$ rpki-client -vvf rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/EF3F8690721A11EFBDE87567C4F9AE02.roa File: EF3F8690721A11EFBDE87567C4F9AE02.roa (raw, json) Hash identifier: X1s+jpM6nVYY2JeSLatVc35G8hh2O/HLhbMwWZIh+TU= Subject key identifier: 47:F3:9E:28:63:6A:6D:70:B0:3F:21:E5:74:54:31:E5:1C:4C:09:34 Certificate issuer: /CN=A91AAEB2/serialNumber=9B98FB7D468983A2C14772733248EFFA3462E126 Certificate serial: 0270 Authority key identifier: 9B:98:FB:7D:46:89:83:A2:C1:47:72:73:32:48:EF:FA:34:62:E1:26 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5j7fUaJg6LBR3JzMkjv-jRi4SY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/EF3F8690721A11EFBDE87567C4F9AE02.roa Signing time: Sun 01 Mar 2026 19:17:20 +0000 ROA not before: Wed 31 Dec 2025 04:24:49 +0000 ROA not after: Tue 02 Mar 2027 00:00:00 +0000 asID: 55488 IP address blocks: 202.29.4.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/m5j7fUaJg6LBR3JzMkjv-jRi4SY.crl rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/m5j7fUaJg6LBR3JzMkjv-jRi4SY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5j7fUaJg6LBR3JzMkjv-jRi4SY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:37:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 624 (0x270) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AAEB2, serialNumber=9B98FB7D468983A2C14772733248EFFA3462E126 Validity Not Before: Dec 31 04:24:49 2025 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=69a490c0-af71 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:ee:c6:66:42:4b:dc:03:fc:2e:e8:26:ee:ab: 7b:31:37:8d:40:dc:14:cf:97:5f:91:8a:08:84:f6: b8:72:38:4f:c8:8d:69:98:2d:2d:d3:03:73:7e:7d: 0e:37:19:3b:a1:e8:2d:3e:e0:e6:7f:f1:1b:13:04: ab:52:0a:22:2a:45:12:1d:65:bb:d4:37:1c:66:68: 5e:20:9c:0b:3b:b3:36:8e:ad:78:bd:bd:7d:45:62: a7:3e:37:51:06:1d:c5:ae:c5:0d:a4:b2:1d:66:d5: 05:5f:02:e1:a5:c7:04:2b:d3:b3:60:db:20:72:49: e8:a9:4c:1f:00:29:d6:a3:3c:3f:df:4d:bd:9c:ba: c3:fe:9e:db:fc:43:e3:fb:46:05:eb:f0:d5:46:a2: 2c:ce:5c:72:b8:6d:53:05:93:6b:90:34:91:5c:5d: 92:5c:8c:e1:b8:29:5b:a1:93:29:4e:61:92:45:12: ab:7d:09:3f:69:62:76:e9:93:60:76:72:0b:60:94: 0e:61:ff:65:d0:9c:f9:01:a6:4b:bc:87:44:39:f1: e8:0b:a9:a6:2c:f2:3c:48:5d:71:58:8d:39:dc:bd: 15:b6:40:1f:e1:c8:37:64:9e:eb:25:8a:33:9c:bc: e6:7a:a7:97:3c:f3:41:98:51:aa:c1:51:70:23:26: 60:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:F3:9E:28:63:6A:6D:70:B0:3F:21:E5:74:54:31:E5:1C:4C:09:34 X509v3 Authority Key Identifier: keyid:9B:98:FB:7D:46:89:83:A2:C1:47:72:73:32:48:EF:FA:34:62:E1:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/m5j7fUaJg6LBR3JzMkjv-jRi4SY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5j7fUaJg6LBR3JzMkjv-jRi4SY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/EF3F8690721A11EFBDE87567C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 