$ rpki-client -vvf rpki.apnic.net/member_repository/A91D8704/5655AC98BC0C11EA91E09B68C4F9AE02/B1AAC5B2BC4111EA9A5B2786C4F9AE02.roa File: B1AAC5B2BC4111EA9A5B2786C4F9AE02.roa (raw, json) Hash identifier: IdJiVEfXkz53fxZJhHT8GQYKhlPRXuo9bgGTxNlpUbA= Subject key identifier: 72:EB:BB:97:7C:E3:FF:8A:8B:45:5A:A0:69:E0:81:C3:6B:CD:FA:F9 Certificate issuer: /CN=A91D8704/serialNumber=0307EF0F29CF22DB0970F5083C023C2AA0D6F517 Certificate serial: 0945 Authority key identifier: 03:07:EF:0F:29:CF:22:DB:09:70:F5:08:3C:02:3C:2A:A0:D6:F5:17 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AwfvDynPItsJcPUIPAI8KqDW9Rc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D8704/5655AC98BC0C11EA91E09B68C4F9AE02/B1AAC5B2BC4111EA9A5B2786C4F9AE02.roa Signing time: Tue 31 Mar 2026 20:26:23 +0000 ROA not before: Tue 31 Mar 2026 20:26:23 +0000 ROA not after: Sat 01 Aug 2026 00:00:00 +0000 asID: 24320 IP address blocks: 202.72.240.0/24 maxlen: 24 202.72.241.0/24 maxlen: 24 202.72.242.0/24 maxlen: 24 202.72.243.0/24 maxlen: 24 202.72.244.0/24 maxlen: 24 202.72.245.0/24 maxlen: 24 202.72.246.0/24 maxlen: 24 202.72.247.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D8704/5655AC98BC0C11EA91E09B68C4F9AE02/AwfvDynPItsJcPUIPAI8KqDW9Rc.crl rsync://rpki.apnic.net/member_repository/A91D8704/5655AC98BC0C11EA91E09B68C4F9AE02/AwfvDynPItsJcPUIPAI8KqDW9Rc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AwfvDynPItsJcPUIPAI8KqDW9Rc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 Apr 2026 19:58:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2373 (0x945) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D8704, serialNumber=0307EF0F29CF22DB0970F5083C023C2AA0D6F517 Validity Not Before: Mar 31 20:26:23 2026 GMT Not After : Aug 1 00:00:00 2026 GMT Subject: CN=69cc2dee-ec1a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f9:43:d1:7d:e2:4b:b8:73:22:a0:88:c2:61:f5: 8d:a8:db:16:17:bf:f1:77:7d:04:bf:6a:a3:87:84: 52:d0:5d:17:08:66:69:c8:f2:3c:10:1b:c9:e2:e4: 31:b9:68:11:f3:34:e9:82:29:af:d1:08:10:a3:dd: 52:3c:87:6c:d4:a9:60:c5:94:41:64:8a:c2:ce:15: 55:cc:4c:36:cb:3e:d7:a6:37:9c:5e:75:37:1d:b2: 34:74:28:3f:c5:ca:01:ef:81:27:8c:f3:7e:81:a5: ab:25:d7:ea:f4:11:95:c9:ed:2f:53:04:98:da:78: e8:57:94:7b:75:e9:c2:a5:e7:85:be:6c:e0:28:bf: f0:9b:b7:d2:9a:86:05:d5:95:60:0c:a1:a3:ea:4a: 5f:2e:6d:55:ae:69:5d:5e:35:f6:67:59:98:d2:18: 6b:7e:ab:d9:88:26:38:89:6d:d9:71:94:dd:49:40: 10:72:7b:67:21:c8:04:c6:ac:82:ad:03:41:09:b2: 55:67:41:65:83:7b:82:c2:b6:06:86:f1:9d:5f:9e: 2f:1d:05:a0:f0:c3:ad:c9:1b:81:64:ae:d9:87:c6: cf:be:dd:b8:7b:52:dc:a5:d9:10:bd:31:6b:65:11: 27:77:7d:a2:34:45:1f:33:21:5e:50:71:98:16:28: db:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:EB:BB:97:7C:E3:FF:8A:8B:45:5A:A0:69:E0:81:C3:6B:CD:FA:F9 X509v3 Authority Key Identifier: keyid:03:07:EF:0F:29:CF:22:DB:09:70:F5:08:3C:02:3C:2A:A0:D6:F5:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D8704/5655AC98BC0C11EA91E09B68C4F9AE02/AwfvDynPItsJcPUIPAI8KqDW9Rc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AwfvDynPItsJcPUIPAI8KqDW9Rc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D8704/5655AC98BC0C11EA91E09B68C4F9AE02/B1AAC5B2BC4111EA9A5B2786C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 202.72.240.0/21 Signature Algorithm: sha256WithRSAEncryption 5d:c4:59:4d:a8:e1:e2:37:90:38:d2:ef:e4:71:72:3a:d0:f3: 2a:c1:8f:93:33:e0:a0:08:62:f9:e0:69:69:e8:a4:ce:e0:a2: 73:dd:98:7c:80:4c:4d:23:19:78:b9:fd:a9:74:fd:f7:ba:72: 4d:46:83:d1:66:92:13:1b:8f:25:d9:eb:d5:63:d5:5e:48:47: 57:9b:44:67:c4:56:50:00:76:20:61:e8:47:5a:9a:0c:f1:cb: 27:f9:5e:95:2a:83:4d:ba:74:3a:da:0b:6f:77:21:cc:01:b0: 0f:34:c3:b5:b3:e8:ef:cb:c6:17:a0:39:98:e3:69:2d:cb:6e: 40:e3:0d:2f:25:81:36:1b:25:f6:b9:10:c0:63:56:06:85:f0: f0:81:b7:0d:f1:76:ea:18:08:d8:b6:55:4a:04:5d:82:1a:bf: bb:1b:e4:3d:6f:e0:95:76:d6:16:7d:43:eb:e2:d1:cf:4a:d6: ce:45:b6:43:20:fb:a9:52:65:6e:95:b1:ad:16:70:8d:dd:91: bb:4e:7f:13:ea:cf:b4:12:40:18:d0:2e:69:d3:03:1a:90:9b: 39:c6:f4:98:c7:24:1b:da:3e:88:41:ca:2c:05:9e:11:fd:3d: 97:b3:d7:6c:97:de:c4:b5:ea:47:84:1c:18:e5:97:d5:e5:ed: f6:e7:98:1f -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgICCUUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDg3MDQxMTAvBgNVBAUTKDAzMDdFRjBGMjlDRjIyREIwOTcwRjUwODNDMDIzQzJB QTBENkY1MTcwHhcNMjYwMzMxMjAyNjIzWhcNMjYwODAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWNjMmRlZS1lYzFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA+UPRfeJLuHMioIjCYfWNqNsWF7/xd30Ev2qjh4RS0F0XCGZpyPI8EBvJ4uQx uWgR8zTpgimv0QgQo91SPIds1KlgxZRBZIrCzhVVzEw2yz7XpjecXnU3HbI0dCg/ xcoB74EnjPN+gaWrJdfq9BGVye0vUwSY2njoV5R7denCpeeFvmzgKL/wm7fSmoYF 1ZVgDKGj6kpfLm1VrmldXjX2Z1mY0hhrfqvZiCY4iW3ZcZTdSUAQcntnIcgExqyC rQNBCbJVZ0Flg3uCwrYGhvGdX54vHQWg8MOtyRuBZK7Zh8bPvt24e1LcpdkQvTFr ZREnd32iNEUfMyFeUHGYFijb3wIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFHLru5d8 4/+Ki0VaoGnggcNrzfr5MB8GA1UdIwQYMBaAFAMH7w8pzyLbCXD1CDwCPCqg1vUX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEODcwNC81NjU1QUM5OEJD MEMxMUVBOTFFMDlCNjhDNEY5QUUwMi9Bd2Z2RHluUEl0c0pjUFVJUEFJOEtxRFc5 UmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0F3ZnZEeW5QSXRzSmNQVUlQQUk4S3FEVzlSYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDg3MDQvNTY1NUFDOThCQzBDMTFFQTkxRTA5QjY4QzRGOUFFMDIvQjFBQUM1QjJC QzQxMTFFQTlBNUIyNzg2QzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDykjwMA0GCSqGSIb3DQEBCwUAA4IBAQBdxFlNqOHiN5A40u/kcXI6 0PMqwY+TM+CgCGL54Glp6KTO4KJz3Zh8gExNIxl4uf2pdP33unJNRoPRZpITG48l 2evVY9VeSEdXm0RnxFZQAHYgYehHWpoM8csn+V6VKoNNunQ62gtvdyHMAbAPNMO1 s+jvy8YXoDmY42kty25A4w0vJYE2GyX2uRDAY1YGhfDwgbcN8XbqGAjYtlVKBF2C Gr+7G+Q9b+CVdtYWfUPr4tHPStbORbZDIPupUmVulbGtFnCN3ZG7Tn8T6s+0EkAY 0C5p0wMakJs5xvSYxyQb2j6IQcosBZ4R/T2Xs9dsl97EtepHhBwY5ZfV5e3255gf -----END CERTIFICATE-----Generated at Mon Apr 6 11:37:42 2026 by rpki-client