$ rpki-client -vvf rpki.apnic.net/member_repository/A91302B0/6572BE94FF9411E4876B945DC4F9AE02/C1B929B4682B11E9AE87C117C4F9AE02.roa File: C1B929B4682B11E9AE87C117C4F9AE02.roa (raw, json) Hash identifier: Md73Ak01HN4wpU0x0797d/oyAuhQG4KW854mHF1OHU8= Subject key identifier: B3:14:6D:10:B6:78:FB:AB:3D:D8:A4:D9:4D:21:EC:54:CB:19:AA:34 Certificate issuer: /CN=A91302B0/serialNumber=C08EC70A5B79742FC55F910536CA065C6CFB7CB5 Certificate serial: 26CB Authority key identifier: C0:8E:C7:0A:5B:79:74:2F:C5:5F:91:05:36:CA:06:5C:6C:FB:7C:B5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wI7HClt5dC_FX5EFNsoGXGz7fLU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91302B0/6572BE94FF9411E4876B945DC4F9AE02/C1B929B4682B11E9AE87C117C4F9AE02.roa Signing time: Sun 01 Mar 2026 16:23:19 +0000 ROA not before: Wed 26 Nov 2025 04:30:20 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 23688 IP address blocks: 27.147.128.0/17 maxlen: 24 103.197.152.0/22 maxlen: 24 103.232.100.0/22 maxlen: 24 123.200.0.0/19 maxlen: 24 163.47.32.0/22 maxlen: 24 203.76.96.0/19 maxlen: 24 2400:ca00::/28 maxlen: 36 2400:ca00::/40 maxlen: 48 2400:ca00:100::/48 maxlen: 48 2400:ca00:1f1::/48 maxlen: 48 2400:ca00:1f2::/48 maxlen: 48 2400:ca00:1f3::/48 maxlen: 48 2400:ca00:1f3:2::/64 maxlen: 64 2400:ca00:1fa::/48 maxlen: 48 2400:ca00:1fb::/48 maxlen: 48 2400:ca00:1fb:fb01::/64 maxlen: 64 2400:ca00:1fb:fc01::/64 maxlen: 64 2400:ca00:1fb:fd01::/64 maxlen: 64 2400:ca00:1fb:fe01::/64 maxlen: 64 2400:ca00:1fb:ff01::/64 maxlen: 64 2400:ca00:1fc::/48 maxlen: 48 2400:ca00:1fd::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91302B0/6572BE94FF9411E4876B945DC4F9AE02/wI7HClt5dC_FX5EFNsoGXGz7fLU.crl rsync://rpki.apnic.net/member_repository/A91302B0/6572BE94FF9411E4876B945DC4F9AE02/wI7HClt5dC_FX5EFNsoGXGz7fLU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wI7HClt5dC_FX5EFNsoGXGz7fLU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 15:38:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9931 (0x26cb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91302B0, serialNumber=C08EC70A5B79742FC55F910536CA065C6CFB7CB5 Validity Not Before: Nov 26 04:30:20 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=69a467f7-d9f5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:b2:e9:19:78:21:cd:ca:03:86:37:05:b3:af: 0a:e1:bb:46:f2:2a:1f:52:d3:9a:f9:10:57:a5:3a: 15:76:53:e7:95:2d:8f:dc:c0:f9:62:33:b2:69:37: 6f:1a:0b:83:24:96:9b:18:83:c7:f6:4b:13:cc:ef: a3:66:7b:70:5b:71:70:f8:03:b1:4d:4a:58:6f:f4: 5d:2d:32:0f:7a:33:81:69:77:ec:c4:40:ff:06:83: ff:7f:71:8c:9e:41:23:8b:81:bc:e0:16:6e:e7:87: df:17:0b:0c:11:17:2b:2d:c1:8c:61:03:eb:c2:42: e2:61:21:0b:61:23:e2:53:4b:79:7d:39:73:7e:46: aa:2e:ab:ad:13:6d:fc:8b:c6:78:0e:62:fc:fa:76: 3d:c6:c2:b1:6d:f5:70:6c:91:da:57:de:3c:53:55: e9:0a:85:be:ba:e9:09:62:a0:ae:cd:e3:4a:70:ea: 8d:6b:5b:16:d3:ca:89:d6:cb:03:d7:42:f0:fd:ce: 65:f2:fb:24:85:ca:1c:b3:01:80:f2:f2:5c:f0:1e: 11:aa:c7:c2:2c:19:05:90:c8:12:18:c6:f5:7d:6b: 3a:ef:4c:24:8f:0b:57:9d:91:51:ac:bc:27:82:14: 89:e2:43:c3:84:31:99:3b:58:92:0f:c2:37:bf:2b: d9:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:14:6D:10:B6:78:FB:AB:3D:D8:A4:D9:4D:21:EC:54:CB:19:AA:34 