$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/3B8DEC18F67C11EFA12FD55AC4F9AE02.roa File: 3B8DEC18F67C11EFA12FD55AC4F9AE02.roa (raw, json) Hash identifier: 1V5Y25UeERbfVdbakKPHa0VRZFwrN6QXByZST7GnLBQ= Subject key identifier: 8A:64:5F:6A:4A:F2:AF:F3:B8:1F:4E:17:A7:01:2F:81:EF:66:30:81 Certificate issuer: /CN=A91A560A/serialNumber=86DB57E690F7D309293A28BA7C55FB8AF37D5DBD Certificate serial: 3718 Authority key identifier: 86:DB:57:E6:90:F7:D3:09:29:3A:28:BA:7C:55:FB:8A:F3:7D:5D:BD Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/httX5pD30wkpOii6fFX7ivN9Xb0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/3B8DEC18F67C11EFA12FD55AC4F9AE02.roa Signing time: Sun 01 Mar 2026 17:38:09 +0000 ROA not before: Mon 12 Jan 2026 01:46:44 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 140766 IP address blocks: 79.108.216.0/21 maxlen: 24 109.237.64.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/httX5pD30wkpOii6fFX7ivN9Xb0.crl rsync://rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/httX5pD30wkpOii6fFX7ivN9Xb0.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/httX5pD30wkpOii6fFX7ivN9Xb0.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 22:28:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14104 (0x3718) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A560A, serialNumber=86DB57E690F7D309293A28BA7C55FB8AF37D5DBD Validity Not Before: Jan 12 01:46:44 2026 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=69a47981-1872 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:25:0c:79:25:00:62:7e:a9:e5:b2:29:3f:c8: 79:3e:bd:80:37:a4:2a:9d:47:ec:70:fe:b3:11:ab: 1f:38:d2:09:0d:e6:6e:21:04:fb:db:91:03:ba:74: 27:5b:be:45:2a:f0:85:42:df:76:ad:46:ea:61:8d: 7e:5e:67:ae:24:4c:88:82:ee:53:4d:14:a7:55:f2: aa:c1:4f:35:63:d5:3c:30:44:e7:09:b0:41:b8:d7: bb:26:84:f7:de:70:75:3b:e9:d0:0b:74:11:ad:77: 50:15:30:64:38:a5:43:f7:bc:73:ed:cd:4a:a7:97: fc:3b:ee:2a:b2:13:b9:9e:34:0e:fe:e7:f9:95:31: 23:22:58:d6:86:7b:8e:e5:a1:f6:53:dc:51:b5:71: 85:b9:c2:53:03:e7:ba:c6:00:25:8d:01:cb:d7:ba: d2:59:50:4b:4b:95:4a:94:cd:05:23:ba:61:0b:ae: eb:64:42:d6:35:91:87:31:e8:54:b6:35:e5:da:0b: 48:df:15:f8:7e:03:ff:66:e7:85:c9:8d:67:7f:2b: 76:6d:21:fe:3d:20:65:14:8d:43:ef:56:34:86:0c: bb:53:0b:a2:49:8b:df:c1:75:81:32:0e:4b:50:d9: 13:72:7d:b8:fb:dd:f0:62:74:d3:98:f1:c6:f9:d2: 42:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:64:5F:6A:4A:F2:AF:F3:B8:1F:4E:17:A7:01:2F:81:EF:66:30:81 X509v3 Authority Key Identifier: keyid:86:DB:57:E6:90:F7:D3:09:29:3A:28:BA:7C:55:FB:8A:F3:7D:5D:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/httX5pD30wkpOii6fFX7ivN9Xb0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/httX5pD30wkpOii6fFX7ivN9Xb0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/3B8DEC18F67C11EFA12FD55AC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 