$ rpki-client -vvf rpki.apnic.net/member_repository/A9114F46/EFA69510ABA911EA91E5BF1DC4F9AE02/EA7000B2ABAA11EAAA93741EC4F9AE02.roa File: EA7000B2ABAA11EAAA93741EC4F9AE02.roa (raw, json) Hash identifier: bnQhAcJYz0rCPLum5ciaF2yyWJMv/4ICnov/yZzyOZI= Subject key identifier: 0F:E4:EF:24:EB:C8:8B:5A:5D:0A:1F:BE:6E:CF:9F:84:FA:AF:A5:D2 Certificate issuer: /CN=A9114F46/serialNumber=678EBBA2F848E3C8E5F072749005C8415252DB85 Certificate serial: 098D Authority key identifier: 67:8E:BB:A2:F8:48:E3:C8:E5:F0:72:74:90:05:C8:41:52:52:DB:85 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z467ovhI48jl8HJ0kAXIQVJS24U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9114F46/EFA69510ABA911EA91E5BF1DC4F9AE02/EA7000B2ABAA11EAAA93741EC4F9AE02.roa Signing time: Sun 01 Mar 2026 14:03:12 +0000 ROA not before: Sat 20 Sep 2025 20:41:08 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 10127 IP address blocks: 202.124.28.0/24 maxlen: 24 202.124.29.0/24 maxlen: 24 202.124.30.0/24 maxlen: 24 202.124.31.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9114F46/EFA69510ABA911EA91E5BF1DC4F9AE02/Z467ovhI48jl8HJ0kAXIQVJS24U.crl rsync://rpki.apnic.net/member_repository/A9114F46/EFA69510ABA911EA91E5BF1DC4F9AE02/Z467ovhI48jl8HJ0kAXIQVJS24U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z467ovhI48jl8HJ0kAXIQVJS24U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 02 Apr 2026 19:54:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2445 (0x98d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9114F46, serialNumber=678EBBA2F848E3C8E5F072749005C8415252DB85 Validity Not Before: Sep 20 20:41:08 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=69a44720-6ce0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:2f:b9:6b:c8:db:1b:3f:e7:52:4e:00:53:0f: 5b:64:3d:1c:e8:ff:9a:8f:40:a1:a4:b0:c9:db:b9: b2:66:73:5a:80:b8:71:bb:92:9c:55:3a:74:2f:91: 69:d3:3c:18:c4:cd:f1:95:a3:73:8b:cf:5a:ea:17: 6f:f0:11:10:be:88:95:20:cd:57:13:71:cd:90:9c: 4b:d3:8a:f5:c6:76:f8:f0:b2:0f:1a:c5:eb:e4:77: 9a:e4:37:d0:38:b1:68:54:39:dd:46:8e:16:6a:31: 02:e2:28:08:5d:79:64:17:7e:33:7e:84:e4:f6:6a: 63:51:74:41:22:7e:bd:99:d4:10:bb:e1:ee:ad:68: f7:b4:e4:5d:3a:eb:74:ea:79:40:83:04:2e:34:2a: 97:36:fd:2a:f3:2e:b6:26:c6:a9:00:93:39:0a:cc: 07:96:10:4f:52:56:bb:1c:4d:92:fe:3d:0c:04:d6: 4c:3a:f1:0b:d4:2f:53:7d:41:a7:5c:06:a8:9b:cb: f2:13:2d:2d:e4:5a:8a:dc:59:ca:a1:83:df:02:2e: 40:d6:5b:40:97:fc:0f:60:0c:a7:e7:71:20:d6:bc: 49:1c:6f:81:6d:f9:e0:eb:ed:90:b4:a9:14:05:e1: e0:ad:cc:75:cf:61:9a:43:94:1d:7e:2a:e8:89:46: c6:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:E4:EF:24:EB:C8:8B:5A:5D:0A:1F:BE:6E:CF:9F:84:FA:AF:A5:D2 X509v3 Authority Key Identifier: keyid:67:8E:BB:A2:F8:48:E3:C8:E5:F0:72:74:90:05:C8:41:52:52:DB:85 