$ rpki-client -vvf rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/9DDA09EC05DC11EA9B6B0560C4F9AE02.roa File: 9DDA09EC05DC11EA9B6B0560C4F9AE02.roa (raw, json) Hash identifier: jOASJy08cQtiHT2anaDk0d4CR9FN0kGkmWrO2dstaFQ= Subject key identifier: 09:68:53:47:8E:AA:3B:65:B9:2D:DA:94:CD:63:F0:97:0E:6C:6B:79 Certificate issuer: /CN=A91454F3/serialNumber=6CE9254A9CBFA07042243735DCE4FBF7E5461166 Certificate serial: 0CD4 Authority key identifier: 6C:E9:25:4A:9C:BF:A0:70:42:24:37:35:DC:E4:FB:F7:E5:46:11:66 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/9DDA09EC05DC11EA9B6B0560C4F9AE02.roa Signing time: Sun 01 Mar 2026 13:53:06 +0000 ROA not before: Wed 26 Nov 2025 18:08:05 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 133477 IP address blocks: 103.95.38.0/24 maxlen: 24 103.101.249.0/24 maxlen: 24 103.101.250.0/23 maxlen: 23 103.101.250.0/24 maxlen: 24 103.101.251.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.crl rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 18:07:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3284 (0xcd4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91454F3, serialNumber=6CE9254A9CBFA07042243735DCE4FBF7E5461166 Validity Not Before: Nov 26 18:08:05 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=69a444c2-d9eb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:eb:88:c9:c1:db:5e:01:91:06:31:55:ea:0e: 55:43:2d:8d:ae:38:5f:1d:5f:04:20:7c:18:3b:da: c0:24:a2:19:bd:9d:b7:8d:60:e6:4d:74:a3:0f:83: f4:f4:54:b9:f3:3d:97:bc:16:be:78:72:cd:e4:6f: e9:8f:d3:8b:73:a8:97:2d:0f:81:43:ed:56:bb:4a: ec:59:2c:b7:3c:c2:f6:8b:78:28:ff:a8:ee:a3:c8: 70:76:92:b2:9b:72:c7:58:aa:98:04:41:2e:e1:4c: a2:d3:89:88:db:7b:d5:3d:34:71:e9:56:8c:03:d8: 64:84:f9:83:dd:b8:f6:8b:52:20:11:a1:17:b6:95: 17:04:4c:4d:45:8e:e5:b1:f4:50:7f:85:93:36:a3: d0:39:5f:cc:e7:5b:01:e8:36:97:d2:44:76:76:fb: 2f:01:68:00:9e:70:7f:b9:a0:25:78:dc:89:8b:b1: 8f:5e:33:0e:01:0a:0f:d1:55:60:1b:d1:ad:e2:01: fa:18:5b:69:1c:b1:9b:16:65:e7:81:a5:bf:85:5b: 3c:a0:eb:77:e8:b3:b1:4c:1a:9e:6f:3b:1c:a4:fc: 8b:bd:51:58:dd:d2:4c:d2:57:43:9f:ef:64:57:f8: 36:f8:8c:de:66:fb:28:35:b7:23:5b:fa:6e:f8:ef: 62:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:68:53:47:8E:AA:3B:65:B9:2D:DA:94:CD:63:F0:97:0E:6C:6B:79 X509v3 Authority Key Identifier: keyid:6C:E9:25:4A:9C:BF:A0:70:42:24:37:35:DC:E4:FB:F7:E5:46:11:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/9DDA09EC05DC11EA9B6B0560C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.95.38.0/24 103.101.249.0-103.101.251.255 