$ rpki-client -vvf rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/232F9552F80D11F0AED4E007706F56BC.roa File: 232F9552F80D11F0AED4E007706F56BC.roa (raw, json) Hash identifier: 1VQhLb/1DZcPUazmrGPc7TJ13JYFfVY10cAzsAWEN8k= Subject key identifier: 93:C5:21:85:84:C5:00:A0:38:FF:A7:E1:91:AC:FC:D8:5B:90:D3:05 Certificate issuer: /CN=A917B520/serialNumber=542B94D8625CF711964FD13741295D27AD7A9004 Certificate serial: 0293 Authority key identifier: 54:2B:94:D8:62:5C:F7:11:96:4F:D1:37:41:29:5D:27:AD:7A:90:04 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VCuU2GJc9xGWT9E3QSldJ616kAQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/232F9552F80D11F0AED4E007706F56BC.roa Signing time: Sun 01 Mar 2026 18:04:35 +0000 ROA not before: Fri 23 Jan 2026 03:40:44 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 150436 IP address blocks: 101.47.0.0/18 maxlen: 24 101.47.64.0/20 maxlen: 24 101.47.80.0/20 maxlen: 23 101.47.80.0/21 maxlen: 24 101.47.88.0/22 maxlen: 24 101.47.92.0/23 maxlen: 24 101.47.95.0/24 maxlen: 24 101.47.96.0/21 maxlen: 24 101.47.128.0/18 maxlen: 24 101.47.253.0/24 maxlen: 24 150.5.128.0/17 maxlen: 24 163.7.0.0/17 maxlen: 24 163.7.160.0/19 maxlen: 24 163.7.192.0/18 maxlen: 24 202.52.224.0/21 maxlen: 24 202.52.252.0/22 maxlen: 24 203.147.192.0/19 maxlen: 24 2401:4c20::/40 maxlen: 44 2401:4c20:100::/40 maxlen: 40 2401:4c20:200::/40 maxlen: 44 2401:4c20:300::/40 maxlen: 44 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/VCuU2GJc9xGWT9E3QSldJ616kAQ.crl rsync://rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/VCuU2GJc9xGWT9E3QSldJ616kAQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VCuU2GJc9xGWT9E3QSldJ616kAQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 01:08:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 659 (0x293) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917B520, serialNumber=542B94D8625CF711964FD13741295D27AD7A9004 Validity Not Before: Jan 23 03:40:44 2026 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=69a47fb3-2fc3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:88:e0:e7:c8:e7:48:5c:57:db:3a:f5:ca:64:81: cd:2d:6f:2f:20:73:31:db:fa:ac:62:78:d7:64:ff: a8:7c:52:80:31:15:5d:e1:5f:4f:24:5e:82:56:23: 6b:2c:2a:02:18:82:3e:86:12:4e:a2:c5:6e:35:81: 58:24:8f:2d:4f:45:fb:41:6f:83:9f:fc:37:09:53: 4d:9e:ac:aa:1d:f6:ab:5b:df:8e:7d:50:0a:bf:52: a4:1f:cb:e7:04:f6:ec:12:1d:32:43:c9:49:87:52: ca:7a:c3:91:e2:86:58:6c:ca:be:81:93:55:07:61: 84:fa:51:0d:ac:87:6b:23:36:63:00:cb:3d:9e:7b: a8:66:91:35:5c:6f:4d:e4:cc:f4:0c:c2:94:98:68: d9:df:01:4e:13:40:55:c4:99:7a:4f:a3:91:29:11: 43:b8:e9:fe:a5:40:57:cb:23:c0:d2:4c:dc:5d:4b: 25:5d:9b:7d:89:76:86:9e:c9:ac:f3:10:5a:17:c4: bd:ad:5b:52:ac:e1:c5:e8:d4:30:f3:50:29:e2:46: 64:31:c9:de:ee:50:7c:51:4d:ec:42:81:5a:3f:df: da:6c:c7:b9:29:bd:92:a7:89:12:fe:b2:6f:38:6f: f7:8f:b7:ee:97:b3:95:71:58:c8:5e:e9:8d:5d:8d: 84:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:C5:21:85:84:C5:00:A0:38:FF:A7:E1:91:AC:FC:D8:5B:90:D3:05 X509v3 Authority Key Identifier: keyid:54:2B:94:D8:62:5C:F7:11:96:4F:D1:37:41:29:5D:27:AD:7A:90:04 