$ rpki-client -vvf rpki.apnic.net/member_repository/A915EE53/38511840458811E59B2D8371C4F9AE02/63C97CBAC49E11EBAC936D7AC4F9AE02.roa File: 63C97CBAC49E11EBAC936D7AC4F9AE02.roa (raw, json) Hash identifier: AHfY7AUJpWe7BNWUNT/uLmoUme06v0hAUNHbmnBADSc= Subject key identifier: A2:2A:BE:04:03:4F:9C:DD:93:2F:75:1C:F9:37:96:C2:D9:AC:9E:C4 Certificate issuer: /CN=A915EE53/serialNumber=F8AA70916B6CA583C0363EB7A9A5F7F2627D7360 Certificate serial: 2704 Authority key identifier: F8:AA:70:91:6B:6C:A5:83:C0:36:3E:B7:A9:A5:F7:F2:62:7D:73:60 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-KpwkWtspYPANj63qaX38mJ9c2A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915EE53/38511840458811E59B2D8371C4F9AE02/63C97CBAC49E11EBAC936D7AC4F9AE02.roa Signing time: Mon 02 Mar 2026 05:16:39 +0000 ROA not before: Fri 04 Jul 2025 16:22:59 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 4657 IP address blocks: 202.156.4.0/24 maxlen: 24 202.156.8.0/24 maxlen: 24 202.156.9.0/24 maxlen: 24 202.156.10.0/24 maxlen: 24 202.156.16.0/20 maxlen: 24 202.156.32.0/19 maxlen: 24 2404:e800:de00::/48 maxlen: 48 2404:e800:de00::/64 maxlen: 64 2404:e800:de00:1::/64 maxlen: 64 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915EE53/38511840458811E59B2D8371C4F9AE02/-KpwkWtspYPANj63qaX38mJ9c2A.crl rsync://rpki.apnic.net/member_repository/A915EE53/38511840458811E59B2D8371C4F9AE02/-KpwkWtspYPANj63qaX38mJ9c2A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-KpwkWtspYPANj63qaX38mJ9c2A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 15:41:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9988 (0x2704) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915EE53, serialNumber=F8AA70916B6CA583C0363EB7A9A5F7F2627D7360 Validity Not Before: Jul 4 16:22:59 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=69a51d37-196b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:ab:c5:9b:6a:0d:24:6c:6e:ae:bb:9b:8d:4d: ba:d9:f6:13:26:d7:bb:94:4a:ce:91:98:30:8e:08: 39:01:bf:e2:c6:a0:94:21:fe:cb:bf:9a:c2:f6:2b: 16:50:5a:1e:f0:3b:ac:65:63:50:a9:3d:9d:ed:c7: 27:6c:b7:42:8e:d2:f6:1d:45:bf:92:24:41:f8:f1: 03:be:3b:36:7c:9c:af:77:cd:e6:e8:d8:16:4d:bf: 06:33:83:36:b7:a4:d8:81:ad:54:cb:24:71:6d:27: f0:74:da:dd:5a:62:cf:c5:9f:43:2c:fc:10:d5:45: a9:0d:fb:6f:e4:d6:5c:bc:1c:ca:ad:7c:5f:82:59: c1:47:0a:e8:f8:e8:d9:6e:f0:38:e3:23:8a:ce:e7: 52:2f:b9:72:ff:05:bd:96:7c:66:5c:1d:f9:53:d4: db:c0:f5:cb:86:7d:15:c8:e2:c2:39:6d:50:b6:23: 2f:fe:50:a9:f7:f0:8d:71:0b:e9:e3:4e:05:35:73: c4:93:4e:6a:49:47:3c:89:02:ce:e5:b6:0a:e4:54: 9d:96:a7:31:5a:9e:b9:25:38:14:da:19:fe:86:5d: ac:70:85:54:d4:98:a3:85:f2:f4:c9:19:0f:e9:db: 5f:a9:52:8b:5e:ec:e3:a9:a2:b0:c2:09:17:73:98: bd:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:2A:BE:04:03:4F:9C:DD:93:2F:75:1C:F9:37:96:C2:D9:AC:9E:C4 X509v3 Authority Key Identifier: keyid:F8:AA:70:91:6B:6C:A5:83:C0:36:3E:B7:A9:A5:F7:F2:62:7D:73:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915EE53/38511840458811E59B2D8371C4F9AE02/-KpwkWtspYPANj63qaX38mJ9c2A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-KpwkWtspYPANj63qaX38mJ9c2A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915EE53/38511840458811E59B2D8371C4F9AE02/63C97CBAC49E11EBAC936D7AC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 202.156.4.0/24 202.156.8.0-202.156.10.255 202.156.16.0-202.156.63.255 IPv6: 2404:e800:de00::/48 Signature Algorithm: sha256WithRSAEncryption b4:99:49:17:ab:f2:6a:bc:1f:ae:bb:22:bf:0f:f5:1d:18:e9: c4:14:36:15:53:7c:10:5e:1b:ad:cc:6a:d6:33:ab:15:86:4a: 05:00:2b:df:af:2a:e0:a3:1e:75:5c:bc:e0:03:f1:92:9d:b1: ea:0c:e0:91:e0:9c:e3:55:52:54:36:80:8c:cb:64:d4:16:ef: 18:e6:d7:11:df:15:9a:93:02:0b:ee:33:c0:ff:76:62:ef:ff: ce:53:16:af:8c:0e:ac:75:50:ad:2c:43:1b:c7:16:55:e1:83: 6b:5a:29:3c:54:d4:e8:f0:21:f0:11:da:aa:c5:dd:41:71:f7: b4:11:83:40:d1:07:ac:05:56:c4:3d:fc:7b:27:ef:f6:f5:09: c3:34:2d:47:13:42:20:98:60:3e:61:02:21:37:83:23:02:0e: 7f:fa:3d:32:a7:ba:46:8d:b2:d1:2f:c1:ed:37:67:34:0d:2f: d3:79:93:72:7f:40:f8:be:d7:7e:a4:77:ce:1a:3d:0a:7c:7d: 09:de:a6:44:3e:e7:72:23:6c:e2:74:d8:61:c5:2e:b5:9d:77: de:fc:cd:0f:ed:df:62:95:c9:9d:c3:7f:ae:84:db:5f:35:7c: 79:53:96:ee:b4:4f:ea:a9:32:e7:0f:09:bd:07:75:99:b6:7b: 27:9b:a2:93 -----BEGIN CERTIFICATE----- MIIFaTCCBFGgAwIBAgICJwQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUVFNTMxMTAvBgNVBAUTKEY4QUE3MDkxNkI2Q0E1ODNDMDM2M0VCN0E5QTVGN0Yy NjI3RDczNjAwHhcNMjUwNzA0MTYyMjU5WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE1MWQzNy0xOTZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoavFm2oNJGxurrubjU262fYTJte7lErOkZgwjgg5Ab/ixqCUIf7Lv5rC9isW UFoe8DusZWNQqT2d7ccnbLdCjtL2HUW/kiRB+PEDvjs2fJyvd83m6NgWTb8GM4M2 t6TYga1UyyRxbSfwdNrdWmLPxZ9DLPwQ1UWpDftv5NZcvBzKrXxfglnBRwro+OjZ bvA44yOKzudSL7ly/wW9lnxmXB35U9TbwPXLhn0VyOLCOW1QtiMv/lCp9/CNcQvp 404FNXPEk05qSUc8iQLO5bYK5FSdlqcxWp65JTgU2hn+hl2scIVU1JijhfL0yRkP 6dtfqVKLXuzjqaKwwgkXc5i9IwIDAQABo4ICjTCCAokwHQYDVR0OBBYEFKIqvgQD T5zdky91HPk3lsLZrJ7EMB8GA1UdIwQYMBaAFPiqcJFrbKWDwDY+t6ml9/JifXNg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RUU1My8zODUxMTg0MDQ1 ODgxMUU1OUIyRDgzNzFDNEY5QUUwMi8tS3B3a1d0c3BZUEFOajYzcWFYMzhtSjlj MkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1LcHdrV3RzcFlQQU5qNjNxYVgzOG1KOWMyQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NUVFNTMvMzg1MTE4NDA0NTg4MTFFNTlCMkQ4MzcxQzRGOUFFMDIvNjNDOTdDQkFD NDlFMTFFQkFDOTM2RDdBQzRGOUFFMDIucm9hMEwGCCsGAQUFBwEHAQH/BD0wOzAo BAIAATAiAwQAypwEMAwDBAPKnAgDBADKnAowDAMEBMqcEAMEBsqcADAPBAIAAjAJ AwcAJAToAN4AMA0GCSqGSIb3DQEBCwUAA4IBAQC0mUkXq/JqvB+uuyK/D/UdGOnE FDYVU3wQXhutzGrWM6sVhkoFACvfryrgox51XLzgA/GSnbHqDOCR4JzjVVJUNoCM y2TUFu8Y5tcR3xWakwIL7jPA/3Zi7//OUxavjA6sdVCtLEMbxxZV4YNrWik8VNTo 8CHwEdqqxd1Bcfe0EYNA0QesBVbEPfx7J+/29QnDNC1HE0IgmGA+YQIhN4MjAg5/ +j0yp7pGjbLRL8HtN2c0DS/TeZNyf0D4vtd+pHfOGj0KfH0J3qZEPudyI2zidNhh xS61nXfe/M0P7d9ilcmdw3+uhNtfNXx5U5butE/qqTLnDwm9B3WZtnsnm6KT -----END CERTIFICATE-----Generated at Thu Mar 26 12:57:34 2026 by rpki-client