$ rpki-client -vvf rpki.apnic.net/member_repository/A91BA164/AFC592ECF31E11E883EB7B79C4F9AE02/96D571D41FEB11F0A2AEE444C4F9AE02.roa File: 96D571D41FEB11F0A2AEE444C4F9AE02.roa (raw, json) Hash identifier: xwp+vsBFySucNW4Yhnh8sJi71zn8ZQofjYnVbPZEHro= Subject key identifier: C2:83:C4:52:2F:E1:DE:E4:41:71:C7:6F:8B:F2:8B:44:C5:80:3A:07 Certificate issuer: /CN=A91BA164/serialNumber=2EC44B9FC165C3BC8285812C313CC7801988FF31 Certificate serial: 1283 Authority key identifier: 2E:C4:4B:9F:C1:65:C3:BC:82:85:81:2C:31:3C:C7:80:19:88:FF:31 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LsRLn8Flw7yChYEsMTzHgBmI_zE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BA164/AFC592ECF31E11E883EB7B79C4F9AE02/96D571D41FEB11F0A2AEE444C4F9AE02.roa Signing time: Mon 02 Mar 2026 12:27:20 +0000 ROA not before: Mon 18 Aug 2025 17:26:41 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 139021 IP address blocks: 43.249.0.0/23 maxlen: 24 43.249.2.0/24 maxlen: 24 43.249.3.0/24 maxlen: 24 103.24.248.0/22 maxlen: 24 103.96.148.0/23 maxlen: 24 103.96.150.0/23 maxlen: 24 103.120.80.0/23 maxlen: 24 103.120.82.0/23 maxlen: 24 2404:ccc0::/32 maxlen: 32 2404:ccc0:200::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BA164/AFC592ECF31E11E883EB7B79C4F9AE02/LsRLn8Flw7yChYEsMTzHgBmI_zE.crl rsync://rpki.apnic.net/member_repository/A91BA164/AFC592ECF31E11E883EB7B79C4F9AE02/LsRLn8Flw7yChYEsMTzHgBmI_zE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LsRLn8Flw7yChYEsMTzHgBmI_zE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 17:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4739 (0x1283) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BA164, serialNumber=2EC44B9FC165C3BC8285812C313CC7801988FF31 Validity Not Before: Aug 18 17:26:41 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=69a58228-d2f2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:99:62:28:84:3b:e6:14:62:b2:cb:62:f8:6f: 6b:23:32:32:af:61:48:05:47:59:c1:f6:86:11:d8: 3c:6a:d8:a4:18:6d:4e:4f:29:d4:03:4e:81:45:dc: e1:63:f6:35:ad:ec:4e:00:9c:16:78:0a:6f:e5:1d: f7:13:86:41:bf:b7:30:bf:8e:79:e5:f8:0c:8f:19: 0f:b6:1a:f2:ca:89:86:58:bb:81:b8:12:2c:5b:e0: 8e:fe:d8:42:75:bc:a0:5c:ed:02:21:7b:07:6a:e9: f2:8d:3e:4d:0c:ba:7a:e1:82:47:c1:33:34:89:fc: e5:9e:1d:98:97:8f:b4:39:b9:88:52:f7:65:69:6f: 5d:b4:a0:18:ee:88:50:3b:4b:b8:d3:35:d0:93:99: 5d:9c:4f:61:57:88:e0:6d:83:46:e6:74:a4:25:26: 32:70:04:cd:cf:a8:87:55:e8:d8:07:7f:1c:68:3c: b8:66:ee:14:d4:c2:a4:2f:98:23:1b:9e:93:34:55: b4:82:3f:06:b6:4f:7d:d8:9b:0a:98:51:aa:4b:f1: 4c:29:3f:22:68:8d:bd:f1:95:1c:ec:2b:44:ff:7f: 5b:4a:75:04:af:0b:ba:cc:64:af:4b:bb:b8:a4:5a: 59:77:4d:58:f7:2b:9f:95:16:2b:51:63:18:ce:4a: d4:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:83:C4:52:2F:E1:DE:E4:41:71:C7:6F:8B:F2:8B:44:C5:80:3A:07 X509v3 Authority Key Identifier: keyid:2E:C4:4B:9F:C1:65:C3:BC:82:85:81:2C:31:3C:C7:80:19:88:FF:31 