$ rpki-client -vvf rpki.apnic.net/member_repository/A91300DF/27778F38CBD111F0A76FFD26C4F9AE02/2EF9180CCBD211F0B173C128C4F9AE02.roa File: 2EF9180CCBD211F0B173C128C4F9AE02.roa (raw, json) Hash identifier: 89NQPcLshXPkKgPq6c+ywAb5yirtq9AA9hqm/7FcBQU= Subject key identifier: 22:4F:DE:22:1E:86:19:69:B6:6F:11:82:B7:2B:47:FB:EC:59:1F:0A Certificate issuer: /CN=A91300DF/serialNumber=FB471F8413089ED701BDAB40AE63C788F526AB6F Certificate serial: 3E Authority key identifier: FB:47:1F:84:13:08:9E:D7:01:BD:AB:40:AE:63:C7:88:F5:26:AB:6F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-0cfhBMIntcBvatArmPHiPUmq28.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91300DF/27778F38CBD111F0A76FFD26C4F9AE02/2EF9180CCBD211F0B173C128C4F9AE02.roa Signing time: Mon 02 Mar 2026 14:22:51 +0000 ROA not before: Thu 27 Nov 2025 20:52:43 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 10131 IP address blocks: 202.65.32.0/19 maxlen: 19 202.65.32.0/21 maxlen: 21 202.65.32.0/24 maxlen: 24 202.65.33.0/24 maxlen: 24 202.65.34.0/24 maxlen: 24 202.65.40.0/21 maxlen: 21 202.65.46.0/24 maxlen: 24 202.65.48.0/21 maxlen: 21 202.65.48.0/24 maxlen: 24 202.65.52.0/24 maxlen: 24 202.65.56.0/21 maxlen: 21 202.65.57.0/24 maxlen: 24 202.65.58.0/24 maxlen: 24 202.65.59.0/24 maxlen: 24 202.65.60.0/24 maxlen: 24 202.65.61.0/24 maxlen: 24 202.65.62.0/24 maxlen: 24 202.65.63.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91300DF/27778F38CBD111F0A76FFD26C4F9AE02/-0cfhBMIntcBvatArmPHiPUmq28.crl rsync://rpki.apnic.net/member_repository/A91300DF/27778F38CBD111F0A76FFD26C4F9AE02/-0cfhBMIntcBvatArmPHiPUmq28.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-0cfhBMIntcBvatArmPHiPUmq28.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 Apr 2026 08:00:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62 (0x3e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91300DF, serialNumber=FB471F8413089ED701BDAB40AE63C788F526AB6F Validity Not Before: Nov 27 20:52:43 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=69a59d3a-93fe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:59:2f:e9:81:5f:42:ba:d0:83:24:d0:3c:56: 70:8a:f4:de:49:a9:59:c7:f3:5f:e9:03:de:31:6b: af:02:e2:7e:de:23:92:b3:bf:ba:08:ab:79:cd:67: ed:55:72:9c:59:69:74:a7:72:19:2e:b7:17:7a:5f: 8f:7d:b7:bd:01:53:b5:10:72:c8:7c:01:dc:66:0f: a0:77:a1:4e:af:51:f8:b5:eb:41:90:de:bc:96:dc: 7b:58:4c:12:3e:86:e9:8b:ff:8e:a3:88:69:0f:33: 78:7d:bc:4a:99:06:fd:a1:3d:ea:3e:5b:9c:1b:03: 3b:11:f2:2f:fe:e1:69:f0:ca:f4:c5:0c:b2:13:a8: bc:33:7f:f5:45:a3:29:f5:04:11:19:ac:e5:e2:c8: 44:b9:b1:bb:a8:04:29:86:fe:37:30:28:67:23:8b: 68:af:bb:10:7c:46:1e:5f:40:2b:11:7e:3b:34:ac: 51:fd:9d:0d:78:7c:58:75:d1:d6:05:63:c2:12:05: 6b:58:bd:73:4a:f9:0a:ce:bd:db:70:6f:9b:57:5e: dc:52:38:2a:21:5a:45:14:99:64:21:2b:46:b5:2f: 5b:24:6e:16:fb:b5:37:a0:7d:37:9d:36:47:c2:85: f0:ad:7e:99:11:fe:ce:e3:26:9a:34:f8:74:1a:90: ad:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:4F:DE:22:1E:86:19:69:B6:6F:11:82:B7:2B:47:FB:EC:59:1F:0A X509v3 Authority Key Identifier: keyid:FB:47:1F:84:13:08:9E:D7:01:BD:AB:40:AE:63:C7:88:F5:26:AB:6F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91300DF/27778F38CBD111F0A76FFD26C4F9AE02/-0cfhBMIntcBvatArmPHiPUmq28.