$ rpki-client -vvf rpki.apnic.net/member_repository/A91139AB/158D4906255B11EBA9F5601AC4F9AE02/96AD16C6B5FA11F0A1583C84C4F9AE02.roa File: 96AD16C6B5FA11F0A1583C84C4F9AE02.roa (raw, json) Hash identifier: SXJt4LBTuAz2nJWEzDtyLdnG6MS+qN5y5TbtbC3BcFU= Subject key identifier: A2:8E:98:6F:2D:5F:C3:F1:31:EA:D4:9E:22:5A:F1:70:20:73:BD:4D Certificate issuer: /CN=A91139AB/serialNumber=C1424C4CCC59C9A031BE1ACDF7982D87AB57D068 Certificate serial: 50 Authority key identifier: C1:42:4C:4C:CC:59:C9:A0:31:BE:1A:CD:F7:98:2D:87:AB:57:D0:68 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wUJMTMxZyaAxvhrN95gth6tX0Gg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91139AB/158D4906255B11EBA9F5601AC4F9AE02/96AD16C6B5FA11F0A1583C84C4F9AE02.roa Signing time: Mon 02 Mar 2026 21:27:06 +0000 ROA not before: Mon 02 Mar 2026 21:27:06 +0000 ROA not after: Tue 30 Jun 2026 00:00:00 +0000 asID: 4857 IP address blocks: 202.147.96.0/20 maxlen: 20 202.147.112.0/20 maxlen: 24 203.82.160.0/20 maxlen: 24 203.82.176.0/20 maxlen: 24 203.201.64.0/20 maxlen: 24 203.201.80.0/20 maxlen: 24 203.201.96.0/20 maxlen: 20 203.201.112.0/20 maxlen: 24 221.120.128.0/20 maxlen: 24 221.120.144.0/24 maxlen: 24 221.120.145.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91139AB/158D4906255B11EBA9F5601AC4F9AE02/wUJMTMxZyaAxvhrN95gth6tX0Gg.crl rsync://rpki.apnic.net/member_repository/A91139AB/158D4906255B11EBA9F5601AC4F9AE02/wUJMTMxZyaAxvhrN95gth6tX0Gg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wUJMTMxZyaAxvhrN95gth6tX0Gg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 20:59:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 80 (0x50) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91139AB, serialNumber=C1424C4CCC59C9A031BE1ACDF7982D87AB57D068 Validity Not Before: Mar 2 21:27:06 2026 GMT Not After : Jun 30 00:00:00 2026 GMT Subject: CN=69a600aa-e337 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:b0:fa:a8:ca:d3:81:b5:be:19:28:38:9d:b2: 17:0c:1e:31:b8:d1:d9:20:e9:52:43:d5:b7:83:77: 22:af:21:c3:00:14:4f:2c:26:e9:2e:1a:17:fd:77: ae:7b:3d:bc:ac:8f:6a:a6:45:35:81:18:4c:aa:32: c7:d3:d1:eb:ab:04:1f:64:2c:77:71:ce:3e:f6:49: cb:7b:59:b4:c5:d7:8a:b2:94:71:7a:ec:4d:51:86: 5a:98:b5:ee:7e:c5:ab:e2:66:92:00:c0:50:3c:69: f7:fc:0b:55:7d:26:61:e2:d3:40:2c:7d:86:bf:83: b4:a6:82:ad:e3:40:40:f2:b7:ec:f3:c1:ff:41:4c: 73:13:d9:17:06:72:3e:8f:32:8e:32:68:ee:72:27: 24:b9:db:98:5a:ad:4e:d9:dc:53:5d:84:0d:1b:ff: 9c:17:ad:c4:c7:7f:5f:40:67:41:48:8b:82:90:a9: 5d:37:c5:aa:e5:e0:1f:fd:a8:5e:98:b4:ad:0e:9b: b7:b0:58:b5:e8:db:a8:b1:ee:03:94:4d:8a:9b:68: 2e:40:4d:09:b6:8a:e4:54:9a:d4:1f:87:be:2c:d5: e0:0e:ff:bf:f8:fd:bf:64:6a:66:b6:e6:cd:9c:12: 2c:53:98:21:19:5c:89:e7:3f:21:91:db:e4:32:f2: 2d:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:8E:98:6F:2D:5F:C3:F1:31:EA:D4:9E:22:5A:F1:70:20:73:BD:4D X509v3 Authority Key Identifier: keyid:C1:42:4C:4C:CC:59:C9:A0:31:BE:1A:CD:F7:98:2D:87:AB:57:D0:68 