$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/F9A864386AAB11EF8FEBE576C4F9AE02.roa File: F9A864386AAB11EF8FEBE576C4F9AE02.roa (raw, json) Hash identifier: YySN/OEFOesvLCn2GkCFn3w0IA8S3T8IMu+C8KUfxLg= Subject key identifier: 44:F8:9B:BD:69:6E:DB:F6:1D:78:26:58:DC:D3:96:A7:43:A2:C1:B7 Certificate issuer: /CN=A91B6587/serialNumber=2D634077CC847B59D4048D43E04B3309698FE638 Certificate serial: 03DA Authority key identifier: 2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/F9A864386AAB11EF8FEBE576C4F9AE02.roa Signing time: Sun 01 Mar 2026 18:13:44 +0000 ROA not before: Sun 08 Feb 2026 11:37:58 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 133499 IP address blocks: 43.225.188.0/24 maxlen: 24 43.225.190.0/24 maxlen: 24 43.228.236.0/24 maxlen: 24 43.228.238.0/23 maxlen: 23 43.228.238.0/24 maxlen: 24 43.228.239.0/24 maxlen: 24 103.84.120.0/22 maxlen: 24 103.194.113.0/24 maxlen: 24 103.240.164.0/22 maxlen: 24 103.241.52.0/22 maxlen: 22 103.241.52.0/24 maxlen: 24 103.241.53.0/24 maxlen: 24 103.241.54.0/24 maxlen: 24 103.241.55.0/24 maxlen: 24 103.252.110.0/24 maxlen: 24 150.107.226.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.crl rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Apr 2026 01:40:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 986 (0x3da) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B6587, serialNumber=2D634077CC847B59D4048D43E04B3309698FE638 Validity Not Before: Feb 8 11:37:58 2026 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=69a481d8-d207 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:7f:d7:e7:99:75:5f:d1:14:a6:81:99:48:33: b6:a2:01:8b:d1:7e:42:98:09:cd:7b:97:0c:e6:62: ed:fc:69:f4:87:59:c0:85:6c:ce:a1:0d:12:39:53: a6:32:f3:d4:7f:d4:6b:1f:18:d7:1a:8e:49:c8:a5: 09:2e:99:cd:84:4a:bf:a5:2c:99:22:d5:74:21:7c: 7e:09:f5:c4:1f:4e:fa:72:4c:47:37:15:dc:fa:ad: c1:f2:51:79:34:3e:10:35:74:5c:f3:08:32:88:b8: 17:c9:9d:ec:c4:5f:bc:df:4f:59:dd:5d:a0:95:15: 88:c1:ba:70:14:82:0b:9b:e6:c4:0a:6b:92:a0:60: df:24:7b:a1:55:00:bd:b8:27:a2:93:28:3a:cd:7f: ce:4b:8c:f9:3a:63:b6:14:11:22:ad:5b:cd:ae:88: 0e:65:0b:17:71:42:fb:7e:e4:d5:bd:b4:31:8b:b5: 3e:5b:1a:0c:f4:95:7e:06:48:2a:da:e2:28:0a:64: c4:65:df:ab:19:73:ef:d7:ef:f7:cf:34:c4:18:50: 49:ac:a6:e5:d8:b7:24:bb:6a:fa:94:32:48:f1:fc: d4:90:81:d6:f4:f0:0d:80:55:c7:6b:37:ce:c7:c2: 70:c3:fd:b6:cf:f0:cd:c2:4b:0f:93:9a:82:ea:b6: 92:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:F8:9B:BD:69:6E:DB:F6:1D:78:26:58:DC:D3:96:A7:43:A2:C1:B7 X509v3 Authority Key Identifier: keyid:2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/F9A864386AAB11EF8FEBE576C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.225.188.0/24 43.225.190.0/24 