$ rpki-client -vvf rpki.apnic.net/member_repository/A915ACE2/51CD7FBA72CE11F08421AA48C4F9AE02/B3D7207C0CCE11F18D20135B323D8C67.roa File: B3D7207C0CCE11F18D20135B323D8C67.roa (raw, json) Hash identifier: goJQ6WHTbtjm3owLcaK0Ly1P0RrZQSDux7VE6q6D1CE= Subject key identifier: 6A:01:5D:5C:2C:E5:7E:5D:DD:2D:40:55:D0:2B:AB:DA:F0:BA:13:75 Certificate issuer: /CN=A915ACE2/serialNumber=DAE1CE0ADA67B44713C61B1FAEC4F5D4D67A159F Certificate serial: CC Authority key identifier: DA:E1:CE:0A:DA:67:B4:47:13:C6:1B:1F:AE:C4:F5:D4:D6:7A:15:9F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2uHOCtpntEcTxhsfrsT11NZ6FZ8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915ACE2/51CD7FBA72CE11F08421AA48C4F9AE02/B3D7207C0CCE11F18D20135B323D8C67.roa Signing time: Sat 25 Apr 2026 07:43:23 +0000 ROA not before: Sat 25 Apr 2026 07:43:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 38584 IP address blocks: 202.63.192.0/24 maxlen: 24 202.63.193.0/24 maxlen: 24 202.63.194.0/24 maxlen: 24 202.63.195.0/24 maxlen: 24 202.63.196.0/24 maxlen: 24 202.63.197.0/24 maxlen: 24 202.63.198.0/24 maxlen: 24 202.63.199.0/24 maxlen: 24 202.63.201.0/24 maxlen: 24 202.63.203.0/24 maxlen: 24 202.63.204.0/24 maxlen: 24 202.63.206.0/24 maxlen: 24 202.63.208.0/24 maxlen: 24 202.63.212.0/24 maxlen: 24 202.63.215.0/24 maxlen: 24 202.63.216.0/24 maxlen: 24 202.63.217.0/24 maxlen: 24 202.63.218.0/24 maxlen: 24 202.63.219.0/24 maxlen: 24 202.63.220.0/24 maxlen: 24 202.63.221.0/24 maxlen: 24 202.63.222.0/24 maxlen: 24 202.63.223.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915ACE2/51CD7FBA72CE11F08421AA48C4F9AE02/2uHOCtpntEcTxhsfrsT11NZ6FZ8.crl rsync://rpki.apnic.net/member_repository/A915ACE2/51CD7FBA72CE11F08421AA48C4F9AE02/2uHOCtpntEcTxhsfrsT11NZ6FZ8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2uHOCtpntEcTxhsfrsT11NZ6FZ8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 07:27:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 204 (0xcc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915ACE2, serialNumber=DAE1CE0ADA67B44713C61B1FAEC4F5D4D67A159F Validity Not Before: Apr 25 07:43:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=69ec709b-60e1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:82:7a:3a:55:4d:bf:f9:20:35:67:7c:b3:86: cd:ac:1a:bf:c5:e5:8c:b4:a1:b7:46:96:76:3f:e9: 59:c7:11:c4:d3:5e:76:92:c7:bf:0a:56:eb:fe:ee: 45:e7:b1:5b:05:6d:cf:59:44:da:8b:13:7a:45:91: a3:f6:a9:c4:0a:a6:36:90:82:b1:a5:b2:f7:3c:b2: 9d:1d:b6:10:2b:24:46:7c:84:ed:0b:9d:e1:5a:fd: 4c:6e:5c:5f:dd:05:3e:a5:34:3f:ef:cc:55:4e:49: d6:68:72:e3:22:6f:f5:2f:28:e3:45:7c:5b:1b:d3: 32:0a:cd:c3:a7:9e:0e:68:4c:e6:85:93:94:0b:32: b8:b3:4e:0a:57:c3:6a:ef:61:41:c7:31:00:7d:d9: a6:00:7b:44:bb:5e:26:25:9d:b0:08:fa:83:01:88: 5f:08:55:18:33:ca:bc:72:33:0c:fb:ef:fa:96:a1: 93:e3:bd:29:34:8e:48:f1:b8:b5:60:82:f6:cd:5a: 07:08:76:2e:6c:a5:25:bd:6e:3b:d2:5e:74:1c:df: 48:2f:5d:68:b8:44:53:53:bf:f7:a2:22:38:65:7b: fe:33:cd:f0:59:22:90:9f:fe:fa:6b:50:23:aa:8d: ae:a3:b9:1c:91:62:a3:16:1e:eb:a6:34:cb:c1:e5: 5d:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:01:5D:5C:2C:E5:7E:5D:DD:2D:40:55:D0:2B:AB:DA:F0:BA:13:75 X509v3 Authority Key Identifier: keyid:DA:E1:CE:0A:DA:67:B4:47:13:C6:1B:1F:AE:C4:F5:D4:D6:7A:15:9F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915ACE2/51CD7FBA72CE11F08421AA48C4F9AE02/2uHOCtpntEcTxhsfrsT11NZ6FZ8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2uHOCtpntEcTxhsfrsT11NZ6FZ8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915ACE2/51CD7FBA72CE11F08421AA48C4F9AE02/B3D7207C0CCE11F18D20135B323D8C67.roa sbgp-ipAddrBlock: critical IPv4: 202.63.192.0/21 202.63.201.0/24 202.63.203.0-202.63.204.255 202.63.206.0/24 202.63.208.0/24 202.63.212.0/24 202.63.215.0-202.63.223.255 Signature Algorithm: sha256WithRSAEncryption 35:06:c9:a0:e1:32:c8:2f:2e:ee:58:3f:ad:08:b5:8f:e0:ab: 5d:83:1e:47:18:39:b4:e7:43:e2:4e:ca:95:9a:c2:37:75:80: c0:2e:ce:da:9c:a8:4f:60:64:1f:8f:3b:44:87:75:d5:a5:e4: 73:4f:46:3d:11:e1:43:11:9a:26:34:6e:bb:48:d7:29:18:36: 32:c1:4e:8d:21:26:05:9a:92:c6:92:8a:d6:ce:54:a8:b1:10: 67:05:e4:ee:33:d2:d9:d7:c7:c9:08:3a:36:07:e3:19:34:c7: 3c:b9:0b:30:f1:cf:6d:64:64:fb:ed:73:83:0c:9b:4d:e6:02: 56:71:fa:c1:21:77:65:66:0b:fb:30:ec:a1:d1:68:e4:69:51: 11:bc:bf:87:91:4b:19:b0:72:57:d5:26:4f:36:b3:12:46:c4: db:8a:09:ab:bc:20:e4:9d:c8:5a:0d:45:24:09:69:84:41:c1: ed:99:96:56:d5:77:9f:43:85:70:ff:e3:f4:29:e5:c5:90:5e: 96:84:1d:89:d4:0e:31:02:3b:75:d2:ed:1b:84:8a:0f:8e:b1: 22:36:ef:34:a1:5c:f4:c4:ab:a9:2f:cc:da:e2:a0:d6:3f:4a: a4:d0:31:e4:6a:eb:ee:1a:26:46:5d:04:25:03:23:0a:81:44: b9:2e:a3:62 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgICAMwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUFDRTIxMTAvBgNVBAUTKERBRTFDRTBBREE2N0I0NDcxM0M2MUIxRkFFQzRGNUQ0 RDY3QTE1OUYwHhcNMjYwNDI1MDc0MzIzWhcNMjcwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWVjNzA5Yi02MGUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw4J6OlVNv/kgNWd8s4bNrBq/xeWMtKG3RpZ2P+lZxxHE0152kse/Clbr/u5F 57FbBW3PWUTaixN6RZGj9qnECqY2kIKxpbL3PLKdHbYQKyRGfITtC53hWv1Mblxf 3QU+pTQ/78xVTknWaHLjIm/1LyjjRXxbG9MyCs3Dp54OaEzmhZOUCzK4s04KV8Nq 72FBxzEAfdmmAHtEu14mJZ2wCPqDAYhfCFUYM8q8cjMM++/6lqGT470pNI5I8bi1 YIL2zVoHCHYubKUlvW470l50HN9IL11ouERTU7/3oiI4ZXv+M83wWSKQn/76a1Aj qo2uo7kckWKjFh7rpjTLweVdKQIDAQABo4IClDCCApAwHQYDVR0OBBYEFGoBXVws 5X5d3S1AVdArq9rwuhN1MB8GA1UdIwQYMBaAFNrhzgraZ7RHE8YbH67E9dTWehWf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QUNFMi81MUNEN0ZCQTcy Q0UxMUYwODQyMUFBNDhDNEY5QUUwMi8ydUhPQ3RwbnRFY1R4aHNmcnNUMTFOWjZG WjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJ1SE9DdHBudEVjVHhoc2Zyc1QxMU5aNkZaOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NUFDRTIvNTFDRDdGQkE3MkNFMTFGMDg0MjFBQTQ4QzRGOUFFMDIvQjNENzIwN0Mw Q0NFMTFGMThEMjAxMzVCMzIzRDhDNjcucm9hMFMGCCsGAQUFBwEHAQH/BEQwQjBA BAIAATA6AwQDyj/AAwQAyj/JMAwDBADKP8sDBADKP8wDBADKP84DBADKP9ADBADK P9QwDAMEAMo/1wMEBco/wDANBgkqhkiG9w0BAQsFAAOCAQEANQbJoOEyyC8u7lg/ rQi1j+CrXYMeRxg5tOdD4k7KlZrCN3WAwC7O2pyoT2BkH487RId11aXkc09GPRHh QxGaJjRuu0jXKRg2MsFOjSEmBZqSxpKK1s5UqLEQZwXk7jPS2dfHyQg6NgfjGTTH PLkLMPHPbWRk++1zgwybTeYCVnH6wSF3ZWYL+zDsodFo5GlREby/h5FLGbByV9Um TzazEkbE24oJq7wg5J3IWg1FJAlphEHB7ZmWVtV3n0OFcP/j9CnlxZBeloQdidQO MQI7ddLtG4SKD46xIjbvNKFc9MSrqS/M2uKg1j9KpNAx5Grr7homRl0EJQMjCoFE uS6jYg== -----END CERTIFICATE-----Generated at Tue Apr 28 09:01:23 2026 by rpki-client