$ rpki-client -vvf rpki.apnic.net/member_repository/A91B777C/6CD8133CB2DA11EB8B384A60C4F9AE02/10BBF6CEB2E711EB8A61B44EC4F9AE02.roa File: 10BBF6CEB2E711EB8A61B44EC4F9AE02.roa (raw, json) Hash identifier: LlAxmx0MZOZXkYDGM7WfPfc87Y4FEp6wboWMmKmjFlo= Subject key identifier: 2E:B1:9B:5F:39:03:53:96:B6:FA:19:86:FD:60:C5:6D:EA:13:4F:F5 Certificate issuer: /CN=A91B777C/serialNumber=7EBB3B41C97F3313FAE781EF63323C4AF62B8FB7 Certificate serial: 0687 Authority key identifier: 7E:BB:3B:41:C9:7F:33:13:FA:E7:81:EF:63:32:3C:4A:F6:2B:8F:B7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/frs7Qcl_MxP654HvYzI8SvYrj7c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B777C/6CD8133CB2DA11EB8B384A60C4F9AE02/10BBF6CEB2E711EB8A61B44EC4F9AE02.roa Signing time: Sun 01 Mar 2026 15:46:09 +0000 ROA not before: Sat 06 Dec 2025 21:35:26 +0000 ROA not after: Tue 02 Mar 2027 00:00:00 +0000 asID: 133847 IP address blocks: 43.224.88.0/22 maxlen: 24 43.242.108.0/22 maxlen: 24 103.12.60.0/22 maxlen: 24 103.38.20.0/22 maxlen: 24 103.43.108.0/22 maxlen: 24 103.199.148.0/22 maxlen: 24 103.207.72.0/22 maxlen: 24 137.59.80.0/22 maxlen: 24 210.16.124.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B777C/6CD8133CB2DA11EB8B384A60C4F9AE02/frs7Qcl_MxP654HvYzI8SvYrj7c.crl rsync://rpki.apnic.net/member_repository/A91B777C/6CD8133CB2DA11EB8B384A60C4F9AE02/frs7Qcl_MxP654HvYzI8SvYrj7c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/frs7Qcl_MxP654HvYzI8SvYrj7c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 22:12:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1671 (0x687) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B777C, serialNumber=7EBB3B41C97F3313FAE781EF63323C4AF62B8FB7 Validity Not Before: Dec 6 21:35:26 2025 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=69a45f41-faca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:1e:b1:4a:0e:3f:16:36:f2:7d:9e:3f:52:c4: b1:38:f4:4c:d0:b7:c0:5b:4d:d0:95:d3:b4:82:08: cb:2f:d3:8d:25:76:3a:60:de:92:77:de:4c:96:f0: 2e:fd:79:1f:33:89:36:b8:a6:02:80:d6:35:d1:e5: 26:69:6f:44:19:2f:67:74:93:40:7b:03:64:1f:e8: d8:e1:4e:25:bf:2a:ec:06:1b:4a:73:30:12:15:91: d1:20:59:18:72:12:80:43:7e:7a:4a:d9:86:39:0d: 38:5f:17:53:2b:57:3c:77:ef:68:ce:2a:52:48:1c: 53:e8:77:2c:33:52:c1:21:8e:3b:23:40:44:53:3f: 3f:36:4f:1d:45:c3:b7:6f:37:81:26:5c:8b:9f:53: cd:11:bc:d0:a7:51:c8:5a:11:c5:b6:d0:ff:14:65: 16:1a:88:46:94:a4:2b:aa:c6:fc:44:5e:80:82:b8: 68:f7:80:84:d1:e3:26:bc:60:c3:ef:f0:fe:6f:74: 99:e6:d0:f2:ec:0a:1c:8e:34:33:ab:e7:ae:10:af: f2:7c:ec:1b:00:e3:22:0e:96:0c:bd:53:e1:05:ba: 29:b6:5f:a1:8c:c8:72:a5:32:3f:8f:48:62:ba:12: 25:46:26:e0:67:d6:7d:64:b1:aa:85:a6:a7:8b:36: 37:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:B1:9B:5F:39:03:53:96:B6:FA:19:86:FD:60:C5:6D:EA:13:4F:F5 X509v3 Authority Key Identifier: keyid:7E:BB:3B:41:C9:7F:33:13:FA:E7:81:EF:63:32:3C:4A:F6:2B:8F:B7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B777C/6CD8133CB2DA11EB8B384A60C4F9AE02/frs7Qcl_MxP654HvYzI8SvYrj7c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/frs7Qcl_MxP654HvYzI8SvYrj7c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B777C/6CD8133CB2DA11EB8B384A60C4F9AE02/10BBF6CEB2E711EB8A61B44EC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.224.88.0/22 43.242.108.0/22 103.12.60.0/22 103.38.20.0/22 103.43.108.0/22 103.199.148.0/22 103.207.72.0/22 137.59.80.0/22 210.16.124.0/22 Signature Algorithm: sha256WithRSAEncryption 2c:ab:c9:6b:2a:36:0a:3a:d4:b1:b4:9a:3c:83:90:d0:b0:7b: af:ff:d6:8c:21:c8:fd:27:c4:14:de:6a:3c:97:b1:d7:6e:a5: c2:c1:3d:63:e3:11:d6:b9:1e:e3:0e:b8:34:64:fd:1b:6d:09: 17:22:80:82:84:35:bd:84:ea:12:c0:32:97:2b:61:e7:11:da: 21:16:90:68:a6:ae:d5:d5:76:92:e7:03:d6:1b:18:18:92:09: e0:7f:31:f2:16:fc:82:9d:1e:b8:78:a5:da:22:b4:c4:5c:6c: 53:74:e4:a2:cb:14:8b:a3:e0:d0:da:cc:d3:68:57:d4:38:06: d0:25:a0:09:7e:b3:81:b6:d5:6c:4f:e6:8a:a3:95:aa:a1:3c: ca:67:9a:66:03:54:58:fb:d3:a5:cd:db:75:5d:af:8e:d4:bf: 61:74:88:24:5c:54:d1:f9:d8:0a:c4:3c:c1:84:4d:7b:78:00: 45:20:fb:d3:97:1a:74:79:e0:c7:70:b9:fb:91:a3:78:97:0e: df:20:20:04:40:18:81:50:9c:2d:4f:7b:60:84:d9:5f:d4:5f: ea:12:d4:26:74:70:88:d2:a7:de:72:4e:e3:b7:ef:98:59:84: 5c:0d:b0:37:05:6d:b5:4e:c7:61:22:84:48:11:19:03:13:f2: 2d:c6:f5:99 -----BEGIN CERTIFICATE----- MIIFbDCCBFSgAwIBAgICBocwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qjc3N0MxMTAvBgNVBAUTKDdFQkIzQjQxQzk3RjMzMTNGQUU3ODFFRjYzMzIzQzRB RjYyQjhGQjcwHhcNMjUxMjA2MjEzNTI2WhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NWY0MS1mYWNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwB6xSg4/FjbyfZ4/UsSxOPRM0LfAW03QldO0ggjLL9ONJXY6YN6Sd95MlvAu /XkfM4k2uKYCgNY10eUmaW9EGS9ndJNAewNkH+jY4U4lvyrsBhtKczASFZHRIFkY chKAQ356StmGOQ04XxdTK1c8d+9ozipSSBxT6HcsM1LBIY47I0BEUz8/Nk8dRcO3 bzeBJlyLn1PNEbzQp1HIWhHFttD/FGUWGohGlKQrqsb8RF6Agrho94CE0eMmvGDD 7/D+b3SZ5tDy7AocjjQzq+euEK/yfOwbAOMiDpYMvVPhBboptl+hjMhypTI/j0hi uhIlRibgZ9Z9ZLGqhaanizY3wQIDAQABo4ICkDCCAowwHQYDVR0OBBYEFC6xm185 A1OWtvoZhv1gxW3qE0/1MB8GA1UdIwQYMBaAFH67O0HJfzMT+ueB72MyPEr2K4+3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNzc3Qy82Q0Q4MTMzQ0Iy REExMUVCOEIzODRBNjBDNEY5QUUwMi9mcnM3UWNsX014UDY1NEh2WXpJOFN2WXJq N2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ZyczdRY2xfTXhQNjU0SHZZekk4U3ZZcmo3Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Qjc3N0MvNkNEODEzM0NCMkRBMTFFQjhCMzg0QTYwQzRGOUFFMDIvMTBCQkY2Q0VC MkU3MTFFQjhBNjFCNDRFQzRGOUFFMDIucm9hME8GCCsGAQUFBwEHAQH/BEAwPjA8 BAIAATA2AwQCK+BYAwQCK/JsAwQCZww8AwQCZyYUAwQCZytsAwQCZ8eUAwQCZ89I AwQCiTtQAwQC0hB8MA0GCSqGSIb3DQEBCwUAA4IBAQAsq8lrKjYKOtSxtJo8g5DQ sHuv/9aMIcj9J8QU3mo8l7HXbqXCwT1j4xHWuR7jDrg0ZP0bbQkXIoCChDW9hOoS wDKXK2HnEdohFpBopq7V1XaS5wPWGxgYkgngfzHyFvyCnR64eKXaIrTEXGxTdOSi yxSLo+DQ2szTaFfUOAbQJaAJfrOBttVsT+aKo5WqoTzKZ5pmA1RY+9Olzdt1Xa+O 1L9hdIgkXFTR+dgKxDzBhE17eABFIPvTlxp0eeDHcLn7kaN4lw7fICAEQBiBUJwt T3tghNlf1F/qEtQmdHCI0qfeck7jt++YWYRcDbA3BW21TsdhIoRIERkDE/ItxvWZ -----END CERTIFICATE-----Generated at Thu Mar 26 06:15:06 2026 by rpki-client