202.29.4.0/24 Signature Algorithm: sha256WithRSAEncryption 1f:95:ea:3b:66:74:3f:31:20:6d:40:0c:d5:a3:b1:63:8c:9e: bb:ea:f3:61:1a:23:ff:9d:e9:58:4e:6f:ef:7c:51:21:36:a2: 70:e5:42:6c:bf:f3:ae:11:6b:b6:61:b4:0e:f5:7a:3a:fa:62: b6:7d:88:d2:c6:be:09:59:72:bb:27:c4:df:fc:f2:5b:2b:07: e3:c3:35:d4:46:09:16:9e:03:37:6d:fe:17:08:c6:d9:aa:ab: 74:20:0b:ea:2c:a6:4d:6c:9a:6f:2c:28:09:89:83:51:f1:92: 5d:7a:d7:14:8f:13:ef:33:bd:2d:47:3e:46:ec:d5:49:52:aa: 1c:f9:5c:b2:ef:78:f2:df:78:ed:d4:38:15:4e:c4:f8:d5:2f: 80:69:1f:24:b0:ed:29:e2:19:22:5e:8c:b6:3e:55:95:c4:0b: 9c:55:0f:b2:2b:3c:9d:29:d9:d0:e0:f2:67:69:3f:3a:39:cf: ed:26:e0:00:6d:ed:f8:70:9a:b8:2c:e3:85:21:78:42:f1:fa: 15:07:67:d1:f7:2b:b3:64:a0:a9:55:f4:de:ce:a7:6c:3c:ba: 5a:3e:f9:b1:2c:79:d8:7a:66:d4:db:20:fd:73:5c:1d:5a:8c: 72:d3:4c:4f:e5:4f:da:bc:59:b4:a3:41:86:aa:30:b8:e7:72: aa:12:2a:32 -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgICAnAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUFFQjIxMTAvBgNVBAUTKDlCOThGQjdENDY4OTgzQTJDMTQ3NzI3MzMyNDhFRkZB MzQ2MkUxMjYwHhcNMjUxMjMxMDQyNDQ5WhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0OTBjMC1hZjcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAp+7GZkJL3AP8Lugm7qt7MTeNQNwUz5dfkYoIhPa4cjhPyI1pmC0t0wNzfn0O Nxk7oegtPuDmf/EbEwSrUgoiKkUSHWW71DccZmheIJwLO7M2jq14vb19RWKnPjdR Bh3FrsUNpLIdZtUFXwLhpccEK9OzYNsgcknoqUwfACnWozw/3029nLrD/p7b/EPj +0YF6/DVRqIszlxyuG1TBZNrkDSRXF2SXIzhuClboZMpTmGSRRKrfQk/aWJ26ZNg dnILYJQOYf9l0Jz5AaZLvIdEOfHoC6mmLPI8SF1xWI053L0VtkAf4cg3ZJ7rJYoz nLzmeqeXPPNBmFGqwVFwIyZgHwIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFEfznihj am1wsD8h5XRUMeUcTAk0MB8GA1UdIwQYMBaAFJuY+31GiYOiwUdyczJI7/o0YuEm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQUVCMi8zOTUyMTAwRTZF ODMxMUVGQUI3MjYxODBDNEY5QUUwMi9tNWo3ZlVhSmc2TEJSM0p6TWtqdi1qUmk0 U1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL201ajdmVWFKZzZMQlIzSnpNa2p2LWpSaTRTWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUFFQjIvMzk1MjEwMEU2RTgzMTFFRkFCNzI2MTgwQzRGOUFFMDIvRUYzRjg2OTA3 MjFBMTFFRkJERTg3NTY3QzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAyh0EMA0GCSqGSIb3DQEBCwUAA4IBAQAfleo7ZnQ/MSBtQAzVo7Fj jJ676vNhGiP/nelYTm/vfFEhNqJw5UJsv/OuEWu2YbQO9Xo6+mK2fYjSxr4JWXK7 J8Tf/PJbKwfjwzXURgkWngM3bf4XCMbZqqt0IAvqLKZNbJpvLCgJiYNR8ZJdetcU jxPvM70tRz5G7NVJUqoc+Vyy73jy33jt1DgVTsT41S+AaR8ksO0p4hkiXoy2PlWV xAucVQ+yKzydKdnQ4PJnaT86Oc/tJuAAbe34cJq4LOOFIXhC8foVB2fR9yuzZKCp VfTezqdsPLpaPvmxLHnYembU2yD9c1wdWoxy00xP5U/avFm0o0GGqjC453KqEioy -----END CERTIFICATE-----Generated at Mon Mar 2 16:45:36 2026 by rpki-client