$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBBD7/F93219126CB911EA80832E2EC4F9AE02/651072686CBB11EA95256D30C4F9AE02.roa File: 651072686CBB11EA95256D30C4F9AE02.roa (raw, json) Hash identifier: 1k1sjwOMI9vqcG9jJZ6jz098ozbMVSb/jG1hWC2yrho= Subject key identifier: C9:2D:54:7C:97:CF:AB:77:13:C0:B0:C4:35:F7:BC:B7:39:F6:39:89 Certificate issuer: /CN=A91EBBD7/serialNumber=A9BB0DFB6D4FF63B728833BE0AD6623796EC8A19 Certificate serial: 0ACA Authority key identifier: A9:BB:0D:FB:6D:4F:F6:3B:72:88:33:BE:0A:D6:62:37:96:EC:8A:19 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qbsN-21P9jtyiDO-CtZiN5bsihk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EBBD7/F93219126CB911EA80832E2EC4F9AE02/651072686CBB11EA95256D30C4F9AE02.roa Signing time: Sun 01 Mar 2026 14:00:17 +0000 ROA not before: Tue 30 Sep 2025 20:21:21 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 38004 IP address blocks: 202.89.24.0/21 maxlen: 21 202.89.24.0/25 maxlen: 25 202.89.24.128/25 maxlen: 25 202.89.25.0/24 maxlen: 25 202.89.26.0/24 maxlen: 24 202.89.29.0/24 maxlen: 24 2401:5f40::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EBBD7/F93219126CB911EA80832E2EC4F9AE02/qbsN-21P9jtyiDO-CtZiN5bsihk.crl rsync://rpki.apnic.net/member_repository/A91EBBD7/F93219126CB911EA80832E2EC4F9AE02/qbsN-21P9jtyiDO-CtZiN5bsihk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qbsN-21P9jtyiDO-CtZiN5bsihk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:59:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2762 (0xaca) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EBBD7, serialNumber=A9BB0DFB6D4FF63B728833BE0AD6623796EC8A19 Validity Not Before: Sep 30 20:21:21 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=69a44671-cf98 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:8c:5f:61:ec:0c:80:20:d5:67:de:d8:c7:ae: 5c:86:4e:20:04:87:df:b9:16:1d:32:79:ae:d1:1a: fc:28:df:c9:94:36:ed:f1:93:f0:98:9b:36:bb:b5: 86:3c:3b:a2:27:95:f3:4a:03:56:3a:a0:6a:00:44: 49:f1:d6:25:cc:af:a1:e8:c2:34:cb:d9:02:d0:af: e4:d9:46:3f:2d:f5:7e:fd:da:73:dd:9c:f1:95:43: 57:40:4a:29:7f:58:7a:12:31:72:06:34:08:31:39: 3c:b9:3f:c5:02:2b:db:aa:fe:fc:21:58:88:31:28: de:ed:43:1e:5d:3b:64:80:35:58:de:7c:ce:6f:98: 1b:d0:1a:18:96:a1:69:f7:42:63:f3:97:d8:04:26: 6e:23:f4:cb:b4:23:2e:f3:1d:c6:a1:24:fe:89:68: 3a:a3:43:92:13:01:29:1a:4e:df:e2:29:29:b7:0f: 7c:8e:7e:f1:af:62:d9:ee:94:b0:de:65:d1:b0:46: 14:0a:24:03:0e:78:5d:7b:72:71:1b:07:d9:9a:1a: e4:00:b7:bf:3f:7b:2d:80:cf:85:85:2c:b4:1b:f8: e1:4b:12:c7:31:77:06:64:0c:67:40:ca:e3:78:02: 98:cc:ab:df:c9:de:59:8d:f1:7b:af:92:1a:ab:5f: c6:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:2D:54:7C:97:CF:AB:77:13:C0:B0:C4:35:F7:BC:B7:39:F6:39:89 X509v3 Authority Key Identifier: keyid:A9:BB:0D:FB:6D:4F:F6:3B:72:88:33:BE:0A:D6:62:37:96:EC:8A:19 