$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/95BD9D90A56A11EFA5ABDC46C4F9AE02.roa File: 95BD9D90A56A11EFA5ABDC46C4F9AE02.roa (raw, json) Hash identifier: FsdxlcuHXOB+GZBdpk7LDn7uN7PNXa0fvxLZvoX+V2c= Subject key identifier: 72:83:2A:45:F5:AE:A6:22:F9:23:01:2E:CE:7E:63:83:29:39:1A:29 Certificate issuer: /CN=A91E3E27/serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B Certificate serial: 0B52 Authority key identifier: A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/95BD9D90A56A11EFA5ABDC46C4F9AE02.roa Signing time: Fri 27 Mar 2026 04:10:32 +0000 ROA not before: Fri 27 Mar 2026 04:10:32 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 4913 IP address blocks: 202.174.130.0/24 maxlen: 24 202.174.155.0/24 maxlen: 24 202.174.156.0/24 maxlen: 24 202.174.159.0/24 maxlen: 24 203.88.86.0/24 maxlen: 24 203.88.87.0/24 maxlen: 24 203.88.88.0/24 maxlen: 24 203.88.89.0/24 maxlen: 24 203.88.90.0/24 maxlen: 24 203.88.95.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 Apr 2026 19:16:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2898 (0xb52) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3E27, serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B Validity Not Before: Mar 27 04:10:32 2026 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=69c60338-f5fb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:17:05:22:87:a0:3e:94:77:5e:99:f2:ed:59: 61:55:b3:fa:6b:e5:b2:33:55:be:73:6b:f1:ad:dc: 67:92:49:6d:b5:70:d7:f3:34:49:31:53:d7:35:66: 11:33:5f:77:37:be:8e:dc:3f:e7:b7:94:ef:a1:02: 9d:e8:9c:81:85:35:cb:5e:4d:2d:a6:dc:65:fd:b0: 64:99:02:59:5f:d9:7a:b3:14:0b:10:c5:59:78:c5: 5a:6c:c8:cd:8d:3c:e0:c3:6c:3a:d1:38:30:60:ee: 66:40:a9:12:60:ed:88:cc:e0:05:94:e4:c3:69:e6: b4:3e:09:05:57:85:f4:98:17:fb:57:47:80:a6:b5: 64:33:cd:8d:64:69:f4:8c:fa:13:b6:8a:6e:2e:12: dd:ef:80:8e:fe:af:01:c3:5e:41:fa:1c:db:03:29: ae:98:d8:f3:a9:0d:1f:5d:19:d8:e3:2b:90:c2:80: 2c:56:47:4f:a7:eb:80:93:c5:ea:ac:fb:fb:5d:7e: 62:8f:7a:fc:c9:e0:94:e0:68:1d:37:61:3d:73:dd: 1e:d0:ff:f1:a1:33:94:0a:f1:4a:cc:5f:76:38:c1: 5b:f6:05:ee:75:4b:aa:84:9a:d6:32:b7:e0:51:89: 15:07:57:21:1b:0c:84:31:38:e6:6f:0f:7c:ec:d6: 8c:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:83:2A:45:F5:AE:A6:22:F9:23:01:2E:CE:7E:63:83:29:39:1A:29 X509v3 Authority Key Identifier: keyid:A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/95BD9D90A56A11EFA5ABDC46C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 202.174.130.0/24 202.174.155.0-202.174.156.255 202.174.159.0/24 203.88.86.0-203.88.90.255 203.88.95.0/24 Signature