$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB816/610466103DD611EBA0602C5BC4F9AE02/7D8845C43DD911EB8DA0EE5FC4F9AE02.roa File: 7D8845C43DD911EB8DA0EE5FC4F9AE02.roa (raw, json) Hash identifier: 4xgzK7PrNpZAnd72wXzvBuPzMZA+sokeDoeYoGYDtEI= Subject key identifier: 63:B0:EA:89:69:58:5D:C4:DD:E2:4B:F2:9B:14:69:B5:77:E3:D9:BE Certificate issuer: /CN=A91CB816/serialNumber=BD06BDBF8B0EEDBC9F07395A65254FCB8583989D Certificate serial: 07AD Authority key identifier: BD:06:BD:BF:8B:0E:ED:BC:9F:07:39:5A:65:25:4F:CB:85:83:98:9D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vQa9v4sO7byfBzlaZSVPy4WDmJ0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CB816/610466103DD611EBA0602C5BC4F9AE02/7D8845C43DD911EB8DA0EE5FC4F9AE02.roa Signing time: Sun 01 Mar 2026 14:54:26 +0000 ROA not before: Tue 02 Dec 2025 20:54:18 +0000 ROA not after: Tue 02 Mar 2027 00:00:00 +0000 asID: 38017 IP address blocks: 202.59.128.0/20 maxlen: 22 202.59.128.0/24 maxlen: 24 202.59.129.0/24 maxlen: 24 202.59.130.0/24 maxlen: 24 202.59.131.0/24 maxlen: 24 202.59.132.0/24 maxlen: 24 202.59.133.0/24 maxlen: 24 202.59.134.0/24 maxlen: 24 202.59.135.0/24 maxlen: 24 202.59.136.0/24 maxlen: 24 202.59.137.0/24 maxlen: 24 202.59.138.0/24 maxlen: 24 202.59.139.0/24 maxlen: 24 202.59.140.0/24 maxlen: 24 202.59.141.0/24 maxlen: 24 202.59.142.0/24 maxlen: 24 202.59.143.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CB816/610466103DD611EBA0602C5BC4F9AE02/vQa9v4sO7byfBzlaZSVPy4WDmJ0.crl rsync://rpki.apnic.net/member_repository/A91CB816/610466103DD611EBA0602C5BC4F9AE02/vQa9v4sO7byfBzlaZSVPy4WDmJ0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vQa9v4sO7byfBzlaZSVPy4WDmJ0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:15:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1965 (0x7ad) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CB816, serialNumber=BD06BDBF8B0EEDBC9F07395A65254FCB8583989D Validity Not Before: Dec 2 20:54:18 2025 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=69a45322-68c4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:b2:66:c3:6f:bd:f4:2c:cd:31:45:34:92:8a: 64:dd:72:87:a1:1e:1c:ea:b8:84:3c:d6:bf:53:bf: fb:ba:41:1f:25:69:70:1f:52:c6:a1:8d:32:a4:a3: 77:03:53:15:7a:19:ee:b9:56:db:d0:29:ab:31:96: 6c:1b:92:3f:a5:af:38:0f:52:f9:27:91:1d:c7:01: 13:30:e0:e4:04:c3:a5:78:d7:37:06:4c:8f:c5:16: 8a:62:08:35:d8:5e:2c:db:3c:e1:ab:1d:c1:8f:67: 98:e5:26:a5:76:ac:c8:af:24:ba:91:66:77:18:b0: a5:93:28:c9:3c:c5:67:93:21:63:c0:c8:36:2d:c4: 5b:40:92:3e:de:fd:45:5b:ff:24:36:38:c2:67:14: 98:89:2f:1e:8a:89:ad:af:3d:82:2b:31:91:91:d4: b9:dc:e7:64:0c:32:79:0a:9a:d4:b1:40:96:f8:78: ba:b2:3b:5a:53:e5:d1:15:50:6b:2b:10:78:9c:b5: 48:37:df:76:6e:1e:a5:08:15:10:b2:3a:2c:66:e4: 1c:7f:7c:be:8a:5d:71:6c:60:26:7a:e7:df:7e:1b: e8:ed:9e:f9:51:c5:a9:c6:40:1f:c5:fa:f0:67:dc: 1c:08:db:0b:79:c3:d9:4d:08:57:d7:9f:ac:23:0d: 4f:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:B0:EA:89:69:58:5D:C4:DD:E2:4B:F2:9B:14:69:B5:77:E3:D9:BE X509v3 Authority Key