$ rpki-client -vvf rpki.apnic.net/member_repository/A91144C9/842F98940EC911F0A26FF144C4F9AE02/98DD71780ECC11F0B8E48170C4F9AE02.roa File: 98DD71780ECC11F0B8E48170C4F9AE02.roa (raw, json) Hash identifier: pFar0hkjv8MeCYoT9TzhPZtPV3p3brER3074/liih+E= Subject key identifier: 28:77:A0:25:C1:CC:EA:16:F5:EA:E0:6E:87:C7:1F:B1:2C:62:49:42 Certificate issuer: /CN=A91144C9/serialNumber=95745293C88A2726E10A57D58F42CC3169B7C922 Certificate serial: C8 Authority key identifier: 95:74:52:93:C8:8A:27:26:E1:0A:57:D5:8F:42:CC:31:69:B7:C9:22 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lXRSk8iKJybhClfVj0LMMWm3ySI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91144C9/842F98940EC911F0A26FF144C4F9AE02/98DD71780ECC11F0B8E48170C4F9AE02.roa Signing time: Mon 02 Mar 2026 13:35:17 +0000 ROA not before: Wed 05 Nov 2025 05:18:23 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 10099 IP address blocks: 43.251.12.0/22 maxlen: 24 43.252.84.0/22 maxlen: 24 43.255.168.0/22 maxlen: 24 103.1.64.0/22 maxlen: 24 103.69.184.0/22 maxlen: 24 103.77.20.0/22 maxlen: 24 103.86.12.0/22 maxlen: 24 103.95.176.0/22 maxlen: 24 103.107.88.0/22 maxlen: 24 103.118.36.0/22 maxlen: 24 103.203.184.0/22 maxlen: 24 103.214.64.0/22 maxlen: 24 103.228.68.0/22 maxlen: 24 103.229.244.0/22 maxlen: 24 103.239.176.0/22 maxlen: 24 119.252.136.0/21 maxlen: 24 202.77.16.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91144C9/842F98940EC911F0A26FF144C4F9AE02/lXRSk8iKJybhClfVj0LMMWm3ySI.crl rsync://rpki.apnic.net/member_repository/A91144C9/842F98940EC911F0A26FF144C4F9AE02/lXRSk8iKJybhClfVj0LMMWm3ySI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lXRSk8iKJybhClfVj0LMMWm3ySI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Apr 2026 06:14:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 200 (0xc8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91144C9, serialNumber=95745293C88A2726E10A57D58F42CC3169B7C922 Validity Not Before: Nov 5 05:18:23 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=69a59215-027a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:44:d4:96:1c:78:94:d1:33:b1:54:b3:f1:b2: 08:e4:8a:4b:a3:9c:5b:ad:5d:44:a5:e5:65:30:7c: 6a:23:11:ae:76:fd:f6:f0:e2:85:65:fb:d3:a4:5e: 78:49:4d:aa:b8:2a:f3:93:5f:30:64:44:5c:73:7f: 38:1a:d6:70:8b:4b:f6:92:4c:59:b7:1f:83:02:b9: 77:2e:c6:02:6e:a1:f1:ed:ef:93:78:ff:e5:ed:c7: a9:b4:aa:6c:16:e5:96:3e:b6:5b:d9:e3:f5:01:59: fd:72:25:d4:b5:ed:71:97:f9:10:4b:4e:5e:ca:e3: 05:c6:3e:ed:63:9f:68:9e:1b:55:fc:7a:e2:d4:b0: 99:79:c2:13:c9:61:ba:df:7f:ea:71:f7:a5:b5:17: 1b:dc:91:1e:21:4c:c6:b6:72:75:87:a3:54:fd:41: c5:28:e7:b6:ff:da:5a:34:d7:66:48:ec:58:d3:56: 97:43:a7:ed:c1:2a:b8:fc:dd:c3:bd:04:36:41:a9: 60:c0:d2:d8:d0:83:b7:8f:64:aa:17:e9:aa:1a:61: 02:9b:9b:29:a9:45:9f:cd:df:ac:0d:00:2c:a3:c2: 6a:8f:6a:57:0d:80:a0:01:85:2a:f6:4a:2e:54:7b: 88:5a:8b:b1:7c:0f:03:1c:59:e8:82:85:f0:be:2a: c8:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:77:A0:25:C1:CC:EA:16:F5:EA:E0:6E:87:C7:1F:B1:2C:62:49:42 X509v3 Authority Key Identifier: keyid:95:74:52:93:C8:8A:27:26:E1:0A:57:D5:8F:42:CC:31:69:B7:C9:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91144C9/842F98940EC911F0A26FF144C4F9AE02/lXRSk8iKJybhClfVj0LMMWm3ySI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lXRSk8iKJybhClfVj0LMMWm3ySI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91144C9/842F98940EC911F0A26FF144C4F9AE02/98DD71780ECC11F0B8E48170C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.251.12.0/22 43.252.84.0/22 43.255.168.0/22 103.1.64.0/22 103.69.184.0/22 103.77.20.0/22 103.86.12.0/22 103.95.176.0/22 103.107.88.0/22 103.118.36.0/22 103.203.184.0/22 103.214.64.0/22 103.228.68.0/22 103.229.244.0/22 103.239.176.0/22 119.252.136.0/21 202.77.16.0/21 Signature Algorithm: sha256WithRSAEncryption ab:24:5c:d0:1a:95:f2:89:11:fe:10:e1:00:2a:90:e5:46:4c: e4:4c:52:fa:60:98:50:41:27:a4:2b:e1:65:1e:87:73:3b:83: 8e:72:47:91:b8:94:d5:85:ac:21:3c:fb:b2:38:07:d1:40:00: f7:e1:64:05:5f:03:52:6d:1b:0b:10:90:45:86:1a:21:7c:a2: a4:5c:59:81:68:9a:e3:6e:68:d5:d2:dc:49:16:d4:ef:06:51: 1d:88:c4:b4:07:0e:a2:ee:ce:08:53:96:7d:2f:99:5c:f7:30: 77:ef:07:b8:85:77:70:b4:fb:a5:c8:49:e6:f8:6c:e4:a0:29: f9:f6:5a:b5:fd:83:cb:bc:cf:fe:4e:48:78:df:72:69:14:78: bb:0e:64:da:9f:2f:ac:bf:2c:78:e3:85:0d:10:fa:28:53:56: 8a:9d:2c:15:0e:b7:07:8f:41:e6:b2:d3:b6:12:ec:77:53:5a: cc:fa:a1:3d:d4:29:d5:46:37:98:7c:db:44:e1:fc:ba:ab:f7: 6a:dc:57:5e:45:5c:1e:4c:37:32:2b:e8:3c:97:e8:93:46:58: f0:99:ba:e0:06:0d:9f:9c:53:5b:7d:89:cc:d1:b0:64:1d:32: e1:1c:da:f6:09:15:f2:4c:46:e5:a7:83:57:35:9c:85:27:b4: 1f:c1:43:b0 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgICAMgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTQ0QzkxMTAvBgNVBAUTKDk1NzQ1MjkzQzg4QTI3MjZFMTBBNTdENThGNDJDQzMx NjlCN0M5MjIwHhcNMjUxMTA1MDUxODIzWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE1OTIxNS0wMjdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwUTUlhx4lNEzsVSz8bII5IpLo5xbrV1EpeVlMHxqIxGudv328OKFZfvTpF54 SU2quCrzk18wZERcc384GtZwi0v2kkxZtx+DArl3LsYCbqHx7e+TeP/l7ceptKps FuWWPrZb2eP1AVn9ciXUte1xl/kQS05eyuMFxj7tY59onhtV/Hri1LCZecITyWG6 33/qcfeltRcb3JEeIUzGtnJ1h6NU/UHFKOe2/9paNNdmSOxY01aXQ6ftwSq4/N3D vQQ2QalgwNLY0IO3j2SqF+mqGmECm5spqUWfzd+sDQAso8Jqj2pXDYCgAYUq9kou VHuIWouxfA8DHFnogoXwvirI7QIDAQABo4ICwDCCArwwHQYDVR0OBBYEFCh3oCXB zOoW9ergbofHH7EsYklCMB8GA1UdIwQYMBaAFJV0UpPIiicm4QpX1Y9CzDFpt8ki MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNDRDOS84NDJGOTg5NDBF QzkxMUYwQTI2RkYxNDRDNEY5QUUwMi9sWFJTazhpS0p5YmhDbGZWajBMTU1XbTN5 U0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xYUlNrOGlLSnliaENsZlZqMExNTVdtM3lTSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MTQ0QzkvODQyRjk4OTQwRUM5MTFGMEEyNkZGMTQ0QzRGOUFFMDIvOThERDcxNzgw RUNDMTFGMEI4RTQ4MTcwQzRGOUFFMDIucm9hMH8GCCsGAQUFBwEHAQH/BHAwbjBs BAIAATBmAwQCK/sMAwQCK/xUAwQCK/+oAwQCZwFAAwQCZ0W4AwQCZ00UAwQCZ1YM AwQCZ1+wAwQCZ2tYAwQCZ3YkAwQCZ8u4AwQCZ9ZAAwQCZ+REAwQCZ+X0AwQCZ++w AwQDd/yIAwQDyk0QMA0GCSqGSIb3DQEBCwUAA4IBAQCrJFzQGpXyiRH+EOEAKpDl RkzkTFL6YJhQQSekK+FlHodzO4OOckeRuJTVhawhPPuyOAfRQAD34WQFXwNSbRsL EJBFhhohfKKkXFmBaJrjbmjV0txJFtTvBlEdiMS0Bw6i7s4IU5Z9L5lc9zB37we4 hXdwtPulyEnm+GzkoCn59lq1/YPLvM/+Tkh433JpFHi7DmTany+svyx444UNEPoo U1aKnSwVDrcHj0HmstO2Eux3U1rM+qE91CnVRjeYfNtE4fy6q/dq3FdeRVweTDcy K+g8l+iTRljwmbrgBg2fnFNbfYnM0bBkHTLhHNr2CRXyTEblp4NXNZyFJ7QfwUOw -----END CERTIFICATE-----Generated at Thu Mar 26 06:56:24 2026 by rpki-client