$ rpki-client -vvf rpki.apnic.net/member_repository/A91683D2/19C55F6C1D8B11E290C578E508B02CD2/2DD1EECEEC7A11EEBAE5E319C4F9AE02.roa File: 2DD1EECEEC7A11EEBAE5E319C4F9AE02.roa (raw, json) Hash identifier: Z7MnSNSHBqpmgGDUQHMm4xL2DZm8ZBR3qNJ9ominL6g= Subject key identifier: 09:2A:68:54:96:E3:0D:59:B9:8F:EF:9A:A1:4B:C7:78:8C:20:05:80 Certificate issuer: /CN=A91683D2/serialNumber=B1ACFB85149B86A11015D601810E314F6948C1CF Certificate serial: 352A Authority key identifier: B1:AC:FB:85:14:9B:86:A1:10:15:D6:01:81:0E:31:4F:69:48:C1:CF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/saz7hRSbhqEQFdYBgQ4xT2lIwc8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91683D2/19C55F6C1D8B11E290C578E508B02CD2/2DD1EECEEC7A11EEBAE5E319C4F9AE02.roa Signing time: Sun 01 Mar 2026 15:25:52 +0000 ROA not before: Sat 18 Oct 2025 14:50:44 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 4770 IP address blocks: 202.14.100.0/24 maxlen: 24 202.36.36.0/22 maxlen: 22 202.37.140.0/22 maxlen: 22 202.37.144.0/21 maxlen: 21 202.37.200.0/22 maxlen: 22 202.37.224.0/21 maxlen: 21 202.41.136.0/22 maxlen: 22 202.74.224.0/21 maxlen: 21 210.48.0.0/17 maxlen: 17 210.56.32.0/20 maxlen: 20 210.185.0.0/18 maxlen: 18 2405:6000::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91683D2/19C55F6C1D8B11E290C578E508B02CD2/saz7hRSbhqEQFdYBgQ4xT2lIwc8.crl rsync://rpki.apnic.net/member_repository/A91683D2/19C55F6C1D8B11E290C578E508B02CD2/saz7hRSbhqEQFdYBgQ4xT2lIwc8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/saz7hRSbhqEQFdYBgQ4xT2lIwc8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 14:34:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13610 (0x352a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91683D2, serialNumber=B1ACFB85149B86A11015D601810E314F6948C1CF Validity Not Before: Oct 18 14:50:44 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=69a45a80-ee0a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:1a:bf:03:8d:93:76:60:85:47:82:90:2d:92: 68:0d:d6:55:7b:91:48:37:9c:43:54:8a:ab:b3:71: 23:45:fa:dd:a4:3e:0f:db:77:88:eb:10:a0:1f:93: f6:44:09:af:08:0c:e8:17:69:39:fb:91:14:c5:b7: f8:e4:63:1d:d2:4b:91:8c:20:f8:93:63:77:a3:a7: 41:6c:cd:04:69:de:c1:66:e4:1f:97:c5:1e:1d:95: 25:8b:df:73:cc:2c:e5:f6:a7:84:04:ca:db:10:60: 31:de:31:5f:ee:62:53:81:c6:2d:f3:40:05:dd:a0: 37:fa:99:16:7e:8d:8c:b0:a4:72:65:92:c1:d8:95: fb:c5:8e:79:8a:a6:bb:61:0d:0b:c3:55:f7:ce:9e: 2c:50:11:8a:3d:c2:0c:01:e8:50:7a:f7:ac:b2:7d: ff:b5:a1:c2:bd:92:05:9b:77:1e:08:5b:6c:b6:8d: 71:78:fc:11:5a:38:08:cc:73:e2:06:99:83:06:9e: 71:bc:0a:02:98:67:bd:97:16:f3:ae:a9:b2:53:ef: d6:fe:9e:be:50:ef:f8:31:62:b6:1c:e9:9b:47:f9: 9e:ae:06:4c:89:ac:ff:0e:aa:ac:00:4e:bd:6e:72: 8c:21:50:73:3a:29:7b:2a:37:a0:d0:e4:20:c9:78: ef:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:2A:68:54:96:E3:0D:59:B9:8F:EF:9A:A1:4B:C7:78:8C:20:05:80 X509v3 Authority Key Identifier: