2H57GCXnkzFNnCI+ pwbAwKES76GZ/ve1s9ffZY1pnQIDAQABo4ICgjCCAn4wHQYDVR0OBBYEFMpGj6Cn fuIis1MeeswD/ZQz4GvDMB8GA1UdIwQYMBaAFLTW/9Xf+erEE6tECOCWN7CUlNvI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3REVBNC9BMjQyNkI2MDk4 MjkxMUVCQjc4ODIwODFDNEY5QUUwMi90TmJfMWRfNTZzUVRxMFFJNEpZM3NKU1Uy OGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ROYl8xZF81NnNRVHEwUUk0Slkzc0pTVTI4Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0RFQTQvQTI0MjZCNjA5ODI5MTFFQkI3ODgyMDgxQzRGOUFFMDIvREY3QUYxRkM0 MkQ4MTFFRjhFRUY0RTUxQzRGOUFFMDIucm9hMEEGCCsGAQUFBwEHAQH/BDIwMDAM BAIAATAGAwQGDmBAMCAEAgACMBowDwMEASQGDgMHACQGDgAACAMHACQGDgAACjAN BgkqhkiG9w0BAQsFAAOCAQEAFoExcUk9UZMIv4841bcf8zdNSl7w7VtgJWzH7EY1 UORjx/8Y5HaMefd3ITDVaeox1Awz4u1/AgpaOS/waJz9CPfzJ+0KzRVXlE5gbbtc mXuvsAh80cAkHD7v3OkZeE7F0tphV0T+IcuutEtWvhK0QfYVSB0b9NCmfErxclgr xcjTbqGSmhEuTSqM1Tpjp+dR9IU+qS413MXnlvQ9QNO7EAFZDulutqxD9RKAQs/5 F+aF7pudYGMqHqhsLRwTT5HV3S27ZS+BhW75us9DxqY2IvjD/GzjoBuABPhrt2JY q+ieSrPXp368AxmlP4xBBQaUpAU2yr2Bf17Bxl7XOVdlYw== -----END CERTIFICATE-----Generated at Mon Mar 2 16:08:38 2026 by rpki-client