Identifier: keyid:BD:06:BD:BF:8B:0E:ED:BC:9F:07:39:5A:65:25:4F:CB:85:83:98:9D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CB816/610466103DD611EBA0602C5BC4F9AE02/vQa9v4sO7byfBzlaZSVPy4WDmJ0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vQa9v4sO7byfBzlaZSVPy4WDmJ0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB816/610466103DD611EBA0602C5BC4F9AE02/7D8845C43DD911EB8DA0EE5FC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 202.59.128.0/20 Signature Algorithm: sha256WithRSAEncryption 14:0c:9e:fc:30:7e:44:c5:a2:4b:9b:49:fd:35:d0:b9:49:dc: 1a:ca:2d:c4:99:42:3f:a0:ec:b4:aa:ec:f1:64:df:13:a8:d3: 5d:a4:7e:8e:4a:12:c5:07:63:f9:e1:29:3d:4c:96:10:29:78: 29:56:bf:6c:03:05:d0:c5:d5:c4:7d:8e:55:57:ea:38:bf:92: c9:af:2c:75:cb:0b:8c:f8:c1:cf:b1:02:33:29:7c:3d:39:60: 4a:3d:f0:fc:25:5f:96:1e:1a:b9:5b:c7:6e:69:3f:16:41:23: 0c:e5:2f:10:d1:34:c0:b0:8b:db:4f:25:ae:7f:d1:ee:56:ba: 99:59:42:1f:d2:61:88:c7:82:ee:04:e4:9b:39:1e:c9:0f:49: ba:5c:37:c8:4f:65:17:d0:a3:c1:0a:39:ce:e0:a9:00:60:5f: 73:5c:86:d0:e1:81:16:65:83:27:f7:12:69:0b:2b:b2:8e:7b: 02:17:36:26:a7:7d:e9:32:9a:40:a4:05:95:08:ac:dc:07:33: a9:e3:de:3e:d2:3f:7f:ef:35:8b:71:b7:20:6d:fb:0c:64:c6: db:39:9a:ae:7c:b9:56:7f:7c:1e:f9:85:e2:e7:62:a8:7e:35: 92:19:63:84:dc:32:87:b2:e4:26:6f:b2:85:02:be:f8:4c:21: 94:42:14:a2 -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgICB60wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0I4MTYxMTAvBgNVBAUTKEJEMDZCREJGOEIwRUVEQkM5RjA3Mzk1QTY1MjU0RkNC ODU4Mzk4OUQwHhcNMjUxMjAyMjA1NDE4WhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NTMyMi02OGM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoLJmw2+99CzNMUU0kopk3XKHoR4c6riEPNa/U7/7ukEfJWlwH1LGoY0ypKN3 A1MVehnuuVbb0CmrMZZsG5I/pa84D1L5J5EdxwETMODkBMOleNc3BkyPxRaKYgg1 2F4s2zzhqx3Bj2eY5SaldqzIryS6kWZ3GLClkyjJPMVnkyFjwMg2LcRbQJI+3v1F W/8kNjjCZxSYiS8eiomtrz2CKzGRkdS53OdkDDJ5CprUsUCW+Hi6sjtaU+XRFVBr KxB4nLVIN992bh6lCBUQsjosZuQcf3y+il1xbGAmeufffhvo7Z75UcWpxkAfxfrw Z9wcCNsLecPZTQhX15+sIw1PPQIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFGOw6olp WF3E3eJL8psUabV349m+MB8GA1UdIwQYMBaAFL0Gvb+LDu28nwc5WmUlT8uFg5id MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjgxNi82MTA0NjYxMDNE RDYxMUVCQTA2MDJDNUJDNEY5QUUwMi92UWE5djRzTzdieWZCemxhWlNWUHk0V0Rt SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ZRYTl2NHNPN2J5ZkJ6bGFaU1ZQeTRXRG1KMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0I4MTYvNjEwNDY2MTAzREQ2MTFFQkEwNjAyQzVCQzRGOUFFMDIvN0Q4ODQ1QzQz REQ5MTFFQjhEQTBFRTVGQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQEyjuAMA0GCSqGSIb3DQEBCwUAA4IBAQAUDJ78MH5ExaJLm0n9NdC5 Sdwayi3EmUI/oOy0quzxZN8TqNNdpH6OShLFB2P54Sk9TJYQKXgpVr9sAwXQxdXE fY5VV+o4v5LJryx1ywuM+MHPsQIzKXw9OWBKPfD8JV+WHhq5W8duaT8WQSMM5S8Q 0TTAsIvbTyWuf9HuVrqZWUIf0mGIx4LuBOSbOR7JD0m6XDfIT2UX0KPBCjnO4KkA YF9zXIbQ4YEWZYMn9xJpCyuyjnsCFzYmp33pMppApAWVCKzcBzOp494+0j9/7zWL cbcgbfsMZMbbOZqufLlWf3we+YXi52KofjWSGWOE3DKHsuQmb7KFAr74TCGUQhSi -----END CERTIFICATE-----Generated at Mon Mar 2 17:04:55 2026 by rpki-client