$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBBD7/F93219126CB911EA80832E2EC4F9AE02/651072686CBB11EA95256D30C4F9AE02.roa File: 651072686CBB11EA95256D30C4F9AE02.roa (raw, json) Hash identifier: cASTkD6P0USvFC5JERidtks+A/4jhXTPcKKMZcEkZtY= Subject key identifier: E9:EB:8F:16:BD:6B:55:4F:7B:19:EA:C3:F5:02:D8:83:CA:08:17:F4 Certificate issuer: /CN=A91EBBD7/serialNumber=A9BB0DFB6D4FF63B728833BE0AD6623796EC8A19 Certificate serial: 0AD4 Authority key identifier: A9:BB:0D:FB:6D:4F:F6:3B:72:88:33:BE:0A:D6:62:37:96:EC:8A:19 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qbsN-21P9jtyiDO-CtZiN5bsihk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EBBD7/F93219126CB911EA80832E2EC4F9AE02/651072686CBB11EA95256D30C4F9AE02.roa Signing time: Mon 02 Mar 2026 05:06:57 +0000 ROA not before: Tue 30 Sep 2025 20:21:21 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 38004 IP address blocks: 202.89.24.0/21 maxlen: 21 202.89.24.0/25 maxlen: 25 202.89.24.128/25 maxlen: 25 202.89.25.0/24 maxlen: 25 202.89.26.0/24 maxlen: 24 202.89.29.0/24 maxlen: 24 2401:5f40::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EBBD7/F93219126CB911EA80832E2EC4F9AE02/qbsN-21P9jtyiDO-CtZiN5bsihk.crl rsync://rpki.apnic.net/member_repository/A91EBBD7/F93219126CB911EA80832E2EC4F9AE02/qbsN-21P9jtyiDO-CtZiN5bsihk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qbsN-21P9jtyiDO-CtZiN5bsihk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 19:14:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2772 (0xad4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EBBD7, serialNumber=A9BB0DFB6D4FF63B728833BE0AD6623796EC8A19 Validity Not Before: Sep 30 20:21:21 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=69a51af1-1e2c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:da:7c:bf:10:b4:04:f6:5f:8e:3a:5d:ce:b2: 8e:6d:56:3f:4e:b3:89:cb:97:1d:e3:d2:43:02:c4: 81:de:5a:8c:89:cd:2d:b0:a4:d5:f8:32:07:6a:4f: 53:b5:0d:57:7e:ed:6c:72:0f:d5:9f:91:a7:56:b8: 36:4f:7c:d6:17:97:51:75:ee:e5:6a:42:2d:2f:96: 2d:aa:85:91:a2:e4:c0:a9:5a:a1:71:6b:f8:c4:db: c0:2b:d7:cc:28:19:50:f5:b0:90:af:58:9a:a7:92: c8:3a:0c:0e:74:48:5a:fb:c9:97:a2:de:b9:2d:46: 50:54:62:90:9c:30:f5:76:1b:4f:65:8a:d7:a7:7c: 3d:3b:15:7c:01:41:6f:9e:b1:26:43:d4:57:a4:c7: c4:f1:42:59:ef:89:0b:5a:27:a5:c7:19:de:7a:77: 7a:e4:ba:12:7a:fe:b4:0d:e4:48:2a:b6:76:9c:a0: ee:aa:2c:54:04:6f:8b:23:f1:12:43:dc:2e:ab:78: c4:3b:9b:89:f6:4c:11:f0:ea:0d:7e:57:4f:2c:88: e0:42:97:47:7a:88:92:da:70:7c:2b:c1:d3:01:7f: fc:34:75:63:18:ad:fb:71:1e:83:53:8b:34:4c:4b: 05:2b:d3:4b:05:10:f6:03:86:a4:3d:d7:54:95:62: 5b:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:EB:8F:16:BD:6B:55:4F:7B:19:EA:C3:F5:02:D8:83:CA:08:17:F4 X509v3 Authority Key Identifier: keyid:A9:BB:0D:FB:6D:4F:F6:3B:72:88:33:BE:0A:D6:62:37:96:EC:8A:19 