$ rpki-client -vvf rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/CF96FC32E0E111ECBFF27B44C4F9AE02.roa File: CF96FC32E0E111ECBFF27B44C4F9AE02.roa (raw, json) Hash identifier: /6u2hpGyEghKewxxLTUeu3WPPeW2saAns4fvfdrjrvM= Subject key identifier: E2:FC:37:C6:4F:AC:94:77:99:18:D9:50:53:00:0B:B4:EB:05:7D:53 Certificate issuer: /CN=A919A713/serialNumber=24C8BBF930CD2D12399ABDF9C9CAB14B1CD79F6B Certificate serial: 03C1 Authority key identifier: 24:C8:BB:F9:30:CD:2D:12:39:9A:BD:F9:C9:CA:B1:4B:1C:D7:9F:6B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/JMi7-TDNLRI5mr35ycqxSxzXn2s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/CF96FC32E0E111ECBFF27B44C4F9AE02.roa Signing time: Sun 01 Mar 2026 17:14:02 +0000 ROA not before: Tue 13 Jan 2026 00:20:22 +0000 ROA not after: Wed 31 Mar 2027 00:00:00 +0000 asID: 133036 IP address blocks: 168.153.1.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/JMi7-TDNLRI5mr35ycqxSxzXn2s.crl rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/JMi7-TDNLRI5mr35ycqxSxzXn2s.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/JMi7-TDNLRI5mr35ycqxSxzXn2s.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:49:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 961 (0x3c1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919A713, serialNumber=24C8BBF930CD2D12399ABDF9C9CAB14B1CD79F6B Validity Not Before: Jan 13 00:20:22 2026 GMT Not After : Mar 31 00:00:00 2027 GMT Subject: CN=69a473da-86e5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:21:a9:a4:f0:bb:9f:49:ce:b0:95:82:66:e7: c5:fc:77:63:e6:47:76:54:c6:ee:9b:b0:65:e5:73: 62:08:61:34:cd:ea:d4:55:a4:5c:19:68:35:ff:fd: 3e:6a:a9:c6:46:f1:9f:2f:ca:ac:20:22:90:3d:99: 60:8c:2c:c9:65:c6:6e:2f:44:f1:7b:cd:8a:9c:0e: c4:e6:9a:f7:0b:7e:1f:ba:4e:f2:6e:82:bc:27:ce: f8:eb:bd:33:71:60:a8:e3:8a:56:78:35:8f:d0:aa: ec:81:54:ae:69:89:7f:c0:58:f5:2d:c9:d8:5f:ac: f3:da:8f:dd:25:30:3d:74:91:be:e2:3b:2d:19:77: c1:51:84:9b:a4:3e:c2:c8:10:c6:22:76:b9:c3:97: e0:ef:c8:1e:3d:21:14:fa:a3:01:80:a9:da:8a:d0: 05:04:ce:56:2c:80:e8:2c:09:a3:12:e7:26:db:ac: d2:1b:19:bd:c4:c5:d6:0c:61:87:31:6e:c4:0d:51: a0:bf:97:68:7d:4f:a8:b4:72:68:88:8f:54:2c:9e: ee:01:4e:6a:63:c4:1b:bc:72:4f:49:7e:01:a0:e1: 10:24:99:e8:df:f9:4d:a8:34:f9:5d:ea:b8:35:e1: f0:bd:7b:ff:4d:22:34:41:66:15:0a:9b:ec:e8:1e: c4:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:FC:37:C6:4F:AC:94:77:99:18:D9:50:53:00:0B:B4:EB:05:7D:53 X509v3 Authority Key Identifier: keyid:24:C8:BB:F9:30:CD:2D:12:39:9A:BD:F9:C9:CA:B1:4B:1C:D7:9F:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/JMi7-TDNLRI5mr35ycqxSxzXn2s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/JMi7-TDNLRI5mr35ycqxSxzXn2s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/CF96FC32E0E111ECBFF27B44C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 