$ rpki-client -vvf rpki.apnic.net/member_repository/A91889B6/2C4EF9761D9611E2A6548E7E08B02CD2/8D57E1664D0911EEA9837D4AC4F9AE02.roa File: 8D57E1664D0911EEA9837D4AC4F9AE02.roa (raw, json) Hash identifier: Cs9JKjCuX2CcXJQrUV7cbcqrEj31WEsSJAImJkXjuRI= Subject key identifier: 7F:C8:CF:C8:F5:99:CC:EE:B8:7A:A7:69:D6:67:50:9A:4F:FB:80:5B Certificate issuer: /CN=A91889B6/serialNumber=E93674B1F3B6916B2B6363B861D6B77B3905DDD8 Certificate serial: 3520 Authority key identifier: E9:36:74:B1:F3:B6:91:6B:2B:63:63:B8:61:D6:B7:7B:39:05:DD:D8 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/6TZ0sfO2kWsrY2O4Yda3ezkF3dg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91889B6/2C4EF9761D9611E2A6548E7E08B02CD2/8D57E1664D0911EEA9837D4AC4F9AE02.roa Signing time: Sun 01 Mar 2026 13:35:27 +0000 ROA not before: Fri 24 Oct 2025 15:00:55 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 4768 IP address blocks: 192.173.16.0/21 maxlen: 21 192.173.16.0/24 maxlen: 24 192.173.17.0/24 maxlen: 24 192.173.18.0/24 maxlen: 24 192.173.19.0/24 maxlen: 24 192.173.20.0/24 maxlen: 24 192.173.23.0/24 maxlen: 24 192.173.24.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91889B6/2C4EF9761D9611E2A6548E7E08B02CD2/6TZ0sfO2kWsrY2O4Yda3ezkF3dg.crl rsync://rpki.apnic.net/member_repository/A91889B6/2C4EF9761D9611E2A6548E7E08B02CD2/6TZ0sfO2kWsrY2O4Yda3ezkF3dg.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/6TZ0sfO2kWsrY2O4Yda3ezkF3dg.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:43:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13600 (0x3520) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91889B6, serialNumber=E93674B1F3B6916B2B6363B861D6B77B3905DDD8 Validity Not Before: Oct 24 15:00:55 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=69a4409f-fe54 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:b8:4b:7b:55:12:d9:95:0c:7c:d3:c3:50:26: 9f:bd:29:8b:8e:d5:f8:a0:9a:65:e7:85:b5:e7:74: 6f:23:42:e6:be:94:7a:59:77:d4:c5:66:b1:de:93: 7f:1c:e3:80:6d:6c:42:d6:8f:c5:0d:5b:00:2d:d7: 8f:f6:d9:bd:77:e4:a4:9b:ee:af:c3:b8:c5:5a:32: 2a:68:9e:61:8d:25:ac:32:e5:cf:d1:20:22:ef:8b: 9b:ab:05:ec:58:3a:98:de:fd:9f:11:6b:d3:1f:14: b0:46:06:ad:98:d0:bd:73:92:19:7c:f2:bc:6a:19: 0b:6d:75:4a:ba:a2:85:c1:41:12:55:ac:b4:b8:19: fa:69:53:3c:3b:a6:98:ac:32:36:b8:37:fb:4f:a5: 27:25:da:f9:12:d2:90:cb:4a:17:78:ec:c9:71:05: a8:22:22:a6:96:92:b5:2b:99:c2:86:94:42:54:2c: e0:a6:9a:f4:6f:55:d5:1f:33:d6:8a:df:47:55:a6: e4:a5:81:9d:83:f9:8a:e5:f5:a5:14:29:84:ea:9c: 0d:4d:a4:02:e8:d1:92:6d:5e:d8:81:86:97:97:fa: 62:51:1a:e4:55:e9:38:e3:60:af:49:34:ad:dc:10: 9f:5a:86:35:53:04:14:67:47:ec:3a:2c:82:9b:1f: 0c:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:C8:CF:C8:F5:99:CC:EE:B8:7A:A7:69:D6:67:50:9A:4F:FB:80:5B X509v3 Authority Key Identifier: keyid:E9:36:74:B1:F3:B6:91:6B:2B:63:63:B8:61:D6:B7:7B:39:05:DD:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91889B6/2C4EF9761D9611E2A6548E7E08B02CD2/6TZ0sfO2kWsrY2O4Yda3ezkF3dg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/6TZ0sfO2kWsrY2O4Yda3ezkF3dg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91889B6/2C4EF9761D9611E2A6548E7E08B02CD2/8D57E1664D0911EEA9837D4AC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 192.173.16.0-192.173.24.255 Signature Algorithm: sha256WithRSAEncryption bf:b1:b9:d3:b0:44:9f:e3:17:5a:fb:98:aa:e5:98:e6:ee:ae: 1e:9e:91:8f:7d:60:e1:32:8c:c2:95:00:de:a8:38:b6:55:eb: f8:76:f1:4a:4a:6f:95:dc:77:30:63:2d:c1:81:61:4c:25:7b: fe:9f:53:4a:63:20:e0:ec:07:eb:a1:1b:52:14:3c:2e:09:98: 79:4a:36:ab:d6:b1:f9:b8:22:91:30:5c:fe:ce:24:02:63:23: f0:8b:6d:fd:41:c0:11:a8:33:f8:e2:21:69:86:3a:9b:06:17: 16:66:6e:ed:c0:9e:a8:05:40:19:37:d1:72:2e:5a:9b:40:ba: 78:4e:79:73:66:5a:d5:90:a5:16:e9:8d:0e:d6:e2:45:64:b8: c6:dd:19:d8:fc:29:30:e0:df:dd:0b:16:6d:4f:4f:75:ed:6b: 89:9e:6a:cf:4b:fa:04:6d:1c:28:31:e7:8c:d0:02:0b:05:3d: 93:7b:1d:fb:5e:c9:bd:a8:ab:6b:e8:e6:10:8f:7d:65:93:ca: ed:2d:6a:15:0b:51:f2:6f:6b:09:fc:79:22:17:25:bd:17:58: 5c:de:00:cb:09:e9:12:f8:0a:b3:82:b9:a9:3e:81:ad:f7:72: b9:90:b5:58:ea:45:e4:68:5b:e5:b7:94:53:8e:bc:c8:58:4b: 93:0a:f8:5a -----BEGIN CERTIFICATE----- MIIFRDCCBCygAwIBAgICNSAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODg5QjYxMTAvBgNVBAUTKEU5MzY3NEIxRjNCNjkxNkIyQjYzNjNCODYxRDZCNzdC MzkwNURERDgwHhcNMjUxMDI0MTUwMDU1WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NDA5Zi1mZTU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAjrhLe1US2ZUMfNPDUCafvSmLjtX4oJpl54W153RvI0LmvpR6WXfUxWax3pN/ HOOAbWxC1o/FDVsALdeP9tm9d+Skm+6vw7jFWjIqaJ5hjSWsMuXP0SAi74ubqwXs WDqY3v2fEWvTHxSwRgatmNC9c5IZfPK8ahkLbXVKuqKFwUESVay0uBn6aVM8O6aY rDI2uDf7T6UnJdr5EtKQy0oXeOzJcQWoIiKmlpK1K5nChpRCVCzgppr0b1XVHzPW it9HVabkpYGdg/mK5fWlFCmE6pwNTaQC6NGSbV7YgYaXl/piURrkVek442CvSTSt 3BCfWoY1UwQUZ0fsOiyCmx8M1wIDAQABo4ICaDCCAmQwHQYDVR0OBBYEFH/Iz8j1 mczuuHqnadZnUJpP+4BbMB8GA1UdIwQYMBaAFOk2dLHztpFrK2NjuGHWt3s5Bd3Y MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4ODlCNi8yQzRFRjk3NjFE OTYxMUUyQTY1NDhFN0UwOEIwMkNEMi82VFowc2ZPMmtXc3JZMk80WWRhM2V6a0Yz ZGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzZUWjBzZk8ya1dzclkyTzRZZGEzZXprRjNkZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODg5QjYvMkM0RUY5NzYxRDk2MTFFMkE2NTQ4RTdFMDhCMDJDRDIvOEQ1N0UxNjY0 RDA5MTFFRUE5ODM3RDRBQzRGOUFFMDIucm9hMCcGCCsGAQUFBwEHAQH/BBgwFjAU BAIAATAOMAwDBATArRADBADArRgwDQYJKoZIhvcNAQELBQADggEBAL+xudOwRJ/j F1r7mKrlmOburh6ekY99YOEyjMKVAN6oOLZV6/h28UpKb5XcdzBjLcGBYUwle/6f U0pjIODsB+uhG1IUPC4JmHlKNqvWsfm4IpEwXP7OJAJjI/CLbf1BwBGoM/jiIWmG OpsGFxZmbu3AnqgFQBk30XIuWptAunhOeXNmWtWQpRbpjQ7W4kVkuMbdGdj8KTDg 390LFm1PT3Xta4meas9L+gRtHCgx54zQAgsFPZN7Hfteyb2oq2vo5hCPfWWTyu0t ahULUfJvawn8eSIXJb0XWFzeAMsJ6RL4CrOCuak+ga33crmQtVjqReRoW+W3lFOO vMhYS5MK+Fo= -----END CERTIFICATE-----Generated at Mon Mar 2 07:39:29 2026 by rpki-client