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EBBD7/F93219126CB911EA80832E2EC4F9AE02/qbsN-21P9jtyiDO-CtZiN5bsihk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qbsN-21P9jtyiDO-CtZiN5bsihk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBBD7/F93219126CB911EA80832E2EC4F9AE02/651072686CBB11EA95256D30C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 202.89.24.0/21 IPv6: 2401:5f40::/32 Signature Algorithm: sha256WithRSAEncryption 6e:0a:13:03:52:7d:51:42:67:ed:cb:e2:9d:f4:e7:00:44:fb: fe:71:b4:73:96:5e:96:44:fa:9e:ba:e8:ac:be:22:66:d9:86: d2:eb:a3:fc:da:02:39:9e:cc:90:ec:3e:76:ef:ef:89:3a:3a: 39:14:09:ff:96:c0:a2:92:5d:90:7b:70:77:85:08:80:0c:d0: 1d:69:a0:fd:e9:74:db:6f:d8:d6:db:92:6a:39:e6:4c:af:b5: 71:b7:13:e0:68:39:6f:45:86:e7:35:a1:9e:13:a6:70:07:95: 76:10:80:87:17:0c:0b:22:ce:c5:23:9c:81:04:25:3b:46:65: 58:d3:9f:e8:e1:ce:92:c8:19:10:7d:59:20:1b:cc:98:c2:67: f6:b3:d2:de:b9:af:5b:08:69:ae:a0:c9:c1:1f:51:34:c8:64: 04:ff:06:1a:92:9e:82:dc:48:a9:76:9d:e7:d3:69:33:1a:5c: f6:19:76:32:37:ec:35:95:92:f6:b0:c6:9a:ec:e4:a6:d7:c1: fc:a2:48:b8:aa:6c:a1:ed:b6:7f:f4:03:f2:9f:b2:5b:5d:4d: 6a:e5:a6:23:d5:0c:17:60:e2:c6:a4:de:40:d4:d0:52:89:d6: 5c:f2:bc:bb:67:c3:6b:96:91:c3:e6:74:3a:31:db:d1:c6:55: a9:42:5f:e6 -----BEGIN CERTIFICATE----- MIIFSzCCBDOgAwIBAgICCsowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUJCRDcxMTAvBgNVBAUTKEE5QkIwREZCNkQ0RkY2M0I3Mjg4MzNCRTBBRDY2MjM3 OTZFQzhBMTkwHhcNMjUwOTMwMjAyMTIxWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NDY3MS1jZjk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA24xfYewMgCDVZ97Yx65chk4gBIffuRYdMnmu0Rr8KN/JlDbt8ZPwmJs2u7WG PDuiJ5XzSgNWOqBqAERJ8dYlzK+h6MI0y9kC0K/k2UY/LfV+/dpz3ZzxlUNXQEop f1h6EjFyBjQIMTk8uT/FAivbqv78IViIMSje7UMeXTtkgDVY3nzOb5gb0BoYlqFp 90Jj85fYBCZuI/TLtCMu8x3GoST+iWg6o0OSEwEpGk7f4ikptw98jn7xr2LZ7pSw 3mXRsEYUCiQDDnhde3JxGwfZmhrkALe/P3stgM+FhSy0G/jhSxLHMXcGZAxnQMrj eAKYzKvfyd5ZjfF7r5Iaq1/GiQIDAQABo4ICbzCCAmswHQYDVR0OBBYEFMktVHyX z6t3E8CwxDX3vLc59jmJMB8GA1UdIwQYMBaAFKm7DfttT/Y7cogzvgrWYjeW7IoZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkJENy9GOTMyMTkxMjZD QjkxMUVBODA4MzJFMkVDNEY5QUUwMi9xYnNOLTIxUDlqdHlpRE8tQ3RaaU41YnNp aGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3Fic04tMjFQOWp0eWlETy1DdFppTjVic2loay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUJCRDcvRjkzMjE5MTI2Q0I5MTFFQTgwODMyRTJFQzRGOUFFMDIvNjUxMDcyNjg2 Q0JCMTFFQTk1MjU2RDMwQzRGOUFFMDIucm9hMC4GCCsGAQUFBwEHAQH/BB8wHTAM BAIAATAGAwQDylkYMA0EAgACMAcDBQAkAV9AMA0GCSqGSIb3DQEBCwUAA4IBAQBu ChMDUn1RQmfty+Kd9OcARPv+cbRzll6WRPqeuuisviJm2YbS66P82gI5nsyQ7D52 7++JOjo5FAn/lsCikl2Qe3B3hQiADNAdaaD96XTbb9jW25JqOeZMr7VxtxPgaDlv RYbnNaGeE6ZwB5V2EICHFwwLIs7FI5yBBCU7RmVY05/o4c6SyBkQfVkgG8yYwmf2 s9Leua9bCGmuoMnBH1E0yGQE/wYakp6C3Eipdp3n02kzGlz2GXYyN+w1lZL2sMaa 7OSm18H8oki4qmyh7bZ/9APyn7JbXU1q5aYj1QwXYOLGpN5A1NBSidZc8ry7Z8Nr lpHD5nQ6MdvRxlWpQl/m -----END CERTIFICATE-----Generated at Mon Mar 2 17:26:12 2026 by rpki-client