79.108.216.0/21 109.237.64.0/21 Signature Algorithm: sha256WithRSAEncryption 92:a8:e7:32:0f:a6:bf:ed:af:89:6e:91:42:67:72:40:db:c4: f8:26:6c:85:26:a1:d7:e7:9c:0b:fe:84:52:d5:6c:fd:d6:f1: 27:5d:77:b1:9a:c1:03:f0:4d:19:1d:e4:4d:a3:01:61:f3:c6: a1:b5:ab:3d:99:ce:5d:28:fd:90:9b:0b:84:cc:c6:2e:da:14: 61:fa:84:26:e7:1d:cc:31:d2:cf:5c:a1:6e:3a:a5:1e:5a:20: d5:67:ff:33:9a:90:ea:25:94:f3:7c:f8:5e:d6:3b:c9:49:c1: c7:d8:8d:94:6f:ac:b5:15:0f:5e:2d:94:5d:ce:e8:49:a5:34: a7:56:df:b2:ad:1d:b2:14:91:6d:08:e6:f1:0c:fb:83:6a:7f: ca:95:3c:21:21:5a:5a:d2:9c:08:cd:63:13:dc:70:59:e5:90: 87:1b:da:f1:23:25:4b:73:29:01:5f:a8:2e:9a:5c:26:84:b0: aa:85:bd:e2:47:56:f5:ad:40:39:38:b5:42:90:f6:2f:8f:a6: 90:8a:24:47:ef:62:83:0c:df:e1:0f:b3:73:86:1b:42:e5:29: 18:70:60:8e:36:9b:c2:95:0c:cd:1f:fe:fb:a2:aa:94:a7:e2: 27:da:66:78:f2:c8:3a:55:d2:9a:bf:06:b7:4f:9c:25:a2:a5: 89:0c:93:18 -----BEGIN CERTIFICATE----- MIIFQjCCBCqgAwIBAgICNxgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU2MEExMTAvBgNVBAUTKDg2REI1N0U2OTBGN0QzMDkyOTNBMjhCQTdDNTVGQjhB RjM3RDVEQkQwHhcNMjYwMTEyMDE0NjQ0WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0Nzk4MS0xODcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxyUMeSUAYn6p5bIpP8h5Pr2AN6QqnUfscP6zEasfONIJDeZuIQT725EDunQn W75FKvCFQt92rUbqYY1+XmeuJEyIgu5TTRSnVfKqwU81Y9U8METnCbBBuNe7JoT3 3nB1O+nQC3QRrXdQFTBkOKVD97xz7c1Kp5f8O+4qshO5njQO/uf5lTEjIljWhnuO 5aH2U9xRtXGFucJTA+e6xgAljQHL17rSWVBLS5VKlM0FI7phC67rZELWNZGHMehU tjXl2gtI3xX4fgP/ZueFyY1nfyt2bSH+PSBlFI1D71Y0hgy7UwuiSYvfwXWBMg5L UNkTcn24+93wYnTTmPHG+dJCkwIDAQABo4ICZjCCAmIwHQYDVR0OBBYEFIpkX2pK 8q/zuB9OF6cBL4HvZjCBMB8GA1UdIwQYMBaAFIbbV+aQ99MJKToounxV+4rzfV29 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9COTk1M0RCQTFE OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9odHRYNXBEMzB3a3BPaWk2ZkZYN2l2TjlY YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL2h0dFg1cEQzMHdrcE9paTZmRlg3aXZOOVhiMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTU2MEEvQjk5NTNEQkExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvM0I4REVDMThG NjdDMTFFRkExMkZENTVBQzRGOUFFMDIucm9hMCUGCCsGAQUFBwEHAQH/BBYwFDAS BAIAATAMAwQDT2zYAwQDbe1AMA0GCSqGSIb3DQEBCwUAA4IBAQCSqOcyD6a/7a+J bpFCZ3JA28T4JmyFJqHX55wL/oRS1Wz91vEnXXexmsED8E0ZHeRNowFh88ahtas9 mc5dKP2QmwuEzMYu2hRh+oQm5x3MMdLPXKFuOqUeWiDVZ/8zmpDqJZTzfPhe1jvJ ScHH2I2Ub6y1FQ9eLZRdzuhJpTSnVt+yrR2yFJFtCObxDPuDan/KlTwhIVpa0pwI zWMT3HBZ5ZCHG9rxIyVLcykBX6gumlwmhLCqhb3iR1b1rUA5OLVCkPYvj6aQiiRH 72KDDN/hD7NzhhtC5SkYcGCONpvClQzNH/77oqqUp+In2mZ48sg6VdKavwa3T5wl oqWJDJMY -----END CERTIFICATE-----Generated at Mon Mar 2 12:36:58 2026 by rpki-client