$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/B8BA4E603B5211EAA0D53F12C4F9AE02.roa File: B8BA4E603B5211EAA0D53F12C4F9AE02.roa (raw, json) Hash identifier: srVyFBKN0Q9HWcfKgMQOmFLq/c+Rn8Jh5edzm7vxdco= Subject key identifier: 49:B0:96:F4:EB:15:F2:42:E2:DF:B7:3F:CF:EB:4E:23:B6:A1:23:9A Certificate issuer: /CN=A91EA198/serialNumber=5FEEDE9D382543F051527FA533D47A917077E632 Certificate serial: 1EC4 Authority key identifier: 5F:EE:DE:9D:38:25:43:F0:51:52:7F:A5:33:D4:7A:91:70:77:E6:32 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/X-7enTglQ_BRUn-lM9R6kXB35jI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/B8BA4E603B5211EAA0D53F12C4F9AE02.roa Signing time: Sun 01 Mar 2026 16:59:08 +0000 ROA not before: Fri 12 Dec 2025 16:13:53 +0000 ROA not after: Tue 02 Mar 2027 00:00:00 +0000 asID: 45102 IP address blocks: 8.128.0.0/10 maxlen: 18 8.208.0.0/12 maxlen: 15 8.208.0.0/16 maxlen: 24 8.209.0.0/16 maxlen: 24 8.210.0.0/16 maxlen: 24 8.211.0.0/16 maxlen: 24 8.212.0.0/16 maxlen: 24 8.213.0.0/16 maxlen: 24 8.214.0.0/16 maxlen: 24 8.215.0.0/16 maxlen: 24 8.216.0.0/16 maxlen: 24 8.217.0.0/16 maxlen: 24 8.218.0.0/16 maxlen: 24 8.219.0.0/16 maxlen: 24 8.220.0.0/16 maxlen: 24 8.221.0.0/16 maxlen: 24 8.222.0.0/16 maxlen: 24 8.223.0.0/16 maxlen: 24 149.129.0.0/16 maxlen: 24 161.117.0.0/16 maxlen: 24 170.33.0.0/16 maxlen: 16 170.33.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/X-7enTglQ_BRUn-lM9R6kXB35jI.crl rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/X-7enTglQ_BRUn-lM9R6kXB35jI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/X-7enTglQ_BRUn-lM9R6kXB35jI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 14:59:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7876 (0x1ec4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA198, serialNumber=5FEEDE9D382543F051527FA533D47A917077E632 Validity Not Before: Dec 12 16:13:53 2025 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=69a4705c-d126 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:ef:91:2b:24:e2:5f:3f:b7:11:1e:d9:17:7c: 7c:0f:06:e7:b7:ee:8f:e0:60:bd:65:0c:8e:e6:75: 94:7c:04:32:a6:fe:95:0f:57:a5:d1:17:e7:f6:62: 23:15:29:4a:3d:69:c5:d1:6e:07:78:f4:4a:14:81: 88:48:db:43:d6:6e:3a:e1:ad:2b:76:51:e0:b8:0a: 25:57:e7:e5:0d:e1:8d:1c:a8:ca:f1:02:15:1a:00: d2:40:81:85:9c:63:1a:bf:ef:40:c9:83:7f:ba:52: 3e:56:04:6a:df:f6:5b:b6:aa:90:8e:06:22:02:7a: 54:42:a9:41:74:5c:97:79:cf:65:61:c9:b5:8b:d2: 62:6a:e0:0a:9a:2b:e7:ed:b5:f6:5d:dc:92:1f:33: 28:3a:78:97:87:2c:eb:8a:ea:62:9e:ff:57:0f:60: 34:d3:19:c7:78:c0:47:f5:31:b7:f1:18:a7:8e:8a: 91:4a:90:e1:1a:ae:31:12:cb:5f:97:99:18:c5:2b: f5:ea:ac:3e:0d:38:b4:fe:ca:45:fc:6e:bb:67:50: ef:69:43:95:9d:a7:ae:35:9b:8d:6b:47:d8:4d:c5: ba:56:9c:3d:39:01:d2:20:98:48:95:ca:72:fb:9e: f0:cb:6e:f9:6a:6d:8b:a9:77:31:9b:2b:5c:46:9c: 9a:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:B0:96:F4:EB:15:F2:42:E2:DF:B7:3F:CF:EB:4E:23:B6:A1:23:9A X509v3 Authority Key Identifier: keyid:5F:EE:DE:9D:38:25:43:F0:51:52:7F:A5:33:D4:7A:91:70:77:E6:32 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/X-7enTglQ_BRUn-lM9R6kXB35jI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/X-7enTglQ_BRUn-lM9R6kXB35jI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/B8BA4E603B5211EAA0D53F12C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 8.128.0.0/10 8.208.0.0/12 149.129.0.0/16 161.117.0.0/16 170.33.0.0/16 Signature Algorithm: sha256WithRSAEncryption 04:17:c9:50:70:06:3c:e0:df:b9:76:60:8a:2d:f2:5c:b8:73: 81:50:98:69:7d:14:94:6f:e9:1a:cd:ba:fc:c3:62:65:64:97: 10:6d:c9:5b:bd:d5:14:d9:44:05:37:83:e0:81:6c:24:ee:e8: 9f:5f:5b:94:a3:ca:9b:dc:ae:31:e6:ed:01:9c:4e:3a:3b:2f: 80:de:ad:97:ec:1e:24:7c:91:6d:b9:84:eb:f4:0a:d8:e5:94: f4:74:72:94:b5:2b:5a:ea:4f:b3:86:99:47:95:57:db:9a:ef: d1:64:f8:75:6d:28:68:be:27:1c:9d:d1:8d:20:df:4d:12:d9: 72:ed:de:8e:4a:80:34:e3:10:cd:c5:d9:b7:0d:0e:ef:c8:f6: d6:48:1e:ed:8e:57:d7:95:32:81:28:63:21:b2:2b:5c:f0:73: f0:f9:8d:77:4d:ff:c8:3d:7b:b2:6d:6c:60:03:d7:5e:59:e8: 2d:2e:02:36:75:ca:1c:f9:0c:00:49:1c:b7:3f:21:67:18:89: ed:61:21:93:65:5f:0a:9a:6e:42:b9:53:1c:93:57:ca:fe:27: f5:98:ea:e6:03:a8:a3:da:2a:3c:99:a6:fc:e1:a2:7f:32:76: 7a:fd:ef:f9:30:57:4b:8c:63:6f:71:f0:d8:3c:d4:c5:b4:10: 93:4d:4e:36 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICHsQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUExOTgxMTAvBgNVBAUTKDVGRUVERTlEMzgyNTQzRjA1MTUyN0ZBNTMzRDQ3QTkx NzA3N0U2MzIwHhcNMjUxMjEyMTYxMzUzWhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NzA1Yy1kMTI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7u+RKyTiXz+3ER7ZF3x8Dwbnt+6P4GC9ZQyO5nWUfAQypv6VD1el0Rfn9mIj FSlKPWnF0W4HePRKFIGISNtD1m464a0rdlHguAolV+flDeGNHKjK8QIVGgDSQIGF nGMav+9AyYN/ulI+VgRq3/ZbtqqQjgYiAnpUQqlBdFyXec9lYcm1i9JiauAKmivn 7bX2XdySHzMoOniXhyzriupinv9XD2A00xnHeMBH9TG38RinjoqRSpDhGq4xEstf l5kYxSv16qw+DTi0/spF/G67Z1DvaUOVnaeuNZuNa0fYTcW6Vpw9OQHSIJhIlcpy +57wy275am2LqXcxmytcRpyakQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFEmwlvTr FfJC4t+3P8/rTiO2oSOaMB8GA1UdIwQYMBaAFF/u3p04JUPwUVJ/pTPUepFwd+Yy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTE5OC9BRDYyOTIyMkI1 MjUxMUU2QUY2Qzg5NUVDNEY5QUUwMi9YLTdlblRnbFFfQlJVbi1sTTlSNmtYQjM1 akkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1gtN2VuVGdsUV9CUlVuLWxNOVI2a1hCMzVqSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUExOTgvQUQ2MjkyMjJCNTI1MTFFNkFGNkM4OTVFQzRGOUFFMDIvQjhCQTRFNjAz QjUyMTFFQUEwRDUzRjEyQzRGOUFFMDIucm9hMDIGCCsGAQUFBwEHAQH/BCMwITAf BAIAATAZAwMGCIADAwQI0AMDAJWBAwMAoXUDAwCqITANBgkqhkiG9w0BAQsFAAOC AQEABBfJUHAGPODfuXZgii3yXLhzgVCYaX0UlG/pGs26/MNiZWSXEG3JW73VFNlE BTeD4IFsJO7on19blKPKm9yuMebtAZxOOjsvgN6tl+weJHyRbbmE6/QK2OWU9HRy lLUrWupPs4aZR5VX25rv0WT4dW0oaL4nHJ3RjSDfTRLZcu3ejkqANOMQzcXZtw0O 78j21kge7Y5X15UygShjIbIrXPBz8PmNd03/yD17sm1sYAPXXlnoLS4CNnXKHPkM AEkctz8hZxiJ7WEhk2VfCppuQrlTHJNXyv4n9Zjq5gOoo9oqPJmm/OGifzJ2ev3v +TBXS4xjb3Hw2DzUxbQQk01ONg== -----END CERTIFICATE-----Generated at Mon Mar 2 05:02:32 2026 by rpki-client