$ rpki-client -vvf rpki.apnic.net/member_repository/A91124CD/B97B7638E02D11EE9A042F5CC4F9AE02/CC6220C0E02E11EEBA9D291AC4F9AE02.roa File: CC6220C0E02E11EEBA9D291AC4F9AE02.roa (raw, json) Hash identifier: XGT7f3N6d7VyR5B4Z12+X5V0xJRoN3FoBvQSpbBJPeI= Subject key identifier: 4F:79:68:58:3D:A9:F9:C1:CA:6C:29:69:F7:EA:2A:28:A6:BF:CD:4B Certificate issuer: /CN=A91124CD/serialNumber=B02396C1E4976DC24BB9F240F5CE556ED827FA2B Certificate serial: 0195 Authority key identifier: B0:23:96:C1:E4:97:6D:C2:4B:B9:F2:40:F5:CE:55:6E:D8:27:FA:2B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sCOWweSXbcJLufJA9c5Vbtgn-is.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91124CD/B97B7638E02D11EE9A042F5CC4F9AE02/CC6220C0E02E11EEBA9D291AC4F9AE02.roa Signing time: Wed 29 Apr 2026 05:39:48 +0000 ROA not before: Wed 29 Apr 2026 05:39:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 152636 IP address blocks: 202.37.40.0/23 maxlen: 23 202.37.40.0/24 maxlen: 24 202.37.41.0/24 maxlen: 24 2001:df3:89c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91124CD/B97B7638E02D11EE9A042F5CC4F9AE02/sCOWweSXbcJLufJA9c5Vbtgn-is.crl rsync://rpki.apnic.net/member_repository/A91124CD/B97B7638E02D11EE9A042F5CC4F9AE02/sCOWweSXbcJLufJA9c5Vbtgn-is.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sCOWweSXbcJLufJA9c5Vbtgn-is.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 May 2026 04:17:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 405 (0x195) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91124CD, serialNumber=B02396C1E4976DC24BB9F240F5CE556ED827FA2B Validity Not Before: Apr 29 05:39:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=69f199a4-b5fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:53:07:bb:4b:56:07:59:0f:ca:99:79:bd:c8: 61:fc:c7:ca:78:33:0d:15:46:45:c1:bb:6a:07:29: b2:25:27:c0:fc:e4:ed:1a:23:a1:96:14:1b:fc:32: d6:16:a4:87:41:56:74:a4:24:cd:fc:95:cf:80:b2: 36:f9:48:0a:4f:f5:50:a8:5a:df:38:7c:bb:88:0d: 44:a2:d1:32:e4:18:60:91:bf:4a:63:90:d1:9b:49: e7:d3:a2:ce:39:5c:e1:ea:ac:83:fc:1d:e7:a4:43: 37:65:88:c8:73:97:d7:35:f3:a5:39:d5:4d:ad:f5: 5e:b7:1b:b1:c3:a8:34:3f:7b:77:47:00:db:47:21: ca:34:d4:3f:19:9b:41:d2:0c:2a:32:90:9e:ca:1e: d7:66:77:c9:3f:83:37:d5:ce:47:a6:ed:22:30:64: 8d:11:f7:7d:07:d0:19:35:7b:e7:d7:fd:3f:83:b3: da:c5:31:a8:50:d1:84:43:c5:3f:16:0a:3d:b2:33: d8:fe:e6:a9:e0:f8:63:33:72:9b:cd:a2:35:77:27: 12:0c:90:78:c2:fd:21:2f:da:b7:55:aa:d8:80:0d: 90:0e:84:4a:fd:03:2c:aa:18:a7:78:4b:3b:f5:36: 54:98:a6:9c:c9:47:07:b6:4f:04:23:7d:bd:dc:ed: ad:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:79:68:58:3D:A9:F9:C1:CA:6C:29:69:F7:EA:2A:28:A6:BF:CD:4B X509v3 Authority Key Identifier: keyid:B0:23:96:C1:E4:97:6D:C2:4B:B9:F2:40:F5:CE:55:6E:D8:27:FA:2B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91124CD/B97B7638E02D11EE9A042F5CC4F9AE02/sCOWweSXbcJLufJA9c5Vbtgn-is.