$ rpki-client -vvf rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/F2A462E66B6C11F0B453B656C4F9AE02.roa File: F2A462E66B6C11F0B453B656C4F9AE02.roa (raw, json) Hash identifier: HMcEW/S22FGTvhiPakps8LsqQxXUXp8fWhqX+TVm2Vw= Subject key identifier: 1B:59:C1:45:FF:A2:19:5D:C9:C5:BB:77:D0:E8:94:A2:9D:8E:48:2A Certificate issuer: /CN=A91A546E/serialNumber=6C5A589F924CE9BED1FD89F5AFF630C927574420 Certificate serial: 09BE Authority key identifier: 6C:5A:58:9F:92:4C:E9:BE:D1:FD:89:F5:AF:F6:30:C9:27:57:44:20 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bFpYn5JM6b7R_Yn1r_YwySdXRCA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/F2A462E66B6C11F0B453B656C4F9AE02.roa Signing time: Sun 01 Mar 2026 17:41:06 +0000 ROA not before: Sat 20 Dec 2025 20:17:03 +0000 ROA not after: Tue 02 Mar 2027 00:00:00 +0000 asID: 10207 IP address blocks: 101.234.128.0/23 maxlen: 24 101.234.130.0/23 maxlen: 24 101.234.135.0/24 maxlen: 24 101.234.138.0/23 maxlen: 24 101.234.155.0/24 maxlen: 24 101.234.159.0/24 maxlen: 24 101.234.160.0/24 maxlen: 24 101.234.170.0/24 maxlen: 24 101.234.171.0/24 maxlen: 24 114.111.152.0/23 maxlen: 24 114.111.154.0/23 maxlen: 24 122.100.5.0/24 maxlen: 24 122.100.12.0/23 maxlen: 24 2406:5800:1000::/40 maxlen: 48 2406:5800:1100::/40 maxlen: 48 2406:5800:1200::/40 maxlen: 48 2406:5800:1300::/40 maxlen: 48 2406:5800:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.crl rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bFpYn5JM6b7R_Yn1r_YwySdXRCA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 03:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2494 (0x9be) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A546E, serialNumber=6C5A589F924CE9BED1FD89F5AFF630C927574420 Validity Not Before: Dec 20 20:17:03 2025 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=69a47a32-f3ea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:0a:d2:84:37:f7:34:74:7d:9d:e1:8b:49:a3: 70:57:15:dd:78:ca:0d:18:15:d6:a5:25:f2:24:91: 5c:9e:cc:64:cf:6f:52:b3:0a:4c:56:83:fb:32:11: a5:d0:37:f9:58:81:59:75:67:6f:5c:bd:2d:d3:ab: f0:c8:56:24:d5:75:c8:6b:b7:6f:d3:bf:a8:0f:27: 79:48:6e:ae:9a:15:c0:e4:ee:72:8d:1f:e5:ec:8b: be:93:ad:c4:af:e2:d4:06:53:8e:75:9f:39:21:4d: bc:14:9d:a5:0d:b8:31:83:31:ea:88:c5:d0:78:ab: 7f:cb:6a:97:5b:04:61:b2:8d:0a:12:a6:6b:86:43: 63:4f:c4:04:1a:10:ac:a4:28:3a:d7:a8:d2:db:d8: c6:e2:27:aa:ac:ad:14:b6:22:95:d3:bf:78:52:c9: dd:0f:b2:a0:34:f5:1b:1c:80:19:f7:3a:76:55:39: 72:60:e4:a2:6d:17:25:ce:0a:be:df:da:94:79:e9: 48:ff:55:00:db:70:fd:0e:a4:0e:ae:b1:2c:97:ae: 8d:c7:ce:65:d8:d1:a8:98:4d:be:bf:6e:72:f1:38: 30:70:dd:9d:54:4d:0e:bf:53:3b:7a:bb:2d:df:4f: 2d:f3:47:18:d5:c5:bf:be:e7:c2:b9:78:f4:50:66: 69:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:59:C1:45:FF:A2:19:5D:C9:C5:BB:77:D0:E8:94:A2:9D:8E:48:2A X509v3 Authority Key Identifier: keyid:6C:5A:58:9F:92:4C:E9:BE:D1:FD:89:F5:AF:F6:30:C9:27:57:44:20 