$ rpki-client -vvf rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/8F9A2E2817DC11EE959DE671C4F9AE02.roa File: 8F9A2E2817DC11EE959DE671C4F9AE02.roa (raw, json) Hash identifier: uui58eIkIAuoIfjCf5IA5jNvQTdVLqnOyu4QWW+fdPU= Subject key identifier: 0D:9E:2B:9A:6E:7F:8D:35:02:F5:01:DF:D1:7F:E4:7A:3B:84:61:23 Certificate issuer: /CN=A911CA78/serialNumber=40562C143A29CB19C70FFC9B99B60BBECD1D73B6 Certificate serial: 0DC6 Authority key identifier: 40:56:2C:14:3A:29:CB:19:C7:0F:FC:9B:99:B6:0B:BE:CD:1D:73:B6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/8F9A2E2817DC11EE959DE671C4F9AE02.roa Signing time: Sun 01 Mar 2026 18:42:21 +0000 ROA not before: Sun 02 Nov 2025 19:08:21 +0000 ROA not after: Tue 02 Mar 2027 00:00:00 +0000 asID: 65530 IP address blocks: 202.188.95.0/24 maxlen: 24 202.188.100.0/24 maxlen: 24 2001:e68:2001:1::/64 maxlen: 64 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/QFYsFDopyxnHD_ybmbYLvs0dc7Y.crl rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/QFYsFDopyxnHD_ybmbYLvs0dc7Y.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 18:42:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3526 (0xdc6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911CA78, serialNumber=40562C143A29CB19C70FFC9B99B60BBECD1D73B6 Validity Not Before: Nov 2 19:08:21 2025 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=69a4888c-23a5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:db:f4:04:bd:fa:cf:62:d0:48:47:3d:99:f8: 83:f4:42:79:cf:ed:b4:4d:dd:da:ef:83:04:16:ab: b9:69:2a:68:ec:8d:92:54:0d:10:87:ce:9d:83:f5: 19:fd:7f:ff:a0:fc:ac:f5:c1:3b:f4:81:ad:ae:c0: f2:04:e6:af:09:15:6f:33:bd:27:0c:52:a9:94:8e: f9:20:f4:d2:83:2d:e5:00:f2:b4:ac:d8:8d:84:59: 08:85:35:35:72:b4:5b:1f:9b:d1:b9:5f:67:a0:b8: a5:3e:a4:10:53:01:06:55:41:bd:2f:fc:00:53:9d: 5c:50:74:e9:47:ad:6f:f3:db:94:a7:10:02:9a:76: 63:43:43:ba:f1:67:13:b0:d2:82:13:e8:c3:28:97: b0:97:4d:45:cf:bd:23:7d:44:78:c6:d9:49:64:88: 7b:de:03:19:41:ac:34:d5:f2:d2:b8:09:1d:b8:02: b5:11:84:1e:ca:b3:6c:ab:af:8a:88:10:77:e1:75: 10:b8:d6:fa:a3:9d:1b:be:0f:16:2c:c9:c5:8a:a2: 91:1d:6c:bf:3a:3d:bf:ab:88:80:4f:ac:f7:ab:70: 93:b8:36:ac:22:d5:1e:1c:c3:c5:f0:d2:7e:10:f2: dd:76:ea:ad:5b:82:84:64:21:22:0d:8f:6a:9c:63: ee:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:9E:2B:9A:6E:7F:8D:35:02:F5:01:DF:D1:7F:E4:7A:3B:84:61:23 X509v3 Authority Key Identifier: keyid:40:56:2C:14:3A:29:CB:19:C7:0F:FC:9B:99:B6:0B:BE:CD:1D:73:B6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/QFYsFDopyxnHD_ybmbYLvs0dc7Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/8F9A2E2817DC11EE959DE671C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 