$ rpki-client -vvf rpki.apnic.net/member_repository/A91AEE28/F1B1FBB090C111E8A493397FC4F9AE02/7BD0C11E8C3311EAB2E95132C4F9AE02.roa File: 7BD0C11E8C3311EAB2E95132C4F9AE02.roa (raw, json) Hash identifier: UxOORq5HIqmzTAndkFGSyfLwuGM4t27my60PZ299wbQ= Subject key identifier: 8F:D0:AD:32:B8:C9:DE:F8:E0:90:7E:65:71:70:71:4A:B8:82:DF:2A Certificate issuer: /CN=A91AEE28/serialNumber=A6CB9EFB4FE8C1C4E0C2F1B00E84C7F1A2F49C6F Certificate serial: 144F Authority key identifier: A6:CB:9E:FB:4F:E8:C1:C4:E0:C2:F1:B0:0E:84:C7:F1:A2:F4:9C:6F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/psue-0_owcTgwvGwDoTH8aL0nG8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AEE28/F1B1FBB090C111E8A493397FC4F9AE02/7BD0C11E8C3311EAB2E95132C4F9AE02.roa Signing time: Tue 10 Mar 2026 17:21:12 +0000 ROA not before: Tue 10 Mar 2026 17:21:12 +0000 ROA not after: Sat 01 May 2027 00:00:00 +0000 asID: 9246 IP address blocks: 43.240.88.0/22 maxlen: 22 103.7.100.0/22 maxlen: 22 114.142.192.0/18 maxlen: 18 114.142.212.0/24 maxlen: 24 117.20.120.0/21 maxlen: 21 202.151.64.0/19 maxlen: 19 202.151.76.0/24 maxlen: 24 202.151.85.0/24 maxlen: 24 2405:7400::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AEE28/F1B1FBB090C111E8A493397FC4F9AE02/psue-0_owcTgwvGwDoTH8aL0nG8.crl rsync://rpki.apnic.net/member_repository/A91AEE28/F1B1FBB090C111E8A493397FC4F9AE02/psue-0_owcTgwvGwDoTH8aL0nG8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/psue-0_owcTgwvGwDoTH8aL0nG8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 02 Apr 2026 16:51:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5199 (0x144f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AEE28, serialNumber=A6CB9EFB4FE8C1C4E0C2F1B00E84C7F1A2F49C6F Validity Not Before: Mar 10 17:21:12 2026 GMT Not After : May 1 00:00:00 2027 GMT Subject: CN=69b05308-3500 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:5c:c4:3d:9d:77:2e:9d:36:ad:3d:71:4d:bc: 03:73:66:81:e3:aa:da:a8:ac:6d:0d:5b:36:1b:64: a8:9e:80:23:8a:86:fb:8f:2a:9f:7a:d1:b0:09:8a: 52:35:90:10:93:9a:98:26:47:9d:7c:6d:8d:0e:30: 46:22:91:29:72:81:f6:c4:3c:e8:a3:8f:4f:b4:5b: 03:e2:15:d9:ce:db:09:db:53:20:0f:84:2a:e4:82: 7e:a6:ea:8d:4d:3c:f5:33:f7:83:ba:cf:f2:73:94: 47:44:f3:3c:46:74:28:ca:73:17:84:c1:87:d3:1d: 26:35:f6:37:61:15:c9:0f:45:62:55:67:bd:e7:cf: 6a:1c:b1:b4:8e:99:ce:71:57:66:85:88:92:d3:a8: c1:2c:b9:8c:20:dc:f9:f6:32:92:14:71:3e:b6:28: 07:68:e7:41:d9:56:29:62:ba:1a:c2:ea:a2:0c:c9: 48:21:3b:71:c5:8a:8a:33:95:dd:a4:ef:da:52:16: 1a:0f:88:da:ed:90:87:e6:06:c5:02:7f:e6:f3:14: 28:bc:da:ef:3f:75:4e:ce:a8:bb:0c:cd:1b:db:42: 20:c2:c3:6b:93:14:0c:dc:ef:c8:ae:38:2d:85:70: e6:8b:42:da:68:f2:93:7c:10:1e:0e:35:13:c1:5f: 7c:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:D0:AD:32:B8:C9:DE:F8:E0:90:7E:65:71:70:71:4A:B8:82:DF:2A X509v3 Authority Key Identifier: keyid:A6:CB:9E:FB:4F:E8:C1:C4:E0:C2:F1:B0:0E:84:C7:F1:A2:F4:9C:6F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AEE28/F1B1FBB090C111E8A493397FC4F9AE02/psue-0_owcTgwvGwDoTH8aL0nG8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/psue-0_owcTgwvGwDoTH8aL0nG8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AEE28/F1B1FBB090C111E8A493397FC4F9AE02/7BD0C11E8C3311EAB2E95132C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.240.88.0/22 103.7.100.0/22 114.142.192.0/18 117.20.120.0/21 202.151.64.0/19 IPv6: 2405:7400::/32 Signature Algorithm: sha256WithRSAEncryption f4:98:c6:4a:d2:b8:47:11:a2:8c:cc:8a:c8:09:2e:83:62:6d: 3a:57:bc:ad:49:8d:a3:31:15:f1:ec:f6:20:cf:f9:77:21:e8: 1b:96:9c:8c:88:cb:89:9c:bb:81:57:ee:67:df:f8:83:17:0d: 41:fc:4e:12:49:68:d3:2d:8f:93:86:58:ce:26:c3:c0:f6:cc: e4:d0:69:3c:fa:c1:8f:ed:29:e2:53:27:3b:d4:b7:5f:e9:a6: 85:81:ad:2c:6f:dd:e9:7b:7f:33:ce:d4:54:a3:2b:bd:4d:0d: 53:8c:cd:05:e0:71:12:93:d6:bb:88:d2:eb:5b:1c:9d:87:ae: f1:31:de:03:f3:f9:df:0f:dc:f5:9c:1e:64:29:76:66:9c:32: 15:da:37:c2:5a:71:08:b0:fc:a4:99:43:ae:fb:d5:35:19:eb: 61:a9:a1:61:14:ed:e9:f7:b1:0c:d4:30:9b:6f:6a:a5:e1:c0: 20:4c:5f:0f:08:a3:a2:0f:ec:a6:02:51:54:4b:15:75:69:12: aa:c0:fc:13:2b:44:1e:cc:59:05:83:5c:79:0e:24:db:ac:a2: d6:7f:3d:aa:40:1d:d1:6a:bb:96:f6:36:dc:90:63:17:35:6a: a2:e6:ad:a6:18:7a:f1:61:00:c2:19:e9:b0:3a:fb:3d:45:10: d0:f4:8a:f4 -----BEGIN CERTIFICATE----- MIIFYzCCBEugAwIBAgICFE8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUVFMjgxMTAvBgNVBAUTKEE2Q0I5RUZCNEZFOEMxQzRFMEMyRjFCMDBFODRDN0Yx QTJGNDlDNkYwHhcNMjYwMzEwMTcyMTEyWhcNMjcwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWIwNTMwOC0zNTAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyVzEPZ13Lp02rT1xTbwDc2aB46raqKxtDVs2G2SonoAjiob7jyqfetGwCYpS NZAQk5qYJkedfG2NDjBGIpEpcoH2xDzoo49PtFsD4hXZztsJ21MgD4Qq5IJ+puqN TTz1M/eDus/yc5RHRPM8RnQoynMXhMGH0x0mNfY3YRXJD0ViVWe9589qHLG0jpnO cVdmhYiS06jBLLmMINz59jKSFHE+tigHaOdB2VYpYroawuqiDMlIITtxxYqKM5Xd pO/aUhYaD4ja7ZCH5gbFAn/m8xQovNrvP3VOzqi7DM0b20IgwsNrkxQM3O/Irjgt hXDmi0LaaPKTfBAeDjUTwV98EwIDAQABo4IChzCCAoMwHQYDVR0OBBYEFI/QrTK4 yd744JB+ZXFwcUq4gt8qMB8GA1UdIwQYMBaAFKbLnvtP6MHE4MLxsA6Ex/Gi9Jxv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRUUyOC9GMUIxRkJCMDkw QzExMUU4QTQ5MzM5N0ZDNEY5QUUwMi9wc3VlLTBfb3djVGd3dkd3RG9USDhhTDBu RzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3BzdWUtMF9vd2NUZ3d2R3dEb1RIOGFMMG5HOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUVFMjgvRjFCMUZCQjA5MEMxMTFFOEE0OTMzOTdGQzRGOUFFMDIvN0JEMEMxMUU4 QzMzMTFFQUIyRTk1MTMyQzRGOUFFMDIucm9hMEYGCCsGAQUFBwEHAQH/BDcwNTAk BAIAATAeAwQCK/BYAwQCZwdkAwQGco7AAwQDdRR4AwQFypdAMA0EAgACMAcDBQAk BXQAMA0GCSqGSIb3DQEBCwUAA4IBAQD0mMZK0rhHEaKMzIrICS6DYm06V7ytSY2j MRXx7PYgz/l3IegblpyMiMuJnLuBV+5n3/iDFw1B/E4SSWjTLY+ThljOJsPA9szk 0Gk8+sGP7SniUyc71Ldf6aaFga0sb93pe38zztRUoyu9TQ1TjM0F4HESk9a7iNLr Wxydh67xMd4D8/nfD9z1nB5kKXZmnDIV2jfCWnEIsPykmUOu+9U1GethqaFhFO3p 97EM1DCbb2ql4cAgTF8PCKOiD+ymAlFUSxV1aRKqwPwTK0QezFkFg1x5DiTbrKLW fz2qQB3RaruW9jbckGMXNWqi5q2mGHrxYQDCGemwOvs9RRDQ9Ir0 -----END CERTIFICATE-----Generated at Sat Mar 28 13:23:15 2026 by rpki-client