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BA164/AFC592ECF31E11E883EB7B79C4F9AE02/LsRLn8Flw7yChYEsMTzHgBmI_zE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LsRLn8Flw7yChYEsMTzHgBmI_zE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BA164/AFC592ECF31E11E883EB7B79C4F9AE02/96D571D41FEB11F0A2AEE444C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.249.0.0/22 103.24.248.0/22 103.96.148.0/22 103.120.80.0/22 IPv6: 2404:ccc0::/32 Signature Algorithm: sha256WithRSAEncryption 25:bd:ab:ba:3d:ba:ef:29:01:50:e8:3a:6f:67:08:0f:31:b9: 3a:8f:a1:73:e8:a5:64:f6:dd:83:e0:ec:18:c3:ff:2d:00:6f: b1:c5:f4:45:88:15:58:54:e6:79:11:be:55:c9:57:2b:d5:4c: 52:6c:32:45:04:59:4f:9a:29:9b:12:e9:46:ad:a9:a9:75:e4: c9:6d:49:cf:b7:a0:4a:e1:26:c6:9f:59:f0:80:8f:4f:fc:c8: 07:92:79:3c:42:ee:05:cf:73:0c:d3:4c:de:7a:f0:ac:79:8b: cd:c6:42:2b:90:fa:dc:1b:36:6a:11:27:42:7b:0c:74:11:ec: a2:77:66:3f:4b:33:d1:2c:f8:c9:34:99:88:a8:3c:27:d3:b2: a5:64:d5:22:61:5b:65:21:7c:ef:d7:64:e0:74:4c:1e:ff:17: d5:6f:c6:d7:26:3b:19:2c:41:c1:af:b2:fa:77:02:13:07:eb: 62:17:64:35:37:e1:e5:29:7a:56:ef:3d:bb:2a:61:32:73:17: 59:94:b6:65:79:78:c4:c4:ac:e3:64:53:a9:8d:28:67:94:f9: aa:25:0a:61:e1:79:73:e6:2c:72:26:cd:af:12:13:aa:a6:f3: 86:df:28:6e:db:59:c8:9e:b4:8f:d6:17:08:ed:9e:ca:38:00: f2:ce:d7:cd -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgICEoMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkExNjQxMTAvBgNVBAUTKDJFQzQ0QjlGQzE2NUMzQkM4Mjg1ODEyQzMxM0NDNzgw MTk4OEZGMzEwHhcNMjUwODE4MTcyNjQxWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE1ODIyOC1kMmYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAppliKIQ75hRissti+G9rIzIyr2FIBUdZwfaGEdg8atikGG1OTynUA06BRdzh Y/Y1rexOAJwWeApv5R33E4ZBv7cwv4555fgMjxkPthryyomGWLuBuBIsW+CO/thC dbygXO0CIXsHaunyjT5NDLp64YJHwTM0ifzlnh2Yl4+0ObmIUvdlaW9dtKAY7ohQ O0u40zXQk5ldnE9hV4jgbYNG5nSkJSYycATNz6iHVejYB38caDy4Zu4U1MKkL5gj G56TNFW0gj8Gtk992JsKmFGqS/FMKT8iaI298ZUc7CtE/39bSnUErwu6zGSvS7u4 pFpZd01Y9yuflRYrUWMYzkrUewIDAQABo4ICgTCCAn0wHQYDVR0OBBYEFMKDxFIv 4d7kQXHHb4vyi0TFgDoHMB8GA1UdIwQYMBaAFC7ES5/BZcO8goWBLDE8x4AZiP8x MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQTE2NC9BRkM1OTJFQ0Yz MUUxMUU4ODNFQjdCNzlDNEY5QUUwMi9Mc1JMbjhGbHc3eUNoWUVzTVR6SGdCbUlf ekUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xzUkxuOEZsdzd5Q2hZRXNNVHpIZ0JtSV96RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkExNjQvQUZDNTkyRUNGMzFFMTFFODgzRUI3Qjc5QzRGOUFFMDIvOTZENTcxRDQx RkVCMTFGMEEyQUVFNDQ0QzRGOUFFMDIucm9hMEAGCCsGAQUFBwEHAQH/BDEwLzAe BAIAATAYAwQCK/kAAwQCZxj4AwQCZ2CUAwQCZ3hQMA0EAgACMAcDBQAkBMzAMA0G CSqGSIb3DQEBCwUAA4IBAQAlvau6PbrvKQFQ6DpvZwgPMbk6j6Fz6KVk9t2D4OwY w/8tAG+xxfRFiBVYVOZ5Eb5VyVcr1UxSbDJFBFlPmimbEulGrampdeTJbUnPt6BK 4SbGn1nwgI9P/MgHknk8Qu4Fz3MM00zeevCseYvNxkIrkPrcGzZqESdCewx0Eeyi d2Y/SzPRLPjJNJmIqDwn07KlZNUiYVtlIXzv12TgdEwe/xfVb8bXJjsZLEHBr7L6 dwITB+tiF2Q1N+HlKXpW7z27KmEycxdZlLZleXjExKzjZFOpjShnlPmqJQph4Xlz 5ixyJs2vEhOqpvOG3yhu21nInrSP1hcI7Z7KOADyztfN -----END CERTIFICATE-----Generated at Thu Mar 26 16:51:53 2026 by rpki-client