$ rpki-client -vvf rpki.apnic.net/member_repository/A9161099/FD367C700D0411EF85E46F55C4F9AE02/4335BE9C0D0611EFA3ECB057C4F9AE02.roa File: 4335BE9C0D0611EFA3ECB057C4F9AE02.roa (raw, json) Hash identifier: 1xDpauYop0d38Br4pjjRnfeRPSxCi+LX7AONTcH04PM= Subject key identifier: 32:C6:19:A0:E9:10:5F:B6:AC:48:42:02:21:58:00:FF:75:E7:AA:4B Certificate issuer: /CN=A9161099/serialNumber=03A02E2F5DABF0FF3938628BC4FF5FB61653F045 Certificate serial: 01B5 Authority key identifier: 03:A0:2E:2F:5D:AB:F0:FF:39:38:62:8B:C4:FF:5F:B6:16:53:F0:45 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A6AuL12r8P85OGKLxP9fthZT8EU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9161099/FD367C700D0411EF85E46F55C4F9AE02/4335BE9C0D0611EFA3ECB057C4F9AE02.roa Signing time: Thu 21 May 2026 05:36:23 +0000 ROA not before: Thu 21 May 2026 05:36:23 +0000 ROA not after: Fri 30 Jul 2027 00:00:00 +0000 asID: 16509 IP address blocks: 121.127.32.0/24 maxlen: 24 202.157.180.0/23 maxlen: 24 2401:cb60::/48 maxlen: 48 2401:cb60:1::/48 maxlen: 48 2401:cb60:2::/48 maxlen: 48 2401:cb60:3::/48 maxlen: 48 2401:cb60:4::/48 maxlen: 48 2401:cb60:5::/48 maxlen: 48 2401:cb60:6::/48 maxlen: 48 2401:cb60:7::/48 maxlen: 48 2401:cb60:8::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9161099/FD367C700D0411EF85E46F55C4F9AE02/A6AuL12r8P85OGKLxP9fthZT8EU.crl rsync://rpki.apnic.net/member_repository/A9161099/FD367C700D0411EF85E46F55C4F9AE02/A6AuL12r8P85OGKLxP9fthZT8EU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A6AuL12r8P85OGKLxP9fthZT8EU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 May 2026 05:36:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 437 (0x1b5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9161099, serialNumber=03A02E2F5DABF0FF3938628BC4FF5FB61653F045 Validity Not Before: May 21 05:36:23 2026 GMT Not After : Jul 30 00:00:00 2027 GMT Subject: CN=6a0e99d7-eaa6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:ab:5c:36:ba:c5:a0:07:6e:5b:3f:67:92:63: eb:9e:3d:92:5e:fc:0c:8d:50:42:a9:f0:ad:04:fc: 81:5f:78:54:8f:ba:11:a3:cb:c0:79:31:b6:cd:66: 27:0b:74:9d:21:fd:3c:b5:c1:76:45:40:77:00:53: 30:06:c3:b6:54:49:48:e2:56:41:6c:88:55:02:67: cf:f9:b6:98:a6:d9:b7:f1:19:12:78:ea:1f:fe:2a: 8c:b5:89:90:85:39:a1:6c:c4:a5:bb:60:75:2c:6e: 80:4b:f1:b3:c7:0f:78:00:74:9a:d9:99:b8:8f:86: c5:50:0a:be:49:b9:a0:2b:04:ac:b5:5d:df:69:0c: 4a:92:8e:30:a5:69:28:bd:f4:03:9e:eb:0e:37:77: 2b:2b:54:d2:1f:17:ca:4b:9a:bc:4b:81:a2:9d:0e: 7b:bc:f2:e4:0c:14:dc:a8:1c:d1:4a:3e:13:c4:c9: 47:eb:4f:c8:07:79:0c:31:ee:f5:92:80:ef:d0:5e: 96:d0:0e:c7:c5:62:e3:39:ac:bb:6d:76:f3:87:3c: 66:85:43:ac:49:83:61:97:1f:b3:eb:85:a7:04:dc: 26:78:34:84:2a:f2:b8:fe:50:e5:56:01:fa:4a:9d: e0:06:db:ea:33:11:84:12:22:67:f4:d4:05:5a:7b: 05:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:C6:19:A0:E9:10:5F:B6:AC:48:42:02:21:58:00:FF:75:E7:AA:4B X509v3 Authority Key Identifier: keyid:03:A0:2E:2F:5D:AB:F0:FF:39:38:62:8B:C4:FF:5F:B6:16:53:F0:45 