$ rpki-client -vvf rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/A0AD48EA083011EF82AFFD44C4F9AE02.roa File: A0AD48EA083011EF82AFFD44C4F9AE02.roa (raw, json) Hash identifier: Z5ugBC9dUd5PS1DrzEWIofZwWUjke4mqLwbMdmUWC+c= Subject key identifier: 52:E2:12:BF:AD:AF:FA:8E:85:8B:B9:6A:D1:D6:46:CD:85:0B:C2:AB Certificate issuer: /CN=A91AC532/serialNumber=BCAB3E76F84ED43742F2A081242708E799CE1B5F Certificate serial: 0189 Authority key identifier: BC:AB:3E:76:F8:4E:D4:37:42:F2:A0:81:24:27:08:E7:99:CE:1B:5F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vKs-dvhO1DdC8qCBJCcI55nOG18.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/A0AD48EA083011EF82AFFD44C4F9AE02.roa Signing time: Mon 02 Mar 2026 14:42:12 +0000 ROA not before: Thu 27 Mar 2025 05:42:48 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 35908 IP address blocks: 43.252.120.0/22 maxlen: 24 103.233.80.0/22 maxlen: 24 110.34.128.0/17 maxlen: 24 2401:4a40::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/vKs-dvhO1DdC8qCBJCcI55nOG18.crl rsync://rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/vKs-dvhO1DdC8qCBJCcI55nOG18.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vKs-dvhO1DdC8qCBJCcI55nOG18.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Apr 2026 04:06:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 393 (0x189) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AC532, serialNumber=BCAB3E76F84ED43742F2A081242708E799CE1B5F Validity Not Before: Mar 27 05:42:48 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=69a5a1c4-0fb8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:81:2c:a2:f1:2a:88:37:9c:fb:0b:08:d0:c3: a9:70:e3:a7:f8:df:fa:e6:2a:99:9b:88:d1:5f:32: 08:b1:49:82:2c:0c:59:ef:63:14:8d:c9:d6:33:a1: 0d:58:6b:a8:75:92:24:70:eb:12:a5:9c:21:1e:02: 10:c1:2b:89:ed:34:16:90:7d:5a:21:65:24:cb:aa: 8d:98:3c:93:52:23:82:a8:18:53:cd:21:c8:8b:63: 78:69:8d:40:af:8e:ee:f8:81:04:0d:a2:ea:be:94: 1d:e8:07:5f:cb:cf:54:70:09:a5:f9:67:3e:74:1f: a5:dc:50:b6:f1:12:cd:85:d1:08:2a:d9:f6:c6:6d: 43:e8:34:23:60:91:c7:61:bd:21:68:69:bb:5e:b5: a0:51:d6:a0:10:58:72:ec:c3:61:29:d1:bd:09:75: 67:98:f0:1c:d8:2f:e7:7c:af:6f:8a:af:72:fe:9f: 68:02:ea:b7:08:2a:ed:57:dd:55:d4:c9:1a:cd:43: 3b:ef:57:e0:66:87:57:b7:13:b7:f7:98:0d:90:bb: 6f:62:b4:e3:45:9a:1f:9c:92:bd:0f:eb:51:3b:52: f9:e5:9c:67:f0:28:04:23:7f:6d:28:42:24:02:de: b6:e9:57:3f:0f:bc:14:8e:5b:bd:3a:0b:6b:a8:e9: 2f:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:E2:12:BF:AD:AF:FA:8E:85:8B:B9:6A:D1:D6:46:CD:85:0B:C2:AB X509v3 Authority Key Identifier: keyid:BC:AB:3E:76:F8:4E:D4:37:42:F2:A0:81:24:27:08:E7:99:CE:1B:5F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/vKs-dvhO1DdC8qCBJCcI55nOG18.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vKs-dvhO1DdC8qCBJCcI55nOG18.