$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6F87/B1CD71F0268811EBBE7C682BC4F9AE02/6AB849742C9C11EBB49A3A32C4F9AE02.roa File: 6AB849742C9C11EBB49A3A32C4F9AE02.roa (raw, json) Hash identifier: xYotCNT5gCNIUjui/L3r9m3hvbE/2pZfHJK9qEIIwa8= Subject key identifier: BD:13:78:70:97:42:A4:C9:ED:DA:69:34:96:F8:BC:53:60:FA:92:A2 Certificate issuer: /CN=A91B6F87/serialNumber=7A5474123C548817E25F3484CC26B60B0641BD69 Certificate serial: 080C Authority key identifier: 7A:54:74:12:3C:54:88:17:E2:5F:34:84:CC:26:B6:0B:06:41:BD:69 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/elR0EjxUiBfiXzSEzCa2CwZBvWk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B6F87/B1CD71F0268811EBBE7C682BC4F9AE02/6AB849742C9C11EBB49A3A32C4F9AE02.roa Signing time: Sun 01 Mar 2026 14:53:18 +0000 ROA not before: Tue 23 Sep 2025 06:44:54 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 45178 IP address blocks: 103.28.132.0/22 maxlen: 24 103.112.164.0/22 maxlen: 22 103.112.164.0/24 maxlen: 24 103.112.165.0/24 maxlen: 24 103.112.166.0/24 maxlen: 24 103.112.167.0/24 maxlen: 24 111.125.152.0/21 maxlen: 21 111.125.152.0/22 maxlen: 22 111.125.152.0/23 maxlen: 23 111.125.152.0/24 maxlen: 24 111.125.153.0/24 maxlen: 24 111.125.154.0/24 maxlen: 24 111.125.155.0/24 maxlen: 24 111.125.156.0/24 maxlen: 24 111.125.157.0/24 maxlen: 24 111.125.158.0/24 maxlen: 24 111.125.159.0/24 maxlen: 24 116.206.188.0/24 maxlen: 24 116.206.189.0/24 maxlen: 24 116.206.190.0/24 maxlen: 24 203.174.27.0/24 maxlen: 24 2406:d100::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B6F87/B1CD71F0268811EBBE7C682BC4F9AE02/elR0EjxUiBfiXzSEzCa2CwZBvWk.crl rsync://rpki.apnic.net/member_repository/A91B6F87/B1CD71F0268811EBBE7C682BC4F9AE02/elR0EjxUiBfiXzSEzCa2CwZBvWk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/elR0EjxUiBfiXzSEzCa2CwZBvWk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 20:59:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2060 (0x80c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B6F87, serialNumber=7A5474123C548817E25F3484CC26B60B0641BD69 Validity Not Before: Sep 23 06:44:54 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=69a452de-b818 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:38:03:47:28:9c:4b:c4:e3:43:96:90:9e:19: 4c:a6:43:aa:f7:bd:38:52:c5:24:90:ea:3b:cd:15: 9f:28:e3:b6:53:71:e2:54:3a:c2:1d:ed:89:7e:b2: ff:23:93:25:ff:89:09:70:fe:37:20:3a:ab:36:ca: 4d:77:c1:ad:03:bb:58:bf:1b:5e:d9:ac:98:2c:aa: da:84:87:06:4e:95:47:62:f7:6d:31:91:89:b2:4a: d8:1e:9e:55:8d:43:03:8e:76:7d:85:78:d0:dd:e3: 1d:a7:60:e6:0f:4c:16:3d:b3:2a:ae:3b:12:53:ad: aa:85:bd:45:25:c4:e8:00:a8:c6:b7:36:0e:7a:1f: 1c:8f:14:fe:4a:cb:4b:8a:36:d4:39:94:79:7c:14: 47:cc:f5:d3:cd:ab:b7:6e:56:90:44:f4:77:91:28: 7f:b3:0d:16:a0:94:2c:6b:e7:bd:99:6e:90:56:20: 37:14:5f:e9:a8:e3:a5:22:8f:12:2c:5e:e6:06:39: a6:9a:ec:63:ff:65:29:3e:75:9f:a9:58:b6:69:4e: 83:be:48:40:1f:1c:a1:5d:c5:7f:fe:34:48:af:4b: de:23:2c:4c:27:01:64:e6:a2:6a:88:c4:45:26:66: 48:80:de:c7:37:59:ae:27:a3:67:8f:d7:4b:1e:24: 0b:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:13:78:70:97:42:A4:C9:ED:DA:69:34:96:F8:BC:53:60:FA:92:A2 X509v3 