$ rpki-client -vvf rpki.apnic.net/member_repository/A91D0853/5B94390E044111EB91C43E45C4F9AE02/3DAD522E1D7611EB8673F476C4F9AE02.roa File: 3DAD522E1D7611EB8673F476C4F9AE02.roa (raw, json) Hash identifier: VVuT0oGthuu1h4dpEkw5dwzZuqKsuK62xGDpmmEICJE= Subject key identifier: 44:1A:01:66:A6:F9:95:3E:E3:F5:21:BF:47:A4:60:7F:02:83:30:E1 Certificate issuer: /CN=A91D0853/serialNumber=E0F3CFBDFA7D074274FA749D4029CEE3588F77C3 Certificate serial: 0854 Authority key identifier: E0:F3:CF:BD:FA:7D:07:42:74:FA:74:9D:40:29:CE:E3:58:8F:77:C3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4PPPvfp9B0J0-nSdQCnO41iPd8M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D0853/5B94390E044111EB91C43E45C4F9AE02/3DAD522E1D7611EB8673F476C4F9AE02.roa Signing time: Sun 01 Mar 2026 17:35:53 +0000 ROA not before: Tue 04 Nov 2025 21:10:56 +0000 ROA not after: Sun 31 Jan 2027 00:00:00 +0000 asID: 17452 IP address blocks: 202.91.160.0/20 maxlen: 20 202.91.160.0/24 maxlen: 24 202.91.161.0/24 maxlen: 24 202.91.162.0/24 maxlen: 24 202.91.163.0/24 maxlen: 24 202.91.164.0/24 maxlen: 24 202.91.165.0/24 maxlen: 24 202.91.166.0/24 maxlen: 24 202.91.167.0/24 maxlen: 24 202.91.168.0/24 maxlen: 24 202.91.169.0/24 maxlen: 24 202.91.170.0/24 maxlen: 24 202.91.171.0/24 maxlen: 24 202.91.172.0/24 maxlen: 24 202.91.173.0/24 maxlen: 24 202.91.174.0/24 maxlen: 24 202.91.175.0/24 maxlen: 24 2401:2880::/32 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D0853/5B94390E044111EB91C43E45C4F9AE02/4PPPvfp9B0J0-nSdQCnO41iPd8M.crl rsync://rpki.apnic.net/member_repository/A91D0853/5B94390E044111EB91C43E45C4F9AE02/4PPPvfp9B0J0-nSdQCnO41iPd8M.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4PPPvfp9B0J0-nSdQCnO41iPd8M.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 02 Apr 2026 20:44:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2132 (0x854) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D0853, serialNumber=E0F3CFBDFA7D074274FA749D4029CEE3588F77C3 Validity Not Before: Nov 4 21:10:56 2025 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=69a478f9-70b9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:85:b0:73:e4:76:ab:52:a4:4a:64:6e:0f:08:f8: e1:74:58:0b:74:18:2c:f5:e3:c9:bd:de:33:0b:8d: d3:a2:83:37:23:49:f9:74:b7:4c:39:6c:b1:cb:9c: 25:17:85:3f:9a:fd:96:89:d6:d1:5f:e2:4d:04:7c: f8:ce:e5:45:67:d6:24:bc:d1:a5:b9:45:ef:30:86: 07:82:f7:6f:a1:d5:15:01:be:9d:04:d8:e7:ae:65: d0:9a:7c:d0:0e:cf:8a:43:fe:5f:a2:6c:1b:1a:60: 46:7c:4c:0b:7d:ec:c1:3d:48:93:76:d3:a7:72:d3: 02:3a:79:87:b1:25:d2:47:6a:d3:a7:3e:27:47:74: 38:d6:24:46:cf:57:11:9e:ab:b3:81:95:aa:fa:ad: cd:25:ff:15:71:80:ea:49:f0:6c:83:f9:29:0c:23: 0c:9d:2c:f5:02:40:3a:ab:b0:9a:aa:c0:3b:22:17: 8e:d3:6c:37:2b:da:a8:c5:de:fb:22:eb:1e:76:be: 23:2c:e2:5c:51:44:fd:78:8e:d6:09:f7:93:c1:1e: af:16:1b:f1:cd:91:6e:ea:01:59:1a:48:f2:51:1b: 26:50:1c:1e:13:85:6c:04:ec:79:c5:3d:4f:a8:94: fc:64:39:97:62:cc:c5:1b:b6:59:d6:99:8a:9b:67: f7:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:1A:01:66:A6:F9:95:3E:E3:F5:21:BF:47:A4:60:7F:02:83:30:E1 