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/A0AD48EA083011EF82AFFD44C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.252.120.0/22 103.233.80.0/22 110.34.128.0/17 IPv6: 2401:4a40::/32 Signature Algorithm: sha256WithRSAEncryption 14:f0:5a:d8:4e:53:9c:6e:a9:a2:52:4f:e5:1c:2c:6c:3e:5c: 06:7b:74:88:4d:af:87:1b:23:66:d1:f0:6e:f8:ab:06:57:76: 4a:1b:2a:1b:f7:c3:be:9a:1e:a9:d6:2b:19:95:46:6e:cc:d9: ad:d3:fc:44:4a:b8:97:98:d0:94:59:35:ad:ea:42:53:19:84: e9:05:90:47:c0:79:0d:c7:8d:ca:7d:47:60:8c:23:c1:36:4e: 64:47:21:98:99:cb:13:1f:e2:a8:f0:5b:6e:83:ba:78:63:fa: 55:25:74:79:8b:ff:66:cc:c4:05:73:27:ef:9c:a0:50:b9:16: 89:32:f3:c2:5b:51:11:cf:a0:5d:a5:25:15:55:e1:e0:21:6d: 95:d6:4b:e7:93:33:48:4e:88:78:4d:65:a4:1b:10:8d:e6:2f: d1:c1:4f:bd:a1:92:bc:d2:ce:aa:43:15:29:6d:1e:f5:d9:a0: eb:c8:e5:9d:12:59:f8:90:6a:27:93:d1:61:5b:5f:0b:4c:fe: 30:7f:cd:6c:f6:5f:93:aa:32:32:b4:8b:09:6e:81:e8:1d:32: 90:af:ac:e8:f3:38:56:ed:53:92:5d:06:38:8d:00:40:74:d5: c0:cd:6d:1c:c3:37:60:a6:52:c8:f0:06:74:14:dd:50:18:5b: 95:18:84:58 -----BEGIN CERTIFICATE----- MIIFVzCCBD+gAwIBAgICAYkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUM1MzIxMTAvBgNVBAUTKEJDQUIzRTc2Rjg0RUQ0Mzc0MkYyQTA4MTI0MjcwOEU3 OTlDRTFCNUYwHhcNMjUwMzI3MDU0MjQ4WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02OWE1YTFjNC0wZmI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu4EsovEqiDec+wsI0MOpcOOn+N/65iqZm4jRXzIIsUmCLAxZ72MUjcnWM6EN WGuodZIkcOsSpZwhHgIQwSuJ7TQWkH1aIWUky6qNmDyTUiOCqBhTzSHIi2N4aY1A r47u+IEEDaLqvpQd6Adfy89UcAml+Wc+dB+l3FC28RLNhdEIKtn2xm1D6DQjYJHH Yb0haGm7XrWgUdagEFhy7MNhKdG9CXVnmPAc2C/nfK9viq9y/p9oAuq3CCrtV91V 1MkazUM771fgZodXtxO395gNkLtvYrTjRZofnJK9D+tRO1L55Zxn8CgEI39tKEIk At626Vc/D7wUjlu9OgtrqOkv0QIDAQABo4ICezCCAncwHQYDVR0OBBYEFFLiEr+t r/qOhYu5atHWRs2FC8KrMB8GA1UdIwQYMBaAFLyrPnb4TtQ3QvKggSQnCOeZzhtf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQzUzMi9EQUEwRDBCNDAz N0UxMUVGODUyMEU3NThDNEY5QUUwMi92S3MtZHZoTzFEZEM4cUNCSkNjSTU1bk9H MTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ZLcy1kdmhPMURkQzhxQ0JKQ2NJNTVuT0cxOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUM1MzIvREFBMEQwQjQwMzdFMTFFRjg1MjBFNzU4QzRGOUFFMDIvQTBBRDQ4RUEw ODMwMTFFRjgyQUZGRDQ0QzRGOUFFMDIucm9hMDoGCCsGAQUFBwEHAQH/BCswKTAY BAIAATASAwQCK/x4AwQCZ+lQAwQHbiKAMA0EAgACMAcDBQAkAUpAMA0GCSqGSIb3 DQEBCwUAA4IBAQAU8FrYTlOcbqmiUk/lHCxsPlwGe3SITa+HGyNm0fBu+KsGV3ZK Gyob98O+mh6p1isZlUZuzNmt0/xESriXmNCUWTWt6kJTGYTpBZBHwHkNx43KfUdg jCPBNk5kRyGYmcsTH+Ko8Ftug7p4Y/pVJXR5i/9mzMQFcyfvnKBQuRaJMvPCW1ER z6BdpSUVVeHgIW2V1kvnkzNIToh4TWWkGxCN5i/RwU+9oZK80s6qQxUpbR712aDr yOWdEln4kGonk9FhW18LTP4wf81s9l+TqjIytIsJboHoHTKQr6zo8zhW7VOSXQY4 jQBAdNXAzW0cwzdgplLI8AZ0FN1QGFuVGIRY -----END CERTIFICATE-----Generated at Thu Mar 26 14:31:01 2026 by rpki-client