$ rpki-client -vvf rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/4DD0C31C0E2011F0A0825648C4F9AE02.roa File: 4DD0C31C0E2011F0A0825648C4F9AE02.roa (raw, json) Hash identifier: h/EzL6m4kKSsLLi32KOt8BdjgRY3aECQIU78ROu0rg0= Subject key identifier: FA:EA:12:04:57:0B:F7:CB:C2:54:F7:72:8B:83:05:D7:39:49:A3:62 Certificate issuer: /CN=A91AA28B/serialNumber=6FC2EDF0C51152A3BEC1149A1BDB2EDB293C9D95 Certificate serial: 0DF1 Authority key identifier: 6F:C2:ED:F0:C5:11:52:A3:BE:C1:14:9A:1B:DB:2E:DB:29:3C:9D:95 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b8Lt8MURUqO-wRSaG9su2yk8nZU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/4DD0C31C0E2011F0A0825648C4F9AE02.roa Signing time: Mon 02 Mar 2026 18:21:53 +0000 ROA not before: Mon 02 Mar 2026 18:21:53 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 58682 IP address blocks: 103.204.208.0/22 maxlen: 22 103.204.208.0/24 maxlen: 24 103.204.209.0/24 maxlen: 24 103.204.210.0/24 maxlen: 24 103.204.211.0/24 maxlen: 24 202.181.16.0/24 maxlen: 24 202.181.17.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/b8Lt8MURUqO-wRSaG9su2yk8nZU.crl rsync://rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/b8Lt8MURUqO-wRSaG9su2yk8nZU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b8Lt8MURUqO-wRSaG9su2yk8nZU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 17:46:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3569 (0xdf1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AA28B, serialNumber=6FC2EDF0C51152A3BEC1149A1BDB2EDB293C9D95 Validity Not Before: Mar 2 18:21:53 2026 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=69a5d540-a47d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:13:21:07:c0:c2:2f:5e:fb:47:44:4b:2e:02: 50:63:80:62:cd:16:eb:23:32:d2:1a:9b:fd:15:a5: db:cf:5b:a9:95:5e:47:c5:b3:b1:3f:f8:7d:2c:05: 4c:0f:e7:ee:c4:8e:0f:4c:f0:08:24:c6:fe:87:50: 1b:03:cb:d3:77:e3:65:f1:dd:c5:dd:b7:46:62:70: 52:b2:ab:bd:e3:6b:d7:4b:df:24:e1:2b:b3:aa:62: 54:c3:79:b5:ca:d1:8d:39:8b:f4:0f:f5:3b:95:62: 81:4b:41:3e:c0:2c:b5:8c:67:3b:84:06:ab:e0:a7: 3f:84:52:08:51:a5:b2:d8:98:fb:9b:38:1d:6f:fd: 9f:17:3d:75:12:53:84:d9:27:bf:25:02:53:6b:59: 31:8c:6e:5a:98:24:96:bd:56:9d:ef:df:07:8e:e4: 8e:58:c5:5f:b4:aa:cc:ac:7f:2a:2a:07:57:e8:d7: 03:60:36:4d:7a:7d:c0:fc:c7:35:46:75:ea:fd:bb: 3b:d2:10:0e:e2:5a:33:2b:6f:77:47:db:45:73:9d: 2e:f3:38:44:e4:e6:f7:90:a6:79:a0:3d:cb:c1:4f: 5e:22:b0:81:a3:68:e6:00:17:98:92:73:90:4a:5d: 36:f3:39:22:f4:5b:a8:a3:75:53:a3:20:81:dd:f3: b2:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:EA:12:04:57:0B:F7:CB:C2:54:F7:72:8B:83:05:D7:39:49:A3:62 X509v3 Authority Key Identifier: keyid:6F:C2:ED:F0:C5:11:52:A3:BE:C1:14:9A:1B:DB:2E:DB:29:3C:9D:95 