$ rpki-client -vvf rpki.apnic.net/member_repository/A91151C9/C300C2CEC6FA11E7AAABCC0BC4F9AE02/A652A68C3DB911EFACDF8C75C4F9AE02.roa File: A652A68C3DB911EFACDF8C75C4F9AE02.roa (raw, json) Hash identifier: D4CtW3wvtczkpBu/Z6LonqdYV2lQD1sEGxInCrs4DaY= Subject key identifier: DD:D2:71:FA:BB:D9:83:3A:6B:E3:6A:68:22:62:74:ED:A8:A2:CC:25 Certificate issuer: /CN=A91151C9/serialNumber=875F40021C6D43B04EFE894A7FC15CC4F6ED89BA Certificate serial: 1896 Authority key identifier: 87:5F:40:02:1C:6D:43:B0:4E:FE:89:4A:7F:C1:5C:C4:F6:ED:89:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h19AAhxtQ7BO_olKf8FcxPbtibo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91151C9/C300C2CEC6FA11E7AAABCC0BC4F9AE02/A652A68C3DB911EFACDF8C75C4F9AE02.roa Signing time: Fri 08 May 2026 17:20:48 +0000 ROA not before: Fri 08 May 2026 17:20:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 64096 IP address blocks: 43.228.180.0/22 maxlen: 22 43.228.180.0/24 maxlen: 24 43.228.181.0/24 maxlen: 24 43.228.182.0/23 maxlen: 24 103.47.200.0/22 maxlen: 24 103.103.176.0/22 maxlen: 22 103.103.176.0/23 maxlen: 24 103.103.178.0/24 maxlen: 24 103.103.179.0/24 maxlen: 24 103.212.56.0/22 maxlen: 22 103.212.56.0/24 maxlen: 24 103.212.57.0/24 maxlen: 24 103.212.58.0/23 maxlen: 24 116.206.0.0/22 maxlen: 22 116.206.0.0/24 maxlen: 24 116.206.1.0/24 maxlen: 24 116.206.2.0/23 maxlen: 24 2404:ff80::/32 maxlen: 32 2404:ff80:100::/48 maxlen: 48 2404:ff80:101::/48 maxlen: 48 2404:ff80:1001::/48 maxlen: 48 2404:ff80:c000::/34 maxlen: 34 2404:ff80:ffe0::/44 maxlen: 48 2404:ff80:fff0::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91151C9/C300C2CEC6FA11E7AAABCC0BC4F9AE02/h19AAhxtQ7BO_olKf8FcxPbtibo.crl rsync://rpki.apnic.net/member_repository/A91151C9/C300C2CEC6FA11E7AAABCC0BC4F9AE02/h19AAhxtQ7BO_olKf8FcxPbtibo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h19AAhxtQ7BO_olKf8FcxPbtibo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 19 May 2026 16:30:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6294 (0x1896) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91151C9, serialNumber=875F40021C6D43B04EFE894A7FC15CC4F6ED89BA Validity Not Before: May 8 17:20:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=69fe1b70-1ccf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:8d:55:d4:7d:81:44:02:53:06:ee:67:ec:1c: 0f:46:9e:1b:56:8f:2c:ce:c9:91:7c:99:ff:98:7c: dc:23:16:df:94:fe:b1:18:0d:d9:13:26:65:37:5e: 80:8d:1c:9b:1c:3a:20:ac:c7:f0:39:57:d8:7d:53: f4:fe:24:e7:5d:d2:10:8f:8c:72:b2:58:7e:de:bc: 3a:db:ac:26:25:3f:7d:78:eb:11:f4:a7:e1:ed:18: e1:1e:03:4b:af:5f:3c:25:1a:36:06:80:01:13:bd: b6:89:58:84:9b:71:e3:2e:ad:03:04:86:43:e6:86: 32:cb:9f:e7:ec:ca:d3:9b:0b:95:56:41:77:d9:87: 53:3a:b4:26:dd:95:d1:74:a8:0e:3a:eb:9d:85:3b: 6b:1d:a7:4e:05:13:ca:63:25:7b:09:e8:dc:38:b0: df:d4:d4:07:2f:54:e5:ca:18:9d:81:51:11:41:45: 52:5c:57:ad:96:f4:40:98:0e:0d:97:22:e0:29:52: 22:7e:6c:52:c9:85:98:db:0e:29:4e:ba:32:dd:8e: e1:7f:64:f2:1f:28:2f:09:d8:b9:c2:02:7d:4c:1d: ac:a1:38:14:7b:e0:ea:4e:5f:e3:bd:58:28:26:89: ed:8b:38:ef:bd:54:0f:9f:47:3a:74:61:8b:8d:7d: 63:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:D2:71:FA:BB:D9:83:3A:6B:E3:6A:68:22:62:74:ED:A8:A2:CC:25 