Authority Key Identifier: keyid:7A:54:74:12:3C:54:88:17:E2:5F:34:84:CC:26:B6:0B:06:41:BD:69 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B6F87/B1CD71F0268811EBBE7C682BC4F9AE02/elR0EjxUiBfiXzSEzCa2CwZBvWk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/elR0EjxUiBfiXzSEzCa2CwZBvWk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6F87/B1CD71F0268811EBBE7C682BC4F9AE02/6AB849742C9C11EBB49A3A32C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.28.132.0/22 103.112.164.0/22 111.125.152.0/21 116.206.188.0-116.206.190.255 203.174.27.0/24 IPv6: 2406:d100::/32 Signature Algorithm: sha256WithRSAEncryption 74:7f:88:a2:56:bc:05:06:a4:30:02:fd:d9:c6:5c:f7:43:d6: a3:1a:c6:de:29:c8:7f:a3:3c:28:97:cf:2d:c3:46:79:41:34: 86:f2:d0:46:02:9c:70:3f:a7:2e:c9:28:af:d1:3b:88:d5:64: 5c:e4:af:45:48:93:53:cd:61:7f:00:9d:f2:75:6e:46:22:ae: cb:e2:b4:1d:6f:48:15:cc:a1:fe:e2:8e:80:f0:b4:7a:77:ba: bd:2b:53:77:d1:3d:4e:17:85:40:54:ca:9a:7a:df:7c:a2:b8: 6a:ce:3a:05:ad:0e:fe:43:8d:26:c6:3f:9e:2e:fb:76:11:cd: 2e:f8:b0:e3:3b:04:4c:73:10:4e:7c:de:51:ed:2e:44:97:db: 60:34:ad:3b:02:d9:38:c9:cc:3b:05:35:e3:a8:d8:e1:ec:aa: 82:3a:45:55:a9:f4:64:1f:79:e0:c0:ae:69:f7:04:a8:90:54: 17:ac:82:85:35:8d:b1:5f:ee:a7:45:aa:52:43:76:44:06:56: 37:24:c8:9c:16:5a:f7:a0:90:48:df:20:b6:36:2c:6e:d2:62: ad:f5:ea:5b:bc:f6:75:c8:fa:42:82:3c:1a:7d:17:b9:14:e0: a6:e3:77:8a:bb:3a:b7:8f:f7:a1:4e:2b:5f:cd:78:2c:f1:c1: c6:fe:f1:42 -----BEGIN CERTIFICATE----- MIIFazCCBFOgAwIBAgICCAwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjZGODcxMTAvBgNVBAUTKDdBNTQ3NDEyM0M1NDg4MTdFMjVGMzQ4NENDMjZCNjBC MDY0MUJENjkwHhcNMjUwOTIzMDY0NDU0WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NTJkZS1iODE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3TgDRyicS8TjQ5aQnhlMpkOq9704UsUkkOo7zRWfKOO2U3HiVDrCHe2JfrL/ I5Ml/4kJcP43IDqrNspNd8GtA7tYvxte2ayYLKrahIcGTpVHYvdtMZGJskrYHp5V jUMDjnZ9hXjQ3eMdp2DmD0wWPbMqrjsSU62qhb1FJcToAKjGtzYOeh8cjxT+SstL ijbUOZR5fBRHzPXTzau3blaQRPR3kSh/sw0WoJQsa+e9mW6QViA3FF/pqOOlIo8S LF7mBjmmmuxj/2UpPnWfqVi2aU6DvkhAHxyhXcV//jRIr0veIyxMJwFk5qJqiMRF JmZIgN7HN1muJ6Nnj9dLHiQLCwIDAQABo4ICjzCCAoswHQYDVR0OBBYEFL0TeHCX QqTJ7dppNJb4vFNg+pKiMB8GA1UdIwQYMBaAFHpUdBI8VIgX4l80hMwmtgsGQb1p MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNkY4Ny9CMUNENzFGMDI2 ODgxMUVCQkU3QzY4MkJDNEY5QUUwMi9lbFIwRWp4VWlCZmlYelNFekNhMkN3WkJ2 V2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2VsUjBFanhVaUJmaVh6U0V6Q2EyQ3daQnZXay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjZGODcvQjFDRDcxRjAyNjg4MTFFQkJFN0M2ODJCQzRGOUFFMDIvNkFCODQ5NzQy QzlDMTFFQkI0OUEzQTMyQzRGOUFFMDIucm9hME4GCCsGAQUFBwEHAQH/BD8wPTAs BAIAATAmAwQCZxyEAwQCZ3CkAwQDb32YMAwDBAJ0zrwDBAB0zr4DBADLrhswDQQC AAIwBwMFACQG0QAwDQYJKoZIhvcNAQELBQADggEBAHR/iKJWvAUGpDAC/dnGXPdD 1qMaxt4pyH+jPCiXzy3DRnlBNIby0EYCnHA/py7JKK/RO4jVZFzkr0VIk1PNYX8A nfJ1bkYirsvitB1vSBXMof7ijoDwtHp3ur0rU3fRPU4XhUBUypp633yiuGrOOgWt Dv5DjSbGP54u+3YRzS74sOM7BExzEE583lHtLkSX22A0rTsC2TjJzDsFNeOo2OHs qoI6RVWp9GQfeeDArmn3BKiQVBesgoU1jbFf7qdFqlJDdkQGVjckyJwWWvegkEjf ILY2LG7SYq316lu89nXI+kKCPBp9F7kU4Kbjd4q7OreP96FOK1/NeCzxwcb+8UI= -----END CERTIFICATE-----Generated at Thu Mar 26 09:06:25 2026 by rpki-client