$ rpki-client -vvf rpki.apnic.net/member_repository/A91A03CB/81D9E4A01D9611E2AAC2147F08B02CD2/ABF3C76E0C4B11EF87D4886FC4F9AE02.roa File: ABF3C76E0C4B11EF87D4886FC4F9AE02.roa (raw, json) Hash identifier: r4Nk4/HNlZ5UILj9rqZCLRnsXQwXsj9IgRSHKtUZq+8= Subject key identifier: FA:A1:1D:DA:AD:C4:E8:4C:30:59:E7:F3:6C:F4:D2:E8:23:F8:36:5D Certificate issuer: /CN=A91A03CB/serialNumber=85ABF8480C909638BDCCA653AF1E690F572B23E1 Certificate serial: 352E Authority key identifier: 85:AB:F8:48:0C:90:96:38:BD:CC:A6:53:AF:1E:69:0F:57:2B:23:E1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hav4SAyQlji9zKZTrx5pD1crI-E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A03CB/81D9E4A01D9611E2AAC2147F08B02CD2/ABF3C76E0C4B11EF87D4886FC4F9AE02.roa Signing time: Sun 01 Mar 2026 13:35:38 +0000 ROA not before: Tue 02 Dec 2025 15:12:00 +0000 ROA not after: Sun 31 Jan 2027 00:00:00 +0000 asID: 24107 IP address blocks: 202.49.120.0/24 maxlen: 24 202.49.121.0/24 maxlen: 24 202.164.28.0/22 maxlen: 22 202.164.28.0/23 maxlen: 23 202.164.28.0/24 maxlen: 24 202.164.29.0/24 maxlen: 24 202.164.30.0/23 maxlen: 23 202.164.30.0/24 maxlen: 24 202.164.31.0/24 maxlen: 24 2406:3d00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A03CB/81D9E4A01D9611E2AAC2147F08B02CD2/hav4SAyQlji9zKZTrx5pD1crI-E.crl rsync://rpki.apnic.net/member_repository/A91A03CB/81D9E4A01D9611E2AAC2147F08B02CD2/hav4SAyQlji9zKZTrx5pD1crI-E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hav4SAyQlji9zKZTrx5pD1crI-E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 14:53:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13614 (0x352e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A03CB, serialNumber=85ABF8480C909638BDCCA653AF1E690F572B23E1 Validity Not Before: Dec 2 15:12:00 2025 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=69a440a9-7627 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:ea:91:b0:67:33:0b:61:39:4d:04:40:c2:b7: 37:7d:26:b7:a8:66:a3:f6:32:3e:29:af:db:de:01: 53:f8:bf:f0:2f:c8:ff:10:bd:a7:b2:bf:19:98:12: dc:97:7c:71:ae:7b:b1:3a:2b:79:33:08:98:60:5c: c4:d9:20:f8:6a:38:65:b3:1f:5c:54:72:2b:21:f4: d9:f5:30:17:91:56:79:b8:29:c2:fe:d0:74:3f:c2: 62:49:00:3b:32:53:91:c5:5d:8e:f2:f0:c5:53:4c: da:76:fe:90:7c:03:71:25:a9:96:96:f2:22:b1:70: 93:d6:b4:76:17:ee:1a:50:de:b4:e4:70:32:88:9f: ff:48:10:1c:8f:58:51:9f:e2:f1:44:b4:71:3b:9b: ff:6e:d2:5f:7f:be:dc:0e:46:43:ef:03:8b:2b:fc: f7:9c:8d:7e:28:c0:3e:77:db:f7:23:81:9f:f4:5a: c0:3d:a7:29:ee:25:17:ff:67:98:87:ec:cf:07:e3: 0f:24:11:83:32:94:78:2d:c9:c3:d4:22:ad:64:39: 11:8d:bc:cc:f0:0b:62:97:7e:c7:f4:97:b3:27:ff: 58:37:81:1e:12:4c:8a:4e:55:8a:46:2a:a6:57:ce: 6b:2a:6f:ee:2b:6f:1e:7c:47:c0:a6:bb:20:f8:53: eb:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:A1:1D:DA:AD:C4:E8:4C:30:59:E7:F3:6C:F4:D2:E8:23:F8:36:5D X509v3 Authority Key Identifier: keyid:85:AB:F8:48:0C:90:96:38:BD:CC:A6:53:AF:1E:69:0F:57:2B:23:E1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A03CB/81D9E4A01D9611E2AAC2147F08B02CD2/hav4SAyQlji9zKZTrx5pD1crI-E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hav4SAyQlji9zKZTrx5pD1crI-E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A03CB/81D9E4A01D9611E2AAC2147F08B02CD2/ABF3C76E0C4B11EF87D4886FC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 202.49.120.0/23 202.164.28.0/22 IPv6: 2406:3d00::/32 Signature Algorithm: sha256WithRSAEncryption 58:46:98:c0:75:eb:0c:a1:8c:23:bc:8b:8f:02:7b:e2:53:4a: 9a:e5:0e:4f:3c:25:46:9f:1f:d2:8b:33:b5:b4:6d:65:ec:c3: 4e:60:01:06:f4:fc:7c:eb:c8:7f:f4:48:1b:ba:d9:18:e2:a8: ff:60:39:34:43:69:e5:35:cf:a5:b0:30:7e:58:7b:e7:60:46: 5b:a4:91:01:8d:f1:b3:ee:27:f5:73:f0:38:d6:ab:94:48:a3: 2d:0b:b9:04:b7:14:12:0f:32:78:a7:a0:82:43:13:dd:00:34: 46:1d:bc:db:6d:53:5c:57:d4:48:ac:8f:27:2d:01:e3:7b:be: 9a:86:b1:be:e0:e7:a5:d3:9a:6d:8b:86:c3:01:a3:f2:45:0f: 92:63:76:de:55:f0:63:c3:07:50:46:1a:01:96:ab:2a:03:cd: da:55:45:36:3c:73:b6:bc:bb:dd:fa:6a:3c:b1:ca:b3:a1:0e: 63:d0:b0:49:d7:aa:05:cb:49:af:5e:6a:66:16:82:77:78:7f: 0f:61:9b:4a:1b:46:47:50:eb:22:3b:b4:3d:47:80:79:0c:90: 50:60:2f:11:8d:bc:47:40:64:a1:8e:b9:71:8c:6b:b7:b5:2a: c7:cc:53:61:d8:c8:87:37:2e:43:6a:40:bb:45:71:eb:e2:e9: 9e:b8:c2:13 -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgICNS4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTAzQ0IxMTAvBgNVBAUTKDg1QUJGODQ4MEM5MDk2MzhCRENDQTY1M0FGMUU2OTBG NTcyQjIzRTEwHhcNMjUxMjAyMTUxMjAwWhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NDBhOS03NjI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1uqRsGczC2E5TQRAwrc3fSa3qGaj9jI+Ka/b3gFT+L/wL8j/EL2nsr8ZmBLc l3xxrnuxOit5MwiYYFzE2SD4ajhlsx9cVHIrIfTZ9TAXkVZ5uCnC/tB0P8JiSQA7 MlORxV2O8vDFU0zadv6QfANxJamWlvIisXCT1rR2F+4aUN605HAyiJ//SBAcj1hR n+LxRLRxO5v/btJff77cDkZD7wOLK/z3nI1+KMA+d9v3I4Gf9FrAPacp7iUX/2eY h+zPB+MPJBGDMpR4LcnD1CKtZDkRjbzM8Atil37H9JezJ/9YN4EeEkyKTlWKRiqm V85rKm/uK28efEfAprsg+FPrCwIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFPqhHdqt xOhMMFnn82z00ugj+DZdMB8GA1UdIwQYMBaAFIWr+EgMkJY4vcymU68eaQ9XKyPh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDNDQi84MUQ5RTRBMDFE OTYxMUUyQUFDMjE0N0YwOEIwMkNEMi9oYXY0U0F5UWxqaTl6S1pUcng1cEQxY3JJ LUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hhdjRTQXlRbGppOXpLWlRyeDVwRDFjckktRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTAzQ0IvODFEOUU0QTAxRDk2MTFFMkFBQzIxNDdGMDhCMDJDRDIvQUJGM0M3NkUw QzRCMTFFRjg3RDQ4ODZGQzRGOUFFMDIucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS BAIAATAMAwQByjF4AwQCyqQcMA0EAgACMAcDBQAkBj0AMA0GCSqGSIb3DQEBCwUA A4IBAQBYRpjAdesMoYwjvIuPAnviU0qa5Q5PPCVGnx/SizO1tG1l7MNOYAEG9Px8 68h/9EgbutkY4qj/YDk0Q2nlNc+lsDB+WHvnYEZbpJEBjfGz7if1c/A41quUSKMt C7kEtxQSDzJ4p6CCQxPdADRGHbzbbVNcV9RIrI8nLQHje76ahrG+4Oel05pti4bD AaPyRQ+SY3beVfBjwwdQRhoBlqsqA83aVUU2PHO2vLvd+mo8scqzoQ5j0LBJ16oF y0mvXmpmFoJ3eH8PYZtKG0ZHUOsiO7Q9R4B5DJBQYC8RjbxHQGShjrlxjGu3tSrH zFNh2MiHNy5DakC7RXHr4umeuMIT -----END CERTIFICATE-----Generated at Mon Mar 2 17:55:45 2026 by rpki-client