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bFpYn5JM6b7R_Yn1r_YwySdXRCA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/F2A462E66B6C11F0B453B656C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 101.234.128.0/22 101.234.135.0/24 101.234.138.0/23 101.234.155.0/24 101.234.159.0-101.234.160.255 101.234.170.0/23 114.111.152.0/22 122.100.5.0/24 122.100.12.0/23 IPv6: 2406:5800:1000::/38 2406:5800:ff00::/48 Signature Algorithm: sha256WithRSAEncryption 61:af:e4:a5:f7:53:eb:14:3c:fd:ac:f6:99:b0:49:d4:79:bb: 21:02:2f:11:79:0a:71:ad:7b:7f:7a:a5:8a:e8:97:25:fe:ba: 90:ad:25:02:dc:05:23:df:46:80:5a:d4:64:e0:7f:60:bb:ba: f8:5b:5a:7e:f9:03:c5:33:ca:2b:15:b9:52:bf:cb:34:0e:35: ee:6b:27:db:36:f5:8d:8d:ef:d2:42:2f:6a:c8:2b:b5:06:a3: 43:b0:fa:6d:02:d8:b5:ab:db:00:35:54:51:92:18:d1:45:6e: 6f:1c:a0:c6:c1:93:d1:50:bd:b4:95:13:13:af:50:4f:f8:a9: 71:05:24:06:98:f6:06:44:21:92:9c:64:9a:c2:d0:7e:af:99: b7:27:b3:03:ed:5b:42:06:a9:20:02:4e:76:3e:0e:2e:a4:1a: f4:04:d7:b1:48:d9:c8:c4:c2:be:ee:0b:ab:22:28:9f:68:1e: fc:97:cc:a2:f2:cc:a2:6e:2e:37:25:21:6e:a5:f8:4b:19:09: ba:14:bd:f2:00:9e:5f:94:e0:db:68:8d:17:3d:92:19:c5:d6: 05:68:ff:16:ad:32:a3:72:0b:02:26:b8:f4:3a:d8:34:31:e1: 04:c5:dd:04:dd:54:3f:b6:8e:d2:f7:0f:37:de:b2:53:08:68: 2b:23:95:60 -----BEGIN CERTIFICATE----- MIIFjTCCBHWgAwIBAgICCb4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU0NkUxMTAvBgNVBAUTKDZDNUE1ODlGOTI0Q0U5QkVEMUZEODlGNUFGRjYzMEM5 Mjc1NzQ0MjAwHhcNMjUxMjIwMjAxNzAzWhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0N2EzMi1mM2VhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAkwrShDf3NHR9neGLSaNwVxXdeMoNGBXWpSXyJJFcnsxkz29SswpMVoP7MhGl 0Df5WIFZdWdvXL0t06vwyFYk1XXIa7dv07+oDyd5SG6umhXA5O5yjR/l7Iu+k63E r+LUBlOOdZ85IU28FJ2lDbgxgzHqiMXQeKt/y2qXWwRhso0KEqZrhkNjT8QEGhCs pCg616jS29jG4ieqrK0UtiKV0794UsndD7KgNPUbHIAZ9zp2VTlyYOSibRclzgq+ 39qUeelI/1UA23D9DqQOrrEsl66Nx85l2NGomE2+v25y8TgwcN2dVE0Ov1M7erst 308t80cY1cW/vufCuXj0UGZp3QIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFBtZwUX/ ohldycW7d9DolKKdjkgqMB8GA1UdIwQYMBaAFGxaWJ+STOm+0f2J9a/2MMknV0Qg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTQ2RS8wQ0Q0MURBOEI3 NkExMUVBODE0RjUwODRDNEY5QUUwMi9iRnBZbjVKTTZiN1JfWW4xcl9Zd3lTZFhS Q0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2JGcFluNUpNNmI3Ul9ZbjFyX1l3eVNkWFJDQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTU0NkUvMENENDFEQThCNzZBMTFFQTgxNEY1MDg0QzRGOUFFMDIvRjJBNDYyRTY2 QjZDMTFGMEI0NTNCNjU2QzRGOUFFMDIucm9hMHAGCCsGAQUFBwEHAQH/BGEwXzBE BAIAATA+AwQCZeqAAwQAZeqHAwQBZeqKAwQAZeqbMAwDBABl6p8DBABl6qADBAFl 6qoDBAJyb5gDBAB6ZAUDBAF6ZAwwFwQCAAIwEQMGAiQGWAAQAwcAJAZYAP8AMA0G CSqGSIb3DQEBCwUAA4IBAQBhr+Sl91PrFDz9rPaZsEnUebshAi8ReQpxrXt/eqWK 6Jcl/rqQrSUC3AUj30aAWtRk4H9gu7r4W1p++QPFM8orFblSv8s0DjXuayfbNvWN je/SQi9qyCu1BqNDsPptAti1q9sANVRRkhjRRW5vHKDGwZPRUL20lRMTr1BP+Klx BSQGmPYGRCGSnGSawtB+r5m3J7MD7VtCBqkgAk52Pg4upBr0BNexSNnIxMK+7gur IiifaB78l8yi8syibi43JSFupfhLGQm6FL3yAJ5flODbaI0XPZIZxdYFaP8WrTKj cgsCJrj0Otg0MeEExd0E3VQ/to7S9w833rJTCGgrI5Vg -----END CERTIFICATE-----Generated at Mon Mar 2 10:55:52 2026 by rpki-client