$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB8BA/2510B4E6F0FC11EAB985FA5FC4F9AE02/21B96F2E7BC911EBABCF472DC4F9AE02.roa File: 21B96F2E7BC911EBABCF472DC4F9AE02.roa (raw, json) Hash identifier: i37T+miB19JllsQUkIFRFN9qItWKSwoaTSynWV3QKsI= Subject key identifier: 8D:AD:1D:54:AE:A0:DF:6D:20:3C:7E:28:EA:27:C3:DF:AE:35:B2:BD Certificate issuer: /CN=A91CB8BA/serialNumber=8382F6188C4A6DD66954D5718A3D9CCF9B8BF895 Certificate serial: 087A Authority key identifier: 83:82:F6:18:8C:4A:6D:D6:69:54:D5:71:8A:3D:9C:CF:9B:8B:F8:95 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/g4L2GIxKbdZpVNVxij2cz5uL-JU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CB8BA/2510B4E6F0FC11EAB985FA5FC4F9AE02/21B96F2E7BC911EBABCF472DC4F9AE02.roa Signing time: Sun 01 Mar 2026 15:41:23 +0000 ROA not before: Mon 12 Jan 2026 20:16:40 +0000 ROA not after: Wed 31 Mar 2027 00:00:00 +0000 asID: 137280 IP address blocks: 213.255.228.0/23 maxlen: 23 213.255.230.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CB8BA/2510B4E6F0FC11EAB985FA5FC4F9AE02/g4L2GIxKbdZpVNVxij2cz5uL-JU.crl rsync://rpki.apnic.net/member_repository/A91CB8BA/2510B4E6F0FC11EAB985FA5FC4F9AE02/g4L2GIxKbdZpVNVxij2cz5uL-JU.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/g4L2GIxKbdZpVNVxij2cz5uL-JU.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:14:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2170 (0x87a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CB8BA, serialNumber=8382F6188C4A6DD66954D5718A3D9CCF9B8BF895 Validity Not Before: Jan 12 20:16:40 2026 GMT Not After : Mar 31 00:00:00 2027 GMT Subject: CN=69a45e23-1863 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:e5:25:06:b5:87:ac:f0:c2:03:56:5d:10:29: 11:c8:b4:fc:58:6b:0a:bb:79:75:9a:65:06:fe:46: bb:b4:87:d1:f4:f4:8a:52:19:76:6f:d1:5e:82:2a: 40:d4:12:d3:9a:14:03:9a:f4:7c:0e:26:e7:21:8d: 07:65:79:19:2c:ea:15:02:f4:19:32:f8:78:6b:45: 59:96:9f:91:1a:bd:0b:7d:fe:07:12:f5:96:6c:e5: df:59:9c:29:8c:2b:01:a4:6e:e5:dc:37:0b:76:8c: 96:38:b1:81:9c:dc:02:d5:1f:e8:b9:01:a8:8f:1e: 1f:70:08:0b:30:43:e4:52:cd:89:20:e6:de:04:73: 00:50:81:51:39:2a:1c:d3:20:dc:fe:76:89:7b:11: 51:2f:79:02:1f:9f:34:b2:14:d9:6c:2f:ad:31:a7: 62:35:99:69:a2:39:56:d9:db:57:40:27:66:93:fe: 57:a4:42:1f:98:4e:0f:70:fd:e5:7f:8c:f5:c1:9b: 3e:3a:03:f6:5d:a6:f6:00:11:0d:34:52:d5:6b:8b: 47:46:fe:c5:2b:e3:05:c2:36:cf:9e:64:c6:34:51: c0:e4:e3:a8:19:ef:3e:01:c7:99:8a:82:c4:eb:c0: b3:1a:62:0b:f5:60:e3:37:8e:23:4c:0d:1d:b9:be: e6:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:AD:1D:54:AE:A0:DF:6D:20:3C:7E:28:EA:27:C3:DF:AE:35:B2:BD X509v3 Authority Key Identifier: keyid:83:82:F6:18:8C:4A:6D:D6:69:54:D5:71:8A:3D:9C:CF:9B:8B:F8:95 