$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC46A/00500164943211E68C1B824AC4F9AE02/527AA5C69F4F11EAA7970484C4F9AE02.roa File: 527AA5C69F4F11EAA7970484C4F9AE02.roa (raw, json) Hash identifier: cWHGKEyK1/n+XzphhsGriIZiXwfaKLq/Wm0XGKlIaZU= Subject key identifier: 9A:5A:5A:94:89:BD:A5:42:B4:0F:90:63:68:A9:CD:3C:B5:0C:F9:F5 Certificate issuer: /CN=A91DC46A/serialNumber=F8D4A632D069964C61A33E41D6243D535B007D54 Certificate serial: 1EC8 Authority key identifier: F8:D4:A6:32:D0:69:96:4C:61:A3:3E:41:D6:24:3D:53:5B:00:7D:54 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-NSmMtBplkxhoz5B1iQ9U1sAfVQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DC46A/00500164943211E68C1B824AC4F9AE02/527AA5C69F4F11EAA7970484C4F9AE02.roa Signing time: Mon 02 Mar 2026 16:18:58 +0000 ROA not before: Mon 02 Mar 2026 16:18:58 +0000 ROA not after: Wed 31 Mar 2027 00:00:00 +0000 asID: 45121 IP address blocks: 27.131.62.0/23 maxlen: 23 27.131.62.0/24 maxlen: 24 27.131.63.0/24 maxlen: 24 103.221.63.0/24 maxlen: 24 122.0.31.0/24 maxlen: 24 202.133.108.0/22 maxlen: 22 202.133.108.0/23 maxlen: 24 202.133.110.0/23 maxlen: 24 2405:6400:4000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DC46A/00500164943211E68C1B824AC4F9AE02/-NSmMtBplkxhoz5B1iQ9U1sAfVQ.crl rsync://rpki.apnic.net/member_repository/A91DC46A/00500164943211E68C1B824AC4F9AE02/-NSmMtBplkxhoz5B1iQ9U1sAfVQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-NSmMtBplkxhoz5B1iQ9U1sAfVQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 02 Apr 2026 16:03:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7880 (0x1ec8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DC46A, serialNumber=F8D4A632D069964C61A33E41D6243D535B007D54 Validity Not Before: Mar 2 16:18:58 2026 GMT Not After : Mar 31 00:00:00 2027 GMT Subject: CN=69a5b871-b5b9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:e9:8d:d3:d7:68:2d:f4:8f:2b:2d:35:35:5c: 64:b6:81:4b:e8:9e:ea:07:c3:b8:1a:b8:17:9b:61: 4f:d0:b5:4e:5a:d2:df:56:4f:74:01:44:b5:30:8e: a9:cc:88:41:5e:b6:62:78:ef:99:40:12:7e:79:56: 0f:11:05:85:94:64:ce:47:35:d3:fb:9f:27:69:df: f4:59:4b:ee:e2:13:5c:0d:63:96:86:c3:40:e6:4d: e7:c8:d5:dd:f5:c8:06:13:68:ac:c2:93:a6:8d:3d: 55:a0:a7:cc:76:f8:ea:31:9b:14:43:25:e3:46:86: 7f:ad:9d:c8:3e:e2:1a:ef:e5:ec:6c:2e:0a:97:bc: 6e:49:b3:ac:7f:54:a1:2c:7b:2f:a8:77:5a:fd:e1: 22:c9:65:ab:1b:d4:d7:a3:ea:24:bb:1b:0d:71:0a: 1d:c3:50:98:db:09:75:4c:82:ab:e3:a4:fa:ff:10: 75:ca:95:9d:c7:10:81:b5:05:1f:29:75:15:6e:0b: b0:d6:0f:9e:ca:20:6d:ef:ba:86:73:47:d7:0c:51: e2:19:4f:68:64:b7:49:bb:53:8b:de:b9:aa:32:fc: f4:58:6f:20:85:cb:bd:38:79:c4:26:ee:cf:21:88: 6a:1b:70:8d:b6:fb:5b:8c:6b:50:55:0a:93:53:48: fc:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:5A:5A:94:89:BD:A5:42:B4:0F:90:63:68:A9:CD:3C:B5:0C:F9:F5 X509v3 Authority Key Identifier: keyid:F8:D4:A6:32:D0:69:96:4C:61:A3:3E:41:D6:24:3D:53:5B:00:7D:54 