$ rpki-client -vvf rpki.apnic.net/member_repository/A918E023/A654FEF0111C11F0B15AF970C4F9AE02/C420B2B6111D11F0BE9ABA7AC4F9AE02.roa File: C420B2B6111D11F0BE9ABA7AC4F9AE02.roa (raw, json) Hash identifier: prE9EyvOyNfHIglYsxqj47xctVFyrjvR30YVs38FCp4= Subject key identifier: C8:C0:0F:2E:4D:0A:5A:51:D0:FB:5A:F7:DB:92:39:79:98:7B:B2:72 Certificate issuer: /CN=A918E023/serialNumber=B9CD57E2FF4F58BB959A9541A31CFDF6697618B2 Certificate serial: A9 Authority key identifier: B9:CD:57:E2:FF:4F:58:BB:95:9A:95:41:A3:1C:FD:F6:69:76:18:B2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uc1X4v9PWLuVmpVBoxz99ml2GLI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918E023/A654FEF0111C11F0B15AF970C4F9AE02/C420B2B6111D11F0BE9ABA7AC4F9AE02.roa Signing time: Sun 01 Mar 2026 07:02:28 +0000 ROA not before: Fri 04 Apr 2025 06:26:39 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 135044 IP address blocks: 163.223.234.0/23 maxlen: 23 163.223.234.0/24 maxlen: 24 163.223.235.0/24 maxlen: 24 2001:df5:5040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918E023/A654FEF0111C11F0B15AF970C4F9AE02/uc1X4v9PWLuVmpVBoxz99ml2GLI.crl rsync://rpki.apnic.net/member_repository/A918E023/A654FEF0111C11F0B15AF970C4F9AE02/uc1X4v9PWLuVmpVBoxz99ml2GLI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uc1X4v9PWLuVmpVBoxz99ml2GLI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 08:29:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 169 (0xa9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918E023, serialNumber=B9CD57E2FF4F58BB959A9541A31CFDF6697618B2 Validity Not Before: Apr 4 06:26:39 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=69a3e484-a476 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:fd:90:ce:4f:a5:42:99:b3:0c:38:b5:cd:e4: 11:df:60:95:c0:a5:b8:d6:5c:13:2e:eb:6d:e2:8d: b7:7f:60:f8:b0:47:8b:7b:cf:18:da:cd:6f:6e:9c: 91:57:70:50:19:59:a9:96:15:0d:79:37:e4:70:c1: 22:a5:21:dc:70:5e:ff:97:35:c3:d5:df:bd:61:13: b5:20:f2:28:27:ca:66:15:45:21:ce:95:05:af:2d: c9:87:63:bb:7d:46:8e:d7:19:27:c4:9a:e0:cb:f3: 34:98:47:50:f4:39:1e:6c:36:3d:66:38:47:80:88: d0:bf:cc:05:db:84:ec:97:37:df:16:92:63:da:f4: d6:76:4e:f5:c5:0e:f8:74:fe:96:93:55:46:be:f7: 6c:83:c9:2b:79:41:3d:ec:86:db:51:5f:59:56:a7: e1:2d:9d:c6:e8:10:5d:cb:17:35:1b:b1:c8:42:75: d7:c2:a7:72:35:30:7a:37:21:df:dc:eb:31:de:9b: a1:df:75:e9:41:47:30:4d:cc:b6:8e:3b:d4:49:26: 0c:25:1a:0f:d0:d7:7b:ef:b2:ce:a5:36:b8:8d:6c: 6e:18:4f:cf:0b:96:b3:b7:32:4c:e9:06:f9:e8:2d: 04:4e:a8:37:aa:8a:a0:bd:0e:dd:f2:5e:47:b3:34: f9:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:C0:0F:2E:4D:0A:5A:51:D0:FB:5A:F7:DB:92:39:79:98:7B:B2:72 X509v3 Authority Key Identifier: keyid:B9:CD:57:E2:FF:4F:58:BB:95:9A:95:41:A3:1C:FD:F6:69:76:18:B2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918E023/A654FEF0111C11F0B15AF970C4F9AE02/uc1X4v9PWLuVmpVBoxz99ml2GLI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uc1X4v9PWLuVmpVBoxz99ml2GLI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918E023/A654FEF0111C11F0B15AF970C4F9AE02/C420B2B6111D11F0BE9ABA7AC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 163.223.234.0/23 IPv6: 2001:df5:5040::/48 Signature Algorithm: sha256WithRSAEncryption b3:55:17:b2:d5:7e:94:1f:11:72:c8:cc:08:58:42:54:cb:42: f3:2c:23:02:d3:ff:10:ad:f3:d1:59:25:a3:40:7c:54:44:4d: 39:97:d6:f6:a3:82:d6:6f:ea:54:38:b3:87:55:40:b3:55:7d: c8:05:eb:35:6a:38:60:10:aa:8a:0b:2e:27:bf:0e:ae:13:fe: 83:48:6c:7f:26:e6:47:da:8f:01:7a:f1:c9:36:ca:a6:5e:1b: 64:4b:3b:ca:47:a2:61:cd:4f:7c:0d:06:c8:62:13:a2:00:76: c6:40:84:77:97:45:db:3d:d1:7d:f5:66:66:02:cf:f6:47:8e: bf:71:3c:39:e7:ff:0a:dd:f9:f5:41:ad:0d:33:af:28:64:db: 05:10:12:b9:dc:67:56:8a:4f:dc:d3:ae:24:9a:e8:4a:f6:1f: 38:bc:49:4b:89:2c:33:c3:ac:16:89:f3:ee:0a:38:20:46:78: 07:7a:98:a4:90:98:78:2d:cf:d3:7c:b6:1b:fd:78:79:56:78: 84:c5:29:26:cc:82:ea:29:6f:73:da:75:27:b2:de:e5:d5:3d: 50:6e:56:2b:27:60:de:62:33:14:4a:1f:2f:8a:93:f0:ea:f3: 5e:2d:65:68:de:87:db:87:8c:5a:c4:fb:4e:a0:5b:ea:97:9b: b6:d8:56:07 -----BEGIN CERTIFICATE----- MIIFTTCCBDWgAwIBAgICAKkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEUwMjMxMTAvBgNVBAUTKEI5Q0Q1N0UyRkY0RjU4QkI5NTlBOTU0MUEzMUNGREY2 Njk3NjE4QjIwHhcNMjUwNDA0MDYyNjM5WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWEzZTQ4NC1hNDc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAi/2Qzk+lQpmzDDi1zeQR32CVwKW41lwTLutt4o23f2D4sEeLe88Y2s1vbpyR V3BQGVmplhUNeTfkcMEipSHccF7/lzXD1d+9YRO1IPIoJ8pmFUUhzpUFry3Jh2O7 fUaO1xknxJrgy/M0mEdQ9DkebDY9ZjhHgIjQv8wF24TslzffFpJj2vTWdk71xQ74 dP6Wk1VGvvdsg8kreUE97IbbUV9ZVqfhLZ3G6BBdyxc1G7HIQnXXwqdyNTB6NyHf 3Osx3puh33XpQUcwTcy2jjvUSSYMJRoP0Nd777LOpTa4jWxuGE/PC5aztzJM6Qb5 6C0ETqg3qoqgvQ7d8l5HszT5BwIDAQABo4ICcTCCAm0wHQYDVR0OBBYEFMjADy5N ClpR0Pta99uSOXmYe7JyMB8GA1UdIwQYMBaAFLnNV+L/T1i7lZqVQaMc/fZpdhiy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RTAyMy9BNjU0RkVGMDEx MUMxMUYwQjE1QUY5NzBDNEY5QUUwMi91YzFYNHY5UFdMdVZtcFZCb3h6OTltbDJH TEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3VjMVg0djlQV0x1Vm1wVkJveHo5OW1sMkdMSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEUwMjMvQTY1NEZFRjAxMTFDMTFGMEIxNUFGOTcwQzRGOUFFMDIvQzQyMEIyQjYx MTFEMTFGMEJFOUFCQTdBQzRGOUFFMDIucm9hMDAGCCsGAQUFBwEHAQH/BCEwHzAM BAIAATAGAwQBo9/qMA8EAgACMAkDBwAgAQ31UEAwDQYJKoZIhvcNAQELBQADggEB ALNVF7LVfpQfEXLIzAhYQlTLQvMsIwLT/xCt89FZJaNAfFRETTmX1vajgtZv6lQ4 s4dVQLNVfcgF6zVqOGAQqooLLie/Dq4T/oNIbH8m5kfajwF68ck2yqZeG2RLO8pH omHNT3wNBshiE6IAdsZAhHeXRds90X31ZmYCz/ZHjr9xPDnn/wrd+fVBrQ0zryhk 2wUQErncZ1aKT9zTriSa6Er2Hzi8SUuJLDPDrBaJ8+4KOCBGeAd6mKSQmHgtz9N8 thv9eHlWeITFKSbMguopb3PadSey3uXVPVBuVisnYN5iMxRKHy+Kk/Dq814tZWje h9uHjFrE+06gW+qXm7bYVgc= -----END CERTIFICATE-----Generated at Sun Mar 1 22:35:42 2026 by rpki-client