$ rpki-client -vvf rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/958B8F64721911EFA2635265C4F9AE02.roa File: 958B8F64721911EFA2635265C4F9AE02.roa (raw, json) Hash identifier: DsUEBhZIVZgu5NUOgEF2gdif6KDkwG7xoBCI14osv6Q= Subject key identifier: 5A:C2:B8:B3:97:FC:CB:2A:1D:C2:EB:B9:53:6B:E6:F5:93:2D:82:96 Certificate issuer: /CN=A91AAEB2/serialNumber=9B98FB7D468983A2C14772733248EFFA3462E126 Certificate serial: 0268 Authority key identifier: 9B:98:FB:7D:46:89:83:A2:C1:47:72:73:32:48:EF:FA:34:62:E1:26 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5j7fUaJg6LBR3JzMkjv-jRi4SY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/958B8F64721911EFA2635265C4F9AE02.roa Signing time: Sun 01 Mar 2026 19:17:13 +0000 ROA not before: Wed 31 Dec 2025 04:24:41 +0000 ROA not after: Tue 02 Mar 2027 00:00:00 +0000 asID: 37992 IP address blocks: 202.28.88.0/24 maxlen: 24 202.28.89.0/24 maxlen: 24 202.28.90.0/24 maxlen: 24 202.28.91.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/m5j7fUaJg6LBR3JzMkjv-jRi4SY.crl rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/m5j7fUaJg6LBR3JzMkjv-jRi4SY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5j7fUaJg6LBR3JzMkjv-jRi4SY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:37:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 616 (0x268) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AAEB2, serialNumber=9B98FB7D468983A2C14772733248EFFA3462E126 Validity Not Before: Dec 31 04:24:41 2025 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=69a490b9-5c1d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:06:2f:4e:8f:fc:19:f6:46:05:b5:fc:37:82: b2:5e:f6:26:8e:12:15:63:95:db:0d:fc:96:11:3d: c7:88:56:63:9c:60:ad:b1:0c:1d:d4:82:3e:e1:f9: 4e:3e:f8:7c:dc:03:d4:8b:19:c6:38:2f:36:a4:7d: e0:44:4f:47:00:5c:3f:0b:b1:62:57:9a:37:59:a6: 63:e3:1e:a4:c4:44:02:2f:b1:f5:c7:93:e9:b0:13: 61:c9:94:85:3a:c6:23:30:9d:73:5e:fe:1c:61:87: 80:99:a5:f2:6f:25:ca:4c:40:aa:03:26:e3:1e:21: a6:2b:85:14:88:d2:65:e8:fc:98:ab:b3:2a:00:0b: b1:e7:37:03:35:16:08:64:6c:a8:4f:44:be:39:c0: b3:f7:fd:61:a2:5a:4c:fe:86:3d:b0:e1:d2:f0:d5: 81:e6:37:bc:2f:57:ab:2f:06:85:59:bd:45:b6:b0: b1:6e:b9:d4:f0:31:60:8e:7c:d4:71:a6:e6:09:8b: 8c:4c:4b:3b:a6:5e:35:f0:49:85:1c:d4:32:61:21: 79:22:a6:d4:12:f2:f1:bb:5b:60:0c:98:bc:17:87: fd:f0:15:d1:3b:77:29:0d:93:36:f8:66:53:17:59: d3:cd:c2:61:9b:08:b4:6b:fb:6e:d3:5a:bd:81:1b: 95:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:C2:B8:B3:97:FC:CB:2A:1D:C2:EB:B9:53:6B:E6:F5:93:2D:82:96 X509v3 Authority Key Identifier: keyid:9B:98:FB:7D:46:89:83:A2:C1:47:72:73:32:48:EF:FA:34:62:E1:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/m5j7fUaJg6LBR3JzMkjv-jRi4SY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5j7fUaJg6LBR3JzMkjv-jRi4SY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/958B8F64721911EFA2635265C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 