$ rpki-client -vvf rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/E08658208D2D11F09327643FC4F9AE02.roa File: E08658208D2D11F09327643FC4F9AE02.roa (raw, json) Hash identifier: HZ9XqDs/Q/+Qy4eAIHRPLHAdt18YVv5Jmqk14KOrXus= Subject key identifier: E8:88:CD:34:AB:89:43:18:BC:3C:B9:ED:37:0D:B5:2A:9B:6F:2E:66 Certificate issuer: /CN=A91AC532/serialNumber=BCAB3E76F84ED43742F2A081242708E799CE1B5F Certificate serial: 018B Authority key identifier: BC:AB:3E:76:F8:4E:D4:37:42:F2:A0:81:24:27:08:E7:99:CE:1B:5F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vKs-dvhO1DdC8qCBJCcI55nOG18.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/E08658208D2D11F09327643FC4F9AE02.roa Signing time: Mon 02 Mar 2026 14:42:14 +0000 ROA not before: Tue 09 Sep 2025 03:34:23 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 45652 IP address blocks: 43.252.120.0/22 maxlen: 24 103.233.80.0/22 maxlen: 24 110.34.139.0/24 maxlen: 24 110.34.158.0/24 maxlen: 24 110.34.162.0/23 maxlen: 24 110.34.164.0/24 maxlen: 24 110.34.166.0/24 maxlen: 24 110.34.180.0/23 maxlen: 24 110.34.183.0/24 maxlen: 24 110.34.184.0/23 maxlen: 24 110.34.186.0/23 maxlen: 24 110.34.188.0/23 maxlen: 24 110.34.190.0/23 maxlen: 24 110.34.220.0/22 maxlen: 24 2401:4a40::/32 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/vKs-dvhO1DdC8qCBJCcI55nOG18.crl rsync://rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/vKs-dvhO1DdC8qCBJCcI55nOG18.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vKs-dvhO1DdC8qCBJCcI55nOG18.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Apr 2026 04:06:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 395 (0x18b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AC532, serialNumber=BCAB3E76F84ED43742F2A081242708E799CE1B5F Validity Not Before: Sep 9 03:34:23 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=69a5a1c6-30a6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:9f:1a:a9:bf:9b:84:52:f6:bf:70:8e:4b:32: c5:4a:60:f4:59:1a:bc:ec:dc:bd:f8:b9:ec:71:77: 26:63:20:bd:26:53:7d:a3:f9:ab:c5:09:cf:49:74: 87:ce:49:68:ad:b2:ea:50:8e:95:bb:fc:74:0f:1b: 20:93:fe:94:f6:01:58:9d:c1:cd:6e:39:13:74:dd: 00:53:ff:64:8e:0f:f5:f2:a3:0c:b1:b9:76:f7:55: 29:1d:55:78:ac:99:02:c5:6e:71:74:6a:4b:8b:d7: 0e:06:ab:5d:41:58:5c:7d:5f:bb:07:b6:58:aa:9d: 88:2b:35:02:2f:74:fc:63:48:85:60:d9:35:37:a0: f4:6b:b0:69:bd:02:c0:07:c3:b8:44:10:e0:f3:8f: 05:3a:94:6f:4b:00:9c:a3:34:a0:eb:71:c6:91:7f: f1:22:21:f4:27:38:27:42:1b:bf:5a:03:11:13:7a: 7a:99:89:2d:29:95:1a:f0:b4:0d:b4:73:a3:d2:94: 09:64:3a:96:d1:d6:f4:70:54:58:6a:03:02:d0:33: 48:13:0c:e2:1d:26:59:77:43:44:a2:c7:a3:d3:b3: 9a:1c:c9:de:84:b3:d1:fd:48:05:00:8c:d4:90:64: 04:7a:92:bd:40:a9:bb:40:f5:a1:27:0c:66:d7:0b: e3:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:88:CD:34:AB:89:43:18:BC:3C:B9:ED:37:0D:B5:2A:9B:6F:2E:66 X509v3 Authority Key Identifier: keyid:BC:AB:3E:76:F8:4E:D4:37:42:F2:A0:81:24:27:08:E7:99:CE:1B:5F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/vKs-dvhO1DdC8qCBJCcI55nOG18.