$ rpki-client -vvf rpki.apnic.net/member_repository/A91DCAE8/3F7E2574BE0711F09FF04469C4F9AE02/12E8FD5CBECC11F098CFE015C4F9AE02.roa File: 12E8FD5CBECC11F098CFE015C4F9AE02.roa (raw, json) Hash identifier: 2fuL5HR83y1lHVu02OBTTtqwAHQ9hwGuikZsXGexJqo= Subject key identifier: F0:27:0A:5C:2E:9C:4C:BA:3E:78:3F:E6:30:D8:F5:47:EC:F5:BF:55 Certificate issuer: /CN=A91DCAE8/serialNumber=684597E998A3A0C6987361B7C572043A816C1C52 Certificate serial: 42 Authority key identifier: 68:45:97:E9:98:A3:A0:C6:98:73:61:B7:C5:72:04:3A:81:6C:1C:52 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/aEWX6ZijoMaYc2G3xXIEOoFsHFI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DCAE8/3F7E2574BE0711F09FF04469C4F9AE02/12E8FD5CBECC11F098CFE015C4F9AE02.roa Signing time: Mon 02 Mar 2026 12:39:59 +0000 ROA not before: Tue 11 Nov 2025 07:00:15 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 38235 IP address blocks: 157.85.64.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DCAE8/3F7E2574BE0711F09FF04469C4F9AE02/aEWX6ZijoMaYc2G3xXIEOoFsHFI.crl rsync://rpki.apnic.net/member_repository/A91DCAE8/3F7E2574BE0711F09FF04469C4F9AE02/aEWX6ZijoMaYc2G3xXIEOoFsHFI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/aEWX6ZijoMaYc2G3xXIEOoFsHFI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 14:48:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66 (0x42) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DCAE8, serialNumber=684597E998A3A0C6987361B7C572043A816C1C52 Validity Not Before: Nov 11 07:00:15 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=69a5851f-22dd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:52:33:c3:b4:04:fa:88:14:5b:26:3a:c0:52: a9:8f:cc:9b:ec:bb:ec:5e:23:4e:22:5f:b1:de:23: e1:33:9e:a4:ae:21:f6:17:10:45:11:5e:36:b0:2b: 2b:76:c5:a5:48:2f:37:2e:9b:bf:b1:4d:70:0b:9f: 41:3e:91:0b:69:01:e5:76:72:e2:33:80:34:3b:ff: 64:af:c7:dd:43:79:82:c0:c4:26:ce:67:fd:37:66: 05:4c:22:ee:ac:1f:63:b2:3f:2c:90:79:fb:4c:db: 45:60:41:60:51:c8:af:1d:00:e1:64:56:59:0d:97: 0a:d1:f2:f7:d8:b1:29:00:d0:be:51:d8:ce:af:14: 17:71:65:5b:08:36:4e:ab:65:41:f2:41:bc:60:da: cd:d6:66:c2:d9:e7:79:3d:c7:cb:a1:42:c0:82:dc: 47:3a:43:ea:ba:be:a2:d9:bc:09:b7:f8:4f:b7:ef: 9c:6c:5c:ed:c9:a3:21:cf:37:fc:5c:49:3f:b1:1f: 28:80:62:52:e7:29:1e:33:b2:7e:10:a3:45:d6:5f: 88:9f:6e:46:b0:06:e4:e0:8d:ca:5b:80:78:8f:b3: 32:77:4b:6b:89:8a:14:38:24:05:0d:63:d1:06:33: 3c:06:3e:6b:2d:8f:d9:18:52:a0:cf:06:50:0a:45: 11:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:27:0A:5C:2E:9C:4C:BA:3E:78:3F:E6:30:D8:F5:47:EC:F5:BF:55 X509v3 Authority Key Identifier: keyid:68:45:97:E9:98:A3:A0:C6:98:73:61:B7:C5:72:04:3A:81:6C:1C:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DCAE8/3F7E2574BE0711F09FF04469C4F9AE02/aEWX6ZijoMaYc2G3xXIEOoFsHFI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/aEWX6ZijoMaYc2G3xXIEOoFsHFI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DCAE8/3F7E2574BE0711F09FF04469C4F9AE02/12E8FD5CBECC11F098CFE015C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 