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EBBD7/F93219126CB911EA80832E2EC4F9AE02/qbsN-21P9jtyiDO-CtZiN5bsihk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qbsN-21P9jtyiDO-CtZiN5bsihk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBBD7/F93219126CB911EA80832E2EC4F9AE02/651072686CBB11EA95256D30C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 202.89.24.0/21 IPv6: 2401:5f40::/32 Signature Algorithm: sha256WithRSAEncryption c7:fc:c6:a5:98:e9:16:61:7e:14:92:1b:30:f1:a9:3e:33:57: 67:9d:36:40:9e:fe:9b:58:fc:91:3a:27:bc:d1:37:20:07:6b: f5:89:90:10:9c:50:e0:ce:8c:5a:86:d3:e0:2d:7f:fe:9e:b4: 71:e0:90:3e:74:f5:15:4d:37:08:84:e3:90:00:ef:ed:76:2e: 41:c8:d6:d0:a8:16:f2:85:7f:bc:45:75:72:b5:02:81:d7:16: f3:f8:57:0e:98:cb:b3:68:91:ad:40:9e:90:0f:3a:07:c7:eb: 35:ee:0f:32:e2:b2:cb:56:47:5b:b7:e2:50:1b:c8:62:6a:88: ba:36:41:ee:7a:d9:59:c7:00:2b:9c:85:de:b1:8a:6b:c5:42: 42:5d:5d:0e:1e:4e:e0:c7:b1:44:ae:96:bf:96:93:2b:f1:da: f0:29:c0:5a:d9:f9:2d:f7:19:e7:64:7a:14:2b:5d:17:b7:8a: 06:17:01:ff:8a:be:21:dc:80:d7:39:57:2b:c2:c3:54:6f:35: 41:ed:08:58:22:f3:45:0f:a7:26:e6:ef:5c:64:9f:66:20:e6: 36:c7:3a:3a:ae:c2:57:41:08:20:96:b4:83:3b:06:27:ab:b9: 92:81:98:c9:75:0d:20:b8:92:9c:61:50:80:9e:79:25:35:8e: a1:fd:64:e1 -----BEGIN CERTIFICATE----- MIIFSzCCBDOgAwIBAgICCtQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUJCRDcxMTAvBgNVBAUTKEE5QkIwREZCNkQ0RkY2M0I3Mjg4MzNCRTBBRDY2MjM3 OTZFQzhBMTkwHhcNMjUwOTMwMjAyMTIxWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE1MWFmMS0xZTJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0tp8vxC0BPZfjjpdzrKObVY/TrOJy5cd49JDAsSB3lqMic0tsKTV+DIHak9T tQ1Xfu1scg/Vn5GnVrg2T3zWF5dRde7lakItL5YtqoWRouTAqVqhcWv4xNvAK9fM KBlQ9bCQr1iap5LIOgwOdEha+8mXot65LUZQVGKQnDD1dhtPZYrXp3w9OxV8AUFv nrEmQ9RXpMfE8UJZ74kLWielxxneend65LoSev60DeRIKrZ2nKDuqixUBG+LI/ES Q9wuq3jEO5uJ9kwR8OoNfldPLIjgQpdHeoiS2nB8K8HTAX/8NHVjGK37cR6DU4s0 TEsFK9NLBRD2A4akPddUlWJb3QIDAQABo4ICbzCCAmswHQYDVR0OBBYEFOnrjxa9 a1VPexnqw/UC2IPKCBf0MB8GA1UdIwQYMBaAFKm7DfttT/Y7cogzvgrWYjeW7IoZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkJENy9GOTMyMTkxMjZD QjkxMUVBODA4MzJFMkVDNEY5QUUwMi9xYnNOLTIxUDlqdHlpRE8tQ3RaaU41YnNp aGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3Fic04tMjFQOWp0eWlETy1DdFppTjVic2loay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUJCRDcvRjkzMjE5MTI2Q0I5MTFFQTgwODMyRTJFQzRGOUFFMDIvNjUxMDcyNjg2 Q0JCMTFFQTk1MjU2RDMwQzRGOUFFMDIucm9hMC4GCCsGAQUFBwEHAQH/BB8wHTAM BAIAATAGAwQDylkYMA0EAgACMAcDBQAkAV9AMA0GCSqGSIb3DQEBCwUAA4IBAQDH /MalmOkWYX4Ukhsw8ak+M1dnnTZAnv6bWPyROie80TcgB2v1iZAQnFDgzoxahtPg LX/+nrRx4JA+dPUVTTcIhOOQAO/tdi5ByNbQqBbyhX+8RXVytQKB1xbz+FcOmMuz aJGtQJ6QDzoHx+s17g8y4rLLVkdbt+JQG8hiaoi6NkHuetlZxwArnIXesYprxUJC XV0OHk7gx7FErpa/lpMr8drwKcBa2fkt9xnnZHoUK10Xt4oGFwH/ir4h3IDXOVcr wsNUbzVB7QhYIvNFD6cm5u9cZJ9mIOY2xzo6rsJXQQgglrSDOwYnq7mSgZjJdQ0g uJKcYVCAnnklNY6h/WTh -----END CERTIFICATE-----Generated at Thu Mar 26 04:37:41 2026 by rpki-client