$ rpki-client -vvf rpki.apnic.net/member_repository/A91E0875/6D91AABC593111EAAA31B40AC4F9AE02/33CFE442C07511EE980AEC0CC4F9AE02.roa File: 33CFE442C07511EE980AEC0CC4F9AE02.roa (raw, json) Hash identifier: lAb12WKjWNZhERVfu+rXY9B+lTIhcdPrOzSWtvyJJG0= Subject key identifier: 62:88:D3:79:0F:49:07:AA:91:AD:AF:78:28:C8:8B:8B:14:50:FF:0E Certificate issuer: /CN=A91E0875/serialNumber=F973492ED646928ED1F10DE84662E5523F55CC8D Certificate serial: 0B74 Authority key identifier: F9:73:49:2E:D6:46:92:8E:D1:F1:0D:E8:46:62:E5:52:3F:55:CC:8D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-XNJLtZGko7R8Q3oRmLlUj9VzI0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E0875/6D91AABC593111EAAA31B40AC4F9AE02/33CFE442C07511EE980AEC0CC4F9AE02.roa Signing time: Sun 01 Mar 2026 17:47:06 +0000 ROA not before: Sat 28 Feb 2026 20:16:33 +0000 ROA not after: Sat 01 May 2027 00:00:00 +0000 asID: 134069 IP address blocks: 43.231.224.0/22 maxlen: 24 45.115.220.0/22 maxlen: 24 103.51.48.0/22 maxlen: 22 103.51.48.0/23 maxlen: 23 103.51.50.0/24 maxlen: 24 103.51.51.0/24 maxlen: 24 202.6.248.0/22 maxlen: 24 2402:1a80::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E0875/6D91AABC593111EAAA31B40AC4F9AE02/-XNJLtZGko7R8Q3oRmLlUj9VzI0.crl rsync://rpki.apnic.net/member_repository/A91E0875/6D91AABC593111EAAA31B40AC4F9AE02/-XNJLtZGko7R8Q3oRmLlUj9VzI0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-XNJLtZGko7R8Q3oRmLlUj9VzI0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 02:28:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2932 (0xb74) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E0875, serialNumber=F973492ED646928ED1F10DE84662E5523F55CC8D Validity Not Before: Feb 28 20:16:33 2026 GMT Not After : May 1 00:00:00 2027 GMT Subject: CN=69a47b9a-ae9f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:d8:dd:1f:15:b8:79:6a:4a:54:7a:93:51:60: a2:9d:27:60:7e:e8:65:4e:8c:e2:fb:4b:1a:1e:70: 06:ff:5e:b7:8b:6c:83:a7:d5:91:5d:65:78:f8:55: c9:6a:85:9f:c2:13:d5:84:39:77:1b:34:15:5b:50: be:27:7c:d6:c0:64:5b:45:bc:9c:a0:d9:7c:dc:5a: eb:d7:b1:9c:59:78:42:55:73:02:2e:f5:fe:8a:23: 41:4c:84:94:04:de:74:5b:b1:c6:4c:2a:31:fa:14: ac:c3:cf:4c:35:ae:f1:7d:4b:73:85:42:23:79:9d: 9d:fd:4a:96:59:bf:87:40:28:14:5a:fc:2c:71:21: 0a:29:27:4a:96:26:e7:e1:c9:25:1f:00:59:03:18: 28:58:05:9d:09:55:9b:c5:d0:19:46:ca:80:1c:fa: d2:7b:eb:87:cc:ab:05:eb:c4:f7:72:6f:34:ef:61: 37:d7:bf:6a:90:f5:f9:13:e6:27:ce:95:7d:b6:38: 14:43:67:03:b4:c0:7e:9d:65:c3:a2:c4:86:e7:a1: 12:2d:5d:19:7b:39:9b:60:82:1f:92:21:b3:d4:46: 19:7e:c9:cc:9c:2f:09:3c:a2:51:0c:31:08:8d:88: 77:30:cd:d9:0f:e6:65:10:0a:aa:96:1b:53:05:85: 04:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:88:D3:79:0F:49:07:AA:91:AD:AF:78:28:C8:8B:8B:14:50:FF:0E X509v3 Authority Key Identifier: keyid:F9:73:49:2E:D6:46:92:8E:D1:F1:0D:E8:46:62:E5:52:3F:55:CC:8D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E0875/6D91AABC593111EAAA31B40AC4F9AE02/-XNJLtZGko7R8Q3oRmLlUj9VzI0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-XNJLtZGko7R8Q3oRmLlUj9VzI0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E0875/6D91AABC593111EAAA31B40AC4F9AE02/33CFE442C07511EE980AEC0CC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.231.224.0/22 45.115.220.0/22 103.51.48.0/22 202.6.248.0/22 IPv6: 2402:1a80::/32 Signature Algorithm: sha256WithRSAEncryption 59:73:48:c5:d7:8d:76:99:f6:f8:1b:0a:81:f4:ec:11:25:35: 6d:13:a1:a5:76:89:fe:88:fe:bf:2a:d0:b4:30:14:27:45:77: e0:bc:d8:73:29:f8:0e:68:17:44:73:67:5a:4a:0e:f3:06:b9: 59:f1:12:5f:92:8e:d5:17:1f:ec:39:8a:d0:74:57:e0:b1:6d: 36:1c:e6:c4:ed:3f:5e:ed:f1:05:87:84:96:1a:55:8d:b9:bf: cf:4b:7a:f5:a0:cc:c7:f1:6c:5a:89:b1:a2:72:cc:f7:80:e4: c6:a9:15:7d:d8:52:d3:77:ae:81:2f:66:ca:d8:e7:23:5d:fc: 19:ed:aa:4c:2d:10:8a:d0:6c:af:4c:f4:34:db:54:a7:c1:cb: be:fa:fe:f3:1c:7c:b1:3f:74:de:25:65:2e:da:cf:3a:1d:fd: 1a:f8:13:55:16:8b:7a:4f:ec:74:85:99:ae:68:da:a0:c1:86: ea:aa:18:d8:6d:65:44:d0:fa:40:2b:0e:0a:09:9d:26:d7:ba: b5:47:58:7a:b9:f6:95:72:a5:91:a7:fb:25:84:70:cb:b5:75: b6:ef:38:b6:ff:4b:c3:95:3d:03:fd:aa:b8:37:81:02:13:47: ca:9b:3d:95:36:99:1c:56:d9:74:3c:a1:61:62:10:04:78:42: 2b:9f:44:94 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgICC3QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTA4NzUxMTAvBgNVBAUTKEY5NzM0OTJFRDY0NjkyOEVEMUYxMERFODQ2NjJFNTUy M0Y1NUNDOEQwHhcNMjYwMjI4MjAxNjMzWhcNMjcwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0N2I5YS1hZTlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA59jdHxW4eWpKVHqTUWCinSdgfuhlTozi+0saHnAG/163i2yDp9WRXWV4+FXJ aoWfwhPVhDl3GzQVW1C+J3zWwGRbRbycoNl83Frr17GcWXhCVXMCLvX+iiNBTISU BN50W7HGTCox+hSsw89MNa7xfUtzhUIjeZ2d/UqWWb+HQCgUWvwscSEKKSdKlibn 4cklHwBZAxgoWAWdCVWbxdAZRsqAHPrSe+uHzKsF68T3cm8072E3179qkPX5E+Yn zpV9tjgUQ2cDtMB+nWXDosSG56ESLV0ZezmbYIIfkiGz1EYZfsnMnC8JPKJRDDEI jYh3MM3ZD+ZlEAqqlhtTBYUEYwIDAQABo4ICgTCCAn0wHQYDVR0OBBYEFGKI03kP SQeqka2veCjIi4sUUP8OMB8GA1UdIwQYMBaAFPlzSS7WRpKO0fEN6EZi5VI/VcyN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMDg3NS82RDkxQUFCQzU5 MzExMUVBQUEzMUI0MEFDNEY5QUUwMi8tWE5KTHRaR2tvN1I4UTNvUm1MbFVqOVZ6 STAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1YTkpMdFpHa283UjhRM29SbUxsVWo5VnpJMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTA4NzUvNkQ5MUFBQkM1OTMxMTFFQUFBMzFCNDBBQzRGOUFFMDIvMzNDRkU0NDJD MDc1MTFFRTk4MEFFQzBDQzRGOUFFMDIucm9hMEAGCCsGAQUFBwEHAQH/BDEwLzAe BAIAATAYAwQCK+fgAwQCLXPcAwQCZzMwAwQCygb4MA0EAgACMAcDBQAkAhqAMA0G CSqGSIb3DQEBCwUAA4IBAQBZc0jF1412mfb4GwqB9OwRJTVtE6Gldon+iP6/KtC0 MBQnRXfgvNhzKfgOaBdEc2daSg7zBrlZ8RJfko7VFx/sOYrQdFfgsW02HObE7T9e 7fEFh4SWGlWNub/PS3r1oMzH8WxaibGicsz3gOTGqRV92FLTd66BL2bK2OcjXfwZ 7apMLRCK0GyvTPQ021Snwcu++v7zHHyxP3TeJWUu2s86Hf0a+BNVFot6T+x0hZmu aNqgwYbqqhjYbWVE0PpAKw4KCZ0m17q1R1h6ufaVcqWRp/slhHDLtXW27zi2/0vD lT0D/aq4N4ECE0fKmz2VNpkcVtl0PKFhYhAEeEIrn0SU -----END CERTIFICATE-----Generated at Mon Mar 2 15:28:27 2026 by rpki-client