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/VCuU2GJc9xGWT9E3QSldJ616kAQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VCuU2GJc9xGWT9E3QSldJ616kAQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/232F9552F80D11F0AED4E007706F56BC.roa sbgp-ipAddrBlock: critical IPv4: 101.47.0.0-101.47.103.255 101.47.128.0/18 101.47.253.0/24 150.5.128.0/17 163.7.0.0/17 163.7.160.0-163.7.255.255 202.52.224.0/21 202.52.252.0/22 203.147.192.0/19 IPv6: 2401:4c20::/38 Signature Algorithm: sha256WithRSAEncryption 57:2a:92:a2:6c:89:1a:52:7e:17:94:d7:42:f5:72:f0:b0:0c: 1d:84:ac:71:2f:22:6a:b8:67:5c:20:ff:61:2e:d4:d2:40:da: d2:a0:6e:d1:72:43:36:2c:af:a5:68:48:a0:1d:be:a6:43:6d: d4:51:ff:e4:76:26:dd:cd:68:93:2c:66:dc:b8:e8:72:33:54: a4:c5:ac:39:81:7a:42:92:d1:2c:dc:65:48:20:14:b7:f9:94: 7b:75:93:17:f9:b0:72:3e:fd:22:98:c9:0a:98:8e:6f:0e:62: db:39:21:bf:7d:77:1b:fc:0d:f5:12:6c:a3:24:13:6f:ab:c7: 05:1b:4b:7a:90:92:61:31:30:80:2f:24:df:78:71:7b:88:a1: 0b:da:14:f9:73:bf:d4:3a:26:ff:ac:ef:47:ab:7a:86:75:1d: 69:4e:1a:3d:c9:19:13:87:66:3a:92:5e:bd:d5:be:4e:89:d4: 18:39:0d:d5:df:8b:3d:27:01:29:05:0e:72:4b:b2:db:c2:5e: a5:d6:1d:3d:08:b8:7b:69:0e:c7:97:d3:50:c5:2a:2a:89:9a: 5f:41:a7:29:d2:f2:6b:2a:5f:60:2e:d3:5e:10:c4:61:00:12: f9:82:52:64:bb:7f:1f:7a:0a:49:f1:ef:e8:34:6a:f2:64:83: f1:f8:ad:0d -----BEGIN CERTIFICATE----- MIIFijCCBHKgAwIBAgICApMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0I1MjAxMTAvBgNVBAUTKDU0MkI5NEQ4NjI1Q0Y3MTE5NjRGRDEzNzQxMjk1RDI3 QUQ3QTkwMDQwHhcNMjYwMTIzMDM0MDQ0WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0N2ZiMy0yZmMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAiODnyOdIXFfbOvXKZIHNLW8vIHMx2/qsYnjXZP+ofFKAMRVd4V9PJF6CViNr LCoCGII+hhJOosVuNYFYJI8tT0X7QW+Dn/w3CVNNnqyqHfarW9+OfVAKv1KkH8vn BPbsEh0yQ8lJh1LKesOR4oZYbMq+gZNVB2GE+lENrIdrIzZjAMs9nnuoZpE1XG9N 5Mz0DMKUmGjZ3wFOE0BVxJl6T6ORKRFDuOn+pUBXyyPA0kzcXUslXZt9iXaGnsms 8xBaF8S9rVtSrOHF6NQw81Ap4kZkMcne7lB8UU3sQoFaP9/abMe5Kb2Sp4kS/rJv OG/3j7ful7OVcVjIXumNXY2E3wIDAQABo4ICrjCCAqowHQYDVR0OBBYEFJPFIYWE xQCgOP+n4ZGs/NhbkNMFMB8GA1UdIwQYMBaAFFQrlNhiXPcRlk/RN0EpXSetepAE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QjUyMC8xNjFENEMwQUU0 Q0ExMUVEQTQxNEUyNTlDNEY5QUUwMi9WQ3VVMkdKYzl4R1dUOUUzUVNsZEo2MTZr QVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1ZDdVUyR0pjOXhHV1Q5RTNRU2xkSjYxNmtBUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0I1MjAvMTYxRDRDMEFFNENBMTFFREE0MTRFMjU5QzRGOUFFMDIvMjMyRjk1NTJG ODBEMTFGMEFFRDRFMDA3NzA2RjU2QkMucm9hMG0GCCsGAQUFBwEHAQH/BF4wXDBK BAIAATBEMAsDAwBlLwMEA2UvYAMEBmUvgAMEAGUv/QMEB5YFgAMEB6MHADALAwQF owegAwMDowADBAPKNOADBALKNPwDBAXLk8AwDgQCAAIwCAMGAiQBTCAAMA0GCSqG SIb3DQEBCwUAA4IBAQBXKpKibIkaUn4XlNdC9XLwsAwdhKxxLyJquGdcIP9hLtTS QNrSoG7RckM2LK+laEigHb6mQ23UUf/kdibdzWiTLGbcuOhyM1Skxaw5gXpCktEs 3GVIIBS3+ZR7dZMX+bByPv0imMkKmI5vDmLbOSG/fXcb/A31EmyjJBNvq8cFG0t6 kJJhMTCALyTfeHF7iKEL2hT5c7/UOib/rO9Hq3qGdR1pTho9yRkTh2Y6kl691b5O idQYOQ3V34s9JwEpBQ5yS7Lbwl6l1h09CLh7aQ7Hl9NQxSoqiZpfQacp0vJrKl9g LtNeEMRhABL5glJku38fegpJ8e/oNGryZIPx+K0N -----END CERTIFICATE-----Generated at Mon Mar 2 08:58:21 2026 by rpki-client