$ rpki-client -vvf rpki.apnic.net/member_repository/A91F428C/449BA5061DA011E2B6D8709108B02CD2/8852DDDEBED411ECBA66025BC4F9AE02.roa File: 8852DDDEBED411ECBA66025BC4F9AE02.roa (raw, json) Hash identifier: oxiDTJi92uEmvEoDjgv/y1DqmarljGA90TImE98cgWs= Subject key identifier: 0F:C9:4A:0E:24:04:1C:E0:35:4E:24:C6:4E:5F:30:1A:5C:D9:EE:A0 Certificate issuer: /CN=A91F428C/serialNumber=632C8DE0220B8C10B41FF49BFF8B432CF8FFD254 Certificate serial: 351D Authority key identifier: 63:2C:8D:E0:22:0B:8C:10:B4:1F:F4:9B:FF:8B:43:2C:F8:FF:D2:54 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YyyN4CILjBC0H_Sb_4tDLPj_0lQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F428C/449BA5061DA011E2B6D8709108B02CD2/8852DDDEBED411ECBA66025BC4F9AE02.roa Signing time: Sun 01 Mar 2026 11:24:35 +0000 ROA not before: Tue 12 Aug 2025 15:21:15 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 45172 IP address blocks: 143.96.0.0/16 maxlen: 16 143.96.0.0/24 maxlen: 24 143.96.1.0/24 maxlen: 24 143.96.2.0/23 maxlen: 24 143.96.4.0/23 maxlen: 24 143.96.6.0/24 maxlen: 24 143.96.7.0/24 maxlen: 24 143.96.8.0/22 maxlen: 22 143.96.12.0/24 maxlen: 24 143.96.13.0/24 maxlen: 24 143.96.14.0/24 maxlen: 24 143.96.15.0/24 maxlen: 24 143.96.16.0/20 maxlen: 20 143.96.32.0/19 maxlen: 19 143.96.64.0/18 maxlen: 18 143.96.128.0/17 maxlen: 17 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F428C/449BA5061DA011E2B6D8709108B02CD2/YyyN4CILjBC0H_Sb_4tDLPj_0lQ.crl rsync://rpki.apnic.net/member_repository/A91F428C/449BA5061DA011E2B6D8709108B02CD2/YyyN4CILjBC0H_Sb_4tDLPj_0lQ.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YyyN4CILjBC0H_Sb_4tDLPj_0lQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 23:41:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13597 (0x351d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F428C, serialNumber=632C8DE0220B8C10B41FF49BFF8B432CF8FFD254 Validity Not Before: Aug 12 15:21:15 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=69a421f2-152c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:5b:e5:e0:bd:d2:a4:4a:68:c0:2b:92:63:97: 18:0c:27:23:60:e0:5c:51:f9:a5:c3:7f:33:e0:0a: fa:fb:90:99:24:02:58:85:b2:84:f3:c6:1d:d1:66: 70:7d:ac:7b:24:1d:5b:1b:fc:df:53:1d:a0:df:8e: ec:ee:7d:d3:1e:dd:c6:7b:b0:6f:75:8b:68:1c:64: 62:eb:97:ee:37:bb:e6:e7:db:c4:a2:a0:2c:61:ee: 92:e8:63:4e:f2:4f:d4:1c:f5:f5:15:73:3d:06:57: c2:81:73:ce:29:ee:65:50:2c:bf:d2:bf:33:c9:d7: 5c:e5:7e:fb:18:4f:41:df:58:fe:54:f8:68:fc:88: c3:a3:ed:fd:37:9e:ad:a4:43:d8:05:b4:aa:04:3a: 27:bf:cf:e4:d0:e6:d5:d9:c1:1a:35:d5:da:4c:5c: 14:08:57:44:73:e8:13:da:90:49:05:84:a1:a5:79: 8f:16:4d:11:31:f9:10:c8:70:ba:85:31:50:40:ec: 84:f0:5a:0d:46:5a:a5:ea:ec:0a:63:59:de:60:05: a7:4f:34:3a:66:d9:e5:a7:94:c6:49:25:41:8b:3f: 82:52:cd:49:d9:27:42:90:70:0d:f1:37:0e:f3:b0: 18:39:9b:2d:ff:84:c3:c0:f0:6f:c3:57:8f:fc:0c: 72:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:C9:4A:0E:24:04:1C:E0:35:4E:24:C6:4E:5F:30:1A:5C:D9:EE:A0 X509v3 Authority Key Identifier: keyid:63:2C:8D:E0:22:0B:8C:10:B4:1F:F4:9B:FF:8B:43:2C:F8:FF:D2:54 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F428C/449BA5061DA011E2B6D8709108B02CD2/YyyN4CILjBC0H_Sb_4tDLPj_0lQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YyyN4CILjBC0H_Sb_4tDLPj_0lQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F428C/449BA5061DA011E2B6D8709108B02CD2/8852DDDEBED411ECBA66025BC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 143.96.0.0/16 Signature Algorithm: sha256WithRSAEncryption 89:17:4e:be:67:9e:37:09:bb:9f:50:27:6d:94:55:fe:39:97: f4:ca:ac:07:10:9c:d2:9a:20:52:8d:3c:48:b5:f3:ca:7b:03: db:70:f6:43:5c:78:e3:19:5a:0f:81:3a:87:51:74:4a:23:3e: 43:15:6f:32:ca:8e:43:fd:47:d5:c3:37:9c:37:c0:97:35:f9: b3:de:fe:58:dc:8e:c6:fd:7c:77:a2:67:48:a5:91:91:a4:b5: 2b:a2:32:af:a0:56:db:71:10:03:20:aa:04:cc:29:b5:63:a2: 15:35:02:96:0c:56:df:28:8a:81:03:b1:7f:f6:62:9c:8a:9a: e7:ec:c2:63:03:46:a5:81:ef:d1:5b:d3:51:3e:09:ad:81:88: ac:99:d2:ad:ed:eb:53:b0:6e:15:35:55:d6:06:7e:ce:10:76: e8:d4:7f:86:b5:5a:a1:3e:85:21:ed:1e:4b:8c:00:dc:19:13: 15:00:b8:2a:45:ce:b2:c1:01:7e:98:68:a6:ab:74:77:da:73: 9f:23:e7:90:6d:66:5e:f0:53:d5:8c:ef:48:1c:49:cf:98:01: 8e:b3:83:04:71:65:4c:75:db:4d:66:62:f8:b3:73:6c:25:a0: 72:d3:90:1a:f1:4a:f5:c9:82:d1:8f:6e:ec:71:70:e4:51:ef: 40:bb:62:fc -----BEGIN CERTIFICATE----- MIIFOzCCBCOgAwIBAgICNR0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjQyOEMxMTAvBgNVBAUTKDYzMkM4REUwMjIwQjhDMTBCNDFGRjQ5QkZGOEI0MzJD RjhGRkQyNTQwHhcNMjUwODEyMTUyMTE1WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MjFmMi0xNTJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAklvl4L3SpEpowCuSY5cYDCcjYOBcUfmlw38z4Ar6+5CZJAJYhbKE88Yd0WZw fax7JB1bG/zfUx2g347s7n3THt3Ge7BvdYtoHGRi65fuN7vm59vEoqAsYe6S6GNO 8k/UHPX1FXM9BlfCgXPOKe5lUCy/0r8zyddc5X77GE9B31j+VPho/IjDo+39N56t pEPYBbSqBDonv8/k0ObV2cEaNdXaTFwUCFdEc+gT2pBJBYShpXmPFk0RMfkQyHC6 hTFQQOyE8FoNRlql6uwKY1neYAWnTzQ6Ztnlp5TGSSVBiz+CUs1J2SdCkHAN8TcO 87AYOZst/4TDwPBvw1eP/AxyJQIDAQABo4ICXzCCAlswHQYDVR0OBBYEFA/JSg4k BBzgNU4kxk5fMBpc2e6gMB8GA1UdIwQYMBaAFGMsjeAiC4wQtB/0m/+LQyz4/9JU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNDI4Qy80NDlCQTUwNjFE QTAxMUUyQjZEODcwOTEwOEIwMkNEMi9ZeXlONENJTGpCQzBIX1NiXzR0RExQal8w bFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1l5eU40Q0lMakJDMEhfU2JfNHRETFBqXzBsUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjQyOEMvNDQ5QkE1MDYxREEwMTFFMkI2RDg3MDkxMDhCMDJDRDIvODg1MkREREVC RUQ0MTFFQ0JBNjYwMjVCQzRGOUFFMDIucm9hMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMAj2AwDQYJKoZIhvcNAQELBQADggEBAIkXTr5nnjcJu59QJ22UVf45 l/TKrAcQnNKaIFKNPEi188p7A9tw9kNceOMZWg+BOodRdEojPkMVbzLKjkP9R9XD N5w3wJc1+bPe/ljcjsb9fHeiZ0ilkZGktSuiMq+gVttxEAMgqgTMKbVjohU1ApYM Vt8oioEDsX/2YpyKmufswmMDRqWB79Fb01E+Ca2BiKyZ0q3t61OwbhU1VdYGfs4Q dujUf4a1WqE+hSHtHkuMANwZExUAuCpFzrLBAX6YaKardHfac58j55BtZl7wU9WM 70gcSc+YAY6zgwRxZUx1201mYvizc2wloHLTkBrxSvXJgtGPbuxxcORR70C7Yvw= -----END CERTIFICATE-----Generated at Mon Mar 2 09:13:49 2026 by rpki-client