Signature Algorithm: sha256WithRSAEncryption 2e:b6:d1:67:66:0b:23:43:25:df:b1:13:15:76:7f:e5:2a:82: 57:98:6b:49:53:03:95:ad:f1:52:df:3b:e0:8a:12:44:96:95: e9:59:89:27:7d:c2:91:22:a5:40:13:96:e2:1b:07:28:64:ea: cc:24:38:7b:e7:f1:df:5b:33:69:10:72:c9:b7:9d:87:60:e2: a6:c7:51:66:46:e9:b7:18:d9:cd:76:29:c5:e3:cf:92:92:ad: 08:cb:46:26:6f:e8:69:83:9e:ff:a2:09:1d:05:92:06:40:e1: a6:14:b2:70:3c:6f:41:37:47:97:e6:9e:1a:b6:d9:15:1e:b4: 79:e4:5a:da:3e:50:2d:a5:92:1c:21:c3:c5:d0:0e:54:b5:6d: a0:74:d0:56:d1:98:b4:fb:b1:dc:2e:13:92:9b:12:60:53:da: 25:fc:50:1d:58:ba:78:44:69:e4:9a:05:4f:7b:22:54:63:81: cb:6b:c8:52:e2:c4:06:88:9a:15:0a:3d:7e:2a:30:ad:a5:b0: 2e:93:35:6c:83:ce:a1:9a:bf:54:b2:9f:e3:36:26:0c:ad:b0: c4:e0:81:e3:a4:56:b8:50:31:2c:57:61:33:1b:36:5c:d1:0b: f6:98:9e:6f:08:9e:b3:04:9a:6e:07:74:d0:63:d2:52:92:f0: 0f:ff:d8:8a -----BEGIN CERTIFICATE----- MIIFSjCCBDKgAwIBAgICDNQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDU0RjMxMTAvBgNVBAUTKDZDRTkyNTRBOUNCRkEwNzA0MjI0MzczNURDRTRGQkY3 RTU0NjExNjYwHhcNMjUxMTI2MTgwODA1WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NDRjMi1kOWViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtuuIycHbXgGRBjFV6g5VQy2NrjhfHV8EIHwYO9rAJKIZvZ23jWDmTXSjD4P0 9FS58z2XvBa+eHLN5G/pj9OLc6iXLQ+BQ+1Wu0rsWSy3PML2i3go/6juo8hwdpKy m3LHWKqYBEEu4Uyi04mI23vVPTRx6VaMA9hkhPmD3bj2i1IgEaEXtpUXBExNRY7l sfRQf4WTNqPQOV/M51sB6DaX0kR2dvsvAWgAnnB/uaAleNyJi7GPXjMOAQoP0VVg G9Gt4gH6GFtpHLGbFmXngaW/hVs8oOt36LOxTBqebzscpPyLvVFY3dJM0ldDn+9k V/g2+IzeZvsoNbcjW/pu+O9idQIDAQABo4ICbjCCAmowHQYDVR0OBBYEFAloU0eO qjtluS3alM1j8JcObGt5MB8GA1UdIwQYMBaAFGzpJUqcv6BwQiQ3Ndzk+/flRhFm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTRGMy8xRUY3ODY2ODA1 REMxMUVBOTc0M0JBNUZDNEY5QUUwMi9iT2tsU3B5X29IQkNKRGMxM09UNzktVkdF V1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2JPa2xTcHlfb0hCQ0pEYzEzT1Q3OS1WR0VXWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDU0RjMvMUVGNzg2NjgwNURDMTFFQTk3NDNCQTVGQzRGOUFFMDIvOUREQTA5RUMw NURDMTFFQTlCNkIwNTYwQzRGOUFFMDIucm9hMC0GCCsGAQUFBwEHAQH/BB4wHDAa BAIAATAUAwQAZ18mMAwDBABnZfkDBAJnZfgwDQYJKoZIhvcNAQELBQADggEBAC62 0WdmCyNDJd+xExV2f+UqgleYa0lTA5Wt8VLfO+CKEkSWlelZiSd9wpEipUATluIb Byhk6swkOHvn8d9bM2kQcsm3nYdg4qbHUWZG6bcY2c12KcXjz5KSrQjLRiZv6GmD nv+iCR0FkgZA4aYUsnA8b0E3R5fmnhq22RUetHnkWto+UC2lkhwhw8XQDlS1baB0 0FbRmLT7sdwuE5KbEmBT2iX8UB1YunhEaeSaBU97IlRjgctryFLixAaImhUKPX4q MK2lsC6TNWyDzqGav1Syn+M2JgytsMTggeOkVrhQMSxXYTMbNlzRC/aYnm8InrME mm4HdNBj0lKS8A//2Io= -----END CERTIFICATE-----Generated at Thu Mar 26 15:59:03 2026 by rpki-client