$ rpki-client -vvf rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/222F2952038511EFAF036327C4F9AE02.roa File: 222F2952038511EFAF036327C4F9AE02.roa (raw, json) Hash identifier: BXFPwmxciEV+XnYi9tPFQyzwDsUtThZRgJTMV6z6hBQ= Subject key identifier: 98:29:72:B1:50:C7:B0:AF:DC:22:5C:D8:82:E4:59:B6:C0:00:CC:45 Certificate issuer: /CN=A91AC532/serialNumber=BCAB3E76F84ED43742F2A081242708E799CE1B5F Certificate serial: 018A Authority key identifier: BC:AB:3E:76:F8:4E:D4:37:42:F2:A0:81:24:27:08:E7:99:CE:1B:5F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vKs-dvhO1DdC8qCBJCcI55nOG18.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/222F2952038511EFAF036327C4F9AE02.roa Signing time: Mon 02 Mar 2026 14:42:13 +0000 ROA not before: Thu 27 Mar 2025 05:42:49 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 4213 IP address blocks: 43.252.120.0/22 maxlen: 22 43.252.120.0/24 maxlen: 24 103.233.80.0/23 maxlen: 23 103.233.82.0/24 maxlen: 24 103.233.83.0/24 maxlen: 24 110.34.151.0/24 maxlen: 24 110.34.166.0/24 maxlen: 24 110.34.186.0/23 maxlen: 23 110.34.188.0/23 maxlen: 23 110.34.191.0/24 maxlen: 24 110.34.217.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/vKs-dvhO1DdC8qCBJCcI55nOG18.crl rsync://rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/vKs-dvhO1DdC8qCBJCcI55nOG18.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vKs-dvhO1DdC8qCBJCcI55nOG18.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Apr 2026 04:06:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 394 (0x18a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AC532, serialNumber=BCAB3E76F84ED43742F2A081242708E799CE1B5F Validity Not Before: Mar 27 05:42:49 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=69a5a1c5-a2a5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:01:2e:1e:7c:7c:90:74:e5:51:a0:5f:d0:37: 61:39:e1:9c:0e:78:7a:22:dd:d9:af:4f:f5:c1:af: 01:8b:a0:66:b9:f7:dc:c2:83:1b:fa:7a:91:bb:74: 07:d5:29:68:bd:0f:24:13:c4:5e:f7:21:d6:24:4d: 13:0d:c6:94:72:6d:c7:dc:c8:ec:e2:b9:1e:16:ad: 6b:45:a7:a3:ef:5e:0e:be:46:6d:8b:c1:ee:ce:9a: e1:88:9b:ee:07:30:74:e2:e2:6a:b1:d5:3f:db:3e: 92:84:7d:7e:27:94:1d:68:f1:92:6b:a4:f2:1e:41: 52:09:64:37:a7:86:79:58:d7:8c:5e:9a:5a:5d:0f: 03:43:d3:57:1e:49:71:fe:fd:92:06:ab:df:4d:bf: d3:55:31:d6:50:31:60:bf:ab:e6:ee:7f:99:a7:d1: f4:55:e0:9c:05:71:d1:41:aa:25:ba:b9:12:52:97: 19:a3:23:f1:ef:cb:cc:c5:9a:bf:cc:81:20:4a:ea: 28:ff:62:6e:f9:3d:e4:b2:a2:60:fd:d0:58:15:55: 77:29:c1:da:a4:d7:aa:30:48:97:dc:8f:73:7c:3a: 2e:7b:66:2f:fd:be:76:fb:11:d7:98:f9:71:e2:7b: 49:3c:d5:ba:33:59:80:4e:37:bf:11:02:5d:29:cd: 35:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:29:72:B1:50:C7:B0:AF:DC:22:5C:D8:82:E4:59:B6:C0:00:CC:45 X509v3 Authority Key Identifier: keyid:BC:AB:3E:76:F8:4E:D4:37:42:F2:A0:81:24:27:08:E7:99:CE:1B:5F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/vKs-dvhO1DdC8qCBJCcI55nOG18.