$ rpki-client -vvf rpki.apnic.net/member_repository/A91805CE/0EB09D36AE7411EE8CED235CC4F9AE02/9E194914B3EC11EE8B2EE910C4F9AE02.roa File: 9E194914B3EC11EE8B2EE910C4F9AE02.roa (raw, json) Hash identifier: v93Z3iiGCscltIcNihp6kkaUNgN+Yk0QWg3tHczsLQY= Subject key identifier: 39:61:2B:26:E0:BC:62:D8:73:93:71:1F:93:BF:BD:A6:7D:F0:C0:D7 Certificate issuer: /CN=A91805CE/serialNumber=72926FC60F7C184A61D73BD094AA6A386B63002A Certificate serial: 01B3 Authority key identifier: 72:92:6F:C6:0F:7C:18:4A:61:D7:3B:D0:94:AA:6A:38:6B:63:00:2A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cpJvxg98GEph1zvQlKpqOGtjACo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91805CE/0EB09D36AE7411EE8CED235CC4F9AE02/9E194914B3EC11EE8B2EE910C4F9AE02.roa Signing time: Mon 02 Mar 2026 15:22:52 +0000 ROA not before: Wed 01 Oct 2025 21:40:36 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 9463 IP address blocks: 202.74.128.0/22 maxlen: 22 202.74.132.0/22 maxlen: 22 202.74.136.0/22 maxlen: 22 202.74.140.0/22 maxlen: 22 202.74.147.0/24 maxlen: 24 202.74.148.0/24 maxlen: 24 202.74.149.0/24 maxlen: 24 202.74.150.0/24 maxlen: 24 202.74.152.0/23 maxlen: 23 202.74.152.0/24 maxlen: 24 202.74.153.0/24 maxlen: 24 202.74.154.0/23 maxlen: 23 202.74.154.0/24 maxlen: 24 202.74.155.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91805CE/0EB09D36AE7411EE8CED235CC4F9AE02/cpJvxg98GEph1zvQlKpqOGtjACo.crl rsync://rpki.apnic.net/member_repository/A91805CE/0EB09D36AE7411EE8CED235CC4F9AE02/cpJvxg98GEph1zvQlKpqOGtjACo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cpJvxg98GEph1zvQlKpqOGtjACo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Apr 2026 03:28:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 435 (0x1b3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91805CE, serialNumber=72926FC60F7C184A61D73BD094AA6A386B63002A Validity Not Before: Oct 1 21:40:36 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=69a5ab4c-9c44 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:5d:fb:47:c9:0c:7c:2c:f1:70:db:f8:55:a3: 75:88:f6:a2:fa:ca:32:99:17:d3:d0:14:42:17:33: 4a:80:47:f0:3d:af:56:a6:7e:98:92:6c:2f:f9:bc: 5b:6b:5b:4b:b0:93:89:7c:a5:01:00:3e:97:2b:b1: 78:ec:a8:9b:05:80:fa:ca:fb:9a:86:9a:b5:dc:da: ff:7e:c9:5a:c9:34:af:5a:7b:82:aa:9d:08:47:ef: 91:64:8b:ca:bb:00:6a:cb:ed:f1:11:ad:42:b8:1a: 66:38:7a:4c:ef:05:ab:61:a8:5c:e2:5b:13:a2:80: 88:06:01:53:d7:54:60:8c:f6:de:1f:4a:cb:12:6d: 7f:d9:a2:47:f2:d3:60:79:02:18:26:68:84:6f:35: 9f:d7:82:69:93:94:68:e1:ec:87:00:50:f8:74:9b: 76:cc:8f:05:65:62:2e:d7:0d:ba:65:7f:de:05:b9: 37:c7:b8:de:41:3b:5d:29:ca:35:b6:b0:1a:2d:9f: e9:77:d3:3f:01:25:f7:da:24:f4:4c:ba:c1:e7:40: 35:cb:fd:76:13:0f:d9:35:9b:eb:a8:e0:8c:a9:d6: 04:39:32:f0:c3:55:85:da:e1:b0:2e:d6:93:a0:f3: ca:6d:8c:8f:d5:77:d2:08:5b:60:b4:23:1d:d9:71: e8:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:61:2B:26:E0:BC:62:D8:73:93:71:1F:93:BF:BD:A6:7D:F0:C0:D7 X509v3 Authority Key Identifier: keyid:72:92:6F:C6:0F:7C:18:4A:61:D7:3B:D0:94:AA:6A:38:6B:63:00:2A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91805CE/0EB09D36AE7411EE8CED235CC4F9AE02/cpJvxg98GEph1zvQlKpqOGtjACo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cpJvxg98GEph1zvQlKpqOGtjACo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91805CE/0EB09D36AE7411EE8CED235CC4F9AE02/9E194914B3EC11EE8B2EE910C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 202.74.128.0/20 202.74.147.0-202.74.150.255 202.74.152.0/22 Signature Algorithm: sha256WithRSAEncryption 5e:66:e2:0d:09:a1:05:91:f0:a2:d9:e9:cd:c8:2b:24:cf:02: 34:e7:e6:ce:c4:ab:24:04:86:18:71:c8:44:ff:f6:a9:c5:5c: ac:94:65:90:8a:63:88:eb:85:a4:6d:92:a6:87:91:c4:e6:d8: 42:21:a6:f7:a6:ca:03:db:9b:e0:bc:40:b4:4d:40:44:d6:ce: 2a:13:c3:57:dc:67:ec:ae:50:4b:67:03:8e:4c:fb:c1:39:d6: 2b:41:98:c4:e1:0e:5f:88:9b:ab:03:af:2a:46:c1:5d:b4:80: 50:16:04:2a:13:f1:30:de:da:42:25:cd:de:f7:82:03:35:00: f3:31:7e:fe:0e:37:d7:60:ec:6f:3e:c1:57:e0:97:eb:f0:6f: c6:eb:b3:51:40:ea:b2:61:20:e4:ac:8c:22:93:c2:85:04:6f: cd:9f:ac:17:38:52:6d:20:23:23:b7:c5:62:70:3d:76:c9:de: fb:ea:02:38:90:55:ef:0a:ac:13:c3:d5:06:ca:f8:31:ac:90: d2:fc:68:f8:83:ab:59:03:f2:e1:ed:34:7f:80:ca:b1:e5:15: f7:f9:c1:09:a2:c8:0f:f9:a2:59:fd:82:09:e6:08:4e:15:ed: ba:a7:5c:e0:58:5e:a3:e5:50:1f:87:cf:85:c8:50:4a:fb:18: 89:e2:b8:80 -----BEGIN CERTIFICATE----- MIIFUDCCBDigAwIBAgICAbMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODA1Q0UxMTAvBgNVBAUTKDcyOTI2RkM2MEY3QzE4NEE2MUQ3M0JEMDk0QUE2QTM4 NkI2MzAwMkEwHhcNMjUxMDAxMjE0MDM2WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE1YWI0Yy05YzQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz137R8kMfCzxcNv4VaN1iPai+soymRfT0BRCFzNKgEfwPa9Wpn6Ykmwv+bxb a1tLsJOJfKUBAD6XK7F47KibBYD6yvuahpq13Nr/fslayTSvWnuCqp0IR++RZIvK uwBqy+3xEa1CuBpmOHpM7wWrYahc4lsTooCIBgFT11RgjPbeH0rLEm1/2aJH8tNg eQIYJmiEbzWf14Jpk5Ro4eyHAFD4dJt2zI8FZWIu1w26ZX/eBbk3x7jeQTtdKco1 trAaLZ/pd9M/ASX32iT0TLrB50A1y/12Ew/ZNZvrqOCMqdYEOTLww1WF2uGwLtaT oPPKbYyP1XfSCFtgtCMd2XHoJwIDAQABo4ICdDCCAnAwHQYDVR0OBBYEFDlhKybg vGLYc5NxH5O/vaZ98MDXMB8GA1UdIwQYMBaAFHKSb8YPfBhKYdc70JSqajhrYwAq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MDVDRS8wRUIwOUQzNkFF NzQxMUVFOENFRDIzNUNDNEY5QUUwMi9jcEp2eGc5OEdFcGgxenZRbEtwcU9HdGpB Q28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NwSnZ4Zzk4R0VwaDF6dlFsS3BxT0d0akFDby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODA1Q0UvMEVCMDlEMzZBRTc0MTFFRThDRUQyMzVDQzRGOUFFMDIvOUUxOTQ5MTRC M0VDMTFFRThCMkVFOTEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBwEHAQH/BCQwIjAg BAIAATAaAwQEykqAMAwDBADKSpMDBADKSpYDBALKSpgwDQYJKoZIhvcNAQELBQAD ggEBAF5m4g0JoQWR8KLZ6c3IKyTPAjTn5s7EqyQEhhhxyET/9qnFXKyUZZCKY4jr haRtkqaHkcTm2EIhpvemygPbm+C8QLRNQETWzioTw1fcZ+yuUEtnA45M+8E51itB mMThDl+Im6sDrypGwV20gFAWBCoT8TDe2kIlzd73ggM1APMxfv4ON9dg7G8+wVfg l+vwb8brs1FA6rJhIOSsjCKTwoUEb82frBc4Um0gIyO3xWJwPXbJ3vvqAjiQVe8K rBPD1QbK+DGskNL8aPiDq1kD8uHtNH+AyrHlFff5wQmiyA/5oln9ggnmCE4V7bqn XOBYXqPlUB+Hz4XIUEr7GIniuIA= -----END CERTIFICATE-----Generated at Thu Mar 26 08:50:08 2026 by rpki-client