$ rpki-client -vvf rpki.apnic.net/member_repository/A914E928/89A60A0CC9D511F0897FDD4FC4F9AE02/802A01BE437D11F1AA74D0BFC1833773.roa File: 802A01BE437D11F1AA74D0BFC1833773.roa (raw, json) Hash identifier: zwGzXcWdxzBbO4129cWzndmAx1Ox+bcZUsPSbq4hjBc= Subject key identifier: C8:17:FF:1F:14:2B:90:B8:5B:AF:F5:E5:62:60:6A:D0:CF:39:DB:85 Certificate issuer: /CN=A914E928/serialNumber=346C20F389DB9EDC6A1BF2F4031A9A1703BE87E1 Certificate serial: 7A Authority key identifier: 34:6C:20:F3:89:DB:9E:DC:6A:1B:F2:F4:03:1A:9A:17:03:BE:87:E1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NGwg84nbntxqG_L0AxqaFwO-h-E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914E928/89A60A0CC9D511F0897FDD4FC4F9AE02/802A01BE437D11F1AA74D0BFC1833773.roa Signing time: Wed 29 Apr 2026 09:22:15 +0000 ROA not before: Wed 29 Apr 2026 09:22:15 +0000 ROA not after: Sun 31 Jan 2027 00:00:00 +0000 asID: 24090 IP address blocks: 202.170.48.0/23 maxlen: 23 202.170.48.0/24 maxlen: 24 202.170.49.0/24 maxlen: 24 202.170.50.0/23 maxlen: 23 202.170.50.0/24 maxlen: 24 202.170.51.0/24 maxlen: 24 202.170.56.0/21 maxlen: 21 202.170.56.0/23 maxlen: 24 202.170.58.0/24 maxlen: 24 202.170.59.0/24 maxlen: 24 202.170.60.0/23 maxlen: 24 202.170.62.0/24 maxlen: 24 202.170.63.0/24 maxlen: 24 2402:2200:2000::/35 maxlen: 35 2402:2200:2a00::/40 maxlen: 40 2402:2200:4000::/35 maxlen: 35 2402:2200:4000::/36 maxlen: 36 2402:2200:5000::/36 maxlen: 36 2402:2200:6000::/35 maxlen: 35 2402:2200:6000::/36 maxlen: 36 2402:2200:7000::/36 maxlen: 36 2402:2200:a000::/35 maxlen: 35 2402:2200:a000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914E928/89A60A0CC9D511F0897FDD4FC4F9AE02/NGwg84nbntxqG_L0AxqaFwO-h-E.crl rsync://rpki.apnic.net/member_repository/A914E928/89A60A0CC9D511F0897FDD4FC4F9AE02/NGwg84nbntxqG_L0AxqaFwO-h-E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NGwg84nbntxqG_L0AxqaFwO-h-E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 May 2026 08:12:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 122 (0x7a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914E928, serialNumber=346C20F389DB9EDC6A1BF2F4031A9A1703BE87E1 Validity Not Before: Apr 29 09:22:15 2026 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=69f1cdc7-9f03 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:c1:b6:de:f9:59:5e:86:7d:9d:66:a4:62:61: 2a:f5:00:b1:ce:1b:89:b4:bb:60:23:5c:29:9c:e1: 90:4b:c5:ce:83:55:5b:83:c2:4a:75:e2:a0:61:c9: 62:b4:98:cc:33:4c:30:ea:4e:9c:a8:10:a0:a8:45: 92:14:1d:6b:9a:b8:73:41:f6:ef:e3:45:38:11:fd: 6a:36:0c:71:a5:75:5d:ce:d4:17:fa:5f:12:eb:c2: 92:1e:dc:20:3d:df:54:fd:85:29:dc:c5:84:89:70: c2:3a:69:09:cc:9a:00:69:4f:d5:cd:3a:53:a3:2b: e8:bd:ac:bf:9e:4f:8b:f3:e2:20:72:da:b0:c6:56: 85:f1:a4:f4:73:9c:0d:27:6a:b0:27:c1:b1:cf:63: fa:eb:41:30:fc:32:ff:a6:57:98:62:ed:9d:cf:f6: ce:b0:5d:62:c7:5c:35:6b:26:8e:68:eb:55:d2:69: ff:00:8c:5f:65:c7:31:8b:97:6b:bc:eb:aa:7f:84: 05:46:a9:fe:31:e3:af:b9:e9:09:c2:55:e5:0b:75: 34:0e:3e:5f:a6:14:3b:87:d6:fb:bc:5a:55:55:ef: 9d:2a:54:a2:2d:cc:d2:f3:a2:94:95:28:61:97:f2: 9e:de:4a:63:88:55:ca:fa:cd:0f:bd:13:8c:27:62: 34:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:17:FF:1F:14:2B:90:B8:5B:AF:F5:E5:62:60:6A:D0:CF:39:DB:85 X509v3 Authority