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/b8Lt8MURUqO-wRSaG9su2yk8nZU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b8Lt8MURUqO-wRSaG9su2yk8nZU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/4DD0C31C0E2011F0A0825648C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.204.208.0/22 202.181.16.0/23 Signature Algorithm: sha256WithRSAEncryption 8f:94:ef:71:8b:dc:1b:86:23:da:33:c5:07:fa:98:e7:7e:7f: 24:bf:bd:c3:85:15:9e:9f:79:f5:8e:42:f1:05:7d:70:3d:11: c8:54:93:35:ac:45:b5:36:41:fc:c9:db:5e:91:95:bb:6b:f4: 5a:0a:8d:18:90:a9:65:df:02:70:7b:94:ee:01:49:b6:b8:9c: 21:41:d8:09:72:32:99:31:01:15:29:02:b6:e1:dc:c5:f8:aa: 70:a8:74:35:07:bf:69:ed:43:e5:7a:58:22:33:05:6c:b6:9d: a4:12:7a:de:93:a6:a7:77:db:f6:8d:58:b8:4a:c0:db:01:74: d8:2e:5d:68:71:55:58:7a:34:b5:0b:ae:41:77:e9:e8:77:5a: b7:24:55:23:f2:e2:b5:a1:e4:3a:b3:8c:74:6b:3d:a1:6e:ea: 60:c8:20:cf:c7:be:15:01:9d:03:07:80:11:6a:d1:2f:7b:46: 42:c4:cb:6e:bd:a2:3e:20:82:6d:b8:e9:2d:96:ff:d0:e9:fa: 33:ed:ba:f4:cc:f8:de:55:08:46:1b:e1:9a:5d:97:cf:5b:99: 2d:83:6b:96:fa:1d:e8:4f:e8:41:b0:1d:3a:b4:7a:ae:0c:6d: 04:c0:bd:87:06:75:1a:9f:62:39:a4:71:7b:26:68:fb:5f:6d: 19:0b:78:cb -----BEGIN CERTIFICATE----- MIIFQjCCBCqgAwIBAgICDfEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUEyOEIxMTAvBgNVBAUTKDZGQzJFREYwQzUxMTUyQTNCRUMxMTQ5QTFCREIyRURC MjkzQzlEOTUwHhcNMjYwMzAyMTgyMTUzWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE1ZDU0MC1hNDdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuxMhB8DCL177R0RLLgJQY4BizRbrIzLSGpv9FaXbz1uplV5HxbOxP/h9LAVM D+fuxI4PTPAIJMb+h1AbA8vTd+Nl8d3F3bdGYnBSsqu942vXS98k4SuzqmJUw3m1 ytGNOYv0D/U7lWKBS0E+wCy1jGc7hAar4Kc/hFIIUaWy2Jj7mzgdb/2fFz11ElOE 2Se/JQJTa1kxjG5amCSWvVad798HjuSOWMVftKrMrH8qKgdX6NcDYDZNen3A/Mc1 RnXq/bs70hAO4lozK293R9tFc50u8zhE5Ob3kKZ5oD3LwU9eIrCBo2jmABeYknOQ Sl028zki9Fuoo3VToyCB3fOypwIDAQABo4ICZjCCAmIwHQYDVR0OBBYEFPrqEgRX C/fLwlT3couDBdc5SaNiMB8GA1UdIwQYMBaAFG/C7fDFEVKjvsEUmhvbLtspPJ2V MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQTI4Qi8xRTAyNjRBQURC QzgxMUU5QkVBOTEwNTFDNEY5QUUwMi9iOEx0OE1VUlVxTy13UlNhRzlzdTJ5azhu WlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2I4THQ4TVVSVXFPLXdSU2FHOXN1MnlrOG5aVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUEyOEIvMUUwMjY0QUFEQkM4MTFFOUJFQTkxMDUxQzRGOUFFMDIvNEREMEMzMUMw RTIwMTFGMEEwODI1NjQ4QzRGOUFFMDIucm9hMCUGCCsGAQUFBwEHAQH/BBYwFDAS BAIAATAMAwQCZ8zQAwQByrUQMA0GCSqGSIb3DQEBCwUAA4IBAQCPlO9xi9wbhiPa M8UH+pjnfn8kv73DhRWen3n1jkLxBX1wPRHIVJM1rEW1NkH8ydtekZW7a/RaCo0Y kKll3wJwe5TuAUm2uJwhQdgJcjKZMQEVKQK24dzF+KpwqHQ1B79p7UPlelgiMwVs tp2kEnrek6and9v2jVi4SsDbAXTYLl1ocVVYejS1C65Bd+nod1q3JFUj8uK1oeQ6 s4x0az2hbupgyCDPx74VAZ0DB4ARatEve0ZCxMtuvaI+IIJtuOktlv/Q6foz7br0 zPjeVQhGG+GaXZfPW5ktg2uW+h3oT+hBsB06tHquDG0EwL2HBnUan2I5pHF7Jmj7 X20ZC3jL -----END CERTIFICATE-----Generated at Thu Mar 26 17:57:40 2026 by rpki-client