$ rpki-client -vvf rpki.apnic.net/member_repository/A91FEE70/0910D1A009E811EAA630164FC4F9AE02/33B6385E09E911EAA0C05451C4F9AE02.roa File: 33B6385E09E911EAA0C05451C4F9AE02.roa (raw, json) Hash identifier: APn+F9xRovOSeD45jGA8svXtlMxctUkywPcao3lKdl4= Subject key identifier: 25:FA:3A:4E:B9:13:F3:B4:8D:35:42:24:C2:A2:85:73:72:96:49:84 Certificate issuer: /CN=A91FEE70/serialNumber=FA94DE39088EC38A52B692279A42C4AFFB5B73B1 Certificate serial: 0CE6 Authority key identifier: FA:94:DE:39:08:8E:C3:8A:52:B6:92:27:9A:42:C4:AF:FB:5B:73:B1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-pTeOQiOw4pStpInmkLEr_tbc7E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FEE70/0910D1A009E811EAA630164FC4F9AE02/33B6385E09E911EAA0C05451C4F9AE02.roa Signing time: Tue 14 Apr 2026 18:23:21 +0000 ROA not before: Tue 14 Apr 2026 18:23:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 133081 IP address blocks: 203.2.168.0/24 maxlen: 24 203.2.169.0/24 maxlen: 24 203.2.170.0/24 maxlen: 24 203.2.171.0/24 maxlen: 24 203.2.172.0/24 maxlen: 24 203.2.173.0/24 maxlen: 24 203.2.174.0/24 maxlen: 24 203.2.175.0/24 maxlen: 24 203.16.128.0/24 maxlen: 24 203.16.129.0/24 maxlen: 24 203.16.130.0/24 maxlen: 24 203.16.131.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FEE70/0910D1A009E811EAA630164FC4F9AE02/-pTeOQiOw4pStpInmkLEr_tbc7E.crl rsync://rpki.apnic.net/member_repository/A91FEE70/0910D1A009E811EAA630164FC4F9AE02/-pTeOQiOw4pStpInmkLEr_tbc7E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-pTeOQiOw4pStpInmkLEr_tbc7E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Apr 2026 18:17:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3302 (0xce6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FEE70, serialNumber=FA94DE39088EC38A52B692279A42C4AFFB5B73B1 Validity Not Before: Apr 14 18:23:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=69de8619-a194 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:d4:5a:2d:e4:b8:88:09:79:50:23:0f:27:cd: 52:82:aa:12:f5:41:b9:d7:b9:bf:fc:7b:d6:57:fc: 32:f0:5d:38:27:73:15:0e:12:98:46:85:38:54:41: 43:d4:0c:12:28:56:87:95:c7:cc:88:5a:13:51:05: 9e:1d:33:6c:d4:43:21:e8:78:e3:02:8b:aa:97:bd: 3e:9e:da:8a:f0:46:ec:86:27:45:c3:1e:9c:c7:48: b6:ae:59:3e:01:af:ae:76:46:45:ad:7a:32:66:6d: 3e:64:6b:de:4b:e7:bb:b5:e8:06:61:84:17:30:ce: eb:b4:ef:43:de:b0:17:bc:22:bb:69:83:2a:3e:68: 58:18:18:e0:1d:1a:73:fd:4a:0e:56:a3:f1:ed:c5: 5a:6a:a1:99:dd:be:03:3c:3f:a3:51:0b:6c:f4:59: b6:a1:37:13:4c:02:22:88:bd:dc:7f:a9:30:d4:17: 9d:42:8b:dd:31:10:4b:dd:b2:a6:33:59:19:9a:f1: e0:f0:d6:c9:dd:7c:56:af:f2:94:88:43:32:f9:fb: d9:a7:13:42:27:ae:e3:83:cd:87:85:4e:b8:6a:f8: 38:69:eb:d7:4c:09:8c:1d:45:ab:a7:88:b9:ed:57: 27:ca:6d:8f:9a:11:e8:32:4b:36:b0:1f:11:9d:5a: 71:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:FA:3A:4E:B9:13:F3:B4:8D:35:42:24:C2:A2:85:73:72:96:49:84 X509v3 Authority Key Identifier: keyid:FA:94:DE:39:08:8E:C3:8A:52:B6:92:27:9A:42:C4:AF:FB:5B:73:B1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FEE70/0910D1A009E811EAA630164FC4F9AE02/-pTeOQiOw4pStpInmkLEr_tbc7E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-pTeOQiOw4pStpInmkLEr_tbc7E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FEE70/0910D1A009E811EAA630164FC4F9AE02/33B6385E09E911EAA0C05451C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 203.2.168.0/21 203.16.128.0/22 Signature Algorithm: sha256WithRSAEncryption 65:f1:24:53:e1:4b:b1:74:e8:60:cf:62:d8:eb:f8:b2:5c:62: d9:80:f0:05:46:45:02:b8:59:d9:b5:0e:03:89:d1:ff:91:fa: 3e:19:f2:c5:fc:22:f4:fd:e7:bd:ae:0b:aa:48:e3:29:08:52: 72:24:ef:18:ce:f5:e9:64:0a:c8:d2:38:65:1c:1d:c7:4d:63: 10:f8:14:d7:bb:7e:cf:6a:9c:ab:85:60:47:cf:a8:f8:20:f4: d8:36:d9:b2:81:9f:61:1b:e7:35:a5:a2:1b:44:e9:7d:42:b3: 1e:0c:6a:47:2d:a1:ff:11:d0:89:e9:05:f1:e4:ba:9a:5d:b6: b4:a1:65:c5:35:4d:29:a5:21:15:cc:14:42:c1:86:4d:7c:90: 06:b1:f2:3c:54:21:df:5a:0f:3c:e6:74:81:dc:ad:89:ac:2c: 16:9f:5a:34:77:d3:b6:ce:ff:2a:c2:1e:22:29:e9:95:d6:27: b5:85:18:bf:db:4d:97:21:01:1d:48:5d:8b:23:65:ea:b9:91: 9b:f9:2e:ea:fb:c8:2c:eb:bd:23:c2:bd:9e:1a:fe:1f:2f:2a: 7d:fe:4c:b8:26:ea:82:bb:71:45:42:dc:1c:d0:f3:64:95:2b: 85:af:f6:c7:51:8f:12:de:fa:1a:5f:35:fe:98:e1:b8:ae:92: d7:5c:da:0f -----BEGIN CERTIFICATE----- MIIFQjCCBCqgAwIBAgICDOYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkVFNzAxMTAvBgNVBAUTKEZBOTRERTM5MDg4RUMzOEE1MkI2OTIyNzlBNDJDNEFG RkI1QjczQjEwHhcNMjYwNDE0MTgyMzIxWhcNMjcwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWRlODYxOS1hMTk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsdRaLeS4iAl5UCMPJ81SgqoS9UG517m//HvWV/wy8F04J3MVDhKYRoU4VEFD 1AwSKFaHlcfMiFoTUQWeHTNs1EMh6HjjAouql70+ntqK8EbshidFwx6cx0i2rlk+ Aa+udkZFrXoyZm0+ZGveS+e7tegGYYQXMM7rtO9D3rAXvCK7aYMqPmhYGBjgHRpz /UoOVqPx7cVaaqGZ3b4DPD+jUQts9Fm2oTcTTAIiiL3cf6kw1BedQovdMRBL3bKm M1kZmvHg8NbJ3XxWr/KUiEMy+fvZpxNCJ67jg82HhU64avg4aevXTAmMHUWrp4i5 7Vcnym2PmhHoMks2sB8RnVpxewIDAQABo4ICZjCCAmIwHQYDVR0OBBYEFCX6Ok65 E/O0jTVCJMKihXNylkmEMB8GA1UdIwQYMBaAFPqU3jkIjsOKUraSJ5pCxK/7W3Ox MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRUU3MC8wOTEwRDFBMDA5 RTgxMUVBQTYzMDE2NEZDNEY5QUUwMi8tcFRlT1FpT3c0cFN0cElubWtMRXJfdGJj N0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1wVGVPUWlPdzRwU3RwSW5ta0xFcl90YmM3RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RkVFNzAvMDkxMEQxQTAwOUU4MTFFQUE2MzAxNjRGQzRGOUFFMDIvMzNCNjM4NUUw OUU5MTFFQUEwQzA1NDUxQzRGOUFFMDIucm9hMCUGCCsGAQUFBwEHAQH/BBYwFDAS BAIAATAMAwQDywKoAwQCyxCAMA0GCSqGSIb3DQEBCwUAA4IBAQBl8SRT4UuxdOhg z2LY6/iyXGLZgPAFRkUCuFnZtQ4DidH/kfo+GfLF/CL0/ee9rguqSOMpCFJyJO8Y zvXpZArI0jhlHB3HTWMQ+BTXu37PapyrhWBHz6j4IPTYNtmygZ9hG+c1paIbROl9 QrMeDGpHLaH/EdCJ6QXx5LqaXba0oWXFNU0ppSEVzBRCwYZNfJAGsfI8VCHfWg88 5nSB3K2JrCwWn1o0d9O2zv8qwh4iKemV1ie1hRi/202XIQEdSF2LI2XquZGb+S7q +8gs670jwr2eGv4fLyp9/ky4JuqCu3FFQtwc0PNklSuFr/bHUY8S3voaXzX+mOG4 rpLXXNoP -----END CERTIFICATE-----Generated at Fri Apr 17 17:48:06 2026 by rpki-client