$ rpki-client -vvf rpki.apnic.net/member_repository/A917E4BA/C952AC9E52DC11EA82601B0FC4F9AE02/66F91334ED4911ED9A90391BC4F9AE02.roa File: 66F91334ED4911ED9A90391BC4F9AE02.roa (raw, json) Hash identifier: ZatHv2sHyWRSC6zewOoWADYzth7DnWj+eG5J7PvU3G0= Subject key identifier: D1:B2:88:03:9C:8B:70:DC:49:A8:6B:EC:E9:A5:A2:86:E6:D7:09:13 Certificate issuer: /CN=A917E4BA/serialNumber=3C6EC09B095FA5F513615108A5447CACB71AB1A1 Certificate serial: 0B4E Authority key identifier: 3C:6E:C0:9B:09:5F:A5:F5:13:61:51:08:A5:44:7C:AC:B7:1A:B1:A1 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PG7AmwlfpfUTYVEIpUR8rLcasaE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E4BA/C952AC9E52DC11EA82601B0FC4F9AE02/66F91334ED4911ED9A90391BC4F9AE02.roa Signing time: Sun 01 Mar 2026 13:59:33 +0000 ROA not before: Sat 06 Dec 2025 19:00:37 +0000 ROA not after: Sun 31 Jan 2027 00:00:00 +0000 asID: 9650 IP address blocks: 131.242.0.0/16 maxlen: 16 131.242.21.0/24 maxlen: 24 131.242.22.0/24 maxlen: 24 131.242.23.0/24 maxlen: 24 131.242.26.0/24 maxlen: 24 131.242.30.0/24 maxlen: 24 131.242.55.0/24 maxlen: 24 131.242.68.0/24 maxlen: 24 131.242.132.0/24 maxlen: 24 131.242.144.0/22 maxlen: 22 131.242.176.0/20 maxlen: 20 131.242.230.0/24 maxlen: 24 131.242.231.0/24 maxlen: 24 147.132.0.0/16 maxlen: 16 161.143.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E4BA/C952AC9E52DC11EA82601B0FC4F9AE02/PG7AmwlfpfUTYVEIpUR8rLcasaE.crl rsync://rpki.apnic.net/member_repository/A917E4BA/C952AC9E52DC11EA82601B0FC4F9AE02/PG7AmwlfpfUTYVEIpUR8rLcasaE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PG7AmwlfpfUTYVEIpUR8rLcasaE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 23:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2894 (0xb4e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E4BA, serialNumber=3C6EC09B095FA5F513615108A5447CACB71AB1A1 Validity Not Before: Dec 6 19:00:37 2025 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=69a44645-77d6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:f7:22:22:cd:a8:8f:43:5b:53:c9:df:22:4d: 36:9c:d8:6a:a6:77:df:0e:72:22:79:96:a7:d0:81: 35:64:3a:4b:9c:f9:97:97:f4:fa:51:9e:48:3f:03: 67:e7:60:82:ed:8f:41:50:d9:ca:80:34:3b:62:19: 8a:20:cc:94:ac:1d:59:86:1e:bd:15:4c:4c:bc:35: bd:10:41:2f:65:0a:dc:5a:3f:b5:d4:bb:f3:a2:13: ed:40:e0:8a:2b:e4:da:52:cf:53:a7:a1:ec:af:7d: 99:ea:f6:4b:8b:32:3b:65:a2:4b:81:2d:54:c0:aa: d8:ba:19:33:97:24:3f:ae:46:2b:62:1d:70:d4:0a: 88:a7:c2:18:cd:b0:c2:be:25:2f:ce:59:97:13:6f: 98:73:6f:02:56:4c:04:37:62:46:53:86:da:31:b7: dd:c5:a2:e5:e2:9e:c4:f7:3a:c1:b7:d6:84:93:81: 10:53:bf:1e:de:57:b1:a9:31:af:5f:b0:cf:d6:5c: a8:93:df:c5:bd:b6:5d:62:79:9a:d1:4b:11:3e:be: 86:f3:61:8d:4e:52:71:d2:51:45:31:31:7f:42:e9: 65:af:1c:67:b9:9e:4f:e2:4f:48:b5:2b:c7:3d:f4: 9f:c2:d0:7c:91:2d:ef:4c:cf:b6:5a:1f:66:e4:1d: 68:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:B2:88:03:9C:8B:70:DC:49:A8:6B:EC:E9:A5:A2:86:E6:D7:09:13 X509v3 Authority Key Identifier: keyid:3C:6E:C0:9B:09:5F:A5:F5:13:61:51:08:A5:44:7C:AC:B7:1A:B1:A1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E4BA/C952AC9E52DC11EA82601B0FC4F9AE02/PG7AmwlfpfUTYVEIpUR8rLcasaE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PG7AmwlfpfUTYVEIpUR8rLcasaE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E4BA/C952AC9E52DC11EA82601B0FC4F9AE02/66F91334ED4911ED9A90391BC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 131.242.0.0/16 147.132.0.0/16 161.143.0.0/16 Signature Algorithm: sha256WithRSAEncryption 78:a7:f4:c2:6f:22:d4:14:11:40:28:b9:0e:1c:45:87:6e:3e: 10:75:c0:c5:f2:14:0c:7a:24:1c:49:8b:ae:ad:12:f3:da:f0: a6:86:5d:6f:90:7c:b3:d2:8b:78:3f:48:f9:fe:1a:b8:b2:9d: ce:0e:46:68:ab:11:c4:0d:42:06:c7:c1:46:26:f3:be:a2:ac: ff:c9:93:b9:e9:f1:75:2e:b2:0f:21:60:15:65:8b:e7:2e:cd: f5:31:58:6e:3a:fd:8a:20:1b:c2:ed:d4:64:4d:85:5d:6f:37: f1:3e:a1:82:b6:1b:57:10:95:dc:75:50:99:ed:db:2f:17:ad: 11:5a:c5:76:68:6e:62:96:26:ce:63:a0:3b:92:55:cc:08:15: 37:cb:ce:62:c0:ec:8f:64:72:39:2c:b0:12:06:f9:30:b0:f4: 94:68:04:2b:cb:46:91:a5:fc:59:2c:52:f5:a4:bd:91:1c:73: e3:a4:a6:42:b5:15:04:c2:ae:9b:41:0f:9c:bb:45:63:02:b3: d2:92:4a:d4:e8:4b:44:ae:f4:e7:6c:8b:5e:78:f9:68:d8:1b: c5:ec:f9:70:c7:7e:c8:6c:39:c7:84:74:ac:90:a8:07:a6:0c: 0e:5c:34:44:c0:b2:ae:06:3b:f3:a1:93:b4:83:d6:1c:ba:a1: b2:69:86:a5 -----BEGIN CERTIFICATE----- MIIFRTCCBC2gAwIBAgICC04wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0U0QkExMTAvBgNVBAUTKDNDNkVDMDlCMDk1RkE1RjUxMzYxNTEwOEE1NDQ3Q0FD QjcxQUIxQTEwHhcNMjUxMjA2MTkwMDM3WhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NDY0NS03N2Q2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtvciIs2oj0NbU8nfIk02nNhqpnffDnIieZan0IE1ZDpLnPmXl/T6UZ5IPwNn 52CC7Y9BUNnKgDQ7YhmKIMyUrB1Zhh69FUxMvDW9EEEvZQrcWj+11LvzohPtQOCK K+TaUs9Tp6Hsr32Z6vZLizI7ZaJLgS1UwKrYuhkzlyQ/rkYrYh1w1AqIp8IYzbDC viUvzlmXE2+Yc28CVkwEN2JGU4baMbfdxaLl4p7E9zrBt9aEk4EQU78e3lexqTGv X7DP1lyok9/FvbZdYnma0UsRPr6G82GNTlJx0lFFMTF/QullrxxnuZ5P4k9ItSvH PfSfwtB8kS3vTM+2Wh9m5B1oowIDAQABo4ICaTCCAmUwHQYDVR0OBBYEFNGyiAOc i3DcSahr7Omloobm1wkTMB8GA1UdIwQYMBaAFDxuwJsJX6X1E2FRCKVEfKy3GrGh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTRCQS9DOTUyQUM5RTUy REMxMUVBODI2MDFCMEZDNEY5QUUwMi9QRzdBbXdsZnBmVVRZVkVJcFVSOHJMY2Fz YUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1BHN0Ftd2xmcGZVVFlWRUlwVVI4ckxjYXNhRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0U0QkEvQzk1MkFDOUU1MkRDMTFFQTgyNjAxQjBGQzRGOUFFMDIvNjZGOTEzMzRF RDQ5MTFFRDlBOTAzOTFCQzRGOUFFMDIucm9hMCgGCCsGAQUFBwEHAQH/BBkwFzAV BAIAATAPAwMAg/IDAwCThAMDAKGPMA0GCSqGSIb3DQEBCwUAA4IBAQB4p/TCbyLU FBFAKLkOHEWHbj4QdcDF8hQMeiQcSYuurRLz2vCmhl1vkHyz0ot4P0j5/hq4sp3O DkZoqxHEDUIGx8FGJvO+oqz/yZO56fF1LrIPIWAVZYvnLs31MVhuOv2KIBvC7dRk TYVdbzfxPqGCthtXEJXcdVCZ7dsvF60RWsV2aG5ilibOY6A7klXMCBU3y85iwOyP ZHI5LLASBvkwsPSUaAQry0aRpfxZLFL1pL2RHHPjpKZCtRUEwq6bQQ+cu0VjArPS kkrU6EtErvTnbIteePlo2BvF7Plwx37IbDnHhHSskKgHpgwOXDREwLKuBjvzoZO0 g9YcuqGyaYal -----END CERTIFICATE-----Generated at Mon Mar 2 06:32:42 2026 by rpki-client