$ rpki-client -vvf rpki.apnic.net/member_repository/A91F3CB1/2D843698168611F08916985BC4F9AE02/9217B6681AA811F0B10C6412C4F9AE02.roa File: 9217B6681AA811F0B10C6412C4F9AE02.roa (raw, json) Hash identifier: 1J7nQsHlQuAiAvo5aIiZqNyCzq3jV+3T1c+Q4mzMQvk= Subject key identifier: 73:CD:F8:15:9B:18:14:4E:1E:02:88:BF:D7:92:C9:A8:87:03:A4:B1 Certificate issuer: /CN=A91F3CB1/serialNumber=7AD79EEB3B928354D950DC6E4F8BECCB25C2FC4B Certificate serial: E9 Authority key identifier: 7A:D7:9E:EB:3B:92:83:54:D9:50:DC:6E:4F:8B:EC:CB:25:C2:FC:4B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/etee6zuSg1TZUNxuT4vsyyXC_Es.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F3CB1/2D843698168611F08916985BC4F9AE02/9217B6681AA811F0B10C6412C4F9AE02.roa Signing time: Thu 09 Apr 2026 06:42:29 +0000 ROA not before: Thu 09 Apr 2026 06:42:29 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 7468 IP address blocks: 202.60.224.0/24 maxlen: 24 202.60.225.0/24 maxlen: 24 202.60.226.0/24 maxlen: 24 202.60.227.0/24 maxlen: 24 202.60.228.0/22 maxlen: 22 202.60.228.0/24 maxlen: 24 202.60.229.0/24 maxlen: 24 202.60.230.0/24 maxlen: 24 202.60.231.0/24 maxlen: 24 202.60.232.0/22 maxlen: 22 202.60.232.0/24 maxlen: 24 202.60.233.0/24 maxlen: 24 202.60.234.0/24 maxlen: 24 202.60.235.0/24 maxlen: 24 202.60.236.0/23 maxlen: 23 202.60.236.0/24 maxlen: 24 202.60.237.0/24 maxlen: 24 202.60.238.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F3CB1/2D843698168611F08916985BC4F9AE02/etee6zuSg1TZUNxuT4vsyyXC_Es.crl rsync://rpki.apnic.net/member_repository/A91F3CB1/2D843698168611F08916985BC4F9AE02/etee6zuSg1TZUNxuT4vsyyXC_Es.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/etee6zuSg1TZUNxuT4vsyyXC_Es.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Apr 2026 06:40:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 233 (0xe9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F3CB1, serialNumber=7AD79EEB3B928354D950DC6E4F8BECCB25C2FC4B Validity Not Before: Apr 9 06:42:29 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=69d74a55-db0a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:5d:9c:7a:81:9b:40:a8:10:bf:aa:53:ed:66: 28:b7:29:32:ae:6f:f4:89:83:7a:09:7b:39:2d:31: 88:1f:25:dc:30:f7:bf:ed:eb:2d:ac:4f:35:54:b6: f6:bf:49:66:42:90:7e:e2:60:05:a8:0d:c2:cb:b7: e6:9e:69:f8:2e:90:76:95:2e:a5:f7:35:43:fc:11: 65:50:cc:3c:f8:a8:3c:5d:ea:d6:e0:c3:7f:07:5c: 7e:92:67:7d:9a:cf:53:31:52:1b:0c:1a:2d:4e:8c: 6e:82:48:e1:c2:12:bf:e6:5a:47:f5:2b:21:b1:8e: e4:da:5e:e5:6d:4b:36:7e:e4:c8:2d:94:10:91:ff: 68:2d:31:b8:ad:e9:57:15:62:b7:25:a4:cb:d1:c5: 2c:12:16:28:44:cf:31:16:af:4c:b7:b2:12:9b:09: 6f:c8:65:f1:ec:22:90:de:c4:5f:fe:57:59:f4:05: f3:c6:38:af:0d:85:5c:3a:26:07:d0:15:b2:65:81: e1:c5:b8:d4:fe:b0:b4:95:68:6a:7b:8c:a5:f3:15: e5:85:a3:47:34:06:5d:c8:76:78:14:a2:30:8d:ec: 4f:cb:a4:a4:25:a0:66:c7:e3:02:c1:4a:1a:9d:b0: 14:e7:27:4c:b4:7b:58:89:ae:92:9f:67:fb:4b:0c: 47:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:CD:F8:15:9B:18:14:4E:1E:02:88:BF:D7:92:C9:A8:87:03:A4:B1 X509v3 Authority Key Identifier: keyid:7A:D7:9E:EB:3B:92:83:54:D9:50:DC:6E:4F:8B:EC:CB:25:C2:FC:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F3CB1/2D843698168611F08916985BC4F9AE02/etee6zuSg1TZUNxuT4vsyyXC_Es.