202.28.88.0/22 Signature Algorithm: sha256WithRSAEncryption 40:54:d6:2e:40:fb:d3:dd:eb:03:c0:d1:1b:c3:5c:9a:b9:19: 81:e7:80:5b:b1:4c:83:8b:6c:85:08:b2:39:43:95:a4:e0:8e: b8:92:4c:0c:db:f4:bb:11:77:a2:00:3e:3d:d2:5e:b5:e1:31: 71:24:60:74:8e:20:c6:30:dd:31:dc:80:a2:27:00:af:e3:0a: 55:48:4d:5f:ff:75:35:93:12:18:5b:19:81:dc:e2:e4:06:e2: b2:aa:9d:16:b4:bd:c1:36:8e:de:59:a2:7b:ad:e9:3b:c1:9f: cd:ad:5a:c1:69:36:92:46:fa:d2:c6:53:f6:fe:33:c8:5a:42: 7c:a2:25:ef:44:9c:67:c4:38:0b:b5:8f:b6:2f:05:93:1a:a0: 54:a7:b3:bb:0b:0a:57:90:4d:83:4b:34:96:45:54:ed:67:5f: e9:0f:a7:ca:57:93:f1:6d:4f:c0:33:2d:dd:76:73:60:68:32: 5f:dc:ca:a9:38:0d:38:ab:0c:03:ce:81:54:8f:2b:a3:0d:fe: f7:9c:9c:f0:08:4b:4b:b0:0a:35:db:7a:4c:d2:07:8d:6d:17: c7:6e:7e:00:9a:26:8c:5f:ef:08:53:45:79:87:dc:b5:f1:9e: 52:f3:de:59:63:57:b9:62:29:36:65:ce:a3:94:73:01:b7:c4: 7e:bd:c2:a5 -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgICAmgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUFFQjIxMTAvBgNVBAUTKDlCOThGQjdENDY4OTgzQTJDMTQ3NzI3MzMyNDhFRkZB MzQ2MkUxMjYwHhcNMjUxMjMxMDQyNDQxWhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0OTBiOS01YzFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAjAYvTo/8GfZGBbX8N4KyXvYmjhIVY5XbDfyWET3HiFZjnGCtsQwd1II+4flO Pvh83APUixnGOC82pH3gRE9HAFw/C7FiV5o3WaZj4x6kxEQCL7H1x5PpsBNhyZSF OsYjMJ1zXv4cYYeAmaXybyXKTECqAybjHiGmK4UUiNJl6PyYq7MqAAux5zcDNRYI ZGyoT0S+OcCz9/1holpM/oY9sOHS8NWB5je8L1erLwaFWb1FtrCxbrnU8DFgjnzU cabmCYuMTEs7pl418EmFHNQyYSF5IqbUEvLxu1tgDJi8F4f98BXRO3cpDZM2+GZT F1nTzcJhmwi0a/tu01q9gRuVXwIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFFrCuLOX /MsqHcLruVNr5vWTLYKWMB8GA1UdIwQYMBaAFJuY+31GiYOiwUdyczJI7/o0YuEm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQUVCMi8zOTUyMTAwRTZF ODMxMUVGQUI3MjYxODBDNEY5QUUwMi9tNWo3ZlVhSmc2TEJSM0p6TWtqdi1qUmk0 U1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL201ajdmVWFKZzZMQlIzSnpNa2p2LWpSaTRTWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUFFQjIvMzk1MjEwMEU2RTgzMTFFRkFCNzI2MTgwQzRGOUFFMDIvOTU4QjhGNjQ3 MjE5MTFFRkEyNjM1MjY1QzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCyhxYMA0GCSqGSIb3DQEBCwUAA4IBAQBAVNYuQPvT3esDwNEbw1ya uRmB54BbsUyDi2yFCLI5Q5Wk4I64kkwM2/S7EXeiAD490l614TFxJGB0jiDGMN0x 3ICiJwCv4wpVSE1f/3U1kxIYWxmB3OLkBuKyqp0WtL3BNo7eWaJ7rek7wZ/NrVrB aTaSRvrSxlP2/jPIWkJ8oiXvRJxnxDgLtY+2LwWTGqBUp7O7CwpXkE2DSzSWRVTt Z1/pD6fKV5PxbU/AMy3ddnNgaDJf3MqpOA04qwwDzoFUjyujDf73nJzwCEtLsAo1 23pM0geNbRfHbn4AmiaMX+8IU0V5h9y18Z5S895ZY1e5Yik2Zc6jlHMBt8R+vcKl -----END CERTIFICATE-----Generated at Mon Mar 2 08:34:45 2026 by rpki-client