X509v3 Authority Key Identifier: keyid:C0:8E:C7:0A:5B:79:74:2F:C5:5F:91:05:36:CA:06:5C:6C:FB:7C:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91302B0/6572BE94FF9411E4876B945DC4F9AE02/wI7HClt5dC_FX5EFNsoGXGz7fLU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wI7HClt5dC_FX5EFNsoGXGz7fLU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91302B0/6572BE94FF9411E4876B945DC4F9AE02/C1B929B4682B11E9AE87C117C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 27.147.128.0/17 103.197.152.0/22 103.232.100.0/22 123.200.0.0/19 163.47.32.0/22 203.76.96.0/19 IPv6: 2400:ca00::/28 Signature Algorithm: sha256WithRSAEncryption 86:89:41:94:47:57:3b:b5:02:81:dd:fc:e6:ac:de:2a:26:97: d7:26:44:e6:d2:b6:c0:5c:66:c9:f6:90:46:53:21:f1:e4:db: 6a:c0:f4:d3:9a:1e:1c:d6:15:08:b1:3b:cb:71:a3:d6:09:10: 2b:8d:93:e2:77:4e:0a:1d:65:ec:9e:81:bf:be:25:ba:85:63: 41:cd:c7:f5:87:f4:f6:06:3f:91:4c:19:a4:f5:7f:03:b9:b7: 4b:70:fd:ed:62:cc:61:70:f6:45:d1:0d:65:cd:74:f8:42:c8: d2:78:fd:f1:90:07:3b:75:4e:42:19:14:30:d8:f0:32:75:b7: 90:8e:6e:91:8c:40:b6:89:f1:85:9a:6d:d5:35:af:d7:65:4b: db:4f:27:77:42:ce:9d:c6:b9:a4:28:9e:97:20:8f:3a:ed:72: eb:2e:86:29:e3:98:9f:8d:18:3b:66:7c:2a:6a:dd:0f:db:f3: e4:01:f0:c9:14:cf:df:ca:b2:07:67:c8:cb:5b:a1:06:76:31: e9:cc:c6:79:c3:c9:72:cf:37:f4:95:72:88:88:01:77:a1:8a: e3:79:4c:f1:46:a7:25:71:61:99:35:9c:37:04:c6:1d:3c:8f: e6:86:da:ca:a8:50:2b:4a:3f:7b:2a:ba:ad:3b:aa:14:09:ad: 41:3e:ed:be -----BEGIN CERTIFICATE----- MIIFaTCCBFGgAwIBAgICJsswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzAyQjAxMTAvBgNVBAUTKEMwOEVDNzBBNUI3OTc0MkZDNTVGOTEwNTM2Q0EwNjVD NkNGQjdDQjUwHhcNMjUxMTI2MDQzMDIwWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NjdmNy1kOWY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAprLpGXghzcoDhjcFs68K4btG8iofUtOa+RBXpToVdlPnlS2P3MD5YjOyaTdv GguDJJabGIPH9ksTzO+jZntwW3Fw+AOxTUpYb/RdLTIPejOBaXfsxED/BoP/f3GM nkEji4G84BZu54ffFwsMERcrLcGMYQPrwkLiYSELYSPiU0t5fTlzfkaqLqutE238 i8Z4DmL8+nY9xsKxbfVwbJHaV948U1XpCoW+uukJYqCuzeNKcOqNa1sW08qJ1ssD 10Lw/c5l8vskhcocswGA8vJc8B4RqsfCLBkFkMgSGMb1fWs670wkjwtXnZFRrLwn ghSJ4kPDhDGZO1iSD8I3vyvZeQIDAQABo4ICjTCCAokwHQYDVR0OBBYEFLMUbRC2 ePurPdik2U0h7FTLGao0MB8GA1UdIwQYMBaAFMCOxwpbeXQvxV+RBTbKBlxs+3y1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMDJCMC82NTcyQkU5NEZG OTQxMUU0ODc2Qjk0NURDNEY5QUUwMi93STdIQ2x0NWRDX0ZYNUVGTnNvR1hHejdm TFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3dJN0hDbHQ1ZENfRlg1RUZOc29HWEd6N2ZMVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzAyQjAvNjU3MkJFOTRGRjk0MTFFNDg3NkI5NDVEQzRGOUFFMDIvQzFCOTI5QjQ2 ODJCMTFFOUFFODdDMTE3QzRGOUFFMDIucm9hMEwGCCsGAQUFBwEHAQH/BD0wOzAq BAIAATAkAwQHG5OAAwQCZ8WYAwQCZ+hkAwQFe8gAAwQCoy8gAwQFy0xgMA0EAgAC MAcDBQQkAMoAMA0GCSqGSIb3DQEBCwUAA4IBAQCGiUGUR1c7tQKB3fzmrN4qJpfX JkTm0rbAXGbJ9pBGUyHx5NtqwPTTmh4c1hUIsTvLcaPWCRArjZPid04KHWXsnoG/ viW6hWNBzcf1h/T2Bj+RTBmk9X8DubdLcP3tYsxhcPZF0Q1lzXT4QsjSeP3xkAc7 dU5CGRQw2PAydbeQjm6RjEC2ifGFmm3VNa/XZUvbTyd3Qs6dxrmkKJ6XII867XLr LoYp45ifjRg7Znwqat0P2/PkAfDJFM/fyrIHZ8jLW6EGdjHpzMZ5w8lyzzf0lXKI iAF3oYrjeUzxRqclcWGZNZw3BMYdPI/mhtrKqFArSj97KrqtO6oUCa1BPu2+ -----END CERTIFICATE-----Generated at Thu Mar 26 11:54:24 2026 by rpki-client