$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/32FF5EE2CBE911EE859B641DC4F9AE02.roa File: 32FF5EE2CBE911EE859B641DC4F9AE02.roa (raw, json) Hash identifier: 49p1+Z15eknAr3M8H+ijxGwABDqyy22ympO3M5mja10= Subject key identifier: 8F:B7:C1:D8:59:5D:ED:30:99:A1:E2:BA:1F:B0:89:6C:57:57:80:99 Certificate issuer: /CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9 Certificate serial: 2BD6 Authority key identifier: A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/32FF5EE2CBE911EE859B641DC4F9AE02.roa Signing time: Sun 01 Mar 2026 22:43:59 +0000 ROA not before: Thu 08 May 2025 15:53:11 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 142477 IP address blocks: 157.20.14.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 15:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11222 (0x2bd6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9 Validity Not Before: May 8 15:53:11 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=69a4c12f-6317 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:10:2b:73:21:cb:38:89:50:aa:bf:86:4e:d3: c1:8f:d4:38:3f:18:27:f2:b0:86:f9:52:28:78:ff: 75:a6:d7:25:90:5c:5b:98:0f:a9:5d:e7:05:8f:4a: 66:5d:14:e5:99:d4:96:6d:df:8b:d7:7c:31:d2:ba: 23:a2:d7:12:f6:e9:af:44:7a:d8:ce:9d:a4:ce:29: 16:8f:00:9c:7a:f3:53:73:5a:65:ee:88:90:c2:74: 64:26:81:cb:1a:73:54:8a:a5:77:5e:5b:6d:c3:7e: 59:df:eb:6f:d9:54:40:02:5d:d1:85:71:45:82:7a: f5:d7:1f:82:c7:12:4d:82:e4:39:5b:8a:31:c5:d3: 39:82:77:e2:17:73:7e:7b:52:4d:b3:04:6a:db:f4: cc:33:39:12:d8:3c:bd:d2:43:ff:d6:5c:6e:70:a7: 89:bf:f3:4d:35:f3:cb:58:48:c3:aa:fa:b6:09:c1: 1d:54:7d:3d:7e:26:d9:8b:56:e8:8b:7a:54:0d:c7: b7:84:f6:59:34:e5:6d:c9:7c:7e:83:32:3d:be:16: cc:17:81:76:19:19:b5:06:7f:a2:b0:82:a1:22:ef: 47:d5:08:6d:65:67:b5:ba:70:a4:70:21:c6:94:31: a4:a2:35:30:59:3a:67:a9:cd:53:24:c4:b3:d4:f8: 90:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:B7:C1:D8:59:5D:ED:30:99:A1:E2:BA:1F:B0:89:6C:57:57:80:99 X509v3 Authority Key Identifier: keyid:A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/32FF5EE2CBE911EE859B641DC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 157.20.14.0/23 Signature Algorithm: sha256WithRSAEncryption 35:f1:4b:15:bf:32:b0:c5:80:3c:2d:91:61:22:ef:34:73:cf: e7:de:03:c1:9a:97:71:47:49:c8:33:49:5b:78:ae:0a:6a:c3: 44:e8:bd:cc:e8:d4:53:1f:d7:6d:0b:e3:c2:dc:ff:50:db:de: 09:08:16:6f:80:be:4a:36:33:c6:af:e9:41:da:d8:f4:e9:d3: d9:28:f2:fc:df:9a:f6:82:4a:bd:c0:e9:70:bc:2a:85:3e:02: 8e:8a:eb:d1:1b:55:cf:57:6b:ce:5d:b6:58:58:6a:94:4d:2c: 28:04:ed:51:07:ee:61:a0:fe:65:3d:56:98:f1:2f:36:aa:cd: 19:4e:ad:5c:d1:c3:a8:d1:50:be:cc:51:d8:46:e8:d2:09:1d: dd:9e:13:fc:d1:f7:08:e8:f3:9b:32:4e:a8:ba:a3:09:97:d0: 00:8c:7b:48:9d:46:f2:94:44:3a:63:00:a4:6f:9b:c2:10:09: c8:45:7f:ce:75:a4:71:bb:57:fa:4a:32:57:a2:30:0e:98:ce: e5:04:e0:97:ba:f7:cc:c3:3d:43:bd:57:87:65:e8:fd:eb:76: 68:f6:f0:70:f3:da:de:07:59:47:2f:2e:46:3a:75:69:24:bd: 8b:3e:2e:ee:a5:d5:98:59:2e:e4:b2:cc:5f:72:c5:d8:73:4b: e3:86:cf:e4 -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgICK9YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKEE3QUU0NzQ0MTZCMEU4QUQzQTg5RTg2Nzc0QTY0MEZF QkU2OTczRjkwHhcNMjUwNTA4MTU1MzExWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0YzEyZi02MzE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0xArcyHLOIlQqr+GTtPBj9Q4Pxgn8rCG+VIoeP91ptclkFxbmA+pXecFj0pm XRTlmdSWbd+L13wx0rojotcS9umvRHrYzp2kzikWjwCcevNTc1pl7oiQwnRkJoHL GnNUiqV3Xlttw35Z3+tv2VRAAl3RhXFFgnr11x+CxxJNguQ5W4oxxdM5gnfiF3N+ e1JNswRq2/TMMzkS2Dy90kP/1lxucKeJv/NNNfPLWEjDqvq2CcEdVH09fibZi1bo i3pUDce3hPZZNOVtyXx+gzI9vhbMF4F2GRm1Bn+isIKhIu9H1QhtZWe1unCkcCHG lDGkojUwWTpnqc1TJMSz1PiQwwIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFI+3wdhZ Xe0wmaHiuh+wiWxXV4CZMB8GA1UdIwQYMBaAFKeuR0QWsOitOonoZ3SmQP6+aXP5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8xQzU3Q0VBQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9wNjVIUkJhdzZLMDZpZWhuZEtaQV9yNXBj X2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3A2NUhSQmF3NkswNmllaG5kS1pBX3I1cGNfay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMUM1N0NFQUM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMzJGRjVFRTJD QkU5MTFFRTg1OUI2NDFEQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQBnRQOMA0GCSqGSIb3DQEBCwUAA4IBAQA18UsVvzKwxYA8LZFhIu80 c8/n3gPBmpdxR0nIM0lbeK4KasNE6L3M6NRTH9dtC+PC3P9Q294JCBZvgL5KNjPG r+lB2tj06dPZKPL835r2gkq9wOlwvCqFPgKOiuvRG1XPV2vOXbZYWGqUTSwoBO1R B+5hoP5lPVaY8S82qs0ZTq1c0cOo0VC+zFHYRujSCR3dnhP80fcI6PObMk6ouqMJ l9AAjHtInUbylEQ6YwCkb5vCEAnIRX/OdaRxu1f6SjJXojAOmM7lBOCXuvfMwz1D vVeHZej963Zo9vBw89reB1lHLy5GOnVpJL2LPi7updWYWS7kssxfcsXYc0vjhs/k -----END CERTIFICATE-----Generated at Mon Mar 2 17:55:47 2026 by rpki-client