X509v3 Authority Key Identifier: keyid:E0:F3:CF:BD:FA:7D:07:42:74:FA:74:9D:40:29:CE:E3:58:8F:77:C3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D0853/5B94390E044111EB91C43E45C4F9AE02/4PPPvfp9B0J0-nSdQCnO41iPd8M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4PPPvfp9B0J0-nSdQCnO41iPd8M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D0853/5B94390E044111EB91C43E45C4F9AE02/3DAD522E1D7611EB8673F476C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 202.91.160.0/20 IPv6: 2401:2880::/32 Signature Algorithm: sha256WithRSAEncryption 15:ae:26:4e:4b:bf:16:dd:e2:b3:cf:6c:c7:b6:54:df:b3:e6: 09:16:5a:d4:c7:56:6f:ba:8e:a8:cb:6d:b0:32:c2:9c:96:89: eb:bc:28:64:d2:c0:99:eb:6f:33:59:1a:03:94:71:85:ad:49: e7:6f:d2:22:35:3b:1c:64:30:6b:ee:bc:86:66:e2:bb:bc:65: dc:ad:2f:c0:0a:bb:db:e8:5a:fb:58:00:28:05:27:a8:95:48: c2:04:c8:16:78:7a:17:4d:49:f3:b0:29:94:d7:35:57:c3:64: d9:bb:18:16:03:0f:5a:f2:1c:31:83:ca:92:6e:4e:af:78:42: e7:f6:28:7f:68:b4:2f:4f:20:5b:50:a1:cb:83:94:0d:c5:f3: 79:ad:f1:a0:cf:49:02:2f:b2:86:a5:b5:28:81:8d:34:aa:81: 0c:c8:87:d9:24:e8:68:d5:aa:d6:7b:d3:7d:42:3c:f7:ad:65: 9e:81:38:f5:b1:b4:78:dc:2d:b6:04:4f:6d:f0:59:84:fc:c7: e0:9f:13:4d:9d:f7:d2:25:e5:1b:6c:03:ec:49:ab:67:ed:bc: f0:73:6f:96:45:3f:ca:64:46:7a:3a:51:4c:4b:1a:d9:27:60: 5a:c2:f1:7d:ad:0b:b8:6a:a8:c2:d9:9a:ae:38:08:5d:84:b6: ce:10:6f:b1 -----BEGIN CERTIFICATE----- MIIFSzCCBDOgAwIBAgICCFQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDA4NTMxMTAvBgNVBAUTKEUwRjNDRkJERkE3RDA3NDI3NEZBNzQ5RDQwMjlDRUUz NTg4Rjc3QzMwHhcNMjUxMTA0MjExMDU2WhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NzhmOS03MGI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAhbBz5HarUqRKZG4PCPjhdFgLdBgs9ePJvd4zC43TooM3I0n5dLdMOWyxy5wl F4U/mv2WidbRX+JNBHz4zuVFZ9YkvNGluUXvMIYHgvdvodUVAb6dBNjnrmXQmnzQ Ds+KQ/5fomwbGmBGfEwLfezBPUiTdtOnctMCOnmHsSXSR2rTpz4nR3Q41iRGz1cR nquzgZWq+q3NJf8VcYDqSfBsg/kpDCMMnSz1AkA6q7CaqsA7IheO02w3K9qoxd77 Iusedr4jLOJcUUT9eI7WCfeTwR6vFhvxzZFu6gFZGkjyURsmUBweE4VsBOx5xT1P qJT8ZDmXYszFG7ZZ1pmKm2f3WwIDAQABo4ICbzCCAmswHQYDVR0OBBYEFEQaAWam +ZU+4/Uhv0ekYH8CgzDhMB8GA1UdIwQYMBaAFODzz736fQdCdPp0nUApzuNYj3fD MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMDg1My81Qjk0MzkwRTA0 NDExMUVCOTFDNDNFNDVDNEY5QUUwMi80UFBQdmZwOUIwSjAtblNkUUNuTzQxaVBk OE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRQUFB2ZnA5QjBKMC1uU2RRQ25PNDFpUGQ4TS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDA4NTMvNUI5NDM5MEUwNDQxMTFFQjkxQzQzRTQ1QzRGOUFFMDIvM0RBRDUyMkUx RDc2MTFFQjg2NzNGNDc2QzRGOUFFMDIucm9hMC4GCCsGAQUFBwEHAQH/BB8wHTAM BAIAATAGAwQEylugMA0EAgACMAcDBQAkASiAMA0GCSqGSIb3DQEBCwUAA4IBAQAV riZOS78W3eKzz2zHtlTfs+YJFlrUx1Zvuo6oy22wMsKclonrvChk0sCZ628zWRoD lHGFrUnnb9IiNTscZDBr7ryGZuK7vGXcrS/ACrvb6Fr7WAAoBSeolUjCBMgWeHoX TUnzsCmU1zVXw2TZuxgWAw9a8hwxg8qSbk6veELn9ih/aLQvTyBbUKHLg5QNxfN5 rfGgz0kCL7KGpbUogY00qoEMyIfZJOho1arWe9N9Qjz3rWWegTj1sbR43C22BE9t 8FmE/MfgnxNNnffSJeUbbAPsSatn7bzwc2+WRT/KZEZ6OlFMSxrZJ2BawvF9rQu4 aqjC2ZquOAhdhLbOEG+x -----END CERTIFICATE-----Generated at Sat Mar 28 12:07:34 2026 by rpki-client