$ rpki-client -vvf rpki.apnic.net/member_repository/A91356BB/5CEA549416D511ECA7F3F46AC4F9AE02/D8CA5BF0D91811EFA4F02F4EC4F9AE02.roa File: D8CA5BF0D91811EFA4F02F4EC4F9AE02.roa (raw, json) Hash identifier: XBM3DlKoBDVofgPqbooQZ6dKrRlGCNt1SrNFpBQtq4Y= Subject key identifier: E1:E1:36:D7:EA:B7:BD:94:4F:87:39:C0:B9:4D:B2:A3:7E:7C:EE:63 Certificate issuer: /CN=A91356BB/serialNumber=2CCA13540F013B93B23C9DF14D9617DA40CB2677 Certificate serial: 05DD Authority key identifier: 2C:CA:13:54:0F:01:3B:93:B2:3C:9D:F1:4D:96:17:DA:40:CB:26:77 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LMoTVA8BO5OyPJ3xTZYX2kDLJnc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91356BB/5CEA549416D511ECA7F3F46AC4F9AE02/D8CA5BF0D91811EFA4F02F4EC4F9AE02.roa Signing time: Mon 18 May 2026 23:28:57 +0000 ROA not before: Mon 18 May 2026 23:28:57 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16509 IP address blocks: 203.20.192.0/24 maxlen: 24 203.20.193.0/24 maxlen: 24 203.20.194.0/24 maxlen: 24 203.20.195.0/24 maxlen: 24 203.20.196.0/24 maxlen: 24 203.20.198.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91356BB/5CEA549416D511ECA7F3F46AC4F9AE02/LMoTVA8BO5OyPJ3xTZYX2kDLJnc.crl rsync://rpki.apnic.net/member_repository/A91356BB/5CEA549416D511ECA7F3F46AC4F9AE02/LMoTVA8BO5OyPJ3xTZYX2kDLJnc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LMoTVA8BO5OyPJ3xTZYX2kDLJnc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 19 Jun 2026 23:10:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1501 (0x5dd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91356BB, serialNumber=2CCA13540F013B93B23C9DF14D9617DA40CB2677 Validity Not Before: May 18 23:28:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6a0ba0b8-a9e7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:d3:71:d6:92:6d:4b:26:62:e2:0c:cb:48:c4: 65:1a:6c:d4:00:f5:b3:24:3f:83:0e:b2:62:0d:ad: d3:77:04:72:a0:ec:0c:45:c6:fd:43:47:8e:37:b0: 6b:9d:5d:b6:73:fd:bd:a4:c1:1c:98:cf:5b:30:1b: f1:f1:66:2b:34:07:59:18:b2:77:d5:ac:35:ad:a5: 21:57:ed:27:86:fb:cb:c5:3f:0d:0d:07:29:dd:11: 30:b7:16:0e:98:6a:65:dc:dd:24:4a:42:1b:23:1a: f3:35:d5:6f:9a:c0:ab:4c:37:c9:21:a7:f3:b8:99: 3a:f1:73:d3:65:e5:47:e0:a7:4a:9b:8c:f1:26:aa: b9:0c:cd:f3:a8:fd:ea:33:4c:4b:a3:12:16:3b:0b: 27:47:40:cc:4c:f6:a5:b6:12:c2:df:84:02:56:a9: 90:a1:11:5e:4f:87:e2:7a:1e:44:9a:71:6b:79:0f: da:19:23:0d:b8:08:e1:c7:93:90:18:af:c9:3e:6a: 57:ca:78:99:ec:bf:c9:02:ac:5f:8e:db:80:9c:52: 0e:43:9a:e5:98:f5:14:24:05:a3:b0:aa:98:e8:5c: e5:14:c9:53:e9:a6:1c:cc:60:75:65:b8:c3:80:58: 46:9d:2e:50:27:28:1d:72:37:30:16:fb:04:35:f6: ce:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:E1:36:D7:EA:B7:BD:94:4F:87:39:C0:B9:4D:B2:A3:7E:7C:EE:63 X509v3 Authority Key Identifier: keyid:2C:CA:13:54:0F:01:3B:93:B2:3C:9D:F1:4D:96:17:DA:40:CB:26:77 