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/etee6zuSg1TZUNxuT4vsyyXC_Es.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F3CB1/2D843698168611F08916985BC4F9AE02/9217B6681AA811F0B10C6412C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 202.60.224.0-202.60.238.255 Signature Algorithm: sha256WithRSAEncryption 48:0f:e6:69:0b:85:bb:d5:5c:8a:94:3a:d5:cd:ba:0c:f9:54: 89:61:dd:1c:85:87:1c:68:26:1a:7c:a6:53:5b:f3:d0:64:36: 2c:be:ae:40:35:41:aa:f0:9d:e8:3c:8a:44:5b:74:4d:50:0a: c4:99:11:b3:b4:06:cd:9d:f7:02:38:71:8d:15:cb:39:36:af: bc:a6:09:e9:1e:40:5c:64:5d:02:11:f4:53:d5:a8:c3:2f:01: 4a:b3:a8:e9:5b:3a:07:43:e1:ba:a8:95:44:3c:5a:a4:cf:b0: 9f:55:a8:64:93:91:eb:91:93:f6:7f:de:a4:91:b1:3d:3f:77: f4:c2:67:ba:4d:65:3f:a5:c1:7c:96:3c:94:3e:da:38:4f:ef: 8f:a5:d8:5b:e0:bd:e4:28:7f:4c:9c:1a:5a:5a:20:b9:9b:66: 37:ef:5c:87:5f:cf:5c:e1:62:c3:6f:c7:b4:a5:72:4f:38:9d: 43:db:29:30:09:88:e4:01:2f:80:e1:9e:f7:f6:be:70:38:0c: ee:c4:15:55:8f:95:0f:a9:fd:9d:bf:0e:bb:85:a8:f8:b4:b8: 06:fd:2d:9f:c0:05:b1:3e:5c:fa:5e:8c:c4:16:ce:70:1d:33: 4e:f4:2a:97:e6:99:9b:44:39:76:02:fa:30:f9:d9:4b:22:f8: 73:05:7d:e7 -----BEGIN CERTIFICATE----- MIIFRDCCBCygAwIBAgICAOkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjNDQjExMTAvBgNVBAUTKDdBRDc5RUVCM0I5MjgzNTREOTUwREM2RTRGOEJFQ0NC MjVDMkZDNEIwHhcNMjYwNDA5MDY0MjI5WhcNMjcwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWQ3NGE1NS1kYjBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArV2ceoGbQKgQv6pT7WYotykyrm/0iYN6CXs5LTGIHyXcMPe/7estrE81VLb2 v0lmQpB+4mAFqA3Cy7fmnmn4LpB2lS6l9zVD/BFlUMw8+Kg8XerW4MN/B1x+kmd9 ms9TMVIbDBotToxugkjhwhK/5lpH9SshsY7k2l7lbUs2fuTILZQQkf9oLTG4relX FWK3JaTL0cUsEhYoRM8xFq9Mt7ISmwlvyGXx7CKQ3sRf/ldZ9AXzxjivDYVcOiYH 0BWyZYHhxbjU/rC0lWhqe4yl8xXlhaNHNAZdyHZ4FKIwjexPy6SkJaBmx+MCwUoa nbAU5ydMtHtYia6Sn2f7SwxHCQIDAQABo4ICaDCCAmQwHQYDVR0OBBYEFHPN+BWb GBROHgKIv9eSyaiHA6SxMB8GA1UdIwQYMBaAFHrXnus7koNU2VDcbk+L7MslwvxL MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGM0NCMS8yRDg0MzY5ODE2 ODYxMUYwODkxNjk4NUJDNEY5QUUwMi9ldGVlNnp1U2cxVFpVTnh1VDR2c3l5WENf RXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2V0ZWU2enVTZzFUWlVOeHVUNHZzeXlYQ19Fcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjNDQjEvMkQ4NDM2OTgxNjg2MTFGMDg5MTY5ODVCQzRGOUFFMDIvOTIxN0I2Njgx QUE4MTFGMEIxMEM2NDEyQzRGOUFFMDIucm9hMCcGCCsGAQUFBwEHAQH/BBgwFjAU BAIAATAOMAwDBAXKPOADBADKPO4wDQYJKoZIhvcNAQELBQADggEBAEgP5mkLhbvV XIqUOtXNugz5VIlh3RyFhxxoJhp8plNb89BkNiy+rkA1Qarwneg8ikRbdE1QCsSZ EbO0Bs2d9wI4cY0Vyzk2r7ymCekeQFxkXQIR9FPVqMMvAUqzqOlbOgdD4bqolUQ8 WqTPsJ9VqGSTkeuRk/Z/3qSRsT0/d/TCZ7pNZT+lwXyWPJQ+2jhP74+l2FvgveQo f0ycGlpaILmbZjfvXIdfz1zhYsNvx7Slck84nUPbKTAJiOQBL4Dhnvf2vnA4DO7E FVWPlQ+p/Z2/DruFqPi0uAb9LZ/ABbE+XPpejMQWznAdM070KpfmmZtEOXYC+jD5 2Usi+HMFfec= -----END CERTIFICATE-----Generated at Fri Apr 17 11:47:22 2026 by rpki-client