$ rpki-client -vvf rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/CEF8E22E711711EDB49CE11AC4F9AE02.roa File: CEF8E22E711711EDB49CE11AC4F9AE02.roa (raw, json) Hash identifier: N9eG1bQhX1YdCDkzKaSF+f+WLANX5CsAn9fANFhO8B8= Subject key identifier: 0F:0E:E4:B1:75:36:4D:38:04:0D:2A:00:D9:4C:E5:E0:58:E2:C0:23 Certificate issuer: /CN=A91F277D/serialNumber=BBC103561AFD7A93036D1C72DD4C0A7C2A4E29CE Certificate serial: 06FF Authority key identifier: BB:C1:03:56:1A:FD:7A:93:03:6D:1C:72:DD:4C:0A:7C:2A:4E:29:CE Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/u8EDVhr9epMDbRxy3UwKfCpOKc4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/CEF8E22E711711EDB49CE11AC4F9AE02.roa Signing time: Sun 01 Mar 2026 16:47:41 +0000 ROA not before: Wed 26 Nov 2025 21:13:20 +0000 ROA not after: Tue 02 Mar 2027 00:00:00 +0000 asID: 135348 IP address blocks: 139.163.0.0/17 maxlen: 17 139.163.30.0/24 maxlen: 24 139.163.128.0/23 maxlen: 23 139.163.130.0/24 maxlen: 24 139.163.131.0/24 maxlen: 24 139.163.132.0/22 maxlen: 22 139.163.132.0/24 maxlen: 24 139.163.136.0/23 maxlen: 23 139.163.138.0/24 maxlen: 24 139.163.139.0/24 maxlen: 24 139.163.140.0/22 maxlen: 22 139.163.144.0/20 maxlen: 20 139.163.160.0/19 maxlen: 19 139.163.192.0/19 maxlen: 19 139.163.224.0/20 maxlen: 20 139.163.240.0/22 maxlen: 22 139.163.244.0/23 maxlen: 23 139.163.246.0/24 maxlen: 24 139.163.247.0/24 maxlen: 24 139.163.248.0/21 maxlen: 21 139.163.250.0/24 maxlen: 24 168.134.0.0/17 maxlen: 17 168.134.128.0/21 maxlen: 21 168.134.136.0/24 maxlen: 24 168.134.137.0/24 maxlen: 24 168.134.138.0/24 maxlen: 24 168.134.139.0/24 maxlen: 24 168.134.140.0/22 maxlen: 22 168.134.144.0/20 maxlen: 20 168.134.160.0/19 maxlen: 19 168.134.192.0/18 maxlen: 18 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/u8EDVhr9epMDbRxy3UwKfCpOKc4.crl rsync://rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/u8EDVhr9epMDbRxy3UwKfCpOKc4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/u8EDVhr9epMDbRxy3UwKfCpOKc4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 23:49:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1791 (0x6ff) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F277D, serialNumber=BBC103561AFD7A93036D1C72DD4C0A7C2A4E29CE Validity Not Before: Nov 26 21:13:20 2025 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=69a46dac-6265 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:97:3a:8a:10:40:39:3e:6a:09:a6:40:fe:9a: 54:41:28:0f:ac:e2:d2:d7:5b:39:be:05:b8:36:e8: 02:f6:82:92:1e:bb:77:e6:e6:0b:c0:1c:97:52:61: f3:44:24:6e:23:61:64:d2:a4:d1:2f:f1:bb:15:32: 2a:7a:46:61:fd:49:62:31:e3:62:d4:d8:da:e2:08: a0:87:ff:57:c5:99:b6:2b:42:d5:04:8f:a8:4c:69: f0:dd:a4:13:3f:9a:67:eb:4e:56:e2:e7:46:24:5d: 09:f1:30:6e:ab:d1:7e:03:ac:d4:44:82:b2:d7:93: 57:10:c4:1a:8c:3b:1b:43:21:c7:62:1b:52:55:f5: 2d:4b:36:57:b6:e3:50:e9:8f:00:b6:71:2a:2b:75: d6:d1:22:ac:8f:4a:e2:b6:59:e2:ae:81:0a:a7:13: 20:92:79:69:f1:05:43:1c:4e:47:f3:7a:d5:2e:6f: 2b:43:74:0b:25:60:ff:32:30:00:ed:5f:02:cf:b2: 87:b8:36:0d:25:8b:32:ca:39:df:22:2c:0f:31:9b: f4:23:50:99:03:33:a3:9d:cb:9a:a6:0b:89:2e:26: e1:1b:3a:ec:06:73:d5:81:da:79:a9:bf:ec:66:bd: 