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9161099/FD367C700D0411EF85E46F55C4F9AE02/A6AuL12r8P85OGKLxP9fthZT8EU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A6AuL12r8P85OGKLxP9fthZT8EU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9161099/FD367C700D0411EF85E46F55C4F9AE02/4335BE9C0D0611EFA3ECB057C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 121.127.32.0/24 202.157.180.0/23 IPv6: 2401:cb60::-2401:cb60:8:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption ca:bd:93:aa:09:78:c6:50:9b:7e:67:26:04:00:b3:6c:25:a8: 25:67:3c:b5:bd:78:42:02:cd:48:0b:90:54:ad:f7:2e:51:36: 21:cc:8e:33:52:68:79:bc:49:49:20:f7:8e:46:92:2f:82:3a: c4:4a:90:6d:63:80:90:d9:18:a9:0f:39:99:6b:ff:b8:57:e9: b4:71:7e:dd:fc:d5:90:30:9d:e6:c0:ae:4b:f4:2c:0e:01:8a: 5f:2c:c2:09:66:d4:33:7e:69:22:aa:af:e2:da:d8:88:d3:d8: 1a:40:9d:8c:09:a9:3a:79:e9:75:24:f5:40:3b:73:ed:b2:25: 7e:62:30:11:f1:2b:f6:58:ff:92:ee:53:4f:b3:89:91:1d:e7: dc:45:9e:37:15:b7:8f:6e:b3:24:aa:03:b3:fe:98:b7:2d:56: c4:a6:db:97:94:01:b2:2a:30:f2:d3:d0:6a:86:70:e5:2d:a4: 81:79:30:b1:ed:f0:a9:1f:ac:6a:06:74:63:e2:49:df:87:da: 2c:b5:b4:00:0f:e0:40:ae:50:84:d9:e2:46:36:cd:2a:0d:17: d6:16:95:8d:d7:0a:47:8f:47:d3:a6:46:23:f8:2e:6b:c2:72: 00:73:02:cc:2c:47:a3:97:83:b4:59:67:08:05:a1:a6:a8:22: d7:6f:f2:52 -----BEGIN CERTIFICATE----- MIIFXDCCBESgAwIBAgICAbUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjEwOTkxMTAvBgNVBAUTKDAzQTAyRTJGNURBQkYwRkYzOTM4NjI4QkM0RkY1RkI2 MTY1M0YwNDUwHhcNMjYwNTIxMDUzNjIzWhcNMjcwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02YTBlOTlkNy1lYWE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0KtcNrrFoAduWz9nkmPrnj2SXvwMjVBCqfCtBPyBX3hUj7oRo8vAeTG2zWYn C3SdIf08tcF2RUB3AFMwBsO2VElI4lZBbIhVAmfP+baYptm38RkSeOof/iqMtYmQ hTmhbMSlu2B1LG6AS/Gzxw94AHSa2Zm4j4bFUAq+SbmgKwSstV3faQxKko4wpWko vfQDnusON3crK1TSHxfKS5q8S4GinQ57vPLkDBTcqBzRSj4TxMlH60/IB3kMMe71 koDv0F6W0A7HxWLjOay7bXbzhzxmhUOsSYNhlx+z64WnBNwmeDSEKvK4/lDlVgH6 Sp3gBtvqMxGEEiJn9NQFWnsFPQIDAQABo4ICgDCCAnwwHQYDVR0OBBYEFDLGGaDp EF+2rEhCAiFYAP9156pLMB8GA1UdIwQYMBaAFAOgLi9dq/D/OThii8T/X7YWU/BF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MTA5OS9GRDM2N0M3MDBE MDQxMUVGODVFNDZGNTVDNEY5QUUwMi9BNkF1TDEycjhQODVPR0tMeFA5ZnRoWlQ4 RVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0E2QXVMMTJyOFA4NU9HS0x4UDlmdGhaVDhFVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NjEwOTkvRkQzNjdDNzAwRDA0MTFFRjg1RTQ2RjU1QzRGOUFFMDIvNDMzNUJFOUMw RDA2MTFFRkEzRUNCMDU3QzRGOUFFMDIucm9hMD8GCCsGAQUFBwEHAQH/BDAwLjAS BAIAATAMAwQAeX8gAwQByp20MBgEAgACMBIwEAMFBSQBy2ADBwAkActgAAgwDQYJ KoZIhvcNAQELBQADggEBAMq9k6oJeMZQm35nJgQAs2wlqCVnPLW9eEICzUgLkFSt 9y5RNiHMjjNSaHm8SUkg945Gki+COsRKkG1jgJDZGKkPOZlr/7hX6bRxft381ZAw nebArkv0LA4Bil8swglm1DN+aSKqr+La2IjT2BpAnYwJqTp56XUk9UA7c+2yJX5i MBHxK/ZY/5LuU0+ziZEd59xFnjcVt49usySqA7P+mLctVsSm25eUAbIqMPLT0GqG cOUtpIF5MLHt8KkfrGoGdGPiSd+H2iy1tAAP4ECuUITZ4kY2zSoNF9YWlY3XCkeP R9OmRiP4LmvCcgBzAswsR6OXg7RZZwgFoaaoItdv8lI= -----END CERTIFICATE-----Generated at Fri May 22 18:28:42 2026 by rpki-client