$ rpki-client -vvf rpki.apnic.net/member_repository/A91468A1/2E1CC644511811EA9387C66BC4F9AE02/F0520A385DD611EAA4AD4767C4F9AE02.roa File: F0520A385DD611EAA4AD4767C4F9AE02.roa (raw, json) Hash identifier: 9P/caarcdfE5fgEntnYZ7v6bJcDbToqOd+JV3OwQEFA= Subject key identifier: 9D:E7:BB:C5:AE:7A:8C:39:1B:A1:04:28:8B:CB:32:DD:27:E0:07:79 Certificate issuer: /CN=A91468A1/serialNumber=152A3B43225CFA2C5F8DE27A9A6893D3B23F5DE3 Certificate serial: 0B78 Authority key identifier: 15:2A:3B:43:22:5C:FA:2C:5F:8D:E2:7A:9A:68:93:D3:B2:3F:5D:E3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FSo7QyJc-ixfjeJ6mmiT07I_XeM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91468A1/2E1CC644511811EA9387C66BC4F9AE02/F0520A385DD611EAA4AD4767C4F9AE02.roa Signing time: Thu 12 Mar 2026 19:25:09 +0000 ROA not before: Thu 12 Mar 2026 19:25:09 +0000 ROA not after: Sat 01 May 2027 00:00:00 +0000 asID: 3605 IP address blocks: 101.99.128.0/17 maxlen: 17 101.99.128.0/18 maxlen: 18 101.99.145.0/24 maxlen: 24 101.99.192.0/18 maxlen: 18 121.55.192.0/18 maxlen: 20 182.173.192.0/18 maxlen: 19 202.128.0.0/19 maxlen: 19 202.128.0.0/20 maxlen: 20 202.128.16.0/20 maxlen: 20 202.131.160.0/19 maxlen: 19 202.131.160.0/20 maxlen: 20 202.131.176.0/20 maxlen: 20 2404:8c00::/32 maxlen: 33 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91468A1/2E1CC644511811EA9387C66BC4F9AE02/FSo7QyJc-ixfjeJ6mmiT07I_XeM.crl rsync://rpki.apnic.net/member_repository/A91468A1/2E1CC644511811EA9387C66BC4F9AE02/FSo7QyJc-ixfjeJ6mmiT07I_XeM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FSo7QyJc-ixfjeJ6mmiT07I_XeM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 02 Apr 2026 19:05:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2936 (0xb78) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91468A1, serialNumber=152A3B43225CFA2C5F8DE27A9A6893D3B23F5DE3 Validity Not Before: Mar 12 19:25:09 2026 GMT Not After : May 1 00:00:00 2027 GMT Subject: CN=69b31315-93b3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:5c:74:92:66:fc:e2:e6:81:bb:68:8e:5d:82: d3:2b:47:b3:27:58:f1:1b:63:c7:88:22:7a:dd:77: b3:d1:c1:2d:bc:a7:41:14:71:c7:55:52:7f:a5:2b: 76:34:42:d7:47:3c:64:ba:de:d6:de:81:c7:26:90: 5c:6d:90:8d:75:7a:fa:cb:d6:89:0c:68:4f:f0:42: 21:c2:54:59:de:d0:c9:6f:96:38:8a:f4:1f:9d:c2: 86:e9:3f:cf:9c:5c:4c:00:13:08:db:a8:15:26:9f: e1:31:3d:d4:d4:90:02:48:2a:74:90:49:50:bf:ce: 65:de:9f:a8:ad:ac:42:e7:72:fd:63:11:59:30:80: 81:c9:21:57:40:95:e5:32:77:bd:97:7a:c4:57:99: 22:8c:f0:e3:7b:2b:e8:f2:4a:9c:9e:17:1a:1b:b8: 73:f8:dc:26:e1:1f:b6:2e:3a:b7:70:49:13:aa:fc: 97:35:f2:21:50:7e:30:47:d4:37:83:96:10:d1:2e: f1:6d:ce:2e:6e:aa:e0:22:72:5d:af:96:84:db:cc: 53:b4:cc:07:a8:66:6a:e2:0e:ea:a6:f1:5a:bb:db: ad:9b:0d:0a:e6:c0:f4:4a:cf:79:db:10:25:15:5a: 55:2b:cb:5e:e4:1c:01:05:20:0b:32:f7:4d:81:aa: 8d:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:E7:BB:C5:AE:7A:8C:39:1B:A1:04:28:8B:CB:32:DD:27:E0:07:79 X509v3 Authority Key Identifier: keyid:15:2A:3B:43:22:5C:FA:2C:5F:8D:E2:7A:9A:68:93:D3:B2:3F:5D:E3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91468A1/2E1CC644511811EA9387C66BC4F9AE02/FSo7QyJc-ixfjeJ6mmiT07I_XeM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FSo7QyJc-ixfjeJ6mmiT07I_XeM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91468A1/2E1CC644511811EA9387C66BC4F9AE02/F0520A385DD611EAA4AD4767C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 101.99.128.0/17 121.55.192.0/18 182.173.192.0/18 202.128.0.0/19 202.131.160.0/19 IPv6: 2404:8c00::/32 Signature Algorithm: sha256WithRSAEncryption 13:d7:d5:37:3f:70:05:4d:e7:c7:8a:dc:25:86:14:85:cc:87: 91:67:10:89:bb:61:52:20:9c:f7:b2:54:86:c9:c7:cc:f1:09: 7f:5f:72:c9:98:4a:c6:11:b0:8d:25:05:87:42:04:de:02:41: 69:62:16:e3:43:39:47:e5:5e:d3:00:ff:9c:43:8d:62:ed:b2: ed:8a:ea:e6:38:63:dc:10:36:7b:9a:f2:11:3b:62:f0:e6:fc: 88:ff:c9:5f:68:c1:a7:fb:c1:0e:60:e9:6a:cc:33:df:61:60: 96:86:ee:15:b1:64:81:ae:f7:51:7e:16:8a:ed:e8:42:c6:59: 7c:a6:75:5d:91:c9:21:6e:51:81:1e:b9:d2:e9:34:7a:c8:2d: 71:a7:6d:e8:ca:81:f3:7c:72:cf:60:59:91:94:6d:b9:a2:98: 91:7c:cc:11:9f:dd:63:35:31:a7:cc:d8:6d:b3:9c:5e:66:33: 1c:90:56:85:4a:cf:31:9c:1f:9b:cb:fd:d4:b5:d0:31:3d:b4: 06:23:0f:f2:b3:a8:af:7e:87:22:d8:6b:04:90:d1:87:f9:dc: d5:3d:53:51:a2:aa:e2:57:ff:60:74:20:04:cf:c8:e9:fd:ab: 20:be:13:41:a4:3e:b0:fc:91:01:3b:29:31:03:91:78:41:65: de:6a:2e:1d -----BEGIN CERTIFICATE----- MIIFYzCCBEugAwIBAgICC3gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDY4QTExMTAvBgNVBAUTKDE1MkEzQjQzMjI1Q0ZBMkM1RjhERTI3QTlBNjg5M0Qz QjIzRjVERTMwHhcNMjYwMzEyMTkyNTA5WhcNMjcwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWIzMTMxNS05M2IzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAm1x0kmb84uaBu2iOXYLTK0ezJ1jxG2PHiCJ63Xez0cEtvKdBFHHHVVJ/pSt2 NELXRzxkut7W3oHHJpBcbZCNdXr6y9aJDGhP8EIhwlRZ3tDJb5Y4ivQfncKG6T/P nFxMABMI26gVJp/hMT3U1JACSCp0kElQv85l3p+oraxC53L9YxFZMICBySFXQJXl Mne9l3rEV5kijPDjeyvo8kqcnhcaG7hz+Nwm4R+2Ljq3cEkTqvyXNfIhUH4wR9Q3 g5YQ0S7xbc4ubqrgInJdr5aE28xTtMwHqGZq4g7qpvFau9utmw0K5sD0Ss952xAl FVpVK8te5BwBBSALMvdNgaqNjwIDAQABo4IChzCCAoMwHQYDVR0OBBYEFJ3nu8Wu eow5G6EEKIvLMt0n4Ad5MB8GA1UdIwQYMBaAFBUqO0MiXPosX43ieppok9OyP13j MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NjhBMS8yRTFDQzY0NDUx MTgxMUVBOTM4N0M2NkJDNEY5QUUwMi9GU283UXlKYy1peGZqZUo2bW1pVDA3SV9Y ZU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZTbzdReUpjLWl4ZmplSjZtbWlUMDdJX1hlTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDY4QTEvMkUxQ0M2NDQ1MTE4MTFFQTkzODdDNjZCQzRGOUFFMDIvRjA1MjBBMzg1 REQ2MTFFQUE0QUQ0NzY3QzRGOUFFMDIucm9hMEYGCCsGAQUFBwEHAQH/BDcwNTAk BAIAATAeAwQHZWOAAwQGeTfAAwQGtq3AAwQFyoAAAwQFyoOgMA0EAgACMAcDBQAk BIwAMA0GCSqGSIb3DQEBCwUAA4IBAQAT19U3P3AFTefHitwlhhSFzIeRZxCJu2FS IJz3slSGycfM8Ql/X3LJmErGEbCNJQWHQgTeAkFpYhbjQzlH5V7TAP+cQ41i7bLt iurmOGPcEDZ7mvIRO2Lw5vyI/8lfaMGn+8EOYOlqzDPfYWCWhu4VsWSBrvdRfhaK 7ehCxll8pnVdkckhblGBHrnS6TR6yC1xp23oyoHzfHLPYFmRlG25opiRfMwRn91j NTGnzNhts5xeZjMckFaFSs8xnB+by/3UtdAxPbQGIw/ys6ivfoci2GsEkNGH+dzV PVNRoqriV/9gdCAEz8jp/asgvhNBpD6w/JEBOykxA5F4QWXeai4d -----END CERTIFICATE-----Generated at Sat Mar 28 13:43:01 2026 by rpki-client