6b:51:d6:3a:0d:cf:f3:e0:8f:c7:21:c3:b9:fb:f6: 66:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:0E:E4:B1:75:36:4D:38:04:0D:2A:00:D9:4C:E5:E0:58:E2:C0:23 X509v3 Authority Key Identifier: keyid:BB:C1:03:56:1A:FD:7A:93:03:6D:1C:72:DD:4C:0A:7C:2A:4E:29:CE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/u8EDVhr9epMDbRxy3UwKfCpOKc4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/u8EDVhr9epMDbRxy3UwKfCpOKc4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/CEF8E22E711711EDB49CE11AC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 139.163.0.0/16 168.134.0.0/16 Signature Algorithm: sha256WithRSAEncryption 03:ef:e9:78:30:52:6d:4d:b3:e1:85:f2:3a:56:17:5d:e0:88: c9:86:2c:b9:f3:4e:0d:99:d6:73:d8:08:a0:1f:03:86:9b:3b: 42:10:4c:5c:23:85:82:af:4b:ba:57:e9:da:a9:5e:35:e5:87: 66:64:61:59:eb:81:f4:de:4f:d5:5f:ac:f7:ae:d4:41:07:13: 79:08:b8:a3:4a:15:5d:67:d3:a4:45:89:27:8a:e1:8d:4f:08: 6a:6e:e9:7c:48:51:c6:a4:53:13:b6:cf:1b:7d:36:94:54:12: 54:3c:47:78:71:3e:d0:32:0a:be:a3:76:06:2c:d3:14:96:9c: b5:c4:ed:08:8b:ee:6e:35:f7:b4:ae:20:13:24:62:2a:e1:1d: bc:93:89:46:0a:e5:be:6a:73:57:a0:22:28:5e:80:5f:16:62: b9:3a:c3:c8:b5:2b:aa:04:3c:a2:e5:a5:4e:73:9e:fd:cf:39: ae:91:bf:40:73:b2:02:45:9f:f6:20:fa:f5:c7:15:60:e6:e2: af:63:05:7c:e4:fe:09:7f:53:e3:13:a7:d9:0e:17:4b:34:42: 9d:cd:37:fa:58:c1:56:49:d2:41:6f:6f:98:e3:f7:60:a7:dc: fe:ca:ae:2f:59:5e:45:b6:c8:9c:45:2c:c6:b5:4c:8c:91:d5: 75:2c:0b:80 -----BEGIN CERTIFICATE----- MIIFQDCCBCigAwIBAgICBv8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjI3N0QxMTAvBgNVBAUTKEJCQzEwMzU2MUFGRDdBOTMwMzZEMUM3MkRENEMwQTdD MkE0RTI5Q0UwHhcNMjUxMTI2MjExMzIwWhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NmRhYy02MjY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAkpc6ihBAOT5qCaZA/ppUQSgPrOLS11s5vgW4NugC9oKSHrt35uYLwByXUmHz RCRuI2Fk0qTRL/G7FTIqekZh/UliMeNi1Nja4gigh/9XxZm2K0LVBI+oTGnw3aQT P5pn605W4udGJF0J8TBuq9F+A6zURIKy15NXEMQajDsbQyHHYhtSVfUtSzZXtuNQ 6Y8AtnEqK3XW0SKsj0ritlniroEKpxMgknlp8QVDHE5H83rVLm8rQ3QLJWD/MjAA 7V8Cz7KHuDYNJYsyyjnfIiwPMZv0I1CZAzOjncuapguJLibhGzrsBnPVgdp5qb/s Zr1rUdY6Dc/z4I/HIcO5+/ZmJwIDAQABo4ICZDCCAmAwHQYDVR0OBBYEFA8O5LF1 Nk04BA0qANlM5eBY4sAjMB8GA1UdIwQYMBaAFLvBA1Ya/XqTA20cct1MCnwqTinO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMjc3RC83OEExRDA4RThE NkIxMUVCOTg0MEUwNUZDNEY5QUUwMi91OEVEVmhyOWVwTURiUnh5M1V3S2ZDcE9L YzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3U4RURWaHI5ZXBNRGJSeHkzVXdLZkNwT0tjNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjI3N0QvNzhBMUQwOEU4RDZCMTFFQjk4NDBFMDVGQzRGOUFFMDIvQ0VGOEUyMkU3 MTE3MTFFREI0OUNFMTFBQzRGOUFFMDIucm9hMCMGCCsGAQUFBwEHAQH/BBQwEjAQ BAIAATAKAwMAi6MDAwCohjANBgkqhkiG9w0BAQsFAAOCAQEAA+/peDBSbU2z4YXy OlYXXeCIyYYsufNODZnWc9gIoB8Dhps7QhBMXCOFgq9Lulfp2qleNeWHZmRhWeuB 9N5P1V+s967UQQcTeQi4o0oVXWfTpEWJJ4rhjU8Iam7pfEhRxqRTE7bPG302lFQS VDxHeHE+0DIKvqN2BizTFJactcTtCIvubjX3tK4gEyRiKuEdvJOJRgrlvmpzV6Ai KF6AXxZiuTrDyLUrqgQ8ouWlTnOe/c85rpG/QHOyAkWf9iD69ccVYObir2MFfOT+ CX9T4xOn2Q4XSzRCnc03+ljBVknSQW9vmOP3YKfc/squL1leRbbInEUsxrVMjJHV dSwLgA== -----END CERTIFICATE-----Generated at Mon Mar 2 17:06:26 2026 by rpki-client