$ rpki-client -vvf rpki.apnic.net/member_repository/A91A9CBB/D53BD14615B111F0A2774A09C4F9AE02/2A8C8F02198E11F09D302145C4F9AE02.roa File: 2A8C8F02198E11F09D302145C4F9AE02.roa (raw, json) Hash identifier: P98MLa//N/AtsKsIaeAkQnM7+Sh5w9q7o4QngCybDKA= Subject key identifier: B4:04:E7:9D:FD:5B:E6:B1:A4:CF:43:99:9F:25:75:4A:82:AA:85:C4 Certificate issuer: /CN=A91A9CBB/serialNumber=FC24F539074787ECEAB00C242606C2BD68819A0D Certificate serial: A9 Authority key identifier: FC:24:F5:39:07:47:87:EC:EA:B0:0C:24:26:06:C2:BD:68:81:9A:0D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_CT1OQdHh-zqsAwkJgbCvWiBmg0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A9CBB/D53BD14615B111F0A2774A09C4F9AE02/2A8C8F02198E11F09D302145C4F9AE02.roa Signing time: Sun 01 Mar 2026 08:07:03 +0000 ROA not before: Tue 15 Apr 2025 00:11:24 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 4637 IP address blocks: 202.47.192.0/24 maxlen: 24 202.47.195.0/24 maxlen: 24 202.47.196.0/24 maxlen: 24 202.47.201.0/24 maxlen: 24 202.47.202.0/24 maxlen: 24 202.47.203.0/24 maxlen: 24 210.57.8.0/22 maxlen: 24 210.176.128.0/24 maxlen: 24 210.176.142.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A9CBB/D53BD14615B111F0A2774A09C4F9AE02/_CT1OQdHh-zqsAwkJgbCvWiBmg0.crl rsync://rpki.apnic.net/member_repository/A91A9CBB/D53BD14615B111F0A2774A09C4F9AE02/_CT1OQdHh-zqsAwkJgbCvWiBmg0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_CT1OQdHh-zqsAwkJgbCvWiBmg0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 08:31:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 169 (0xa9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A9CBB, serialNumber=FC24F539074787ECEAB00C242606C2BD68819A0D Validity Not Before: Apr 15 00:11:24 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=69a3f3a6-128e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:6d:f8:68:31:09:98:5b:7a:fd:25:53:2b:f6: 3f:97:1f:e6:a2:1f:2d:6e:ca:46:e0:87:2d:7b:9f: 65:d9:ef:c0:b3:5a:f8:71:9d:29:87:4f:ac:5e:7c: 4c:36:6e:9c:16:e8:eb:76:ed:fc:e1:6f:d3:3b:1a: 7c:c4:67:42:1b:7d:0a:77:27:2e:f6:de:37:dd:ce: 38:ef:9e:80:12:ef:2f:dd:34:8a:4f:97:d3:f6:96: 5b:0f:02:11:ae:00:ff:63:a5:e0:fa:39:ff:ad:29: 92:89:13:58:94:46:12:34:3e:8a:be:e8:d9:8e:dc: 9e:06:fb:4b:b2:2f:7a:66:f1:bb:b8:8a:90:b4:fc: 65:89:d9:63:51:78:1d:3a:c3:43:43:88:62:ae:5c: 48:0e:07:73:3b:03:e2:d5:09:88:71:36:f0:68:1f: 89:a1:61:41:2b:45:e5:dc:e3:00:c7:09:fc:fd:69: ba:31:9f:c0:6c:4a:53:8b:c5:d7:69:f8:43:6b:9e: 94:c2:b5:1a:2b:bb:60:ef:09:c1:1f:09:05:28:d5: be:ee:d7:22:8f:5a:19:48:39:87:2f:d0:ab:08:f6: 43:25:44:9c:dc:32:dd:7e:e3:26:c6:5f:b3:b6:47: 8b:eb:f5:d9:77:d9:ca:d5:b4:d0:cd:89:46:97:60: 98:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:04:E7:9D:FD:5B:E6:B1:A4:CF:43:99:9F:25:75:4A:82:AA:85:C4 X509v3 Authority Key Identifier: keyid:FC:24:F5:39:07:47:87:EC:EA:B0:0C:24:26:06:C2:BD:68:81:9A:0D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A9CBB/D53BD14615B111F0A2774A09C4F9AE02/_CT1OQdHh-zqsAwkJgbCvWiBmg0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_CT1OQdHh-zqsAwkJgbCvWiBmg0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A9CBB/D53BD14615B111F0A2774A09C4F9AE02/2A8C8F02198E11F09D302145C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 202.47.192.0/24 202.47.195.0-202.47.196.255 202.47.201.0-202.47.203.255 210.57.8.0/22 210.176.128.0/24 210.176.142.0/24 Signature Algorithm: sha256WithRSAEncryption 67:07:9f:b7:42:44:29:2a:8a:9f:6f:08:fc:c0:a6:6a:f3:ee: 74:2d:f1:b7:c7:c4:35:6e:15:95:92:10:b5:bf:99:f8:19:2c: a0:7c:78:ab:44:ec:2f:75:74:ed:d3:43:b5:49:93:a4:66:d3: 19:60:88:74:53:f6:7d:00:a3:b2:5b:60:50:63:c4:ca:3f:71: 92:08:d4:61:6f:18:11:56:8e:c3:f8:60:58:9d:0c:cd:fe:f3: e7:e7:a9:97:44:bb:15:dd:fb:cb:e9:01:08:0c:bd:12:61:15: f5:d1:f8:e9:ad:a0:aa:a8:3d:98:dc:02:3f:27:27:0d:68:e2: 9e:04:dd:92:2b:fb:8e:20:24:0c:ed:38:d2:36:bd:c6:11:23: fb:ed:c7:77:0c:90:e0:73:ec:5d:a2:a8:0d:b5:e9:b4:5a:cd: c8:74:f8:fe:c1:bc:ed:7b:0c:71:0c:d2:e9:25:b9:37:c6:8c: 1c:37:91:d6:28:3c:94:61:e4:c3:cd:64:22:db:7f:1f:86:fe: ad:9c:2b:66:cb:30:5f:fe:54:42:d4:05:6f:9a:45:bf:cd:5b: 0f:94:37:e2:fe:15:45:41:46:6e:18:ed:0b:b5:9f:0e:d7:34: f7:02:9d:cc:af:32:72:f9:d0:d8:bd:21:b5:be:1a:01:30:cb: 73:7d:46:14 -----BEGIN CERTIFICATE----- MIIFajCCBFKgAwIBAgICAKkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTlDQkIxMTAvBgNVBAUTKEZDMjRGNTM5MDc0Nzg3RUNFQUIwMEMyNDI2MDZDMkJE Njg4MTlBMEQwHhcNMjUwNDE1MDAxMTI0WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWEzZjNhNi0xMjhlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy234aDEJmFt6/SVTK/Y/lx/moh8tbspG4Icte59l2e/As1r4cZ0ph0+sXnxM Nm6cFujrdu384W/TOxp8xGdCG30Kdycu9t433c44756AEu8v3TSKT5fT9pZbDwIR rgD/Y6Xg+jn/rSmSiRNYlEYSND6KvujZjtyeBvtLsi96ZvG7uIqQtPxlidljUXgd OsNDQ4hirlxIDgdzOwPi1QmIcTbwaB+JoWFBK0Xl3OMAxwn8/Wm6MZ/AbEpTi8XX afhDa56UwrUaK7tg7wnBHwkFKNW+7tcij1oZSDmHL9CrCPZDJUSc3DLdfuMmxl+z tkeL6/XZd9nK1bTQzYlGl2CYuwIDAQABo4ICjjCCAoowHQYDVR0OBBYEFLQE5539 W+axpM9DmZ8ldUqCqoXEMB8GA1UdIwQYMBaAFPwk9TkHR4fs6rAMJCYGwr1ogZoN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBOUNCQi9ENTNCRDE0NjE1 QjExMUYwQTI3NzRBMDlDNEY5QUUwMi9fQ1QxT1FkSGgtenFzQXdrSmdiQ3ZXaUJt ZzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL19DVDFPUWRIaC16cXNBd2tKZ2JDdldpQm1nMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTlDQkIvRDUzQkQxNDYxNUIxMTFGMEEyNzc0QTA5QzRGOUFFMDIvMkE4QzhGMDIx OThFMTFGMDlEMzAyMTQ1QzRGOUFFMDIucm9hME0GCCsGAQUFBwEHAQH/BD4wPDA6 BAIAATA0AwQAyi/AMAwDBADKL8MDBADKL8QwDAMEAMovyQMEAsovyAMEAtI5CAME ANKwgAMEANKwjjANBgkqhkiG9w0BAQsFAAOCAQEAZweft0JEKSqKn28I/MCmavPu dC3xt8fENW4VlZIQtb+Z+BksoHx4q0TsL3V07dNDtUmTpGbTGWCIdFP2fQCjsltg UGPEyj9xkgjUYW8YEVaOw/hgWJ0Mzf7z5+epl0S7Fd37y+kBCAy9EmEV9dH46a2g qqg9mNwCPycnDWjingTdkiv7jiAkDO040ja9xhEj++3HdwyQ4HPsXaKoDbXptFrN yHT4/sG87XsMcQzS6SW5N8aMHDeR1ig8lGHkw81kItt/H4b+rZwrZsswX/5UQtQF b5pFv81bD5Q34v4VRUFGbhjtC7WfDtc09wKdzK8ycvnQ2L0htb4aATDLc31GFA== -----END CERTIFICATE-----Generated at Mon Mar 2 10:14:01 2026 by rpki-client