$ rpki-client -vvf rpki.apnic.net/member_repository/A9117E4D/EA1B1D6A1D8511E2979FE7DC08B02CD2/2FA57B9A97B611EDAE9D4381C4F9AE02.roa File: 2FA57B9A97B611EDAE9D4381C4F9AE02.roa (raw, json) Hash identifier: 3p8lhXOghfUUqdrTyAduNREPHKMrwV/GjFpR+aXGNZ8= Subject key identifier: A9:FB:57:1F:98:FD:51:DC:DE:E8:C2:14:70:AE:12:FE:00:88:9F:2B Certificate issuer: /CN=A9117E4D/serialNumber=AE107F3C2977717A1CD3571D183748FD07D9FC5F Certificate serial: 3570 Authority key identifier: AE:10:7F:3C:29:77:71:7A:1C:D3:57:1D:18:37:48:FD:07:D9:FC:5F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rhB_PCl3cXoc01cdGDdI_QfZ_F8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9117E4D/EA1B1D6A1D8511E2979FE7DC08B02CD2/2FA57B9A97B611EDAE9D4381C4F9AE02.roa Signing time: Tue 19 May 2026 08:03:13 +0000 ROA not before: Tue 19 May 2026 08:03:13 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 7545 IP address blocks: 14.202.192.0/24 maxlen: 24 60.241.61.0/24 maxlen: 24 110.175.127.0/24 maxlen: 24 202.161.118.0/24 maxlen: 24 203.219.48.0/22 maxlen: 22 220.240.122.0/24 maxlen: 24 220.245.124.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9117E4D/EA1B1D6A1D8511E2979FE7DC08B02CD2/rhB_PCl3cXoc01cdGDdI_QfZ_F8.crl rsync://rpki.apnic.net/member_repository/A9117E4D/EA1B1D6A1D8511E2979FE7DC08B02CD2/rhB_PCl3cXoc01cdGDdI_QfZ_F8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rhB_PCl3cXoc01cdGDdI_QfZ_F8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 11 Jun 2026 14:26:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13680 (0x3570) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9117E4D, serialNumber=AE107F3C2977717A1CD3571D183748FD07D9FC5F Validity Not Before: May 19 08:03:13 2026 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=6a0c1941-bd3e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:9a:6b:de:ef:fb:d5:d2:ba:f0:d2:fc:94:30: 2e:a3:a3:15:23:84:1c:63:c5:0f:d3:9a:e9:fc:b5: 36:0c:88:a6:71:dc:ea:67:eb:7f:5b:27:fc:8d:5a: 1b:30:35:c6:b8:52:73:ae:b2:3e:86:1f:78:bf:6f: df:4b:bd:ad:98:a3:82:c1:44:23:9a:3e:dc:f7:bc: 7e:aa:2e:49:8c:81:81:50:0d:8a:fb:6e:0e:4d:2e: 35:d4:65:4f:c7:fc:89:b9:e7:24:4b:72:d4:a5:ed: f3:13:30:6c:b5:39:b6:d0:8d:76:96:d7:dc:6b:95: 7d:66:37:33:3f:29:a1:a5:77:26:41:3a:28:6b:74: 25:fb:75:e0:de:da:53:f0:07:30:4f:68:35:a0:d2: f0:cb:fd:43:a5:a4:b6:32:7b:c0:8b:e9:6a:fe:f5: 40:b6:d4:ea:fd:24:f5:28:cd:f2:94:9b:38:9e:1c: 43:0b:8c:12:1b:46:b4:93:e6:e1:e5:7a:e1:5a:2c: e3:03:e6:25:d4:d0:ef:e2:d8:e6:a8:41:cf:7a:99: ff:7a:69:63:48:a7:b0:c0:63:0f:2e:80:3a:fe:e5: ca:91:0f:19:67:4b:17:a2:f9:2e:0b:94:7f:76:dc: 5e:d9:37:a0:64:60:58:bc:1a:5b:ff:2a:13:a5:ea: 09:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:FB:57:1F:98:FD:51:DC:DE:E8:C2:14:70:AE:12:FE:00:88:9F:2B X509v3 Authority Key Identifier: keyid:AE:10:7F:3C:29:77:71:7A:1C:D3:57:1D:18:37:48:FD:07:D9:FC:5F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9117E4D/EA1B1D6A1D8511E2979FE7DC08B02CD2/rhB_PCl3cXoc01cdGDdI_QfZ_F8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rhB_PCl3cXoc01cdGDdI_QfZ_F8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9117E4D/EA1B1D6A1D8511E2979FE7DC08B02CD2/2FA57B9A97B611EDAE9D4381C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 14.202.192.0/24 60.241.61.0/24 110.175.127.0/24 202.161.118.0/24 203.219.48.0/22 220.240.122.0/24 220.245.124.0/22 Signature Algorithm: sha256WithRSAEncryption 68:52:ab:34:7b:39:f9:6c:d3:3e:01:c3:8a:d9:c4:01:a4:51: a2:dc:75:48:5d:c4:1d:f1:74:40:91:17:a5:ee:8e:ef:9a:04: 8b:8e:dd:7b:a7:ad:d0:23:4c:9f:2e:97:5b:c1:5c:c9:c7:1b: 02:e4:99:ec:dd:4d:97:c8:c1:cf:01:71:73:74:7e:31:66:17: 05:95:7f:6d:88:ea:d6:46:7e:9a:50:db:3d:f9:f8:6a:c2:7f: 3d:3a:d4:25:79:90:88:82:ed:28:84:8f:ae:8d:07:4d:ae:36: 34:b1:94:82:c6:0f:66:eb:89:eb:8a:8c:42:d7:eb:2a:57:66: 75:7e:0d:c7:d1:f9:de:ff:59:34:6f:d0:bd:65:05:2d:da:0d: 55:5a:ec:4a:d3:15:ec:fa:1e:09:c1:5a:79:64:38:9b:ca:f6: 6e:2d:bc:6c:c5:ab:a6:ad:97:ce:d0:d2:d1:6a:8d:10:ab:02: 69:c6:35:e0:0d:4e:60:2c:5b:50:ed:7a:1d:b5:86:6e:a4:79: 69:c2:e2:ef:74:f2:d3:e1:58:9a:af:2a:08:4d:12:6c:86:ee: a0:53:3e:17:2c:21:a1:80:f9:f3:c9:c4:be:9b:f8:12:d4:f8: 4e:7d:95:d6:5b:ff:a9:b4:6f:b1:cc:5b:5c:ac:e0:db:61:c5: 82:89:e6:81 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgICNXAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTdFNEQxMTAvBgNVBAUTKEFFMTA3RjNDMjk3NzcxN0ExQ0QzNTcxRDE4Mzc0OEZE MDdEOUZDNUYwHhcNMjYwNTE5MDgwMzEzWhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02YTBjMTk0MS1iZDNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAo5pr3u/71dK68NL8lDAuo6MVI4QcY8UP05rp/LU2DIimcdzqZ+t/Wyf8jVob MDXGuFJzrrI+hh94v2/fS72tmKOCwUQjmj7c97x+qi5JjIGBUA2K+24OTS411GVP x/yJueckS3LUpe3zEzBstTm20I12ltfca5V9ZjczPymhpXcmQTooa3Ql+3Xg3tpT 8AcwT2g1oNLwy/1DpaS2MnvAi+lq/vVAttTq/ST1KM3ylJs4nhxDC4wSG0a0k+bh 5XrhWizjA+Yl1NDv4tjmqEHPepn/emljSKewwGMPLoA6/uXKkQ8ZZ0sXovkuC5R/ dtxe2TegZGBYvBpb/yoTpeoJlwIDAQABo4IChDCCAoAwHQYDVR0OBBYEFKn7Vx+Y /VHc3ujCFHCuEv4AiJ8rMB8GA1UdIwQYMBaAFK4Qfzwpd3F6HNNXHRg3SP0H2fxf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExN0U0RC9FQTFCMUQ2QTFE ODUxMUUyOTc5RkU3REMwOEIwMkNEMi9yaEJfUENsM2NYb2MwMWNkR0RkSV9RZlpf RjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JoQl9QQ2wzY1hvYzAxY2RHRGRJX1FmWl9GOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MTdFNEQvRUExQjFENkExRDg1MTFFMjk3OUZFN0RDMDhCMDJDRDIvMkZBNTdCOUE5 N0I2MTFFREFFOUQ0MzgxQzRGOUFFMDIucm9hMEMGCCsGAQUFBwEHAQH/BDQwMjAw BAIAATAqAwQADsrAAwQAPPE9AwQAbq9/AwQAyqF2AwQCy9swAwQA3PB6AwQC3PV8 MA0GCSqGSIb3DQEBCwUAA4IBAQBoUqs0ezn5bNM+AcOK2cQBpFGi3HVIXcQd8XRA kRel7o7vmgSLjt17p63QI0yfLpdbwVzJxxsC5Jns3U2XyMHPAXFzdH4xZhcFlX9t iOrWRn6aUNs9+fhqwn89OtQleZCIgu0ohI+ujQdNrjY0sZSCxg9m64nrioxC1+sq V2Z1fg3H0fne/1k0b9C9ZQUt2g1VWuxK0xXs+h4JwVp5ZDibyvZuLbxsxaumrZfO 0NLRao0QqwJpxjXgDU5gLFtQ7XodtYZupHlpwuLvdPLT4ViaryoITRJshu6gUz4X LCGhgPnzycS+m/gS1PhOfZXWW/+ptG+xzFtcrODbYcWCieaB -----END CERTIFICATE-----Generated at Sat Jun 6 10:51:19 2026 by rpki-client