168.153.1.0/24 Signature Algorithm: sha256WithRSAEncryption c6:6e:d6:dd:e6:37:75:38:26:2a:17:d6:90:34:92:6a:67:93: fe:31:89:d8:ed:72:1e:49:44:8a:48:da:ec:3c:5d:47:0b:98: f5:e9:d1:90:a7:fb:47:12:b1:53:7b:dc:e5:a7:3e:9d:2c:e6: 81:c2:5d:ab:d1:77:02:13:2e:cb:8f:41:d3:f1:ff:de:e2:a9: 7e:ca:ec:57:58:46:1d:a5:2d:31:6a:09:ef:53:87:67:68:b3: eb:d5:33:2d:0e:fb:82:7c:a5:d0:00:56:0f:4d:99:26:fb:09: 15:3c:7f:a0:d1:bf:e5:83:63:74:86:cf:fc:50:0a:44:25:d3: 4a:76:68:0b:b5:cc:21:1d:6c:29:7c:04:21:ef:ad:b7:c1:7c: f6:0e:31:66:c5:c3:8e:e7:52:ec:d6:8b:6c:2d:98:50:39:07: 59:5c:e8:00:fd:26:f5:37:b9:1f:e3:70:e0:de:e6:d2:e9:60: e7:34:e8:9d:84:01:61:77:c8:65:a3:62:a3:17:b0:93:55:0a: f9:e2:1d:9c:b8:9d:d8:0f:29:f5:39:bf:82:4d:91:d3:17:bb: 9b:e1:49:28:16:bc:db:1b:6b:e1:02:29:0a:60:a6:bc:5b:14: ec:ae:f1:d0:bb:75:6f:13:df:53:11:75:3c:e6:73:09:f5:ca: f8:f1:a4:4f -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgICA8EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUE3MTMxMTAvBgNVBAUTKDI0QzhCQkY5MzBDRDJEMTIzOTlBQkRGOUM5Q0FCMTRC MUNENzlGNkIwHhcNMjYwMTEzMDAyMDIyWhcNMjcwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NzNkYS04NmU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAjSGppPC7n0nOsJWCZufF/Hdj5kd2VMbum7Bl5XNiCGE0zerUVaRcGWg1//0+ aqnGRvGfL8qsICKQPZlgjCzJZcZuL0Txe82KnA7E5pr3C34fuk7yboK8J874670z cWCo44pWeDWP0KrsgVSuaYl/wFj1LcnYX6zz2o/dJTA9dJG+4jstGXfBUYSbpD7C yBDGIna5w5fg78gePSEU+qMBgKnaitAFBM5WLIDoLAmjEucm26zSGxm9xMXWDGGH MW7EDVGgv5dofU+otHJoiI9ULJ7uAU5qY8QbvHJPSX4BoOEQJJno3/lNqDT5Xeq4 NeHwvXv/TSI0QWYVCpvs6B7EnQIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFOL8N8ZP rJR3mRjZUFMAC7TrBX1TMB8GA1UdIwQYMBaAFCTIu/kwzS0SOZq9+cnKsUsc159r MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QTcxMy8zNDk5NENCNEUw REExMUVDOTRDN0UwNjJDNEY5QUUwMi9KTWk3LVRETkxSSTVtcjM1eWNxeFN4elhu MnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0pNaTctVEROTFJJNW1yMzV5Y3F4U3h6WG4ycy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OUE3MTMvMzQ5OTRDQjRFMERBMTFFQzk0QzdFMDYyQzRGOUFFMDIvQ0Y5NkZDMzJF MEUxMTFFQ0JGRjI3QjQ0QzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAqJkBMA0GCSqGSIb3DQEBCwUAA4IBAQDGbtbd5jd1OCYqF9aQNJJq Z5P+MYnY7XIeSUSKSNrsPF1HC5j16dGQp/tHErFTe9zlpz6dLOaBwl2r0XcCEy7L j0HT8f/e4ql+yuxXWEYdpS0xagnvU4dnaLPr1TMtDvuCfKXQAFYPTZkm+wkVPH+g 0b/lg2N0hs/8UApEJdNKdmgLtcwhHWwpfAQh7623wXz2DjFmxcOO51Ls1otsLZhQ OQdZXOgA/Sb1N7kf43Dg3ubS6WDnNOidhAFhd8hlo2KjF7CTVQr54h2cuJ3YDyn1 Ob+CTZHTF7ub4UkoFrzbG2vhAikKYKa8WxTsrvHQu3VvE99TEXU85nMJ9cr48aRP -----END CERTIFICATE-----Generated at Mon Mar 2 16:51:10 2026 by rpki-client