$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/BD3F9B2CB9F511EEA9136568C4F9AE02.roa File: BD3F9B2CB9F511EEA9136568C4F9AE02.roa (raw, json) Hash identifier: weFcWFtBwdtTbUs/5jPOALRREAr8ZQ4veIvuv2Oe6Xg= Subject key identifier: 00:B4:0C:A9:9E:16:30:E9:45:63:98:06:83:9A:7C:13:A6:33:EB:98 Certificate issuer: /CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12 Certificate serial: 07F6 Authority key identifier: 8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/BD3F9B2CB9F511EEA9136568C4F9AE02.roa Signing time: Sun 01 Mar 2026 21:14:30 +0000 ROA not before: Thu 28 Aug 2025 14:50:53 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 140815 IP address blocks: 157.10.170.0/23 maxlen: 24 157.10.196.0/23 maxlen: 24 157.10.202.0/23 maxlen: 24 157.20.224.0/23 maxlen: 24 157.66.162.0/23 maxlen: 24 157.66.194.0/23 maxlen: 24 157.66.196.0/23 maxlen: 24 160.22.158.0/23 maxlen: 24 160.25.82.0/23 maxlen: 24 160.25.84.0/23 maxlen: 24 160.25.206.0/23 maxlen: 24 160.30.48.0/23 maxlen: 24 160.191.34.0/23 maxlen: 24 160.191.112.0/23 maxlen: 24 160.250.62.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 22:28:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2038 (0x7f6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A560A, serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12 Validity Not Before: Aug 28 14:50:53 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=69a4ac36-8817 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:19:b9:af:ae:b1:7c:d0:d5:7e:8f:bf:d5:71: a1:7d:75:58:ae:7b:4c:67:50:3a:2b:be:06:29:66: e0:4a:6a:8d:e0:92:d0:a3:ab:7f:bb:01:91:14:a2: ab:1c:6b:dc:32:c1:09:59:d5:3e:a8:91:53:b4:56: 3f:ff:8a:6a:00:7c:25:37:4d:bb:e0:33:6b:94:f3: 1e:e7:d8:e6:bc:86:23:a0:f0:5d:ad:c5:69:20:16: 01:b0:3a:ee:f0:ef:62:6f:a0:29:11:e1:91:4c:47: 32:40:bb:0a:e7:ef:59:6b:20:e9:8a:ce:91:1d:8b: ff:02:23:ca:4a:cc:da:d6:b0:63:01:26:46:5e:d9: ca:b8:ca:cd:56:3c:78:85:da:a6:23:83:1b:34:11: 83:89:2f:8f:62:56:6a:79:f6:59:f6:9e:47:75:66: d7:fe:6f:69:28:ac:00:0e:6c:6d:4d:64:4a:ae:9d: 3c:81:12:25:42:a5:0d:78:0c:7b:59:1d:6e:cb:7d: d0:68:35:4e:ae:ee:b2:1d:ff:b3:79:c1:da:b5:31: 86:e1:18:60:1a:d7:1c:6c:04:d5:3c:dd:ef:c3:74: 0a:33:00:7e:87:11:56:80:60:ee:35:0e:82:57:7b: 18:e0:5a:d2:3e:44:9c:d9:1f:f4:b2:dc:28:b8:43: 0c:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:B4:0C:A9:9E:16:30:E9:45:63:98:06:83:9A:7C:13:A6:33:EB:98 X509v3 Authority Key Identifier: keyid:8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/BD3F9B2CB9F511EEA9136568C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 157.10.170.0/23 157.10.196.0/23 157.10.202.0/23 157.20.224.0/23 157.66.162.0/23 157.66.194.0-157.66.197.255 160.22.158.0/23 160.25.82.0-160.25.85.255 