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sCOWweSXbcJLufJA9c5Vbtgn-is.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91124CD/B97B7638E02D11EE9A042F5CC4F9AE02/CC6220C0E02E11EEBA9D291AC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 202.37.40.0/23 IPv6: 2001:df3:89c0::/48 Signature Algorithm: sha256WithRSAEncryption 49:82:a0:25:2d:88:24:b7:84:57:3c:42:e0:cb:27:14:11:f9: f7:2d:0b:3d:73:4b:8a:33:a4:18:f1:f6:0e:37:7a:1f:4e:fe: 5d:5c:9e:e3:23:67:77:9f:4d:c7:e6:d9:7f:68:d5:9f:03:c9: 5a:ef:da:3d:2b:c6:94:6b:c1:cc:b3:f6:71:82:bb:8b:87:6c: e3:a1:97:e8:fd:fa:06:13:ee:5b:98:bc:2c:c5:22:02:e6:96: 34:1d:1d:89:42:ac:87:a8:b8:4c:2d:53:de:70:ce:0e:52:86: c2:90:34:7b:e7:24:5c:96:69:17:39:4b:6e:b5:7c:4e:85:98: d6:7f:a6:c9:7c:c1:43:90:93:1c:c9:f4:4d:9c:9c:7a:69:c7: 71:a5:c8:1b:4e:1a:53:e4:ed:25:cf:68:3a:51:e6:30:33:7c: 5b:94:ae:a5:72:1f:80:47:c8:d3:15:71:80:5b:1a:ee:7a:1c: f0:c5:a8:81:73:10:3d:3e:15:9a:95:59:b1:11:5d:11:e4:10: 8d:6e:93:23:2f:01:06:0b:bb:07:1b:60:9d:05:cd:7e:d4:65: 03:10:6c:63:ec:4c:39:a6:42:27:31:30:4e:44:67:f4:cc:3e: 7a:d5:c2:51:30:33:59:b8:8c:25:09:08:59:34:4c:71:45:2f: c9:f7:15:0d -----BEGIN CERTIFICATE----- MIIFTTCCBDWgAwIBAgICAZUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTI0Q0QxMTAvBgNVBAUTKEIwMjM5NkMxRTQ5NzZEQzI0QkI5RjI0MEY1Q0U1NTZF RDgyN0ZBMkIwHhcNMjYwNDI5MDUzOTQ4WhcNMjcwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWYxOTlhNC1iNWZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu1MHu0tWB1kPypl5vchh/MfKeDMNFUZFwbtqBymyJSfA/OTtGiOhlhQb/DLW FqSHQVZ0pCTN/JXPgLI2+UgKT/VQqFrfOHy7iA1EotEy5Bhgkb9KY5DRm0nn06LO OVzh6qyD/B3npEM3ZYjIc5fXNfOlOdVNrfVetxuxw6g0P3t3RwDbRyHKNNQ/GZtB 0gwqMpCeyh7XZnfJP4M31c5Hpu0iMGSNEfd9B9AZNXvn1/0/g7PaxTGoUNGEQ8U/ Fgo9sjPY/uap4PhjM3KbzaI1dycSDJB4wv0hL9q3VarYgA2QDoRK/QMsqhineEs7 9TZUmKacyUcHtk8EI3293O2tdQIDAQABo4ICcTCCAm0wHQYDVR0OBBYEFE95aFg9 qfnBymwpaffqKiimv81LMB8GA1UdIwQYMBaAFLAjlsHkl23CS7nyQPXOVW7YJ/or MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMjRDRC9COTdCNzYzOEUw MkQxMUVFOUEwNDJGNUNDNEY5QUUwMi9zQ09Xd2VTWGJjSkx1ZkpBOWM1VmJ0Z24t aXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3NDT1d3ZVNYYmNKTHVmSkE5YzVWYnRnbi1pcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MTI0Q0QvQjk3Qjc2MzhFMDJEMTFFRTlBMDQyRjVDQzRGOUFFMDIvQ0M2MjIwQzBF MDJFMTFFRUJBOUQyOTFBQzRGOUFFMDIucm9hMDAGCCsGAQUFBwEHAQH/BCEwHzAM BAIAATAGAwQByiUoMA8EAgACMAkDBwAgAQ3zicAwDQYJKoZIhvcNAQELBQADggEB AEmCoCUtiCS3hFc8QuDLJxQR+fctCz1zS4ozpBjx9g43eh9O/l1cnuMjZ3efTcfm 2X9o1Z8DyVrv2j0rxpRrwcyz9nGCu4uHbOOhl+j9+gYT7luYvCzFIgLmljQdHYlC rIeouEwtU95wzg5ShsKQNHvnJFyWaRc5S261fE6FmNZ/psl8wUOQkxzJ9E2cnHpp x3GlyBtOGlPk7SXPaDpR5jAzfFuUrqVyH4BHyNMVcYBbGu56HPDFqIFzED0+FZqV WbERXRHkEI1ukyMvAQYLuwcbYJ0FzX7UZQMQbGPsTDmmQicxME5EZ/TMPnrVwlEw M1m4jCUJCFk0THFFL8n3FQ0= -----END CERTIFICATE-----Generated at Thu May 21 10:52:27 2026 by rpki-client