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91356BB/5CEA549416D511ECA7F3F46AC4F9AE02/LMoTVA8BO5OyPJ3xTZYX2kDLJnc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LMoTVA8BO5OyPJ3xTZYX2kDLJnc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91356BB/5CEA549416D511ECA7F3F46AC4F9AE02/D8CA5BF0D91811EFA4F02F4EC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 203.20.192.0-203.20.196.255 203.20.198.0/24 Signature Algorithm: sha256WithRSAEncryption 90:de:7b:41:b2:0c:0e:3f:f0:e1:ce:a3:65:b4:5c:8f:82:6d: a2:e6:6c:57:b0:85:f1:dc:ea:32:c7:92:b2:d1:ba:5a:77:81: 7f:2a:d7:49:6a:6f:db:71:b3:1a:7f:55:c4:b3:f0:5c:a2:7c: 91:54:f1:ad:71:98:17:90:38:36:cb:f3:5d:48:c0:6b:44:5f: 2d:22:48:a6:30:99:47:23:45:47:0d:0e:2e:5c:72:83:47:f8: f3:15:eb:3f:40:00:91:84:b6:b7:1f:8f:84:f9:df:2f:a6:f9: 17:b8:f5:69:e2:ff:19:d9:b0:0c:38:39:5c:b5:01:ea:54:3f: 24:aa:7e:2f:06:ae:99:be:c5:ab:55:35:7b:00:c8:5b:e7:14: 5d:b1:f2:96:11:ab:46:dd:c2:83:82:6a:7f:68:39:8a:fc:56: d0:55:de:6d:25:b8:f9:c8:7c:9d:2b:91:41:b9:61:0f:fa:34: ba:6f:54:4e:8e:88:cd:70:0d:5d:4b:50:7d:21:d6:b5:eb:b6: d5:f5:83:fd:e2:87:22:ff:48:54:8a:0a:3b:d8:c4:89:70:8c: 0d:c6:cd:99:22:8b:e8:c8:46:40:6a:86:3e:be:de:e8:9e:5f: d4:f8:a8:1e:1c:06:99:90:15:44:00:51:dc:ee:19:ec:37:47: 00:c3:66:ae -----BEGIN CERTIFICATE----- MIIFSjCCBDKgAwIBAgICBd0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzU2QkIxMTAvBgNVBAUTKDJDQ0ExMzU0MEYwMTNCOTNCMjNDOURGMTREOTYxN0RB NDBDQjI2NzcwHhcNMjYwNTE4MjMyODU3WhcNMjcwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02YTBiYTBiOC1hOWU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4tNx1pJtSyZi4gzLSMRlGmzUAPWzJD+DDrJiDa3TdwRyoOwMRcb9Q0eON7Br nV22c/29pMEcmM9bMBvx8WYrNAdZGLJ31aw1raUhV+0nhvvLxT8NDQcp3REwtxYO mGpl3N0kSkIbIxrzNdVvmsCrTDfJIafzuJk68XPTZeVH4KdKm4zxJqq5DM3zqP3q M0xLoxIWOwsnR0DMTPalthLC34QCVqmQoRFeT4fieh5EmnFreQ/aGSMNuAjhx5OQ GK/JPmpXyniZ7L/JAqxfjtuAnFIOQ5rlmPUUJAWjsKqY6FzlFMlT6aYczGB1ZbjD gFhGnS5QJygdcjcwFvsENfbO9wIDAQABo4ICbjCCAmowHQYDVR0OBBYEFOHhNtfq t72UT4c5wLlNsqN+fO5jMB8GA1UdIwQYMBaAFCzKE1QPATuTsjyd8U2WF9pAyyZ3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNTZCQi81Q0VBNTQ5NDE2 RDUxMUVDQTdGM0Y0NkFDNEY5QUUwMi9MTW9UVkE4Qk81T3lQSjN4VFpZWDJrRExK bmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xNb1RWQThCTzVPeVBKM3hUWllYMmtETEpuYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzU2QkIvNUNFQTU0OTQxNkQ1MTFFQ0E3RjNGNDZBQzRGOUFFMDIvRDhDQTVCRjBE OTE4MTFFRkE0RjAyRjRFQzRGOUFFMDIucm9hMC0GCCsGAQUFBwEHAQH/BB4wHDAa BAIAATAUMAwDBAbLFMADBADLFMQDBADLFMYwDQYJKoZIhvcNAQELBQADggEBAJDe e0GyDA4/8OHOo2W0XI+CbaLmbFewhfHc6jLHkrLRulp3gX8q10lqb9txsxp/VcSz 8FyifJFU8a1xmBeQODbL811IwGtEXy0iSKYwmUcjRUcNDi5ccoNH+PMV6z9AAJGE trcfj4T53y+m+Re49Wni/xnZsAw4OVy1AepUPySqfi8Grpm+xatVNXsAyFvnFF2x 8pYRq0bdwoOCan9oOYr8VtBV3m0luPnIfJ0rkUG5YQ/6NLpvVE6OiM1wDV1LUH0h 1rXrttX1g/3ihyL/SFSKCjvYxIlwjA3GzZkii+jIRkBqhj6+3uieX9T4qB4cBpmQ FUQAUdzuGew3RwDDZq4= -----END CERTIFICATE-----Generated at Sat Jun 13 11:16:58 2026 by rpki-client