202.188.95.0/24 202.188.100.0/24 IPv6: 2001:e68:2001:1::/64 Signature Algorithm: sha256WithRSAEncryption 34:fd:9c:11:3a:37:e4:01:6c:e4:ec:c7:b2:3d:20:19:c0:bf: e0:42:43:4d:bb:15:b9:0e:89:21:52:78:c9:43:0e:48:90:e5: 73:e1:d4:8d:af:18:28:c1:97:a1:a5:ce:9a:22:b9:a4:6b:11: 35:8b:3d:5d:f8:d5:63:d4:45:57:b3:1d:72:0d:4a:0f:8e:e8: 17:be:84:5c:b7:32:fa:07:f2:c0:38:c0:bb:f9:84:19:21:a4: e0:2e:81:29:32:cb:37:2a:5f:68:7d:b2:8a:ff:8e:7f:3b:02: 52:ec:ed:62:b2:ab:19:bc:6e:7f:07:c9:d9:4a:af:cb:c6:63: 09:ba:de:cd:7e:66:a6:ee:79:ca:4e:ab:d3:26:50:e2:f6:93: da:64:2c:e8:bc:80:a9:0d:13:2f:3a:70:14:4a:e2:25:0c:b9: 70:b2:92:6c:b8:33:7f:60:d6:d0:c0:47:dd:5e:68:e7:a0:3a: eb:f9:c1:32:58:52:12:df:54:17:24:56:1b:36:fa:a7:b5:b2: 9e:b0:1e:7f:5f:de:7c:68:df:8b:57:20:ba:54:fb:1d:4e:82: cd:1a:dc:1e:15:a8:e1:f0:11:fa:13:d2:02:41:ee:db:b9:20: 63:f5:a4:a2:82:82:6d:42:d5:68:c4:01:42:ca:e1:b6:c3:38: df:2c:10:f2 -----BEGIN CERTIFICATE----- MIIFVTCCBD2gAwIBAgICDcYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUNBNzgxMTAvBgNVBAUTKDQwNTYyQzE0M0EyOUNCMTlDNzBGRkM5Qjk5QjYwQkJF Q0QxRDczQjYwHhcNMjUxMTAyMTkwODIxWhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0ODg4Yy0yM2E1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxdv0BL36z2LQSEc9mfiD9EJ5z+20Td3a74MEFqu5aSpo7I2SVA0Qh86dg/UZ /X//oPys9cE79IGtrsDyBOavCRVvM70nDFKplI75IPTSgy3lAPK0rNiNhFkIhTU1 crRbH5vRuV9noLilPqQQUwEGVUG9L/wAU51cUHTpR61v89uUpxACmnZjQ0O68WcT sNKCE+jDKJewl01Fz70jfUR4xtlJZIh73gMZQaw01fLSuAkduAK1EYQeyrNsq6+K iBB34XUQuNb6o50bvg8WLMnFiqKRHWy/Oj2/q4iAT6z3q3CTuDasItUeHMPF8NJ+ EPLdduqtW4KEZCEiDY9qnGPuUQIDAQABo4ICeTCCAnUwHQYDVR0OBBYEFA2eK5pu f401AvUB39F/5Ho7hGEjMB8GA1UdIwQYMBaAFEBWLBQ6KcsZxw/8m5m2C77NHXO2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQ0E3OC9CRTg4NDZEMjM1 RDgxMUVBQTczMEVDNDZDNEY5QUUwMi9RRllzRkRvcHl4bkhEX3libWJZTHZzMGRj N1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FGWXNGRG9weXhuSERfeWJtYllMdnMwZGM3WS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUNBNzgvQkU4ODQ2RDIzNUQ4MTFFQUE3MzBFQzQ2QzRGOUFFMDIvOEY5QTJFMjgx N0RDMTFFRTk1OURFNjcxQzRGOUFFMDIucm9hMDgGCCsGAQUFBwEHAQH/BCkwJzAS BAIAATAMAwQAyrxfAwQAyrxkMBEEAgACMAsDCQAgAQ5oIAEAATANBgkqhkiG9w0B AQsFAAOCAQEANP2cETo35AFs5OzHsj0gGcC/4EJDTbsVuQ6JIVJ4yUMOSJDlc+HU ja8YKMGXoaXOmiK5pGsRNYs9XfjVY9RFV7Mdcg1KD47oF76EXLcy+gfywDjAu/mE GSGk4C6BKTLLNypfaH2yiv+OfzsCUuztYrKrGbxufwfJ2Uqvy8ZjCbrezX5mpu55 yk6r0yZQ4vaT2mQs6LyAqQ0TLzpwFEriJQy5cLKSbLgzf2DW0MBH3V5o56A66/nB MlhSEt9UFyRWGzb6p7WynrAef1/efGjfi1cgulT7HU6CzRrcHhWo4fAR+hPSAkHu 27kgY/WkooKCbULVaMQBQsrhtsM43ywQ8g== -----END CERTIFICATE-----Generated at Thu Mar 26 16:03:32 2026 by rpki-client