$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6D28/61D453101D9211E29C5F3AF508B02CD2/AA6965E4CD8D11EF8DF2E66DC4F9AE02.roa File: AA6965E4CD8D11EF8DF2E66DC4F9AE02.roa (raw, json) Hash identifier: 13OFQ4+DXlBY64hL4vDY3u0qJPTe15xHqCHPoGlCW1Y= Subject key identifier: AE:E7:10:5A:8E:8B:EE:3A:2B:59:4B:80:3F:CB:F5:30:48:51:30:BF Certificate issuer: /CN=A91B6D28/serialNumber=9A4DAF8FCA85E193D34EA49597996DED17CBDF1E Certificate serial: 3537 Authority key identifier: 9A:4D:AF:8F:CA:85:E1:93:D3:4E:A4:95:97:99:6D:ED:17:CB:DF:1E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mk2vj8qF4ZPTTqSVl5lt7RfL3x4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B6D28/61D453101D9211E29C5F3AF508B02CD2/AA6965E4CD8D11EF8DF2E66DC4F9AE02.roa Signing time: Sun 01 Mar 2026 11:23:18 +0000 ROA not before: Wed 20 Aug 2025 14:50:59 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 38592 IP address blocks: 101.2.160.0/21 maxlen: 24 103.5.232.0/22 maxlen: 24 119.10.168.0/22 maxlen: 22 119.10.168.0/24 maxlen: 24 119.10.169.0/24 maxlen: 24 119.10.170.0/24 maxlen: 24 119.10.171.0/24 maxlen: 24 119.10.172.0/22 maxlen: 24 163.47.84.0/22 maxlen: 24 202.65.168.0/21 maxlen: 24 203.80.188.0/22 maxlen: 24 2402:2300::/32 maxlen: 32 2402:2300::/48 maxlen: 48 2402:2300:1211::/48 maxlen: 48 2402:2300:1212::/48 maxlen: 48 2402:2300:1215::/48 maxlen: 48 2402:2300:1220::/44 maxlen: 44 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B6D28/61D453101D9211E29C5F3AF508B02CD2/mk2vj8qF4ZPTTqSVl5lt7RfL3x4.crl rsync://rpki.apnic.net/member_repository/A91B6D28/61D453101D9211E29C5F3AF508B02CD2/mk2vj8qF4ZPTTqSVl5lt7RfL3x4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mk2vj8qF4ZPTTqSVl5lt7RfL3x4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 14:47:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13623 (0x3537) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B6D28, serialNumber=9A4DAF8FCA85E193D34EA49597996DED17CBDF1E Validity Not Before: Aug 20 14:50:59 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=69a421a6-9e21 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:61:89:b6:88:2a:6c:34:8a:1f:79:70:d6:21: 71:9b:7d:cf:4d:73:00:02:0c:40:db:ea:2f:1c:64: da:37:80:1c:5c:f9:45:3c:7c:56:0d:e9:d1:56:c3: 22:de:8f:e0:ee:26:fe:92:33:26:5c:4e:62:c0:a6: e8:8b:cd:9d:2d:4a:93:10:23:61:8e:06:d7:52:73: 18:2f:37:7c:cf:67:dd:2c:a9:e8:1a:0f:5f:07:f0: b8:05:a1:ab:a8:7f:1e:d5:31:15:29:3d:9f:ab:54: a2:b5:94:0e:c7:b3:b4:32:c4:13:57:3d:24:cb:1a: 3e:03:75:88:f8:59:a7:ce:ee:eb:f2:d7:64:23:4c: bc:24:4d:1c:48:64:1d:b8:42:aa:64:d7:35:d1:20: 3a:4d:ef:f3:03:a0:23:10:15:d8:28:24:9e:fd:b5: 7a:d6:56:9d:ff:be:2f:49:e8:a1:a2:32:ca:25:32: 23:a8:81:40:65:8b:df:a6:52:bf:fb:2a:d7:cc:5f: 36:e9:dd:8b:34:fb:2d:73:3a:ee:b1:bd:f8:0b:cd: 40:1d:fb:e8:7d:0e:03:fe:19:14:64:e0:27:6d:ec: 3b:0a:b4:c1:c6:f3:a6:78:41:b6:8f:94:93:c5:e6: 5d:1b:1e:4e:2c:7f:06:63:28:fb:03:5f:89:95:10: 08:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:E7:10:5A:8E:8B:EE:3A:2B:59:4B:80:3F:CB:F5:30:48:51:30:BF X509v3 Authority Key Identifier: keyid:9A:4D:AF:8F:CA:85:E1:93:D3:4E:A4:95:97:99:6D:ED:17:CB:DF:1E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B6D28/61D453101D9211E29C5F3AF508B02CD2/mk2vj8qF4ZPTTqSVl5lt7RfL3x4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mk2vj8qF4ZPTTqSVl5lt7RfL3x4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6D28/61D453101D9211E29C5F3AF508B02CD2/AA6965E4CD8D11EF8DF2E66DC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 101.2.160.0/21 103.5.232.0/22 119.10.168.0/21 163.47.84.0/22 202.65.168.0/21 203.80.188.0/22 IPv6: 2402:2300::/32 Signature Algorithm: sha256WithRSAEncryption 90:a9:13:7b:ff:b3:74:80:26:b9:2c:12:b6:c7:db:00:f1:88: 54:d8:5e:0c:01:95:a9:54:13:a2:2d:46:63:08:87:4e:f3:d0: 59:31:28:a7:56:2f:18:34:82:a8:15:2d:b8:20:2e:b0:ea:d4: 1d:2a:33:aa:3a:f8:5e:00:19:27:e8:b0:f7:85:b3:e4:be:e4: df:b4:4f:19:87:c5:f9:ed:af:42:2a:07:13:e8:1d:de:e8:f0: c0:f6:2e:29:be:5a:9e:2d:5b:7d:60:c1:a3:29:83:0e:bc:f5: 40:ab:a2:3f:4b:59:8c:a2:03:da:76:40:ca:a0:3d:1f:2a:82: 1c:ed:b4:0c:01:66:9a:3a:77:01:5e:e9:ce:7e:41:61:03:8b: 50:fe:68:69:21:d6:23:cf:14:64:31:a5:32:59:0c:63:43:53: b1:2c:82:14:77:c9:39:88:d1:dd:50:62:76:4b:27:d8:db:19: 69:e7:71:71:e2:b9:41:57:37:81:14:71:0d:db:c8:58:84:92: 57:35:4e:3f:a9:c1:6f:1d:7b:38:c6:43:9b:d6:7e:ea:a4:e7: 2a:19:1f:6a:6b:f0:9a:e5:6f:68:77:e8:50:6a:e1:0e:89:0a: 8b:0c:65:ed:ec:52:98:07:b1:1f:79:e7:fc:f5:ac:be:bb:2e: 9a:79:27:28 -----BEGIN CERTIFICATE----- MIIFaTCCBFGgAwIBAgICNTcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjZEMjgxMTAvBgNVBAUTKDlBNERBRjhGQ0E4NUUxOTNEMzRFQTQ5NTk3OTk2REVE MTdDQkRGMUUwHhcNMjUwODIwMTQ1MDU5WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MjFhNi05ZTIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArGGJtogqbDSKH3lw1iFxm33PTXMAAgxA2+ovHGTaN4AcXPlFPHxWDenRVsMi 3o/g7ib+kjMmXE5iwKboi82dLUqTECNhjgbXUnMYLzd8z2fdLKnoGg9fB/C4BaGr qH8e1TEVKT2fq1SitZQOx7O0MsQTVz0kyxo+A3WI+Fmnzu7r8tdkI0y8JE0cSGQd uEKqZNc10SA6Te/zA6AjEBXYKCSe/bV61lad/74vSeihojLKJTIjqIFAZYvfplK/ +yrXzF826d2LNPstczrusb34C81AHfvofQ4D/hkUZOAnbew7CrTBxvOmeEG2j5ST xeZdGx5OLH8GYyj7A1+JlRAIRwIDAQABo4ICjTCCAokwHQYDVR0OBBYEFK7nEFqO i+46K1lLgD/L9TBIUTC/MB8GA1UdIwQYMBaAFJpNr4/KheGT006klZeZbe0Xy98e MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNkQyOC82MUQ0NTMxMDFE OTIxMUUyOUM1RjNBRjUwOEIwMkNEMi9tazJ2ajhxRjRaUFRUcVNWbDVsdDdSZkwz eDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL21rMnZqOHFGNFpQVFRxU1ZsNWx0N1JmTDN4NC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjZEMjgvNjFENDUzMTAxRDkyMTFFMjlDNUYzQUY1MDhCMDJDRDIvQUE2OTY1RTRD RDhEMTFFRjhERjJFNjZEQzRGOUFFMDIucm9hMEwGCCsGAQUFBwEHAQH/BD0wOzAq BAIAATAkAwQDZQKgAwQCZwXoAwQDdwqoAwQCoy9UAwQDykGoAwQCy1C8MA0EAgAC MAcDBQAkAiMAMA0GCSqGSIb3DQEBCwUAA4IBAQCQqRN7/7N0gCa5LBK2x9sA8YhU 2F4MAZWpVBOiLUZjCIdO89BZMSinVi8YNIKoFS24IC6w6tQdKjOqOvheABkn6LD3 hbPkvuTftE8Zh8X57a9CKgcT6B3e6PDA9i4pvlqeLVt9YMGjKYMOvPVAq6I/S1mM ogPadkDKoD0fKoIc7bQMAWaaOncBXunOfkFhA4tQ/mhpIdYjzxRkMaUyWQxjQ1Ox LIIUd8k5iNHdUGJ2SyfY2xlp53Fx4rlBVzeBFHEN28hYhJJXNU4/qcFvHXs4xkOb 1n7qpOcqGR9qa/Ca5W9od+hQauEOiQqLDGXt7FKYB7Efeef89ay+uy6aeSco -----END CERTIFICATE-----Generated at Mon Mar 2 19:41:10 2026 by rpki-client