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9114F46/EFA69510ABA911EA91E5BF1DC4F9AE02/Z467ovhI48jl8HJ0kAXIQVJS24U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z467ovhI48jl8HJ0kAXIQVJS24U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9114F46/EFA69510ABA911EA91E5BF1DC4F9AE02/EA7000B2ABAA11EAAA93741EC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 202.124.28.0/22 Signature Algorithm: sha256WithRSAEncryption 2d:a1:f1:62:7d:3d:22:37:b2:eb:90:72:37:87:fd:b2:97:a2: ab:b8:35:bc:6d:35:33:43:e8:ea:6c:a7:8f:68:fc:37:c0:6b: b6:da:d5:36:9a:bb:ba:4a:30:81:99:a6:5c:a3:40:1f:8c:1f: 67:ae:53:1b:20:02:8e:c0:23:99:c8:ed:17:05:47:4b:23:ce: 6d:0c:27:36:dc:c7:fb:3f:5b:34:66:9e:4d:6f:93:d4:c0:6c: 58:59:4c:0d:cb:75:0b:d7:a8:04:a7:19:04:1f:5f:8a:7c:71: 0c:89:33:b8:3f:2c:94:39:bf:c4:43:93:48:fa:b3:60:7c:eb: 6a:5f:59:71:43:51:79:59:b7:0b:02:ed:95:24:22:fd:18:ba: d1:21:2e:21:f2:2c:c3:ab:1d:cf:fe:52:d9:33:54:09:6b:81: 1e:ce:a7:0a:18:31:39:a1:79:cd:fd:a1:4c:b6:46:c7:fa:6d: 57:66:b8:ae:52:8c:82:c8:fc:5c:14:16:86:01:eb:89:83:6f: 3b:16:e7:4e:8f:40:84:63:e8:d0:2b:4e:4a:5b:d2:3c:91:7e: d9:f0:79:ba:e2:97:24:2a:cd:38:11:91:93:51:2b:5e:4f:31: e1:fe:c1:b0:fd:50:ca:15:ea:b1:30:0f:66:14:90:a7:85:dd: ee:5d:3e:4b -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgICCY0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTRGNDYxMTAvBgNVBAUTKDY3OEVCQkEyRjg0OEUzQzhFNUYwNzI3NDkwMDVDODQx NTI1MkRCODUwHhcNMjUwOTIwMjA0MTA4WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NDcyMC02Y2UwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsi+5a8jbGz/nUk4AUw9bZD0c6P+aj0ChpLDJ27myZnNagLhxu5KcVTp0L5Fp 0zwYxM3xlaNzi89a6hdv8BEQvoiVIM1XE3HNkJxL04r1xnb48LIPGsXr5Hea5DfQ OLFoVDndRo4WajEC4igIXXlkF34zfoTk9mpjUXRBIn69mdQQu+HurWj3tORdOut0 6nlAgwQuNCqXNv0q8y62JsapAJM5CswHlhBPUla7HE2S/j0MBNZMOvEL1C9TfUGn XAaom8vyEy0t5FqK3FnKoYPfAi5A1ltAl/wPYAyn53Eg1rxJHG+Bbfng6+2QtKkU BeHgrcx1z2GaQ5QdfiroiUbGbwIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFA/k7yTr yItaXQofvm7Pn4T6r6XSMB8GA1UdIwQYMBaAFGeOu6L4SOPI5fBydJAFyEFSUtuF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNEY0Ni9FRkE2OTUxMEFC QTkxMUVBOTFFNUJGMURDNEY5QUUwMi9aNDY3b3ZoSTQ4amw4SEowa0FYSVFWSlMy NFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1o0NjdvdmhJNDhqbDhISjBrQVhJUVZKUzI0VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MTRGNDYvRUZBNjk1MTBBQkE5MTFFQTkxRTVCRjFEQzRGOUFFMDIvRUE3MDAwQjJB QkFBMTFFQUFBOTM3NDFFQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCynwcMA0GCSqGSIb3DQEBCwUAA4IBAQAtofFifT0iN7LrkHI3h/2y l6KruDW8bTUzQ+jqbKePaPw3wGu22tU2mru6SjCBmaZco0AfjB9nrlMbIAKOwCOZ yO0XBUdLI85tDCc23Mf7P1s0Zp5Nb5PUwGxYWUwNy3UL16gEpxkEH1+KfHEMiTO4 PyyUOb/EQ5NI+rNgfOtqX1lxQ1F5WbcLAu2VJCL9GLrRIS4h8izDqx3P/lLZM1QJ a4EezqcKGDE5oXnN/aFMtkbH+m1XZriuUoyCyPxcFBaGAeuJg287FudOj0CEY+jQ K05KW9I8kX7Z8Hm64pckKs04EZGTUSteTzHh/sGw/VDKFeqxMA9mFJCnhd3uXT5L -----END CERTIFICATE-----Generated at Sat Mar 28 17:34:55 2026 by rpki-client