keyid:B1:AC:FB:85:14:9B:86:A1:10:15:D6:01:81:0E:31:4F:69:48:C1:CF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91683D2/19C55F6C1D8B11E290C578E508B02CD2/saz7hRSbhqEQFdYBgQ4xT2lIwc8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/saz7hRSbhqEQFdYBgQ4xT2lIwc8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91683D2/19C55F6C1D8B11E290C578E508B02CD2/2DD1EECEEC7A11EEBAE5E319C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 202.14.100.0/24 202.36.36.0/22 202.37.140.0-202.37.151.255 202.37.200.0/22 202.37.224.0/21 202.41.136.0/22 202.74.224.0/21 210.48.0.0/17 210.56.32.0/20 210.185.0.0/18 IPv6: 2405:6000::/32 Signature Algorithm: sha256WithRSAEncryption 85:66:95:f6:f2:9e:d8:5c:e5:72:85:cb:89:96:90:8d:69:05: 5d:7e:27:53:ab:90:89:cf:82:64:91:39:a7:af:c7:11:67:f3: 11:a5:92:57:ae:be:f9:03:d8:9f:39:1f:70:3b:88:02:27:fc: f9:2f:69:0d:15:30:1d:e3:85:32:b4:42:9f:3d:69:31:18:5d: 16:f0:b5:1b:b5:e9:63:98:51:91:55:56:b5:09:43:87:c3:8e: 8b:75:9d:14:2a:6d:19:63:d6:50:24:09:ac:80:3f:9c:93:3d: b0:d5:7d:e6:0d:2a:a6:71:3d:dc:51:ab:5a:50:87:c7:02:c0: 79:08:e2:93:09:7c:63:07:d3:69:b9:43:6d:41:2e:b3:e7:b8: c5:57:8f:21:87:5e:59:da:63:8d:d4:4c:d6:e5:6c:49:34:d5: 3b:3f:c1:59:c2:e0:1c:27:3e:7a:2a:23:0b:09:47:49:4e:5b: 30:be:cc:99:8b:6f:20:81:5c:09:00:b0:b5:74:59:29:cc:d4: 44:07:65:1b:9a:b0:fa:4b:77:ed:79:ad:b4:f0:28:c2:01:94: 24:fe:e3:1c:06:38:e6:44:dd:f4:d2:49:9c:36:a5:c7:92:5f: e7:e3:23:61:5b:19:6f:e4:b8:3b:c2:1b:2e:ac:23:f8:b8:cd: c6:55:d4:44 -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgICNSowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjgzRDIxMTAvBgNVBAUTKEIxQUNGQjg1MTQ5Qjg2QTExMDE1RDYwMTgxMEUzMTRG Njk0OEMxQ0YwHhcNMjUxMDE4MTQ1MDQ0WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NWE4MC1lZTBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuxq/A42TdmCFR4KQLZJoDdZVe5FIN5xDVIqrs3EjRfrdpD4P23eI6xCgH5P2 RAmvCAzoF2k5+5EUxbf45GMd0kuRjCD4k2N3o6dBbM0Ead7BZuQfl8UeHZUli99z zCzl9qeEBMrbEGAx3jFf7mJTgcYt80AF3aA3+pkWfo2MsKRyZZLB2JX7xY55iqa7 YQ0Lw1X3zp4sUBGKPcIMAehQevessn3/taHCvZIFm3ceCFtsto1xePwRWjgIzHPi BpmDBp5xvAoCmGe9lxbzrqmyU+/W/p6+UO/4MWK2HOmbR/mergZMiaz/DqqsAE69 bnKMIVBzOil7Kjeg0OQgyXjvQwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFAkqaFSW 4w1ZuY/vmqFLx3iMIAWAMB8GA1UdIwQYMBaAFLGs+4UUm4ahEBXWAYEOMU9pSMHP MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2ODNEMi8xOUM1NUY2QzFE OEIxMUUyOTBDNTc4RTUwOEIwMkNEMi9zYXo3aFJTYmhxRVFGZFlCZ1E0eFQybEl3 YzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3NhejdoUlNiaHFFUUZkWUJnUTR4VDJsSXdjOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NjgzRDIvMTlDNTVGNkMxRDhCMTFFMjkwQzU3OEU1MDhCMDJDRDIvMkREMUVFQ0VF QzdBMTFFRUJBRTVFMzE5QzRGOUFFMDIucm9hMGwGCCsGAQUFBwEHAQH/BF0wWzBK BAIAATBEAwQAyg5kAwQCyiQkMAwDBALKJYwDBAPKJZADBALKJcgDBAPKJeADBALK KYgDBAPKSuADBAfSMAADBATSOCADBAbSuQAwDQQCAAIwBwMFACQFYAAwDQYJKoZI hvcNAQELBQADggEBAIVmlfbynthc5XKFy4mWkI1pBV1+J1OrkInPgmSROaevxxFn 8xGlkleuvvkD2J85H3A7iAIn/PkvaQ0VMB3jhTK0Qp89aTEYXRbwtRu16WOYUZFV VrUJQ4fDjot1nRQqbRlj1lAkCayAP5yTPbDVfeYNKqZxPdxRq1pQh8cCwHkI4pMJ fGMH02m5Q21BLrPnuMVXjyGHXlnaY43UTNblbEk01Ts/wVnC4BwnPnoqIwsJR0lO WzC+zJmLbyCBXAkAsLV0WSnM1EQHZRuasPpLd+15rbTwKMIBlCT+4xwGOOZE3fTS SZw2pceSX+fjI2FbGW/kuDvCGy6sI/i4zcZV1EQ= -----END CERTIFICATE-----Generated at Thu Mar 26 12:56:14 2026 by rpki-client