160.25.206.0/23 160.30.48.0/23 160.191.34.0/23 160.191.112.0/23 160.250.62.0/23 Signature Algorithm: sha256WithRSAEncryption 1f:a8:85:2a:df:cc:3c:16:b3:d6:e2:40:4b:76:4f:2f:d7:93: 29:54:e9:8c:01:f6:0b:e2:31:b1:b8:34:b8:43:d8:11:6b:48: a3:43:ba:d5:d4:5e:3f:9e:2c:cd:95:9c:33:79:f5:e3:3d:1f: 57:80:fb:f9:ab:81:42:53:9d:0a:2a:87:3f:23:c7:63:44:22: 36:60:59:7a:df:1b:d1:e4:7f:61:01:bd:6b:a8:3d:af:e0:4d: c9:f3:42:93:27:54:a4:ae:6b:c3:2a:67:e6:c4:04:f6:37:56: be:ff:48:29:21:2f:96:df:b8:68:da:7c:5a:66:68:7f:19:8e: 6c:39:5a:16:ad:09:ae:54:ab:4c:87:6a:dc:5e:b4:e1:3c:9f: e6:e3:23:9e:bc:91:93:5a:5d:8d:be:94:73:c3:f5:ad:a0:75: 05:67:19:2b:f4:2a:1b:cc:5c:e9:81:ea:b2:0d:3e:6e:15:30: 7b:2e:a4:52:e3:8f:fd:d6:d7:21:df:38:31:a9:37:76:c1:37: b0:8c:ce:0b:58:c3:3a:99:4a:40:40:4a:31:f0:05:89:a3:15: e2:40:4d:59:84:65:9d:e4:8c:55:7b:7a:76:46:e3:80:68:9c: 8f:8c:e8:c5:fe:2e:6d:00:4b:49:cb:96:0d:e6:a0:0c:0d:96: 12:a2:8a:35 -----BEGIN CERTIFICATE----- MIIFlDCCBHygAwIBAgICB/YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU2MEExMTAvBgNVBAUTKDhBQzcyMTI5OEY5MkUxMEEyRUUzMDUxQUZCQzkxMTQy ODRGODBFMTIwHhcNMjUwODI4MTQ1MDUzWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0YWMzNi04ODE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzBm5r66xfNDVfo+/1XGhfXVYrntMZ1A6K74GKWbgSmqN4JLQo6t/uwGRFKKr HGvcMsEJWdU+qJFTtFY//4pqAHwlN0274DNrlPMe59jmvIYjoPBdrcVpIBYBsDru 8O9ib6ApEeGRTEcyQLsK5+9ZayDpis6RHYv/AiPKSsza1rBjASZGXtnKuMrNVjx4 hdqmI4MbNBGDiS+PYlZqefZZ9p5HdWbX/m9pKKwADmxtTWRKrp08gRIlQqUNeAx7 WR1uy33QaDVOru6yHf+zecHatTGG4RhgGtccbATVPN3vw3QKMwB+hxFWgGDuNQ6C V3sY4FrSPkSc2R/0stwouEMMxQIDAQABo4ICuDCCArQwHQYDVR0OBBYEFAC0DKme FjDpRWOYBoOafBOmM+uYMB8GA1UdIwQYMBaAFIrHISmPkuEKLuMFGvvJEUKE+A4S MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS8yMDk1ODYxOEE5 REYxMUVFQTM1NkE0M0VDNEY5QUUwMi9pc2NoS1ktUzRRb3U0d1VhLThrUlFvVDRE aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2lzY2hLWS1TNFFvdTR3VWEtOGtSUW9UNERoSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTU2MEEvMjA5NTg2MThBOURGMTFFRUEzNTZBNDNFQzRGOUFFMDIvQkQzRjlCMkNC OUY1MTFFRUE5MTM2NTY4QzRGOUFFMDIucm9hMHcGCCsGAQUFBwEHAQH/BGgwZjBk BAIAATBeAwQBnQqqAwQBnQrEAwQBnQrKAwQBnRTgAwQBnUKiMAwDBAGdQsIDBAGd QsQDBAGgFp4wDAMEAaAZUgMEAaAZVAMEAaAZzgMEAaAeMAMEAaC/IgMEAaC/cAME AaD6PjANBgkqhkiG9w0BAQsFAAOCAQEAH6iFKt/MPBaz1uJAS3ZPL9eTKVTpjAH2 C+Ixsbg0uEPYEWtIo0O61dReP54szZWcM3n14z0fV4D7+auBQlOdCiqHPyPHY0Qi NmBZet8b0eR/YQG9a6g9r+BNyfNCkydUpK5rwypn5sQE9jdWvv9IKSEvlt+4aNp8 WmZofxmObDlaFq0JrlSrTIdq3F604Tyf5uMjnryRk1pdjb6Uc8P1raB1BWcZK/Qq G8xc6YHqsg0+bhUwey6kUuOP/dbXId84Mak3dsE3sIzOC1jDOplKQEBKMfAFiaMV 4kBNWYRlneSMVXt6dkbjgGicj4zoxf4ubQBLScuWDeagDA2WEqKKNQ== -----END CERTIFICATE-----Generated at Mon Mar 2 06:16:50 2026 by rpki-client