$ rpki-client -vvf rpki.apnic.net/member_repository/A91FEE70/0910D1A009E811EAA630164FC4F9AE02/33B6385E09E911EAA0C05451C4F9AE02.roa File: 33B6385E09E911EAA0C05451C4F9AE02.roa (raw, json) Hash identifier: gFZOTu8d2L6s2nLA0DenUPFZSyNTRHDF7VZSiFkBhgE= Subject key identifier: CE:26:AA:B8:CC:1F:02:9B:9A:94:DF:B1:A0:11:1A:B0:4B:F3:48:E3 Certificate issuer: /CN=A91FEE70/serialNumber=FA94DE39088EC38A52B692279A42C4AFFB5B73B1 Certificate serial: 0CC9 Authority key identifier: FA:94:DE:39:08:8E:C3:8A:52:B6:92:27:9A:42:C4:AF:FB:5B:73:B1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-pTeOQiOw4pStpInmkLEr_tbc7E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FEE70/0910D1A009E811EAA630164FC4F9AE02/33B6385E09E911EAA0C05451C4F9AE02.roa Signing time: Sun 01 Mar 2026 12:18:50 +0000 ROA not before: Tue 08 Apr 2025 18:57:31 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 133081 IP address blocks: 203.2.168.0/24 maxlen: 24 203.2.169.0/24 maxlen: 24 203.2.170.0/24 maxlen: 24 203.2.171.0/24 maxlen: 24 203.2.172.0/24 maxlen: 24 203.2.173.0/24 maxlen: 24 203.2.174.0/24 maxlen: 24 203.2.175.0/24 maxlen: 24 203.16.128.0/24 maxlen: 24 203.16.129.0/24 maxlen: 24 203.16.130.0/24 maxlen: 24 203.16.131.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FEE70/0910D1A009E811EAA630164FC4F9AE02/-pTeOQiOw4pStpInmkLEr_tbc7E.crl rsync://rpki.apnic.net/member_repository/A91FEE70/0910D1A009E811EAA630164FC4F9AE02/-pTeOQiOw4pStpInmkLEr_tbc7E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-pTeOQiOw4pStpInmkLEr_tbc7E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 03:01:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3273 (0xcc9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FEE70, serialNumber=FA94DE39088EC38A52B692279A42C4AFFB5B73B1 Validity Not Before: Apr 8 18:57:31 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=69a42eaa-31c4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:1f:30:4c:c8:26:ef:34:0c:0c:da:78:4b:b0: 94:55:7b:9e:6d:77:a9:19:9e:e0:0b:72:4c:9a:4e: 6f:92:d3:01:ac:e6:18:ff:67:a3:85:fc:25:ef:6f: 74:9d:a7:5e:17:a8:aa:59:2f:48:0d:77:7a:63:99: be:12:5c:ee:9a:84:50:00:04:f8:63:02:ec:b4:4f: 25:08:1f:83:bd:23:47:fe:fd:8c:cb:37:b9:be:fc: 10:69:96:75:10:b4:36:16:13:8e:fb:4a:25:e4:6b: 61:09:bc:16:03:33:4f:44:1d:0e:07:11:6e:f5:c2: 60:ba:72:f1:71:58:dc:7e:58:7b:d6:28:e1:74:82: 63:de:27:ad:e1:bf:7c:52:6f:20:21:8c:6d:fb:63: 17:8f:cc:68:2a:84:06:4c:f6:c7:6d:60:f2:20:63: f3:6b:07:2e:83:f5:49:d4:32:d2:a9:0d:ed:61:b6: 1b:67:d6:3d:2d:7a:4b:9e:84:f4:d0:51:cf:3f:d8: 33:0b:57:c1:a4:59:7c:cf:ac:d8:0d:ce:c7:d7:87: fd:8c:a0:ed:d0:55:7c:7e:2b:5e:f0:b5:1b:82:59: 25:aa:b5:e5:75:3d:0e:62:df:17:0e:90:e7:e8:2f: 8c:bb:63:19:17:6e:6f:5d:b8:2f:b0:9c:4a:96:5f: 77:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:26:AA:B8:CC:1F:02:9B:9A:94:DF:B1:A0:11:1A:B0:4B:F3:48:E3 X509v3 Authority Key Identifier: keyid:FA:94:DE:39:08:8E:C3:8A:52:B6:92:27:9A:42:C4:AF:FB:5B:73:B1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FEE70/0910D1A009E811EAA630164FC4F9AE02/-pTeOQiOw4pStpInmkLEr_tbc7E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-pTeOQiOw4pStpInmkLEr_tbc7E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FEE70/0910D1A009E811EAA630164FC4F9AE02/33B6385E09E911EAA0C05451C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 203.2.168.0/21 203.16.128.0/22 Signature Algorithm: sha256WithRSAEncryption 8b:25:4b:b2:1f:fc:42:c3:ee:d7:97:c2:8d:94:dc:a0:e4:25: 91:c4:73:f6:1c:20:8b:ec:f8:b8:6b:44:f9:8e:07:c8:92:cf: 6b:ae:fc:6e:3a:a4:3d:4b:5f:31:83:a8:6b:d1:58:5e:90:78: 3a:63:8c:05:e9:f0:b1:f5:7e:a3:b3:6f:f9:29:d4:b0:10:37: 71:05:72:8c:3e:7a:0d:f7:56:1e:f2:ee:1e:5f:4a:0b:c8:6a: ec:de:6a:1a:f1:83:aa:69:d2:23:7e:c0:0b:ab:f6:e0:09:c2: 29:3c:da:b9:0b:e5:18:ce:df:82:3c:7c:63:cc:13:4a:8a:ed: 5b:19:32:9f:32:26:a7:e5:52:c9:e4:ff:ae:a3:0b:11:55:70: 40:a1:92:10:be:7d:49:ad:fd:ee:4f:30:e6:a7:13:7d:db:98: bb:cb:ea:9f:57:f3:67:0d:e9:b9:09:82:20:8c:7b:3a:85:07: 8e:0f:f1:5d:5b:d6:40:09:95:14:aa:c1:1b:c0:ac:b6:3a:b5: 7a:36:b3:53:a0:dc:93:43:ee:1b:ad:b1:2c:be:97:be:ba:56: 37:25:ef:e0:d4:00:5a:66:56:e4:68:c6:a9:a4:54:c8:e5:d0: 31:07:7c:91:98:12:79:b6:03:50:03:ef:0a:78:58:38:9d:d0: 37:c0:d4:a5 -----BEGIN CERTIFICATE----- MIIFQjCCBCqgAwIBAgICDMkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkVFNzAxMTAvBgNVBAUTKEZBOTRERTM5MDg4RUMzOEE1MkI2OTIyNzlBNDJDNEFG RkI1QjczQjEwHhcNMjUwNDA4MTg1NzMxWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MmVhYS0zMWM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqR8wTMgm7zQMDNp4S7CUVXuebXepGZ7gC3JMmk5vktMBrOYY/2ejhfwl7290 nadeF6iqWS9IDXd6Y5m+ElzumoRQAAT4YwLstE8lCB+DvSNH/v2Myze5vvwQaZZ1 ELQ2FhOO+0ol5GthCbwWAzNPRB0OBxFu9cJgunLxcVjcflh71ijhdIJj3iet4b98 Um8gIYxt+2MXj8xoKoQGTPbHbWDyIGPzawcug/VJ1DLSqQ3tYbYbZ9Y9LXpLnoT0 0FHPP9gzC1fBpFl8z6zYDc7H14f9jKDt0FV8fite8LUbglklqrXldT0OYt8XDpDn 6C+Mu2MZF25vXbgvsJxKll93qwIDAQABo4ICZjCCAmIwHQYDVR0OBBYEFM4mqrjM HwKbmpTfsaARGrBL80jjMB8GA1UdIwQYMBaAFPqU3jkIjsOKUraSJ5pCxK/7W3Ox MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRUU3MC8wOTEwRDFBMDA5 RTgxMUVBQTYzMDE2NEZDNEY5QUUwMi8tcFRlT1FpT3c0cFN0cElubWtMRXJfdGJj N0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1wVGVPUWlPdzRwU3RwSW5ta0xFcl90YmM3RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RkVFNzAvMDkxMEQxQTAwOUU4MTFFQUE2MzAxNjRGQzRGOUFFMDIvMzNCNjM4NUUw OUU5MTFFQUEwQzA1NDUxQzRGOUFFMDIucm9hMCUGCCsGAQUFBwEHAQH/BBYwFDAS BAIAATAMAwQDywKoAwQCyxCAMA0GCSqGSIb3DQEBCwUAA4IBAQCLJUuyH/xCw+7X l8KNlNyg5CWRxHP2HCCL7Pi4a0T5jgfIks9rrvxuOqQ9S18xg6hr0VhekHg6Y4wF 6fCx9X6js2/5KdSwEDdxBXKMPnoN91Ye8u4eX0oLyGrs3moa8YOqadIjfsALq/bg CcIpPNq5C+UYzt+CPHxjzBNKiu1bGTKfMian5VLJ5P+uowsRVXBAoZIQvn1Jrf3u TzDmpxN925i7y+qfV/NnDem5CYIgjHs6hQeOD/FdW9ZACZUUqsEbwKy2OrV6NrNT oNyTQ+4brbEsvpe+ulY3Je/g1ABaZlbkaMappFTI5dAxB3yRmBJ5tgNQA+8KeFg4 ndA3wNSl -----END CERTIFICATE-----Generated at Mon Mar 2 07:44:13 2026 by rpki-client