Key Identifier: keyid:34:6C:20:F3:89:DB:9E:DC:6A:1B:F2:F4:03:1A:9A:17:03:BE:87:E1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914E928/89A60A0CC9D511F0897FDD4FC4F9AE02/NGwg84nbntxqG_L0AxqaFwO-h-E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NGwg84nbntxqG_L0AxqaFwO-h-E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914E928/89A60A0CC9D511F0897FDD4FC4F9AE02/802A01BE437D11F1AA74D0BFC1833773.roa sbgp-ipAddrBlock: critical IPv4: 202.170.48.0/22 202.170.56.0/21 IPv6: 2402:2200:2000::-2402:2200:7fff:ffff:ffff:ffff:ffff:ffff 2402:2200:a000::/35 Signature Algorithm: sha256WithRSAEncryption 19:e8:d6:ec:f8:ec:d6:6b:96:4e:33:b7:4c:42:36:30:d1:db: 77:7f:d3:9c:35:d1:f8:7f:7c:43:c1:25:b6:39:40:4b:52:e0: d7:bb:d3:08:fc:66:e0:29:0f:68:47:18:6e:39:e0:19:3c:9c: 9a:97:d9:22:9f:af:81:a0:98:19:a0:47:7c:dc:ce:6b:47:40: e2:56:7d:f5:44:91:22:a3:a0:e1:1e:34:0b:6c:21:0d:94:2a: 9c:9e:d3:a1:28:75:d1:7b:b1:d1:df:61:e4:24:f8:8a:09:2d: 62:39:2b:e8:56:f5:2d:4c:80:fa:7d:ef:60:64:08:9a:ee:3b: 08:03:0b:07:e3:29:b0:a8:a5:2a:c8:29:77:99:df:de:ad:11: 14:5b:38:a7:97:fb:2f:d3:01:a4:b2:78:81:a0:13:d6:fb:88: 24:df:47:8a:b6:a4:89:e1:04:8c:33:cc:a6:8f:fd:b3:3c:12: 9c:e7:56:3a:cf:7a:1b:ed:ee:ef:e4:43:84:2b:2a:1f:14:65: 3f:c6:96:55:50:e6:92:0f:1c:72:64:a8:0c:34:cb:bc:b3:4e: 7c:ad:39:a0:f4:42:e8:e1:43:4e:d7:0f:96:bd:a1:ce:b8:e4: d6:29:a7:ea:aa:b3:e7:ba:97:44:ba:5e:c3:81:f1:7b:66:4c: 87:ec:65:01 -----BEGIN CERTIFICATE----- MIIFYzCCBEugAwIBAgIBejANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 RTkyODExMC8GA1UEBRMoMzQ2QzIwRjM4OURCOUVEQzZBMUJGMkY0MDMxQTlBMTcw M0JFODdFMTAeFw0yNjA0MjkwOTIyMTVaFw0yNzAxMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY5ZjFjZGM3LTlmMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDawbbe+Vlehn2dZqRiYSr1ALHOG4m0u2AjXCmc4ZBLxc6DVVuDwkp14qBhyWK0 mMwzTDDqTpyoEKCoRZIUHWuauHNB9u/jRTgR/Wo2DHGldV3O1Bf6XxLrwpIe3CA9 31T9hSncxYSJcMI6aQnMmgBpT9XNOlOjK+i9rL+eT4vz4iBy2rDGVoXxpPRznA0n arAnwbHPY/rrQTD8Mv+mV5hi7Z3P9s6wXWLHXDVrJo5o61XSaf8AjF9lxzGLl2u8 66p/hAVGqf4x46+56QnCVeULdTQOPl+mFDuH1vu8WlVV750qVKItzNLzopSVKGGX 8p7eSmOIVcr6zQ+9E4wnYjRpAgMBAAGjggKIMIIChDAdBgNVHQ4EFgQUyBf/HxQr kLhbr/XlYmBq0M8524UwHwYDVR0jBBgwFoAUNGwg84nbntxqG/L0AxqaFwO+h+Ew DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRFOTI4Lzg5QTYwQTBDQzlE NTExRjA4OTdGREQ0RkM0RjlBRTAyL05Hd2c4NG5ibnR4cUdfTDBBeHFhRndPLWgt RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvTkd3Zzg0bmJudHhxR19MMEF4cWFGd08taC1FLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgZYGCCsGAQUFBwELBIGJMIGGMIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RTkyOC84OUE2MEEwQ0M5RDUxMUYwODk3RkRENEZDNEY5QUUwMi84MDJBMDFCRTQz N0QxMUYxQUE3NEQwQkZDMTgzMzc3My5yb2EwRwYIKwYBBQUHAQcBAf8EODA2MBIE AgABMAwDBALKqjADBAPKqjgwIAQCAAIwGjAQAwYFJAIiACADBgckAiIAAAMGBSQC IgCgMA0GCSqGSIb3DQEBCwUAA4IBAQAZ6Nbs+OzWa5ZOM7dMQjYw0dt3f9OcNdH4 f3xDwSW2OUBLUuDXu9MI/GbgKQ9oRxhuOeAZPJyal9kin6+BoJgZoEd83M5rR0Di Vn31RJEio6DhHjQLbCENlCqcntOhKHXRe7HR32HkJPiKCS1iOSvoVvUtTID6fe9g ZAia7jsIAwsH4ymwqKUqyCl3md/erREUWzinl/sv0wGksniBoBPW+4gk30eKtqSJ 4QSMM8ymj/2zPBKc51Y6z3ob7e7v5EOEKyofFGU/xpZVUOaSDxxyZKgMNMu8s058 rTmg9ELo4UNO1w+WvaHOuOTWKafqqrPnupdEul7DgfF7ZkyH7GUB -----END CERTIFICATE-----Generated at Thu May 21 10:49:53 2026 by rpki-client