$ rpki-client -vvf rpki.apnic.net/member_repository/A91222FA/E80DAA2EFA8511EBB6682F37C4F9AE02/BFA10A96FA8911EB8122C53FC4F9AE02.roa File: BFA10A96FA8911EB8122C53FC4F9AE02.roa (raw, json) Hash identifier: UgEEJTWIM54CHKob5V3mW5gsYSR/YNMzJ4dhTAYf1UI= Subject key identifier: D1:94:BD:8E:A7:57:83:5B:12:4B:DB:29:3F:E2:52:D8:0F:8E:52:56 Certificate issuer: /CN=A91222FA/serialNumber=C740DD4924C082341737E219E15AE68F7017DCB8 Certificate serial: 05C3 Authority key identifier: C7:40:DD:49:24:C0:82:34:17:37:E2:19:E1:5A:E6:8F:70:17:DC:B8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x0DdSSTAgjQXN-IZ4Vrmj3AX3Lg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91222FA/E80DAA2EFA8511EBB6682F37C4F9AE02/BFA10A96FA8911EB8122C53FC4F9AE02.roa Signing time: Mon 02 Mar 2026 13:52:49 +0000 ROA not before: Fri 19 Sep 2025 00:05:32 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 142627 IP address blocks: 103.171.68.0/23 maxlen: 23 103.171.68.0/24 maxlen: 24 103.171.69.0/24 maxlen: 24 2001:df7:3b80::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91222FA/E80DAA2EFA8511EBB6682F37C4F9AE02/x0DdSSTAgjQXN-IZ4Vrmj3AX3Lg.crl rsync://rpki.apnic.net/member_repository/A91222FA/E80DAA2EFA8511EBB6682F37C4F9AE02/x0DdSSTAgjQXN-IZ4Vrmj3AX3Lg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x0DdSSTAgjQXN-IZ4Vrmj3AX3Lg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 22:44:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1475 (0x5c3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91222FA, serialNumber=C740DD4924C082341737E219E15AE68F7017DCB8 Validity Not Before: Sep 19 00:05:32 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=69a59631-1d9f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:0f:95:26:a6:b3:cb:fc:80:f6:cf:a8:83:83: 8f:bd:73:11:9e:68:c3:5a:c6:3e:14:cf:ca:ce:cf: fb:49:f9:f0:c3:81:53:c7:41:11:d7:d1:09:36:67: a4:71:6b:65:f8:f5:08:8c:15:d2:0d:d5:6b:31:ce: c4:e2:8b:4a:28:dd:87:24:3a:46:ee:09:57:3b:ec: 0e:c5:dd:0a:81:7c:ec:c9:16:8f:81:42:9e:04:0d: 37:0e:82:37:58:e8:3c:5b:63:d1:50:9f:2e:fc:2a: 1b:d6:1e:bb:8f:89:d7:2d:af:e1:4a:7d:a9:f1:cb: e7:3d:3d:91:59:29:e0:f2:8d:c6:1d:eb:d6:e0:10: dd:49:f1:69:cb:b8:87:bc:92:2d:50:27:00:ac:5e: 81:1e:3d:6c:46:66:01:8b:cb:24:65:f1:0a:8b:53: 2a:58:1b:c5:ca:8b:b3:03:4c:2c:c1:76:28:8c:31: d7:b5:9f:42:5e:9b:6b:47:c0:7c:64:89:a2:0f:9e: 4a:9d:bb:cc:15:fd:9e:63:d9:82:21:f2:fe:2b:4b: a1:a0:c9:7d:17:96:c0:fd:fa:ec:ab:3e:a3:4e:c1: be:1c:de:52:56:72:72:fe:90:c8:16:92:90:fc:bf: e5:07:80:d2:bb:a9:ca:44:be:d9:d7:d7:8e:a0:ea: 77:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:94:BD:8E:A7:57:83:5B:12:4B:DB:29:3F:E2:52:D8:0F:8E:52:56 X509v3 Authority Key Identifier: keyid:C7:40:DD:49:24:C0:82:34:17:37:E2:19:E1:5A:E6:8F:70:17:DC:B8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91222FA/E80DAA2EFA8511EBB6682F37C4F9AE02/x0DdSSTAgjQXN-IZ4Vrmj3AX3Lg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x0DdSSTAgjQXN-IZ4Vrmj3AX3Lg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91222FA/E80DAA2EFA8511EBB6682F37C4F9AE02/BFA10A96FA8911EB8122C53FC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.171.68.0/23 IPv6: 2001:df7:3b80::/48 Signature Algorithm: sha256WithRSAEncryption 10:6a:2a:c9:67:f3:e4:73:dc:1a:99:7d:7b:49:25:51:ba:56: 84:c2:9d:7b:87:2b:db:e1:ab:c4:5e:a8:c5:34:d9:67:bc:a1: 1b:3e:84:32:0a:3c:6a:71:90:6b:11:87:3b:b5:1e:e7:ed:2e: 17:07:89:8d:c7:c8:65:1a:d8:14:2f:20:af:42:c0:2b:34:7d: a9:c7:29:ed:31:6e:56:bf:4a:2e:3c:d0:4a:c5:51:b8:b2:54: e6:88:87:0e:db:06:00:78:40:29:95:58:9a:3d:6c:64:ba:02: cb:eb:f9:c0:b8:5e:dc:db:b5:4b:78:3e:49:8f:cf:21:88:73: ef:11:67:11:e5:9d:ac:e6:8a:e9:33:67:32:1b:4e:ce:7f:3d: dc:f1:ad:d3:ba:47:0d:9e:27:6e:e9:be:c1:49:d0:cd:4c:b2: 41:be:0b:71:fb:a0:9e:50:9a:70:5b:97:2f:f0:a3:90:25:b4: 1c:67:95:81:fb:86:c8:18:9f:25:d0:c2:2c:5d:ba:e8:ab:76: 06:12:bb:29:9e:d4:49:22:fd:e5:5f:dc:58:4f:37:5f:c3:5e: ab:a6:e5:67:51:59:c0:76:ba:e8:82:1e:98:03:04:db:e1:dc: 84:de:d0:56:e6:11:d7:45:e0:45:c0:7b:8d:ca:f7:fe:42:4c: 8b:e8:e2:2c -----BEGIN CERTIFICATE----- MIIFTTCCBDWgAwIBAgICBcMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjIyRkExMTAvBgNVBAUTKEM3NDBERDQ5MjRDMDgyMzQxNzM3RTIxOUUxNUFFNjhG NzAxN0RDQjgwHhcNMjUwOTE5MDAwNTMyWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE1OTYzMS0xZDlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsg+VJqazy/yA9s+og4OPvXMRnmjDWsY+FM/Kzs/7Sfnww4FTx0ER19EJNmek cWtl+PUIjBXSDdVrMc7E4otKKN2HJDpG7glXO+wOxd0KgXzsyRaPgUKeBA03DoI3 WOg8W2PRUJ8u/Cob1h67j4nXLa/hSn2p8cvnPT2RWSng8o3GHevW4BDdSfFpy7iH vJItUCcArF6BHj1sRmYBi8skZfEKi1MqWBvFyouzA0wswXYojDHXtZ9CXptrR8B8 ZImiD55KnbvMFf2eY9mCIfL+K0uhoMl9F5bA/frsqz6jTsG+HN5SVnJy/pDIFpKQ /L/lB4DSu6nKRL7Z19eOoOp3bQIDAQABo4ICcTCCAm0wHQYDVR0OBBYEFNGUvY6n V4NbEkvbKT/iUtgPjlJWMB8GA1UdIwQYMBaAFMdA3UkkwII0FzfiGeFa5o9wF9y4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMjJGQS9FODBEQUEyRUZB ODUxMUVCQjY2ODJGMzdDNEY5QUUwMi94MERkU1NUQWdqUVhOLUlaNFZybWozQVgz TGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3gwRGRTU1RBZ2pRWE4tSVo0VnJtajNBWDNMZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MjIyRkEvRTgwREFBMkVGQTg1MTFFQkI2NjgyRjM3QzRGOUFFMDIvQkZBMTBBOTZG QTg5MTFFQjgxMjJDNTNGQzRGOUFFMDIucm9hMDAGCCsGAQUFBwEHAQH/BCEwHzAM BAIAATAGAwQBZ6tEMA8EAgACMAkDBwAgAQ33O4AwDQYJKoZIhvcNAQELBQADggEB ABBqKsln8+Rz3BqZfXtJJVG6VoTCnXuHK9vhq8ReqMU02We8oRs+hDIKPGpxkGsR hzu1HuftLhcHiY3HyGUa2BQvIK9CwCs0fanHKe0xbla/Si480ErFUbiyVOaIhw7b BgB4QCmVWJo9bGS6Asvr+cC4XtzbtUt4PkmPzyGIc+8RZxHlnazmiukzZzIbTs5/ PdzxrdO6Rw2eJ27pvsFJ0M1MskG+C3H7oJ5QmnBbly/wo5AltBxnlYH7hsgYnyXQ wixduuirdgYSuyme1Eki/eVf3FhPN1/DXqum5WdRWcB2uuiCHpgDBNvh3ITe0Fbm EddF4EXAe43K9/5CTIvo4iw= -----END CERTIFICATE-----Generated at Thu Mar 26 16:37:45 2026 by rpki-client