157.85.64.0/21 Signature Algorithm: sha256WithRSAEncryption 1a:26:08:9a:b2:ed:a4:36:14:31:0f:5d:46:47:55:71:02:d3: db:0e:e7:2f:26:87:48:96:c6:df:b2:d7:71:e0:f1:32:0b:72: fb:5c:17:72:c6:24:66:99:80:bd:db:83:50:6f:90:03:79:c2: b8:96:17:89:27:51:a8:79:4f:8f:28:18:db:a2:95:e9:ce:15: 93:2e:1c:9c:d6:b0:ac:4c:1f:e8:3a:76:2b:9a:9f:e7:74:f4: 03:43:58:d2:77:ef:a1:a6:32:78:f4:25:e2:71:55:3e:55:67: d8:0a:8b:56:49:29:38:ef:02:76:2f:be:b7:61:70:aa:74:cd: 7d:08:ca:5e:d8:d3:f7:1e:78:aa:36:5a:15:9e:84:2a:5e:2f: e2:d0:31:94:aa:fb:92:8e:69:d1:40:4c:fb:af:cf:23:95:b5: 05:91:c0:13:ec:d2:d5:5c:3d:7c:91:56:11:aa:83:03:75:ef: e0:98:8a:de:93:9a:16:10:aa:ca:9b:70:a0:3a:32:12:a7:89: d5:19:cb:75:04:5c:36:81:54:22:d8:c7:da:c6:5a:c2:8e:b3: 43:45:68:eb:82:f1:6f:8c:65:8e:65:d5:19:dc:d1:e8:6e:fd: 44:40:af:89:2d:b8:38:a7:0d:fe:21:d1:0e:4b:4d:33:82:33: c5:30:f5:5b -----BEGIN CERTIFICATE----- MIIFOzCCBCOgAwIBAgIBQjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE Q0FFODExMC8GA1UEBRMoNjg0NTk3RTk5OEEzQTBDNjk4NzM2MUI3QzU3MjA0M0E4 MTZDMUM1MjAeFw0yNTExMTEwNzAwMTVaFw0yNjEyMDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY5YTU4NTFmLTIyZGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCfUjPDtAT6iBRbJjrAUqmPzJvsu+xeI04iX7HeI+EznqSuIfYXEEURXjawKyt2 xaVILzcum7+xTXALn0E+kQtpAeV2cuIzgDQ7/2Svx91DeYLAxCbOZ/03ZgVMIu6s H2OyPyyQeftM20VgQWBRyK8dAOFkVlkNlwrR8vfYsSkA0L5R2M6vFBdxZVsINk6r ZUHyQbxg2s3WZsLZ53k9x8uhQsCC3Ec6Q+q6vqLZvAm3+E+375xsXO3JoyHPN/xc ST+xHyiAYlLnKR4zsn4Qo0XWX4ifbkawBuTgjcpbgHiPszJ3S2uJihQ4JAUNY9EG MzwGPmstj9kYUqDPBlAKRREDAgMBAAGjggJgMIICXDAdBgNVHQ4EFgQU8CcKXC6c TLo+eD/mMNj1R+z1v1UwHwYDVR0jBBgwFoAUaEWX6ZijoMaYc2G3xXIEOoFsHFIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURDQUU4LzNGN0UyNTc0QkUw NzExRjA5RkYwNDQ2OUM0RjlBRTAyL2FFV1g2Wmlqb01hWWMyRzN4WElFT29Gc0hG SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvYUVXWDZaaWpvTWFZYzJHM3hYSUVPb0ZzSEZJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgZYGCCsGAQUFBwELBIGJMIGGMIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE Q0FFOC8zRjdFMjU3NEJFMDcxMUYwOUZGMDQ0NjlDNEY5QUUwMi8xMkU4RkQ1Q0JF Q0MxMUYwOThDRkUwMTVDNEY5QUUwMi5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwE AgABMAYDBAOdVUAwDQYJKoZIhvcNAQELBQADggEBABomCJqy7aQ2FDEPXUZHVXEC 09sO5y8mh0iWxt+y13Hg8TILcvtcF3LGJGaZgL3bg1BvkAN5wriWF4knUah5T48o GNuilenOFZMuHJzWsKxMH+g6diuan+d09ANDWNJ376GmMnj0JeJxVT5VZ9gKi1ZJ KTjvAnYvvrdhcKp0zX0Iyl7Y0/ceeKo2WhWehCpeL+LQMZSq+5KOadFATPuvzyOV tQWRwBPs0tVcPXyRVhGqgwN17+CYit6TmhYQqsqbcKA6MhKnidUZy3UEXDaBVCLY x9rGWsKOs0NFaOuC8W+MZY5l1Rnc0ehu/URAr4ktuDinDf4h0Q5LTTOCM8Uw9Vs= -----END CERTIFICATE-----Generated at Mon Mar 2 17:54:19 2026 by rpki-client