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CB8BA/2510B4E6F0FC11EAB985FA5FC4F9AE02/g4L2GIxKbdZpVNVxij2cz5uL-JU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/g4L2GIxKbdZpVNVxij2cz5uL-JU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB8BA/2510B4E6F0FC11EAB985FA5FC4F9AE02/21B96F2E7BC911EBABCF472DC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 213.255.228.0-213.255.230.255 Signature Algorithm: sha256WithRSAEncryption 95:e3:be:4b:c2:6b:82:c4:93:c1:85:e2:d4:30:83:2e:7d:bf: ab:cd:70:80:f4:0f:c1:be:58:76:0d:61:5f:f5:00:78:6f:ec: 32:4f:5e:bc:02:d1:a2:4e:db:1a:ac:e2:04:fb:9b:11:74:5e: 29:b1:bf:a6:3a:e4:2c:f3:d9:44:be:20:a0:c9:20:57:c2:5d: 43:4b:fa:24:2b:53:5e:fd:f6:39:a8:87:d3:57:11:08:b6:19: f0:bb:77:eb:af:f6:8a:f1:b0:6a:32:15:9e:a5:fa:1f:4c:a6: dc:c1:87:a3:3c:70:0a:36:da:38:31:67:f0:2f:f7:48:fe:51: 96:52:a9:1f:da:f3:64:60:04:92:8c:b5:7d:1d:39:43:ef:27: 1c:33:af:ec:b7:fa:f9:67:f1:ff:f9:b9:14:07:05:60:b0:d0: 51:47:53:71:14:a0:bb:71:4e:d8:8c:ce:ae:65:8e:a7:77:67: c0:d3:6b:2f:9e:a8:f0:21:8e:21:d3:08:a8:f1:1c:04:c5:76: 3a:31:c4:86:09:42:a6:44:31:b8:ea:72:26:c9:97:a4:27:11: bf:5f:5d:e1:4d:72:42:43:01:8c:ae:1f:11:a9:58:b4:ea:c6: d0:ac:b5:d0:d9:66:6d:3f:0f:dd:ce:12:06:5c:95:c0:a4:86: 6d:f4:b4:6e -----BEGIN CERTIFICATE----- MIIFRDCCBCygAwIBAgICCHowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0I4QkExMTAvBgNVBAUTKDgzODJGNjE4OEM0QTZERDY2OTU0RDU3MThBM0Q5Q0NG OUI4QkY4OTUwHhcNMjYwMTEyMjAxNjQwWhcNMjcwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NWUyMy0xODYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAruUlBrWHrPDCA1ZdECkRyLT8WGsKu3l1mmUG/ka7tIfR9PSKUhl2b9FegipA 1BLTmhQDmvR8DibnIY0HZXkZLOoVAvQZMvh4a0VZlp+RGr0Lff4HEvWWbOXfWZwp jCsBpG7l3DcLdoyWOLGBnNwC1R/ouQGojx4fcAgLMEPkUs2JIObeBHMAUIFROSoc 0yDc/naJexFRL3kCH580shTZbC+tMadiNZlpojlW2dtXQCdmk/5XpEIfmE4PcP3l f4z1wZs+OgP2Xab2ABENNFLVa4tHRv7FK+MFwjbPnmTGNFHA5OOoGe8+AceZioLE 68CzGmIL9WDjN44jTA0dub7mpQIDAQABo4ICaDCCAmQwHQYDVR0OBBYEFI2tHVSu oN9tIDx+KOonw9+uNbK9MB8GA1UdIwQYMBaAFIOC9hiMSm3WaVTVcYo9nM+bi/iV MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjhCQS8yNTEwQjRFNkYw RkMxMUVBQjk4NUZBNUZDNEY5QUUwMi9nNEwyR0l4S2JkWnBWTlZ4aWoyY3o1dUwt SlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL2c0TDJHSXhLYmRacFZOVnhpajJjejV1TC1KVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0I4QkEvMjUxMEI0RTZGMEZDMTFFQUI5ODVGQTVGQzRGOUFFMDIvMjFCOTZGMkU3 QkM5MTFFQkFCQ0Y0NzJEQzRGOUFFMDIucm9hMCcGCCsGAQUFBwEHAQH/BBgwFjAU BAIAATAOMAwDBALV/+QDBADV/+YwDQYJKoZIhvcNAQELBQADggEBAJXjvkvCa4LE k8GF4tQwgy59v6vNcID0D8G+WHYNYV/1AHhv7DJPXrwC0aJO2xqs4gT7mxF0Ximx v6Y65Czz2US+IKDJIFfCXUNL+iQrU1799jmoh9NXEQi2GfC7d+uv9orxsGoyFZ6l +h9MptzBh6M8cAo22jgxZ/Av90j+UZZSqR/a82RgBJKMtX0dOUPvJxwzr+y3+vln 8f/5uRQHBWCw0FFHU3EUoLtxTtiMzq5ljqd3Z8DTay+eqPAhjiHTCKjxHATFdjox xIYJQqZEMbjqcibJl6QnEb9fXeFNckJDAYyuHxGpWLTqxtCstdDZZm0/D93OEgZc lcCkhm30tG4= -----END CERTIFICATE-----Generated at Mon Mar 2 10:51:19 2026 by rpki-client