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DC46A/00500164943211E68C1B824AC4F9AE02/-NSmMtBplkxhoz5B1iQ9U1sAfVQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-NSmMtBplkxhoz5B1iQ9U1sAfVQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC46A/00500164943211E68C1B824AC4F9AE02/527AA5C69F4F11EAA7970484C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 27.131.62.0/23 103.221.63.0/24 122.0.31.0/24 202.133.108.0/22 IPv6: 2405:6400:4000::/36 Signature Algorithm: sha256WithRSAEncryption 2f:bc:4f:6d:41:46:10:fa:54:7f:0b:5b:2e:7e:80:ce:6f:a4: 13:5b:27:6a:5d:2d:6b:85:e3:cf:c1:7b:ca:8d:55:85:65:67: c0:a2:95:e4:18:f8:43:8a:8b:94:65:12:36:1b:d0:79:81:c0: 33:07:8b:4e:33:c7:91:e4:4d:f3:bd:8e:a2:9a:3c:75:36:cd: 9d:2a:c0:e9:e8:e9:ea:4c:1a:35:e4:95:8f:85:79:5c:ae:da: ec:a1:2b:c4:ba:21:6b:18:28:ac:fa:77:b9:7b:2a:f0:71:eb: 9b:ea:b3:3a:6a:cc:34:18:02:18:3d:07:a2:b3:4b:25:82:e9: 0e:37:58:6b:64:d2:8a:c3:ce:8b:1b:b4:9d:ae:88:e5:51:04: a2:9f:83:76:7e:19:91:e2:5c:33:6b:d6:df:33:da:0c:08:46: a2:b7:19:8e:c6:21:bf:96:94:d7:fe:3d:bc:fd:23:04:47:f4: 67:c8:af:a8:a4:45:d8:3c:5f:d3:09:3e:0b:9e:78:48:35:69: 08:9a:84:ba:0d:73:72:05:f3:ab:c0:25:aa:1c:ca:d2:e5:a6: d7:a2:d6:e6:cf:00:61:11:15:29:5f:16:65:d3:70:72:5d:44: 78:5c:3a:4c:35:02:59:59:3f:21:ff:9b:e9:28:e6:d2:23:2c: 46:0f:c5:b8 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgICHsgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REM0NkExMTAvBgNVBAUTKEY4RDRBNjMyRDA2OTk2NEM2MUEzM0U0MUQ2MjQzRDUz NUIwMDdENTQwHhcNMjYwMzAyMTYxODU4WhcNMjcwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE1Yjg3MS1iNWI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApOmN09doLfSPKy01NVxktoFL6J7qB8O4GrgXm2FP0LVOWtLfVk90AUS1MI6p zIhBXrZieO+ZQBJ+eVYPEQWFlGTORzXT+58nad/0WUvu4hNcDWOWhsNA5k3nyNXd 9cgGE2iswpOmjT1VoKfMdvjqMZsUQyXjRoZ/rZ3IPuIa7+XsbC4Kl7xuSbOsf1Sh LHsvqHda/eEiyWWrG9TXo+okuxsNcQodw1CY2wl1TIKr46T6/xB1ypWdxxCBtQUf KXUVbguw1g+eyiBt77qGc0fXDFHiGU9oZLdJu1OL3rmqMvz0WG8ghcu9OHnEJu7P IYhqG3CNtvtbjGtQVQqTU0j8QwIDAQABo4ICgjCCAn4wHQYDVR0OBBYEFJpaWpSJ vaVCtA+QY2ipzTy1DPn1MB8GA1UdIwQYMBaAFPjUpjLQaZZMYaM+QdYkPVNbAH1U MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzQ2QS8wMDUwMDE2NDk0 MzIxMUU2OEMxQjgyNEFDNEY5QUUwMi8tTlNtTXRCcGxreGhvejVCMWlROVUxc0Fm VlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1OU21NdEJwbGt4aG96NUIxaVE5VTFzQWZWUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx REM0NkEvMDA1MDAxNjQ5NDMyMTFFNjhDMUI4MjRBQzRGOUFFMDIvNTI3QUE1QzY5 RjRGMTFFQUE3OTcwNDg0QzRGOUFFMDIucm9hMEEGCCsGAQUFBwEHAQH/BDIwMDAe BAIAATAYAwQBG4M+AwQAZ90/AwQAegAfAwQCyoVsMA4EAgACMAgDBgQkBWQAQDAN BgkqhkiG9w0BAQsFAAOCAQEAL7xPbUFGEPpUfwtbLn6Azm+kE1snal0ta4Xjz8F7 yo1VhWVnwKKV5Bj4Q4qLlGUSNhvQeYHAMweLTjPHkeRN872Oopo8dTbNnSrA6ejp 6kwaNeSVj4V5XK7a7KErxLohaxgorPp3uXsq8HHrm+qzOmrMNBgCGD0HorNLJYLp DjdYa2TSisPOixu0na6I5VEEop+Ddn4ZkeJcM2vW3zPaDAhGorcZjsYhv5aU1/49 vP0jBEf0Z8ivqKRF2Dxf0wk+C554SDVpCJqEug1zcgXzq8AlqhzK0uWm16LW5s8A YREVKV8WZdNwcl1EeFw6TDUCWVk/If+b6Sjm0iMsRg/FuA== -----END CERTIFICATE-----Generated at Fri Mar 27 06:21:06 2026 by rpki-client