Algorithm: sha256WithRSAEncryption 8f:51:4b:29:2f:87:c0:0f:62:65:53:8f:0e:bf:71:fe:b7:9f: b6:ac:1c:c2:71:3e:d5:5d:25:4e:e4:07:b1:8f:d2:7f:52:70: 91:2d:ee:0f:5d:df:08:9d:b7:7b:e1:21:e2:c3:fd:f7:d5:f1: cf:d6:f4:e2:81:67:52:c7:4e:1c:c6:f0:55:36:9c:3a:07:2a: 36:cd:ee:d6:79:85:44:e5:17:3c:ec:ea:8c:8e:ab:da:cb:cb: 1c:bc:ea:a5:c4:29:25:19:af:43:70:88:51:d7:ac:bf:35:cf: bf:ca:18:ee:ce:2c:85:0f:d9:d9:44:6c:66:34:a3:2c:41:11: d5:38:f2:3e:f7:7a:c6:32:a7:35:93:29:2d:0a:e0:7d:a6:22: 59:5c:e6:d0:33:fe:aa:29:ed:10:96:27:b6:cb:63:51:34:28: 7d:78:27:bc:6a:be:94:12:29:95:2f:b0:b7:64:07:c0:6c:59: b0:09:a3:37:67:c8:dc:2d:56:4d:74:6b:14:be:f6:ae:48:c0: 62:2d:d6:7a:f7:66:5a:5a:70:68:b3:8e:87:ca:ae:53:23:12: 97:d1:b4:da:d9:21:4f:f3:3e:e1:30:fe:c7:d2:2e:0e:75:b2: 17:1c:c7:16:e6:a9:22:e6:62:40:a7:4c:35:86:bd:55:ac:ac: b0:3e:80:a1 -----BEGIN CERTIFICATE----- MIIFZDCCBEygAwIBAgICC1IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNFMjcxMTAvBgNVBAUTKEEyNzJBQ0FGRThGQUE0RjJBOTcwMEE2RkMxMTQyNTkw OEM3NDNENEIwHhcNMjYwMzI3MDQxMDMyWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWM2MDMzOC1mNWZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArxcFIoegPpR3Xpny7VlhVbP6a+WyM1W+c2vxrdxnkklttXDX8zRJMVPXNWYR M193N76O3D/nt5TvoQKd6JyBhTXLXk0tptxl/bBkmQJZX9l6sxQLEMVZeMVabMjN jTzgw2w60TgwYO5mQKkSYO2IzOAFlOTDaea0PgkFV4X0mBf7V0eAprVkM82NZGn0 jPoTtopuLhLd74CO/q8Bw15B+hzbAymumNjzqQ0fXRnY4yuQwoAsVkdPp+uAk8Xq rPv7XX5ij3r8yeCU4GgdN2E9c90e0P/xoTOUCvFKzF92OMFb9gXudUuqhJrWMrfg UYkVB1chGwyEMTjmbw987NaM/wIDAQABo4ICiDCCAoQwHQYDVR0OBBYEFHKDKkX1 rqYi+SMBLs5+Y4MpORopMB8GA1UdIwQYMBaAFKJyrK/o+qTyqXAKb8EUJZCMdD1L MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0UyNy9GMzg4ODc2NjZG M0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQS3BjQXB2d1JRbGtJeDBQ VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29uS3NyLWo2cFBLcGNBcHZ3UlFsa0l4MFBVcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTNFMjcvRjM4ODg3NjY2RjNBMTFFQTk4NDAxMzNEQzRGOUFFMDIvOTVCRDlEOTBB NTZBMTFFRkE1QUJEQzQ2QzRGOUFFMDIucm9hMEcGCCsGAQUFBwEHAQH/BDgwNjA0 BAIAATAuAwQAyq6CMAwDBADKrpsDBADKrpwDBADKrp8wDAMEActYVgMEAMtYWgME AMtYXzANBgkqhkiG9w0BAQsFAAOCAQEAj1FLKS+HwA9iZVOPDr9x/reftqwcwnE+ 1V0lTuQHsY/Sf1JwkS3uD13fCJ23e+Eh4sP999Xxz9b04oFnUsdOHMbwVTacOgcq Ns3u1nmFROUXPOzqjI6r2svLHLzqpcQpJRmvQ3CIUdesvzXPv8oY7s4shQ/Z2URs ZjSjLEER1TjyPvd6xjKnNZMpLQrgfaYiWVzm0DP+qintEJYntstjUTQofXgnvGq+ lBIplS+wt2QHwGxZsAmjN2fI3C1WTXRrFL72rkjAYi3WevdmWlpwaLOOh8quUyMS l9G02tkhT/M+4TD+x9IuDnWyFxzHFuapIuZiQKdMNYa9VayssD6AoQ== -----END CERTIFICATE-----Generated at Mon Apr 6 09:56:11 2026 by rpki-client