X509v3 Authority Key Identifier: keyid:87:5F:40:02:1C:6D:43:B0:4E:FE:89:4A:7F:C1:5C:C4:F6:ED:89:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91151C9/C300C2CEC6FA11E7AAABCC0BC4F9AE02/h19AAhxtQ7BO_olKf8FcxPbtibo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h19AAhxtQ7BO_olKf8FcxPbtibo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91151C9/C300C2CEC6FA11E7AAABCC0BC4F9AE02/A652A68C3DB911EFACDF8C75C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.228.180.0/22 103.47.200.0/22 103.103.176.0/22 103.212.56.0/22 116.206.0.0/22 IPv6: 2404:ff80::/32 Signature Algorithm: sha256WithRSAEncryption 05:59:4f:ef:53:14:9d:e7:7b:97:84:71:c6:c4:a4:f4:b7:f3: 85:58:de:42:15:50:77:64:9d:4e:56:80:a7:26:15:ba:6a:34: e3:5c:ff:ee:57:ec:c6:62:8a:f5:67:ce:4d:a7:70:7b:fd:f3: ba:01:39:99:0f:28:f1:23:49:3c:6d:35:78:18:e2:8c:80:2e: b3:5a:e0:54:ae:26:cd:84:3f:91:d4:00:d4:fe:10:c9:7b:aa: 09:fa:55:3d:fc:f2:00:42:46:a6:3c:15:c5:2d:b2:53:16:ac: 3b:6b:15:6f:46:d5:25:c6:a2:98:8b:1c:89:d6:4c:f5:95:15: 08:30:e3:a5:1a:27:6d:32:ff:16:2d:ef:02:94:04:c9:b5:c3: 70:ec:98:49:e0:b1:05:6a:1f:20:80:1c:a1:ca:e5:76:f4:92: d0:1b:76:0f:94:9e:4b:a9:7f:4b:e2:36:e5:45:95:3a:a7:02: 72:29:6b:03:fc:4b:27:cc:6a:dd:63:b1:c4:c0:cf:5b:f0:d7: a9:fc:f9:d3:36:26:53:5e:fb:8a:ce:82:67:44:e1:ed:39:cf: 17:5b:c3:bc:7f:59:21:95:30:a6:4b:e7:bc:4b:35:1c:e7:17: 15:ad:6b:63:40:75:1e:f1:c9:da:4a:62:82:9e:71:2c:0f:46: cf:1f:de:72 -----BEGIN CERTIFICATE----- MIIFYzCCBEugAwIBAgICGJYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTUxQzkxMTAvBgNVBAUTKDg3NUY0MDAyMUM2RDQzQjA0RUZFODk0QTdGQzE1Q0M0 RjZFRDg5QkEwHhcNMjYwNTA4MTcyMDQ4WhcNMjcwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWZlMWI3MC0xY2NmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvY1V1H2BRAJTBu5n7BwPRp4bVo8szsmRfJn/mHzcIxbflP6xGA3ZEyZlN16A jRybHDogrMfwOVfYfVP0/iTnXdIQj4xyslh+3rw626wmJT99eOsR9Kfh7RjhHgNL r188JRo2BoABE722iViEm3HjLq0DBIZD5oYyy5/n7MrTmwuVVkF32YdTOrQm3ZXR dKgOOuudhTtrHadOBRPKYyV7CejcOLDf1NQHL1TlyhidgVERQUVSXFetlvRAmA4N lyLgKVIifmxSyYWY2w4pTroy3Y7hf2TyHygvCdi5wgJ9TB2soTgUe+DqTl/jvVgo JontizjvvVQPn0c6dGGLjX1jOQIDAQABo4IChzCCAoMwHQYDVR0OBBYEFN3Scfq7 2YM6a+NqaCJidO2ooswlMB8GA1UdIwQYMBaAFIdfQAIcbUOwTv6JSn/BXMT27Ym6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNTFDOS9DMzAwQzJDRUM2 RkExMUU3QUFBQkNDMEJDNEY5QUUwMi9oMTlBQWh4dFE3Qk9fb2xLZjhGY3hQYnRp Ym8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2gxOUFBaHh0UTdCT19vbEtmOEZjeFBidGliby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MTUxQzkvQzMwMEMyQ0VDNkZBMTFFN0FBQUJDQzBCQzRGOUFFMDIvQTY1MkE2OEMz REI5MTFFRkFDREY4Qzc1QzRGOUFFMDIucm9hMEYGCCsGAQUFBwEHAQH/BDcwNTAk BAIAATAeAwQCK+S0AwQCZy/IAwQCZ2ewAwQCZ9Q4AwQCdM4AMA0EAgACMAcDBQAk BP+AMA0GCSqGSIb3DQEBCwUAA4IBAQAFWU/vUxSd53uXhHHGxKT0t/OFWN5CFVB3 ZJ1OVoCnJhW6ajTjXP/uV+zGYor1Z85Np3B7/fO6ATmZDyjxI0k8bTV4GOKMgC6z WuBUribNhD+R1ADU/hDJe6oJ+lU9/PIAQkamPBXFLbJTFqw7axVvRtUlxqKYixyJ 1kz1lRUIMOOlGidtMv8WLe8ClATJtcNw7JhJ4LEFah8ggByhyuV29JLQG3YPlJ5L qX9L4jblRZU6pwJyKWsD/EsnzGrdY7HEwM9b8Nep/PnTNiZTXvuKzoJnROHtOc8X W8O8f1khlTCmS+e8SzUc5xcVrWtjQHUe8cnaSmKCnnEsD0bPH95y -----END CERTIFICATE-----Generated at Wed May 13 02:23:33 2026 by rpki-client