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91139AB/158D4906255B11EBA9F5601AC4F9AE02/wUJMTMxZyaAxvhrN95gth6tX0Gg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wUJMTMxZyaAxvhrN95gth6tX0Gg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91139AB/158D4906255B11EBA9F5601AC4F9AE02/96AD16C6B5FA11F0A1583C84C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 202.147.96.0/19 203.82.160.0/19 203.201.64.0/18 221.120.128.0-221.120.145.255 Signature Algorithm: sha256WithRSAEncryption 48:9c:34:24:dd:33:e6:a0:02:53:82:0e:96:2a:c9:4d:c2:f5: d1:2b:9d:b6:b1:1d:31:c6:a1:0b:64:35:dd:4e:ec:19:d3:68: b6:61:da:df:73:66:25:c7:81:2e:07:e1:ff:80:55:5a:b1:2d: 9f:76:b1:28:33:1d:77:99:e1:de:ae:29:85:14:9f:60:96:25: 46:31:61:9f:37:8d:17:b9:fd:f9:5c:a9:23:52:7d:fa:b2:ac: 70:91:d2:0b:f5:de:a5:c7:57:4d:0e:66:fb:a5:85:5c:84:f2: f6:f5:98:f7:5e:52:08:10:9e:7d:d8:e9:dc:b1:29:2c:7a:20: 0f:07:fc:2e:06:2d:04:60:c6:cc:be:7c:a6:e5:58:a0:b3:75: 0f:dd:dc:55:c2:bd:1b:f2:e2:e4:e5:ef:6f:b5:46:b2:1c:fe: 00:1e:f8:2d:02:23:11:0e:c1:2d:f4:c6:c2:d2:e6:61:2d:a7: 2f:7d:e6:50:d5:d4:4e:5f:ba:81:ab:93:bb:b2:9a:02:f1:13: 5f:2a:20:fa:0e:5b:7e:24:e0:01:7b:3a:8b:30:f1:cd:d1:07: 3d:e2:8a:90:27:57:89:40:39:94:c7:9a:08:51:5d:d4:c2:9f: d9:a5:d8:0d:c3:d0:c8:aa:93:da:f0:21:d6:fe:97:c6:d0:d5: a9:bd:d4:37 -----BEGIN CERTIFICATE----- MIIFVTCCBD2gAwIBAgIBUDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx MzlBQjExMC8GA1UEBRMoQzE0MjRDNENDQzU5QzlBMDMxQkUxQUNERjc5ODJEODdB QjU3RDA2ODAeFw0yNjAzMDIyMTI3MDZaFw0yNjA2MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY5YTYwMGFhLWUzMzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDVsPqoytOBtb4ZKDidshcMHjG40dkg6VJD1beDdyKvIcMAFE8sJukuGhf9d657 Pbysj2qmRTWBGEyqMsfT0eurBB9kLHdxzj72Sct7WbTF14qylHF67E1RhlqYte5+ xaviZpIAwFA8aff8C1V9JmHi00AsfYa/g7Smgq3jQEDyt+zzwf9BTHMT2RcGcj6P Mo4yaO5yJyS525harU7Z3FNdhA0b/5wXrcTHf19AZ0FIi4KQqV03xarl4B/9qF6Y tK0Om7ewWLXo26ix7gOUTYqbaC5ATQm2iuRUmtQfh74s1eAO/7/4/b9kama25s2c EixTmCEZXInnPyGR2+Qy8i0FAgMBAAGjggJ6MIICdjAdBgNVHQ4EFgQUoo6Yby1f w/Ex6tSeIlrxcCBzvU0wHwYDVR0jBBgwFoAUwUJMTMxZyaAxvhrN95gth6tX0Ggw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTEzOUFCLzE1OEQ0OTA2MjU1 QjExRUJBOUY1NjAxQUM0RjlBRTAyL3dVSk1UTXhaeWFBeHZock45NWd0aDZ0WDBH Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvd1VKTVRNeFp5YUF4dmhyTjk1Z3RoNnRYMEdnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgZYGCCsGAQUFBwELBIGJMIGGMIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx MzlBQi8xNThENDkwNjI1NUIxMUVCQTlGNTYwMUFDNEY5QUUwMi85NkFEMTZDNkI1 RkExMUYwQTE1ODNDODRDNEY5QUUwMi5yb2EwOQYIKwYBBQUHAQcBAf8EKjAoMCYE AgABMCADBAXKk2ADBAXLUqADBAbLyUAwDAMEB914gAMEAd14kDANBgkqhkiG9w0B AQsFAAOCAQEASJw0JN0z5qACU4IOlirJTcL10SudtrEdMcahC2Q13U7sGdNotmHa 33NmJceBLgfh/4BVWrEtn3axKDMdd5nh3q4phRSfYJYlRjFhnzeNF7n9+VypI1J9 +rKscJHSC/XepcdXTQ5m+6WFXITy9vWY915SCBCefdjp3LEpLHogDwf8LgYtBGDG zL58puVYoLN1D93cVcK9G/Li5OXvb7VGshz+AB74LQIjEQ7BLfTGwtLmYS2nL33m UNXUTl+6gauTu7KaAvETXyog+g5bfiTgAXs6izDxzdEHPeKKkCdXiUA5lMeaCFFd 1MKf2aXYDcPQyKqT2vAh1v6XxtDVqb3UNw== -----END CERTIFICATE-----Generated at Thu Mar 26 16:53:32 2026 by rpki-client