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-0cfhBMIntcBvatArmPHiPUmq28.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91300DF/27778F38CBD111F0A76FFD26C4F9AE02/2EF9180CCBD211F0B173C128C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 202.65.32.0/19 Signature Algorithm: sha256WithRSAEncryption 2a:92:5b:03:78:ce:2d:0d:62:22:c1:b9:6c:31:14:09:77:db: 59:d5:9c:ae:cf:32:04:99:3a:4a:05:1a:a6:3c:a7:a2:cf:26: d5:09:13:58:aa:9b:19:71:3d:4b:9f:52:51:7a:b3:8c:32:9c: db:d1:e9:77:24:fd:b8:0b:9d:0f:a0:6b:f4:31:5e:80:0b:e6: 27:33:a1:a1:76:f8:ae:19:42:33:6f:14:5b:60:07:35:7f:c0: f7:35:3c:5d:21:d9:d8:6e:9d:62:2f:13:24:b8:b3:37:62:91: 27:34:1d:97:50:68:26:c9:16:fb:c3:11:6b:cd:8d:05:59:2c: dd:45:4d:7c:4c:f8:22:6a:8e:7f:35:72:88:ef:10:62:e5:8a: 40:0d:e7:1a:60:b6:92:59:bb:78:c3:82:84:f7:b6:49:63:c8: 04:46:e6:5e:64:73:cd:c6:e4:09:62:7b:84:dc:4b:86:b6:52: a3:aa:52:9c:b3:de:f3:a5:0b:ca:fe:54:f5:4d:ef:25:92:b4: 2a:b0:89:fc:f7:8f:cc:23:e3:14:11:30:50:68:7f:0b:ea:c2: 05:1b:e2:cb:9b:30:bb:11:3b:b4:11:a7:67:38:44:5b:52:29: 9b:9e:d5:91:2a:b7:f2:3c:b0:69:2e:51:75:24:d6:45:61:07: 44:a1:73:ab -----BEGIN CERTIFICATE----- MIIFOzCCBCOgAwIBAgIBPjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz MDBERjExMC8GA1UEBRMoRkI0NzFGODQxMzA4OUVENzAxQkRBQjQwQUU2M0M3ODhG NTI2QUI2RjAeFw0yNTExMjcyMDUyNDNaFw0yNjEwMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY5YTU5ZDNhLTkzZmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDbWS/pgV9CutCDJNA8VnCK9N5JqVnH81/pA94xa68C4n7eI5Kzv7oIq3nNZ+1V cpxZaXSnchkutxd6X499t70BU7UQcsh8AdxmD6B3oU6vUfi160GQ3ryW3HtYTBI+ humL/46jiGkPM3h9vEqZBv2hPeo+W5wbAzsR8i/+4WnwyvTFDLITqLwzf/VFoyn1 BBEZrOXiyES5sbuoBCmG/jcwKGcji2ivuxB8Rh5fQCsRfjs0rFH9nQ14fFh10dYF Y8ISBWtYvXNK+QrOvdtwb5tXXtxSOCohWkUUmWQhK0a1L1skbhb7tTegfTedNkfC hfCtfpkR/s7jJpo0+HQakK3JAgMBAAGjggJgMIICXDAdBgNVHQ4EFgQUIk/eIh6G GWm2bxGCtytH++xZHwowHwYDVR0jBBgwFoAU+0cfhBMIntcBvatArmPHiPUmq28w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTMwMERGLzI3Nzc4RjM4Q0JE MTExRjBBNzZGRkQyNkM0RjlBRTAyLy0wY2ZoQk1JbnRjQnZhdEFybVBIaVBVbXEy OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvLTBjZmhCTUludGNCdmF0QXJtUEhpUFVtcTI4LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgZYGCCsGAQUFBwELBIGJMIGGMIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz MDBERi8yNzc3OEYzOENCRDExMUYwQTc2RkZEMjZDNEY5QUUwMi8yRUY5MTgwQ0NC RDIxMUYwQjE3M0MxMjhDNEY5QUUwMi5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwE AgABMAYDBAXKQSAwDQYJKoZIhvcNAQELBQADggEBACqSWwN4zi0NYiLBuWwxFAl3 21nVnK7PMgSZOkoFGqY8p6LPJtUJE1iqmxlxPUufUlF6s4wynNvR6Xck/bgLnQ+g a/QxXoAL5iczoaF2+K4ZQjNvFFtgBzV/wPc1PF0h2dhunWIvEyS4szdikSc0HZdQ aCbJFvvDEWvNjQVZLN1FTXxM+CJqjn81cojvEGLlikAN5xpgtpJZu3jDgoT3tklj yARG5l5kc83G5Alie4TcS4a2UqOqUpyz3vOlC8r+VPVN7yWStCqwifz3j8wj4xQR MFBofwvqwgUb4subMLsRO7QRp2c4RFtSKZue1ZEqt/I8sGkuUXUk1kVhB0Shc6s= -----END CERTIFICATE-----Generated at Sat Mar 28 15:56:05 2026 by rpki-client