$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6F87/A7EA755C268811EBBE7C682BC4F9AE02/69BA51482C9C11EBB49A3A32C4F9AE02.roa File: 69BA51482C9C11EBB49A3A32C4F9AE02.roa (raw, json) Hash identifier: KB/3XbvQPZSl1G18GLHJC22j/mSJrkrh6CsXpmCgJuE= Subject key identifier: B7:64:F4:E6:40:D5:5E:AE:B9:96:6D:24:8D:CB:81:F9:EF:42:63:E5 Certificate issuer: /CN=A91B6F87/serialNumber=7ED17AFD7370A6A908D8262B86DABC7EED3D6140 Certificate serial: 07EB Authority key identifier: 7E:D1:7A:FD:73:70:A6:A9:08:D8:26:2B:86:DA:BC:7E:ED:3D:61:40 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ftF6_XNwpqkI2CYrhtq8fu09YUA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B6F87/A7EA755C268811EBBE7C682BC4F9AE02/69BA51482C9C11EBB49A3A32C4F9AE02.roa Signing time: Sun 01 Mar 2026 09:40:32 +0000 ROA not before: Fri 20 Jun 2025 22:09:49 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 45178 IP address blocks: 64.207.208.0/21 maxlen: 21 64.207.208.0/22 maxlen: 22 64.207.208.0/23 maxlen: 23 64.207.208.0/24 maxlen: 24 64.207.209.0/24 maxlen: 24 64.207.210.0/23 maxlen: 23 64.207.210.0/24 maxlen: 24 64.207.211.0/24 maxlen: 24 64.207.212.0/23 maxlen: 23 64.207.212.0/24 maxlen: 24 64.207.213.0/24 maxlen: 24 64.207.214.0/23 maxlen: 23 64.207.214.0/24 maxlen: 24 64.207.215.0/24 maxlen: 24 74.118.80.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B6F87/A7EA755C268811EBBE7C682BC4F9AE02/ftF6_XNwpqkI2CYrhtq8fu09YUA.crl rsync://rpki.apnic.net/member_repository/A91B6F87/A7EA755C268811EBBE7C682BC4F9AE02/ftF6_XNwpqkI2CYrhtq8fu09YUA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ftF6_XNwpqkI2CYrhtq8fu09YUA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 02:50:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2027 (0x7eb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B6F87, serialNumber=7ED17AFD7370A6A908D8262B86DABC7EED3D6140 Validity Not Before: Jun 20 22:09:49 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=69a40990-b3de Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:d2:16:4f:a9:bc:c8:85:ec:62:ab:08:20:75: 14:0c:48:9b:19:f4:e9:84:f2:e1:5f:c3:3d:cc:14: c5:14:a2:27:83:23:f4:7b:f9:93:15:9b:53:49:a2: 42:40:17:6d:9b:fd:21:ed:7e:58:8d:ef:26:f4:43: f9:3f:18:e7:e0:27:df:ac:a3:a5:c3:a1:c6:cd:7d: de:85:70:f5:41:d2:a2:87:98:10:3f:a5:d4:55:9b: 40:af:16:5d:98:94:d0:da:37:a0:15:96:ac:57:e3: 8d:09:b3:92:1f:9e:52:20:3c:cb:7c:d0:f7:ba:84: 05:98:30:ab:06:9a:94:43:b9:a5:f0:d5:1e:f2:0c: b6:a2:8f:0c:9e:df:58:a4:a4:dc:55:5e:5a:e7:22: 8c:68:1e:6c:da:6c:66:01:da:3f:45:1c:e6:1a:90: 04:9e:12:4d:ab:dc:84:f9:93:dc:d9:6b:aa:99:80: 62:58:48:37:af:db:7d:a7:29:10:a8:8f:56:ff:bb: 7a:ae:30:4d:6f:80:12:b0:01:32:4e:7e:04:28:34: 7e:79:85:91:75:89:90:52:27:ab:2d:13:62:e9:ab: 57:aa:1b:0b:b1:45:da:91:8d:69:ac:24:b0:3a:cb: 4d:ad:48:0e:76:be:32:72:65:d5:06:2c:b9:8a:9c: d4:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:64:F4:E6:40:D5:5E:AE:B9:96:6D:24:8D:CB:81:F9:EF:42:63:E5 X509v3 Authority Key Identifier: keyid:7E:D1:7A:FD:73:70:A6:A9:08:D8:26:2B:86:DA:BC:7E:ED:3D:61:40 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B6F87/A7EA755C268811EBBE7C682BC4F9AE02/ftF6_XNwpqkI2CYrhtq8fu09YUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ftF6_XNwpqkI2CYrhtq8fu09YUA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6F87/A7EA755C268811EBBE7C682BC4F9AE02/69BA51482C9C11EBB49A3A32C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 64.207.208.0/21 74.118.80.0/22 Signature Algorithm: sha256WithRSAEncryption 23:9b:fd:34:5e:ed:39:59:8e:d1:f0:6a:47:0c:78:1f:8c:a9: 23:4d:3f:a4:b0:ec:33:b0:6b:fd:e0:ee:04:a6:21:b2:71:b5: b2:41:25:5b:a9:e9:cb:8f:50:d7:05:40:1b:b6:4b:d6:2d:57: a3:58:2e:57:13:7f:3e:d8:4c:8f:d4:0c:de:95:5c:9b:c0:d5: ab:3f:46:60:18:bf:57:8e:a2:c1:8c:9e:cb:2f:86:81:f8:31: 8d:32:74:7d:17:cb:34:52:ae:e1:c0:98:67:cc:dd:f3:df:c2: 4a:ab:94:93:b0:03:49:5b:b4:da:bc:ac:15:a3:61:7f:b7:53: 02:66:0d:55:b1:3a:7f:e9:2d:64:9e:b0:7a:83:92:74:0e:03: 1c:06:00:bf:1b:1a:5f:64:1a:f8:5d:ad:b4:1e:87:3a:1d:69: f2:d1:99:6f:72:00:a4:ca:6d:61:df:71:06:a0:d5:65:55:35: f0:44:f7:bc:6e:bc:36:36:30:3d:0b:92:0e:f4:96:c5:a9:92: c9:5e:81:b5:dd:92:06:de:a0:28:4f:bb:c8:cb:7e:55:55:77: 24:87:73:97:d4:2b:75:12:a5:a4:75:35:74:02:09:0f:99:24: ec:ac:5f:ba:8a:d3:ba:78:51:d2:ca:5e:f0:b0:8b:79:8d:4f: 91:ca:a9:de -----BEGIN CERTIFICATE----- MIIFQjCCBCqgAwIBAgICB+swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjZGODcxMTAvBgNVBAUTKDdFRDE3QUZENzM3MEE2QTkwOEQ4MjYyQjg2REFCQzdF RUQzRDYxNDAwHhcNMjUwNjIwMjIwOTQ5WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MDk5MC1iM2RlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvdIWT6m8yIXsYqsIIHUUDEibGfTphPLhX8M9zBTFFKIngyP0e/mTFZtTSaJC QBdtm/0h7X5Yje8m9EP5Pxjn4CffrKOlw6HGzX3ehXD1QdKih5gQP6XUVZtArxZd mJTQ2jegFZasV+ONCbOSH55SIDzLfND3uoQFmDCrBpqUQ7ml8NUe8gy2oo8Mnt9Y pKTcVV5a5yKMaB5s2mxmAdo/RRzmGpAEnhJNq9yE+ZPc2WuqmYBiWEg3r9t9pykQ qI9W/7t6rjBNb4ASsAEyTn4EKDR+eYWRdYmQUierLRNi6atXqhsLsUXakY1prCSw OstNrUgOdr4ycmXVBiy5ipzUZQIDAQABo4ICZjCCAmIwHQYDVR0OBBYEFLdk9OZA 1V6uuZZtJI3LgfnvQmPlMB8GA1UdIwQYMBaAFH7Rev1zcKapCNgmK4bavH7tPWFA MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNkY4Ny9BN0VBNzU1QzI2 ODgxMUVCQkU3QzY4MkJDNEY5QUUwMi9mdEY2X1hOd3Bxa0kyQ1lyaHRxOGZ1MDlZ VUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2Z0RjZfWE53cHFrSTJDWXJodHE4ZnUwOVlVQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjZGODcvQTdFQTc1NUMyNjg4MTFFQkJFN0M2ODJCQzRGOUFFMDIvNjlCQTUxNDgy QzlDMTFFQkI0OUEzQTMyQzRGOUFFMDIucm9hMCUGCCsGAQUFBwEHAQH/BBYwFDAS BAIAATAMAwQDQM/QAwQCSnZQMA0GCSqGSIb3DQEBCwUAA4IBAQAjm/00Xu05WY7R 8GpHDHgfjKkjTT+ksOwzsGv94O4EpiGycbWyQSVbqenLj1DXBUAbtkvWLVejWC5X E38+2EyP1AzelVybwNWrP0ZgGL9XjqLBjJ7LL4aB+DGNMnR9F8s0Uq7hwJhnzN3z 38JKq5STsANJW7TavKwVo2F/t1MCZg1VsTp/6S1knrB6g5J0DgMcBgC/GxpfZBr4 Xa20Hoc6HWny0ZlvcgCkym1h33EGoNVlVTXwRPe8brw2NjA9C5IO9JbFqZLJXoG1 3ZIG3qAoT7vIy35VVXckh3OX1Ct1EqWkdTV0AgkPmSTsrF+6itO6eFHSyl7wsIt5 jU+Ryqne -----END CERTIFICATE-----Generated at Mon Mar 2 09:47:13 2026 by rpki-client