$ rpki-client -vvf rpki.apnic.net/member_repository/A91F9605/36666D6E870911EB823B3356C4F9AE02/9BC411EEA03F11F094CBF530C4F9AE02.roa File: 9BC411EEA03F11F094CBF530C4F9AE02.roa (raw, json) Hash identifier: KELxgiLDTZhlXFvFngFOfFbDFqtdPbkXc16UcXa81Vo= Subject key identifier: C3:8C:1A:87:B3:12:BD:5E:FA:05:F3:52:2A:F3:AD:4F:D8:C4:F7:82 Certificate issuer: /CN=A91F9605/serialNumber=681884C0C7557E526EF2BC4D1E5ABC336AE27F9E Certificate serial: 06F3 Authority key identifier: 68:18:84:C0:C7:55:7E:52:6E:F2:BC:4D:1E:5A:BC:33:6A:E2:7F:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aBiEwMdVflJu8rxNHlq8M2rif54.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F9605/36666D6E870911EB823B3356C4F9AE02/9BC411EEA03F11F094CBF530C4F9AE02.roa Signing time: Sun 01 Mar 2026 15:45:59 +0000 ROA not before: Wed 14 Jan 2026 22:18:26 +0000 ROA not after: Wed 31 Mar 2027 00:00:00 +0000 asID: 17648 IP address blocks: 110.50.32.0/20 maxlen: 20 110.50.48.0/21 maxlen: 21 110.50.56.0/22 maxlen: 22 110.50.60.0/24 maxlen: 24 110.50.61.0/24 maxlen: 24 110.50.62.0/23 maxlen: 24 202.134.192.0/20 maxlen: 20 202.134.192.0/24 maxlen: 24 202.134.193.0/24 maxlen: 24 202.134.194.0/24 maxlen: 24 202.134.195.0/24 maxlen: 24 202.134.196.0/24 maxlen: 24 202.134.197.0/24 maxlen: 24 202.134.198.0/24 maxlen: 24 202.134.199.0/24 maxlen: 24 202.134.200.0/24 maxlen: 24 202.134.201.0/24 maxlen: 24 202.134.202.0/24 maxlen: 24 202.134.203.0/24 maxlen: 24 202.134.204.0/24 maxlen: 24 202.134.205.0/24 maxlen: 24 202.134.206.0/24 maxlen: 24 202.134.207.0/24 maxlen: 24 2406:2e00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F9605/36666D6E870911EB823B3356C4F9AE02/aBiEwMdVflJu8rxNHlq8M2rif54.crl rsync://rpki.apnic.net/member_repository/A91F9605/36666D6E870911EB823B3356C4F9AE02/aBiEwMdVflJu8rxNHlq8M2rif54.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aBiEwMdVflJu8rxNHlq8M2rif54.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 21:48:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1779 (0x6f3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F9605, serialNumber=681884C0C7557E526EF2BC4D1E5ABC336AE27F9E Validity Not Before: Jan 14 22:18:26 2026 GMT Not After : Mar 31 00:00:00 2027 GMT Subject: CN=69a45f37-d67c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:94:dd:e4:f4:bd:23:62:a3:c7:0d:1e:0b:b3: 59:1c:d7:6b:e2:69:6b:85:8e:88:e9:0e:2f:fc:c7: 92:32:e2:00:c8:52:ef:65:a2:6a:06:22:f2:54:25: 91:2c:b8:cc:74:6b:45:a2:e0:a4:ba:82:fb:7d:40: 62:c2:46:a8:5f:11:0c:86:5b:9b:3e:fd:5a:7b:ce: 8e:cb:77:af:5d:9c:f7:42:7b:ff:79:6b:ce:c9:b8: 3f:57:1d:fb:d2:48:8c:9b:2a:8b:2b:73:19:f1:7c: 2e:f9:16:5d:67:3f:a8:6a:26:30:e1:5b:41:2e:52: 15:ab:d3:0a:0b:ff:df:46:12:c3:71:14:ee:12:a0: e2:43:95:a7:c7:11:a4:c3:73:fa:5a:8f:21:6b:70: ba:1a:3d:d1:0e:68:86:40:dd:90:66:1e:49:34:d2: 93:a0:36:38:aa:8e:bc:f1:f6:35:3b:f9:75:4a:0e: 9e:88:a9:02:e5:0d:eb:35:26:a3:2c:3a:26:dd:a6: 68:2d:bb:5b:b8:f9:16:c6:46:a2:bb:6d:e7:12:22: de:ff:04:77:51:cb:2a:f7:0b:12:1e:ce:8d:32:58: 8e:7d:fb:0c:85:95:a0:dd:96:84:03:90:01:b9:49: e5:2f:84:50:ef:05:da:52:23:54:87:ed:6c:b7:be: 60:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:8C:1A:87:B3:12:BD:5E:FA:05:F3:52:2A:F3:AD:4F:D8:C4:F7:82 X509v3 Authority Key Identifier: keyid:68:18:84:C0:C7:55:7E:52:6E:F2:BC:4D:1E:5A:BC:33:6A:E2:7F:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F9605/36666D6E870911EB823B3356C4F9AE02/aBiEwMdVflJu8rxNHlq8M2rif54.