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vKs-dvhO1DdC8qCBJCcI55nOG18.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/222F2952038511EFAF036327C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.252.120.0/22 103.233.80.0/22 110.34.151.0/24 110.34.166.0/24 110.34.186.0-110.34.189.255 110.34.191.0/24 110.34.217.0/24 Signature Algorithm: sha256WithRSAEncryption 58:fa:30:ee:7a:78:6f:6f:60:e0:0a:2c:19:5e:44:ab:fe:e0: 1f:e4:f3:bb:1e:2b:73:9e:7b:bb:c3:65:58:24:42:e8:a8:b9: 33:44:be:d5:2f:be:3e:a7:5f:20:c9:ad:6b:7c:26:4e:ef:82: 7c:6a:9a:e3:18:51:4d:51:4a:59:29:bf:8d:d9:bd:62:b4:59: bb:5a:61:ef:3a:f4:68:dc:6a:30:43:83:8e:4d:9c:a4:18:e4: dd:23:4f:99:94:00:c7:32:c4:ca:4b:33:cb:55:ac:e9:53:b4: e1:b9:8e:91:74:74:c7:9a:f4:02:7a:7a:f5:10:2b:0c:eb:07: 7b:04:bf:cf:61:df:33:68:99:07:7b:c0:2c:06:4b:4e:ed:20: 82:7c:95:78:51:64:6d:38:63:42:7d:17:ca:21:cf:e9:fc:ec: 74:42:ab:4b:70:c0:54:47:f0:9a:7c:1f:54:ae:f4:e1:ad:85: bf:38:67:20:6f:b4:c7:23:97:0e:0d:20:48:2a:18:ad:af:8e: b2:a4:ba:93:84:49:47:de:29:56:21:4f:4b:f1:90:24:e8:5f: 07:2f:4a:18:cf:ee:70:a2:26:a3:14:9c:63:96:84:04:69:3d: 3a:d5:be:fc:e9:fd:c7:b1:43:96:e0:0b:0f:d3:97:7d:4a:7b: ed:4d:e7:b1 -----BEGIN CERTIFICATE----- MIIFaDCCBFCgAwIBAgICAYowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUM1MzIxMTAvBgNVBAUTKEJDQUIzRTc2Rjg0RUQ0Mzc0MkYyQTA4MTI0MjcwOEU3 OTlDRTFCNUYwHhcNMjUwMzI3MDU0MjQ5WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02OWE1YTFjNS1hMmE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyQEuHnx8kHTlUaBf0DdhOeGcDnh6It3Zr0/1wa8Bi6BmuffcwoMb+nqRu3QH 1SlovQ8kE8Re9yHWJE0TDcaUcm3H3Mjs4rkeFq1rRaej714OvkZti8HuzprhiJvu BzB04uJqsdU/2z6ShH1+J5QdaPGSa6TyHkFSCWQ3p4Z5WNeMXppaXQ8DQ9NXHklx /v2SBqvfTb/TVTHWUDFgv6vm7n+Zp9H0VeCcBXHRQaolurkSUpcZoyPx78vMxZq/ zIEgSuoo/2Ju+T3ksqJg/dBYFVV3KcHapNeqMEiX3I9zfDoue2Yv/b52+xHXmPlx 4ntJPNW6M1mATje/EQJdKc01nQIDAQABo4ICjDCCAogwHQYDVR0OBBYEFJgpcrFQ x7Cv3CJc2ILkWbbAAMxFMB8GA1UdIwQYMBaAFLyrPnb4TtQ3QvKggSQnCOeZzhtf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQzUzMi9EQUEwRDBCNDAz N0UxMUVGODUyMEU3NThDNEY5QUUwMi92S3MtZHZoTzFEZEM4cUNCSkNjSTU1bk9H MTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ZLcy1kdmhPMURkQzhxQ0JKQ2NJNTVuT0cxOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUM1MzIvREFBMEQwQjQwMzdFMTFFRjg1MjBFNzU4QzRGOUFFMDIvMjIyRjI5NTIw Mzg1MTFFRkFGMDM2MzI3QzRGOUFFMDIucm9hMEsGCCsGAQUFBwEHAQH/BDwwOjA4 BAIAATAyAwQCK/x4AwQCZ+lQAwQAbiKXAwQAbiKmMAwDBAFuIroDBAFuIrwDBABu Ir8DBABuItkwDQYJKoZIhvcNAQELBQADggEBAFj6MO56eG9vYOAKLBleRKv+4B/k 87seK3Oee7vDZVgkQuiouTNEvtUvvj6nXyDJrWt8Jk7vgnxqmuMYUU1RSlkpv43Z vWK0WbtaYe869GjcajBDg45NnKQY5N0jT5mUAMcyxMpLM8tVrOlTtOG5jpF0dMea 9AJ6evUQKwzrB3sEv89h3zNomQd7wCwGS07tIIJ8lXhRZG04Y0J9F8ohz+n87HRC q0twwFRH8Jp8H1Su9OGthb84ZyBvtMcjlw4NIEgqGK2vjrKkupOESUfeKVYhT0vx kCToXwcvShjP7nCiJqMUnGOWhARpPTrVvvzp/cexQ5bgCw/Tl31Ke+1N57E= -----END CERTIFICATE-----Generated at Thu Mar 26 09:59:14 2026 by rpki-client