43.228.236.0/24 43.228.238.0/23 103.84.120.0/22 103.194.113.0/24 103.240.164.0/22 103.241.52.0/22 103.252.110.0/24 150.107.226.0/24 Signature Algorithm: sha256WithRSAEncryption 07:d7:bb:88:db:d9:23:88:e1:b1:04:14:85:8f:e1:b1:2c:1c: 0c:98:0b:be:9a:17:4c:a0:31:11:37:b8:7e:99:fc:f6:45:28: 19:4a:4e:c7:14:c3:70:a6:ad:6a:f2:c9:1e:9d:23:4e:91:b8: 5b:4c:62:64:d6:fe:5a:e3:6a:58:76:fc:35:3b:5a:b9:99:47: 6b:1b:7a:fa:cf:81:b0:d7:66:90:3f:2b:d5:98:22:1c:5e:b3: 2f:e9:73:80:f9:62:db:a7:7b:b7:cc:cd:0f:a0:71:3c:a9:4f: b1:8b:27:da:ee:3d:38:a3:6b:c2:71:32:bd:86:1d:4e:3f:ec: 60:52:ea:77:58:2b:3b:6c:1a:7f:10:2d:ac:43:00:1a:7b:70: c0:2f:76:57:2f:6f:b1:65:40:f1:cb:e7:b3:2a:c8:46:e5:06: 4d:c6:74:a3:e3:94:a0:df:b7:81:d2:85:d9:c4:08:59:a1:29: 65:07:62:9b:94:c8:27:88:ff:7c:34:b1:cc:a9:1e:e9:45:c4: 84:00:04:54:83:78:86:b7:29:b5:7e:af:a6:5e:1a:70:77:c0: 98:14:b4:78:a3:3d:45:43:ab:69:c9:fd:32:9d:3e:10:4f:5a: 3d:89:e3:4c:47:15:17:12:a9:3c:ab:db:67:a2:86:97:17:bf: 15:62:3d:70 -----BEGIN CERTIFICATE----- MIIFcjCCBFqgAwIBAgICA9owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjY1ODcxMTAvBgNVBAUTKDJENjM0MDc3Q0M4NDdCNTlENDA0OEQ0M0UwNEIzMzA5 Njk4RkU2MzgwHhcNMjYwMjA4MTEzNzU4WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0ODFkOC1kMjA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1X/X55l1X9EUpoGZSDO2ogGL0X5CmAnNe5cM5mLt/Gn0h1nAhWzOoQ0SOVOm MvPUf9RrHxjXGo5JyKUJLpnNhEq/pSyZItV0IXx+CfXEH076ckxHNxXc+q3B8lF5 ND4QNXRc8wgyiLgXyZ3sxF+8309Z3V2glRWIwbpwFIILm+bECmuSoGDfJHuhVQC9 uCeikyg6zX/OS4z5OmO2FBEirVvNrogOZQsXcUL7fuTVvbQxi7U+WxoM9JV+Bkgq 2uIoCmTEZd+rGXPv1+/3zzTEGFBJrKbl2Lcku2r6lDJI8fzUkIHW9PANgFXHazfO x8Jww/22z/DNwksPk5qC6raSbQIDAQABo4ICljCCApIwHQYDVR0OBBYEFET4m71p btv2HXgmWNzTlqdDosG3MB8GA1UdIwQYMBaAFC1jQHfMhHtZ1ASNQ+BLMwlpj+Y4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjU4Ny80MTdENzFCNDkx ODYxMUVEQTg0QTEyNERDNEY5QUUwMi9MV05BZDh5RWUxblVCSTFENEVzekNXbVA1 amcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xXTkFkOHlFZTFuVUJJMUQ0RXN6Q1dtUDVqZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjY1ODcvNDE3RDcxQjQ5MTg2MTFFREE4NEExMjREQzRGOUFFMDIvRjlBODY0Mzg2 QUFCMTFFRjhGRUJFNTc2QzRGOUFFMDIucm9hMFUGCCsGAQUFBwEHAQH/BEYwRDBC BAIAATA8AwQAK+G8AwQAK+G+AwQAK+TsAwQBK+TuAwQCZ1R4AwQAZ8JxAwQCZ/Ck AwQCZ/E0AwQAZ/xuAwQAlmviMA0GCSqGSIb3DQEBCwUAA4IBAQAH17uI29kjiOGx BBSFj+GxLBwMmAu+mhdMoDERN7h+mfz2RSgZSk7HFMNwpq1q8skenSNOkbhbTGJk 1v5a42pYdvw1O1q5mUdrG3r6z4Gw12aQPyvVmCIcXrMv6XOA+WLbp3u3zM0PoHE8 qU+xiyfa7j04o2vCcTK9hh1OP+xgUup3WCs7bBp/EC2sQwAae3DAL3ZXL2+xZUDx y+ezKshG5QZNxnSj45Sg37eB0oXZxAhZoSllB2KblMgniP98NLHMqR7pRcSEAARU g3iGtym1fq+mXhpwd8CYFLR4oz1FQ6tpyf0ynT4QT1o9ieNMRxUXEqk8q9tnooaX F78VYj1w -----END CERTIFICATE-----Generated at Thu Mar 26 05:39:10 2026 by rpki-client