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aBiEwMdVflJu8rxNHlq8M2rif54.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F9605/36666D6E870911EB823B3356C4F9AE02/9BC411EEA03F11F094CBF530C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 110.50.32.0/19 202.134.192.0/20 IPv6: 2406:2e00::/32 Signature Algorithm: sha256WithRSAEncryption 01:0a:f6:49:54:e6:ac:37:9f:c1:1e:33:78:bf:47:6f:6d:92: 98:8b:ca:2a:1c:bf:37:0c:f5:8e:77:8a:85:ac:70:71:ee:29: 72:d6:db:c5:24:ea:d2:26:ed:f2:2a:b9:ff:21:c8:bb:3b:4e: 9a:c6:68:9f:7a:ce:9b:79:65:28:e7:b7:1d:87:70:a1:1e:d6: 45:17:0d:df:c3:7c:21:aa:ca:39:00:06:61:ba:e0:49:71:b7: 7f:b6:0f:b4:a4:32:59:a6:ba:a0:86:74:85:7e:67:68:ba:0a: 94:bd:e7:82:f6:7e:36:41:36:1d:f4:44:77:27:82:8e:33:a2: 28:ea:9f:5d:ed:8f:4b:68:56:62:31:35:02:18:7f:a6:70:58: ba:50:86:93:f1:fe:a2:b0:65:3c:06:a0:91:0a:5e:f7:a8:0d: dd:a9:36:6b:3a:0d:df:c2:c1:11:ac:a4:cc:05:c5:42:e8:f9: 00:ab:d0:79:55:87:46:2c:2a:c8:fd:1f:fe:09:98:65:01:12: 50:03:e0:71:32:2e:3c:2d:aa:d4:0f:0b:5b:84:23:63:80:d4: 04:d1:50:93:81:e0:1c:ed:40:5d:be:05:c2:1d:00:ba:97:c9: 95:22:29:a3:3c:92:b1:1b:7e:33:04:1e:35:73:d4:39:c3:44: f0:c8:12:23 -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgICBvMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Rjk2MDUxMTAvBgNVBAUTKDY4MTg4NEMwQzc1NTdFNTI2RUYyQkM0RDFFNUFCQzMz NkFFMjdGOUUwHhcNMjYwMTE0MjIxODI2WhcNMjcwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NWYzNy1kNjdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmJTd5PS9I2Kjxw0eC7NZHNdr4mlrhY6I6Q4v/MeSMuIAyFLvZaJqBiLyVCWR LLjMdGtFouCkuoL7fUBiwkaoXxEMhlubPv1ae86Oy3evXZz3Qnv/eWvOybg/Vx37 0kiMmyqLK3MZ8Xwu+RZdZz+oaiYw4VtBLlIVq9MKC//fRhLDcRTuEqDiQ5WnxxGk w3P6Wo8ha3C6Gj3RDmiGQN2QZh5JNNKToDY4qo688fY1O/l1Sg6eiKkC5Q3rNSaj LDom3aZoLbtbuPkWxkaiu23nEiLe/wR3Ucsq9wsSHs6NMliOffsMhZWg3ZaEA5AB uUnlL4RQ7wXaUiNUh+1st75gSQIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFMOMGoez Er1e+gXzUirzrU/YxPeCMB8GA1UdIwQYMBaAFGgYhMDHVX5SbvK8TR5avDNq4n+e MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOTYwNS8zNjY2NkQ2RTg3 MDkxMUVCODIzQjMzNTZDNEY5QUUwMi9hQmlFd01kVmZsSnU4cnhOSGxxOE0ycmlm NTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2FCaUV3TWRWZmxKdThyeE5IbHE4TTJyaWY1NC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Rjk2MDUvMzY2NjZENkU4NzA5MTFFQjgyM0IzMzU2QzRGOUFFMDIvOUJDNDExRUVB MDNGMTFGMDk0Q0JGNTMwQzRGOUFFMDIucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS BAIAATAMAwQFbjIgAwQEyobAMA0EAgACMAcDBQAkBi4AMA0GCSqGSIb3DQEBCwUA A4IBAQABCvZJVOasN5/BHjN4v0dvbZKYi8oqHL83DPWOd4qFrHBx7ily1tvFJOrS Ju3yKrn/Ici7O06axmifes6beWUo57cdh3ChHtZFFw3fw3whqso5AAZhuuBJcbd/ tg+0pDJZprqghnSFfmdougqUveeC9n42QTYd9ER3J4KOM6Io6p9d7Y9LaFZiMTUC GH+mcFi6UIaT8f6isGU8BqCRCl73qA3dqTZrOg3fwsERrKTMBcVC6PkAq9B5VYdG LCrI/R/+CZhlARJQA+BxMi48LarUDwtbhCNjgNQE0VCTgeAc7UBdvgXCHQC6l8mV IimjPJKxG34zBB41c9Q5w0TwyBIj -----END CERTIFICATE-----Generated at Thu Mar 26 05:41:36 2026 by rpki-client