$ rpki-client -vvf rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/907FFB3C5C8511EDA172EE5CC4F9AE02.roa File: 907FFB3C5C8511EDA172EE5CC4F9AE02.roa (raw, json) Hash identifier: dm8mDFnd4sCdbaaWXZW8U1YjOybI/gS2GoTG/04b7RU= Subject key identifier: E5:6D:5E:1F:20:87:C3:EB:28:9B:22:79:9B:64:E6:F1:66:A6:AC:82 Certificate issuer: /CN=A919A713/serialNumber=24C8BBF930CD2D12399ABDF9C9CAB14B1CD79F6B Certificate serial: 03C0 Authority key identifier: 24:C8:BB:F9:30:CD:2D:12:39:9A:BD:F9:C9:CA:B1:4B:1C:D7:9F:6B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/JMi7-TDNLRI5mr35ycqxSxzXn2s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/907FFB3C5C8511EDA172EE5CC4F9AE02.roa Signing time: Sun 01 Mar 2026 17:14:01 +0000 ROA not before: Tue 13 Jan 2026 00:20:21 +0000 ROA not after: Wed 31 Mar 2027 00:00:00 +0000 asID: 12888 IP address blocks: 168.153.3.0/24 maxlen: 24 168.153.4.0/24 maxlen: 24 168.153.5.0/24 maxlen: 24 168.153.6.0/24 maxlen: 24 168.153.7.0/24 maxlen: 24 168.153.8.0/24 maxlen: 24 168.153.9.0/24 maxlen: 24 168.153.32.0/22 maxlen: 22 168.153.40.0/22 maxlen: 22 168.153.64.0/22 maxlen: 22 168.153.96.0/24 maxlen: 24 168.153.106.0/24 maxlen: 24 168.153.107.0/24 maxlen: 24 168.153.108.0/24 maxlen: 24 168.153.109.0/24 maxlen: 24 168.153.110.0/24 maxlen: 24 168.153.111.0/24 maxlen: 24 168.153.144.0/22 maxlen: 22 168.153.160.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/JMi7-TDNLRI5mr35ycqxSxzXn2s.crl rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/JMi7-TDNLRI5mr35ycqxSxzXn2s.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/JMi7-TDNLRI5mr35ycqxSxzXn2s.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:49:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 960 (0x3c0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919A713, serialNumber=24C8BBF930CD2D12399ABDF9C9CAB14B1CD79F6B Validity Not Before: Jan 13 00:20:21 2026 GMT Not After : Mar 31 00:00:00 2027 GMT Subject: CN=69a473d9-ef61 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:83:5d:76:46:75:08:f9:d9:aa:cc:7f:6e:21: e0:a4:34:88:29:4b:3c:db:13:5f:37:a2:e0:64:30: 75:9a:7a:b5:9f:f3:bf:d8:0b:fa:86:6d:65:6d:56: 1e:bc:8a:59:18:b8:4e:af:3d:75:43:50:f2:06:a6: 26:35:08:35:13:bd:e0:2a:21:3a:5b:1b:05:50:92: e1:41:15:1d:fe:92:fc:3b:b4:eb:db:ba:47:49:e7: 29:d0:ce:79:18:90:82:13:d1:a3:fb:43:ed:68:24: 75:0e:de:0a:37:b4:4c:1d:6a:be:3a:32:a6:c3:db: 2c:57:81:9e:f2:d5:22:9e:e0:bf:04:08:e1:54:5e: e8:d5:6e:0e:d2:e3:7f:9f:23:58:f4:3e:ea:2e:13: f4:5c:b1:e1:cb:e8:44:2c:29:d2:16:f5:77:ee:cd: 15:5f:6b:de:ca:62:9d:df:54:0f:64:2b:15:c8:82: 71:45:3f:97:d2:53:41:36:09:ce:82:f6:e1:6c:b6: 8b:a2:48:36:62:cc:d1:26:ef:5c:b1:68:23:28:52: 63:1b:fb:80:61:ab:0e:6a:e2:27:4e:1f:14:4b:21: 1b:20:bc:82:be:58:cd:85:ed:ee:e0:62:53:01:62: b6:24:52:9f:b5:46:21:32:e4:06:0f:b4:43:55:31: cf:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:6D:5E:1F:20:87:C3:EB:28:9B:22:79:9B:64:E6:F1:66:A6:AC:82 X509v3 Authority Key Identifier: keyid:24:C8:BB:F9:30:CD:2D:12:39:9A:BD:F9:C9:CA:B1:4B:1C:D7:9F:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/JMi7-TDNLRI5mr35ycqxSxzXn2s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/JMi7-TDNLRI5mr35ycqxSxzXn2s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/907FFB3C5C8511EDA172EE5CC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 168.153.3.0-168.153.9.255 168.153.32.0/22 168.153.40.0/22 168.153.64.0/22 168.153.96.0/24 168.153.106.0-168.153.111.255 168.153.144.0/22 168.153.160.0/22 Signature Algorithm: sha256WithRSAEncryption 57:f5:eb:4f:2b:53:a9:9a:65:72:dc:e3:b2:64:c4:41:4e:97: 50:39:29:ef:c0:55:4a:b7:4c:18:24:9a:a0:a6:fe:84:da:e3: d2:31:67:02:13:ad:ee:89:a3:b2:40:85:e6:ae:64:9a:d5:e6: 63:ec:0c:ab:ac:d5:3e:e8:b0:bd:1f:e5:a1:42:c8:e1:bf:ee: 5b:21:08:a7:a6:22:a8:6e:bd:b5:d6:56:71:b0:db:e9:63:80: 96:b9:da:88:8b:e2:a4:ee:9d:4a:01:74:4e:28:e5:c1:98:53: 03:e9:fd:df:97:24:84:9f:a1:79:75:27:8c:f9:3c:eb:f1:66: 1e:1b:54:c4:1b:c2:15:84:ac:a1:e2:d7:89:99:55:71:1c:1c: 4f:37:09:ef:d6:b4:b9:11:17:5b:b3:e8:23:22:49:c5:17:13: 79:e9:1c:14:a0:42:23:c7:c7:dc:3b:e8:2f:bc:e7:ea:3b:32: c8:9b:3e:6c:af:75:2b:03:32:91:f1:89:67:1d:3a:26:ed:a1: b7:ab:c2:5e:5f:f8:e7:a6:d3:3b:1b:60:7b:d8:b5:34:7f:89: 0a:ae:5a:b9:5f:e9:5f:20:bb:ce:df:d0:5c:eb:a9:dd:b0:04: 48:4d:bb:5a:a3:9a:f1:55:93:57:ab:45:7e:ae:71:ce:15:bd: d6:2b:6f:98 -----BEGIN CERTIFICATE----- MIIFdjCCBF6gAwIBAgICA8AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUE3MTMxMTAvBgNVBAUTKDI0QzhCQkY5MzBDRDJEMTIzOTlBQkRGOUM5Q0FCMTRC MUNENzlGNkIwHhcNMjYwMTEzMDAyMDIxWhcNMjcwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NzNkOS1lZjYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4oNddkZ1CPnZqsx/biHgpDSIKUs82xNfN6LgZDB1mnq1n/O/2Av6hm1lbVYe vIpZGLhOrz11Q1DyBqYmNQg1E73gKiE6WxsFUJLhQRUd/pL8O7Tr27pHSecp0M55 GJCCE9Gj+0PtaCR1Dt4KN7RMHWq+OjKmw9ssV4Ge8tUinuC/BAjhVF7o1W4O0uN/ nyNY9D7qLhP0XLHhy+hELCnSFvV37s0VX2veymKd31QPZCsVyIJxRT+X0lNBNgnO gvbhbLaLokg2YszRJu9csWgjKFJjG/uAYasOauInTh8USyEbILyCvljNhe3u4GJT AWK2JFKftUYhMuQGD7RDVTHPEwIDAQABo4ICmjCCApYwHQYDVR0OBBYEFOVtXh8g h8PrKJsieZtk5vFmpqyCMB8GA1UdIwQYMBaAFCTIu/kwzS0SOZq9+cnKsUsc159r MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QTcxMy8zNDk5NENCNEUw REExMUVDOTRDN0UwNjJDNEY5QUUwMi9KTWk3LVRETkxSSTVtcjM1eWNxeFN4elhu MnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0pNaTctVEROTFJJNW1yMzV5Y3F4U3h6WG4ycy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OUE3MTMvMzQ5OTRDQjRFMERBMTFFQzk0QzdFMDYyQzRGOUFFMDIvOTA3RkZCM0M1 Qzg1MTFFREExNzJFRTVDQzRGOUFFMDIucm9hMFkGCCsGAQUFBwEHAQH/BEowSDBG BAIAATBAMAwDBAComQMDBAGomQgDBAKomSADBAKomSgDBAKomUADBAComWAwDAME AaiZagMEBKiZYAMEAqiZkAMEAqiZoDANBgkqhkiG9w0BAQsFAAOCAQEAV/XrTytT qZplctzjsmTEQU6XUDkp78BVSrdMGCSaoKb+hNrj0jFnAhOt7omjskCF5q5kmtXm Y+wMq6zVPuiwvR/loULI4b/uWyEIp6YiqG69tdZWcbDb6WOAlrnaiIvipO6dSgF0 TijlwZhTA+n935ckhJ+heXUnjPk86/FmHhtUxBvCFYSsoeLXiZlVcRwcTzcJ79a0 uREXW7PoIyJJxRcTeekcFKBCI8fH3DvoL7zn6jsyyJs+bK91KwMykfGJZx06Ju2h t6vCXl/456bTOxtge9i1NH+JCq5auV/pXyC7zt/QXOup3bAESE27WqOa8VWTV6tF fq5xzhW91itvmA== -----END CERTIFICATE-----Generated at Mon Mar 2 15:51:54 2026 by rpki-client