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vKs-dvhO1DdC8qCBJCcI55nOG18.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AC532/DAA0D0B4037E11EF8520E758C4F9AE02/E08658208D2D11F09327643FC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.252.120.0/22 103.233.80.0/22 110.34.139.0/24 110.34.158.0/24 110.34.162.0-110.34.164.255 110.34.166.0/24 110.34.180.0/23 110.34.183.0-110.34.191.255 110.34.220.0/22 IPv6: 2401:4a40::/32 Signature Algorithm: sha256WithRSAEncryption 26:70:01:57:5e:c9:0f:61:f2:e3:e4:4c:7f:46:9b:a6:a6:f0: e6:80:1f:0d:d0:d5:14:68:ec:02:7c:49:37:34:08:26:f5:22: dd:6c:e3:03:88:09:2f:15:71:60:0a:44:3f:09:87:22:1f:f4: 74:5f:5a:ef:fb:38:b2:77:5a:7b:e3:2c:9f:e3:d2:d5:6f:30: 52:be:9a:c4:e2:c1:69:fe:03:19:0c:37:a0:19:91:a6:e4:d1: 07:00:1e:32:8b:4a:c7:51:33:2b:ad:6b:cc:5a:84:46:f7:49: 86:dc:e3:1f:a8:95:bb:7d:66:bf:b1:cb:ee:3e:d9:85:0c:25: bb:df:f5:d9:c8:26:7d:cd:87:ba:0f:ac:1b:fc:bb:7f:f4:7e: ff:9a:e6:a9:d7:9d:26:71:3c:e5:32:85:5b:d5:f0:62:9a:f7: 79:48:9d:2f:39:f1:49:30:76:32:15:9f:50:c4:0c:67:7c:42: 53:8d:60:ab:37:72:b7:16:10:16:b7:f2:0e:22:71:05:69:07: 4b:9b:77:aa:eb:a7:31:68:f8:64:cd:c2:27:c3:32:14:89:8a: a0:14:9f:dc:e1:64:57:e8:4f:87:b6:31:36:f6:28:50:82:26: c5:6c:a1:77:ea:37:4f:e1:eb:30:44:08:64:a7:88:33:18:24: 7c:50:b1:d0 -----BEGIN CERTIFICATE----- MIIFizCCBHOgAwIBAgICAYswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUM1MzIxMTAvBgNVBAUTKEJDQUIzRTc2Rjg0RUQ0Mzc0MkYyQTA4MTI0MjcwOEU3 OTlDRTFCNUYwHhcNMjUwOTA5MDMzNDIzWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02OWE1YTFjNi0zMGE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAkp8aqb+bhFL2v3COSzLFSmD0WRq87Ny9+LnscXcmYyC9JlN9o/mrxQnPSXSH zklorbLqUI6Vu/x0Dxsgk/6U9gFYncHNbjkTdN0AU/9kjg/18qMMsbl291UpHVV4 rJkCxW5xdGpLi9cOBqtdQVhcfV+7B7ZYqp2IKzUCL3T8Y0iFYNk1N6D0a7BpvQLA B8O4RBDg848FOpRvSwCcozSg63HGkX/xIiH0JzgnQhu/WgMRE3p6mYktKZUa8LQN tHOj0pQJZDqW0db0cFRYagMC0DNIEwziHSZZd0NEosej07OaHMnehLPR/UgFAIzU kGQEepK9QKm7QPWhJwxm1wvjQQIDAQABo4ICrzCCAqswHQYDVR0OBBYEFOiIzTSr iUMYvDy57TcNtSqbby5mMB8GA1UdIwQYMBaAFLyrPnb4TtQ3QvKggSQnCOeZzhtf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQzUzMi9EQUEwRDBCNDAz N0UxMUVGODUyMEU3NThDNEY5QUUwMi92S3MtZHZoTzFEZEM4cUNCSkNjSTU1bk9H MTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ZLcy1kdmhPMURkQzhxQ0JKQ2NJNTVuT0cxOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUM1MzIvREFBMEQwQjQwMzdFMTFFRjg1MjBFNzU4QzRGOUFFMDIvRTA4NjU4MjA4 RDJEMTFGMDkzMjc2NDNGQzRGOUFFMDIucm9hMG4GCCsGAQUFBwEHAQH/BF8wXTBM BAIAATBGAwQCK/x4AwQCZ+lQAwQAbiKLAwQAbiKeMAwDBAFuIqIDBABuIqQDBABu IqYDBAFuIrQwDAMEAG4itwMEBm4igAMEAm4i3DANBAIAAjAHAwUAJAFKQDANBgkq hkiG9w0BAQsFAAOCAQEAJnABV17JD2Hy4+RMf0abpqbw5oAfDdDVFGjsAnxJNzQI JvUi3WzjA4gJLxVxYApEPwmHIh/0dF9a7/s4sndae+Msn+PS1W8wUr6axOLBaf4D GQw3oBmRpuTRBwAeMotKx1EzK61rzFqERvdJhtzjH6iVu31mv7HL7j7ZhQwlu9/1 2cgmfc2Hug+sG/y7f/R+/5rmqdedJnE85TKFW9XwYpr3eUidLznxSTB2MhWfUMQM Z3xCU41gqzdytxYQFrfyDiJxBWkHS5t3quunMWj4ZM3CJ8MyFImKoBSf3OFkV+hP h7YxNvYoUIImxWyhd+o3T+HrMEQIZKeIMxgkfFCx0A== -----END CERTIFICATE-----Generated at Thu Mar 26 11:19:43 2026 by rpki-client