$ rpki-client -vvf rpki.apnic.net/member_repository/A91A423D/B9769BD8B09511F08C152778C4F9AE02/2ECF71C4B0A111F0B537573FC4F9AE02.roa File: 2ECF71C4B0A111F0B537573FC4F9AE02.roa (raw, json) Hash identifier: mJVmTz7IkuwUjhzH9s0qmpcZ7tmBDKPTqnHWHcZldiM= Subject key identifier: A1:0E:AD:F9:AA:84:3D:86:C2:07:84:35:45:CF:C3:D6:0E:6C:53:29 Certificate issuer: /CN=A91A423D/serialNumber=3CCEEB9D2059CFE9F6085677D4B7FA264F533A0F Certificate serial: 49 Authority key identifier: 3C:CE:EB:9D:20:59:CF:E9:F6:08:56:77:D4:B7:FA:26:4F:53:3A:0F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PM7rnSBZz-n2CFZ31Lf6Jk9TOg8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A423D/B9769BD8B09511F08C152778C4F9AE02/2ECF71C4B0A111F0B537573FC4F9AE02.roa Signing time: Sun 01 Mar 2026 06:12:14 +0000 ROA not before: Fri 24 Oct 2025 06:17:57 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 154319 IP address blocks: 161.229.208.0/20 maxlen: 20 161.229.208.0/24 maxlen: 24 161.229.209.0/24 maxlen: 24 161.229.210.0/24 maxlen: 24 161.229.211.0/24 maxlen: 24 161.229.212.0/24 maxlen: 24 161.229.213.0/24 maxlen: 24 161.229.214.0/24 maxlen: 24 161.229.215.0/24 maxlen: 24 161.229.216.0/24 maxlen: 24 161.229.217.0/24 maxlen: 24 161.229.218.0/24 maxlen: 24 161.229.219.0/24 maxlen: 24 161.229.220.0/24 maxlen: 24 161.229.221.0/24 maxlen: 24 161.229.222.0/24 maxlen: 24 161.229.223.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A423D/B9769BD8B09511F08C152778C4F9AE02/PM7rnSBZz-n2CFZ31Lf6Jk9TOg8.crl rsync://rpki.apnic.net/member_repository/A91A423D/B9769BD8B09511F08C152778C4F9AE02/PM7rnSBZz-n2CFZ31Lf6Jk9TOg8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PM7rnSBZz-n2CFZ31Lf6Jk9TOg8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 09:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73 (0x49) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A423D, serialNumber=3CCEEB9D2059CFE9F6085677D4B7FA264F533A0F Validity Not Before: Oct 24 06:17:57 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=69a3d8bd-3422 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:c8:97:d8:ae:56:df:c7:b9:16:fc:98:c8:d8: 23:4b:cc:87:40:b8:2a:60:e1:e9:db:bc:21:00:c9: b9:18:da:d3:5d:82:49:a8:21:2e:f8:94:08:67:f6: a8:13:ef:fa:e3:99:97:7a:a6:66:79:79:36:59:b5: 1a:4a:c1:0c:f9:bb:f1:27:54:74:eb:77:8a:76:a9: 8f:a9:a1:74:61:12:c8:ef:ce:65:47:36:70:54:f5: 26:cb:75:24:99:83:92:48:34:bf:82:43:25:b1:38: 84:7d:d3:b9:66:48:81:f2:22:25:da:de:43:90:2a: 88:4d:fb:6d:f7:84:b9:5b:ca:68:c6:d2:3a:bb:52: 07:51:e8:1d:89:8e:b3:6a:14:a6:29:5c:ba:c0:1e: d2:b1:4f:33:09:f5:94:39:d3:db:90:69:f9:81:07: 88:79:da:35:b2:69:0c:5b:e8:a1:68:b1:61:7b:d2: fd:38:76:60:49:85:cf:84:9a:cd:b0:af:0c:a5:9c: 70:ae:0b:e6:cb:64:ae:f5:c0:06:07:48:1e:79:a1: 27:67:c3:1f:fb:87:87:66:b8:d2:8e:bf:43:b2:ca: c2:08:2a:85:27:74:05:f4:cb:21:dc:cb:60:32:83: ef:bb:83:71:9a:84:41:85:30:40:bc:b5:c1:04:d3: 35:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:0E:AD:F9:AA:84:3D:86:C2:07:84:35:45:CF:C3:D6:0E:6C:53:29 X509v3 Authority Key Identifier: keyid:3C:CE:EB:9D:20:59:CF:E9:F6:08:56:77:D4:B7:FA:26:4F:53:3A:0F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A423D/B9769BD8B09511F08C152778C4F9AE02/PM7rnSBZz-n2CFZ31Lf6Jk9TOg8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PM7rnSBZz-n2CFZ31Lf6Jk9TOg8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A423D/B9769BD8B09511F08C152778C4F9AE02/2ECF71C4B0A111F0B537573FC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 161.229.208.0/20 Signature Algorithm: sha256WithRSAEncryption 93:dd:a8:16:8f:78:4d:7f:67:b3:f9:c4:58:f6:fb:7c:54:28: 85:10:8e:09:91:2b:71:9c:e6:0c:ab:ec:e0:d1:32:eb:94:eb: f1:16:22:f0:8d:02:2a:ee:35:c6:9e:b2:62:fe:c5:6d:9c:d8: 49:31:54:40:14:c4:95:cf:ab:ad:19:bc:85:47:4a:e9:48:78: f2:ab:f6:b4:8e:55:cc:b0:65:13:48:8d:04:5c:5c:3c:dd:fb: 74:b7:90:b1:30:53:56:d4:96:72:48:0d:85:a8:fb:18:fa:11: f8:a4:53:ad:8c:1c:a0:32:4e:56:15:1d:1b:e0:ab:f8:78:fe: 20:be:64:df:db:1d:a3:99:f2:59:ac:84:fd:f5:39:1f:31:ed: 01:61:88:e7:1b:f8:3f:22:2f:e3:27:cb:c7:33:52:d7:84:3e: 76:30:42:34:17:7e:80:5f:1e:3d:48:30:2c:da:7f:7a:a2:e7: 02:57:71:1e:15:70:7c:0d:1c:4d:0d:3f:00:87:ef:93:98:e5: 05:9b:e8:9c:f9:c5:0d:48:33:e0:ae:a7:1d:6b:ef:86:49:37: 96:be:79:a2:07:de:62:ba:10:ee:7a:08:64:dd:fc:01:1f:3f: d7:d2:d3:9c:47:90:1e:47:df:22:af:4a:24:4a:4c:6b:6a:39: 8d:25:92:8e -----BEGIN CERTIFICATE----- MIIFOzCCBCOgAwIBAgIBSTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB NDIzRDExMC8GA1UEBRMoM0NDRUVCOUQyMDU5Q0ZFOUY2MDg1Njc3RDRCN0ZBMjY0 RjUzM0EwRjAeFw0yNTEwMjQwNjE3NTdaFw0yNjA3MDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY5YTNkOGJkLTM0MjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDMyJfYrlbfx7kW/JjI2CNLzIdAuCpg4enbvCEAybkY2tNdgkmoIS74lAhn9qgT 7/rjmZd6pmZ5eTZZtRpKwQz5u/EnVHTrd4p2qY+poXRhEsjvzmVHNnBU9SbLdSSZ g5JINL+CQyWxOIR907lmSIHyIiXa3kOQKohN+233hLlbymjG0jq7UgdR6B2JjrNq FKYpXLrAHtKxTzMJ9ZQ509uQafmBB4h52jWyaQxb6KFosWF70v04dmBJhc+Ems2w rwylnHCuC+bLZK71wAYHSB55oSdnwx/7h4dmuNKOv0OyysIIKoUndAX0yyHcy2Ay g++7g3GahEGFMEC8tcEE0zX1AgMBAAGjggJgMIICXDAdBgNVHQ4EFgQUoQ6t+aqE PYbCB4Q1Rc/D1g5sUykwHwYDVR0jBBgwFoAUPM7rnSBZz+n2CFZ31Lf6Jk9TOg8w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE0MjNEL0I5NzY5QkQ4QjA5 NTExRjA4QzE1Mjc3OEM0RjlBRTAyL1BNN3JuU0Jaei1uMkNGWjMxTGY2Sms5VE9n OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvUE03cm5TQlp6LW4yQ0ZaMzFMZjZKazlUT2c4LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgZYGCCsGAQUFBwELBIGJMIGGMIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NDIzRC9COTc2OUJEOEIwOTUxMUYwOEMxNTI3NzhDNEY5QUUwMi8yRUNGNzFDNEIw QTExMUYwQjUzNzU3M0ZDNEY5QUUwMi5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwE AgABMAYDBASh5dAwDQYJKoZIhvcNAQELBQADggEBAJPdqBaPeE1/Z7P5xFj2+3xU KIUQjgmRK3Gc5gyr7ODRMuuU6/EWIvCNAiruNcaesmL+xW2c2EkxVEAUxJXPq60Z vIVHSulIePKr9rSOVcywZRNIjQRcXDzd+3S3kLEwU1bUlnJIDYWo+xj6EfikU62M HKAyTlYVHRvgq/h4/iC+ZN/bHaOZ8lmshP31OR8x7QFhiOcb+D8iL+Mny8czUteE PnYwQjQXfoBfHj1IMCzaf3qi5wJXcR4VcHwNHE0NPwCH75OY5QWb6Jz5xQ1IM+Cu px1r74ZJN5a+eaIH3mK6EO56CGTd/AEfP9fS05xHkB5H3yKvSiRKTGtqOY0lko4= -----END CERTIFICATE-----Generated at Mon Mar 2 03:50:04 2026 by rpki-client