$ rpki-client -vvf rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/5FFA5548B5A311EEA95C5732C4F9AE02.roa File: 5FFA5548B5A311EEA95C5732C4F9AE02.roa (raw, json) Hash identifier: 2Yw2VLmkAKkVffOJoK4BP4cvhiQPwiNPf/uzPwBmVbQ= Subject key identifier: 32:99:7F:71:00:C8:48:B0:18:4E:03:D8:47:F0:BB:47:F9:B9:55:A5 Certificate issuer: /CN=A91BA5BA/serialNumber=02AA3A76C459497B1B45F26E9044ACC6F2E8044F Certificate serial: 0408 Authority key identifier: 02:AA:3A:76:C4:59:49:7B:1B:45:F2:6E:90:44:AC:C6:F2:E8:04:4F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Aqo6dsRZSXsbRfJukESsxvLoBE8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/5FFA5548B5A311EEA95C5732C4F9AE02.roa Signing time: Sun 01 Mar 2026 12:00:52 +0000 ROA not before: Thu 17 Jul 2025 01:36:50 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 131330 IP address blocks: 103.22.148.0/24 maxlen: 24 103.22.149.0/24 maxlen: 24 103.22.150.0/24 maxlen: 24 103.22.151.0/24 maxlen: 24 202.88.40.0/24 maxlen: 24 202.88.41.0/24 maxlen: 24 202.88.43.0/24 maxlen: 24 2400:1560::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/Aqo6dsRZSXsbRfJukESsxvLoBE8.crl rsync://rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/Aqo6dsRZSXsbRfJukESsxvLoBE8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Aqo6dsRZSXsbRfJukESsxvLoBE8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 Apr 2026 00:16:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1032 (0x408) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BA5BA, serialNumber=02AA3A76C459497B1B45F26E9044ACC6F2E8044F Validity Not Before: Jul 17 01:36:50 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=69a42a73-f6de Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:0c:cf:23:80:23:a3:a3:2f:5c:96:b3:e6:30: db:46:8a:13:1c:13:02:ab:4a:a9:47:36:ec:73:94: e2:05:61:1f:1e:46:94:a6:d2:be:7a:6f:ff:73:9f: 50:26:0a:39:2a:67:2e:8a:f5:ef:a5:61:27:27:c5: 93:8d:69:4f:f1:3f:b6:0c:de:5e:44:35:b7:e5:d1: b6:52:2a:da:78:d6:8e:15:2e:c1:4b:1f:83:16:35: 8b:86:7d:c6:90:33:3c:95:4c:41:3c:7d:48:4e:f5: da:7e:65:24:67:af:4f:5a:fb:ea:84:69:46:1f:53: c2:05:dd:09:70:cb:f7:fe:2a:29:47:ee:0c:84:b6: 31:b5:61:e7:8b:c1:2e:64:02:15:93:21:b2:6f:8d: 11:e7:e5:68:0b:02:c7:e7:30:f6:02:74:69:89:9c: 2c:18:08:7f:4b:29:12:95:f2:06:56:07:b9:d2:ab: f8:6f:91:43:1e:11:bb:77:5e:70:c5:d4:b3:7a:7a: d9:51:0c:41:35:d6:f0:27:0c:7a:df:02:8d:da:bb: 47:69:e5:7e:ad:5b:83:70:37:7d:44:05:5c:9f:73: 51:c3:71:88:33:1c:1d:e4:b0:31:c3:8a:33:03:56: c9:47:cf:00:ab:b7:cc:7b:83:ee:62:eb:41:58:54: 71:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:99:7F:71:00:C8:48:B0:18:4E:03:D8:47:F0:BB:47:F9:B9:55:A5 X509v3 Authority Key Identifier: keyid:02:AA:3A:76:C4:59:49:7B:1B:45:F2:6E:90:44:AC:C6:F2:E8:04:4F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/Aqo6dsRZSXsbRfJukESsxvLoBE8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Aqo6dsRZSXsbRfJukESsxvLoBE8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/5FFA5548B5A311EEA95C5732C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.22.148.0/22 202.88.40.0/23 202.88.43.0/24 IPv6: 2400:1560::/32 Signature Algorithm: sha256WithRSAEncryption 2e:d1:40:0a:51:20:09:bc:87:4a:e5:2b:61:90:02:47:01:0a: 7b:1c:62:f2:c5:8c:60:0c:1f:06:01:fd:a6:9e:55:fd:07:a8: 18:c8:58:8b:7c:5f:a7:45:43:11:2d:ff:54:49:72:6b:16:05: 02:e7:2f:50:1e:5c:b8:04:d7:40:c5:c8:dd:57:de:d2:da:75: 27:78:59:e2:d2:f7:f4:ed:db:27:d4:15:8f:d6:72:78:b2:35: f5:f4:f8:15:5e:5c:c0:ae:9b:8e:19:c9:b6:c6:30:c8:d6:fa: f1:a1:c5:48:69:b1:b4:f3:f2:88:f4:cd:87:1f:03:c7:8a:f9: 17:5b:da:23:ef:89:32:fb:16:f1:85:bd:a8:95:7b:20:f2:e9: 54:a1:99:e1:fb:b4:bb:c3:1d:82:bc:0c:ad:ea:08:0a:7c:52: f3:26:2b:47:87:e6:c8:e5:8b:44:35:4e:4b:26:d8:4d:22:7d: 97:6d:a1:63:a4:3e:03:cd:9a:ff:1c:59:5b:c9:70:bc:24:7c: 42:15:7d:ef:1c:14:2d:55:36:a1:63:3e:5d:22:8b:bc:ab:ac: 93:f5:57:5b:13:dc:70:91:fe:e1:e2:d5:bf:34:9f:2e:8a:eb: 9c:5a:b8:e2:92:a7:64:27:90:1e:8c:56:90:fc:11:27:0b:35: 0a:80:2e:18 -----BEGIN CERTIFICATE----- MIIFVzCCBD+gAwIBAgICBAgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkE1QkExMTAvBgNVBAUTKDAyQUEzQTc2QzQ1OTQ5N0IxQjQ1RjI2RTkwNDRBQ0M2 RjJFODA0NEYwHhcNMjUwNzE3MDEzNjUwWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MmE3My1mNmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoAzPI4Ajo6MvXJaz5jDbRooTHBMCq0qpRzbsc5TiBWEfHkaUptK+em//c59Q Jgo5KmcuivXvpWEnJ8WTjWlP8T+2DN5eRDW35dG2UiraeNaOFS7BSx+DFjWLhn3G kDM8lUxBPH1ITvXafmUkZ69PWvvqhGlGH1PCBd0JcMv3/iopR+4MhLYxtWHni8Eu ZAIVkyGyb40R5+VoCwLH5zD2AnRpiZwsGAh/SykSlfIGVge50qv4b5FDHhG7d15w xdSzenrZUQxBNdbwJwx63wKN2rtHaeV+rVuDcDd9RAVcn3NRw3GIMxwd5LAxw4oz A1bJR88Aq7fMe4PuYutBWFRxaQIDAQABo4ICezCCAncwHQYDVR0OBBYEFDKZf3EA yEiwGE4D2Efwu0f5uVWlMB8GA1UdIwQYMBaAFAKqOnbEWUl7G0XybpBErMby6ARP MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQTVCQS80MzI2Q0JDMEI3 Q0QxMUVDQUY2ODEzMzVDNEY5QUUwMi9BcW82ZHNSWlNYc2JSZkp1a0VTc3h2TG9C RTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0FxbzZkc1JaU1hzYlJmSnVrRVNzeHZMb0JFOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkE1QkEvNDMyNkNCQzBCN0NEMTFFQ0FGNjgxMzM1QzRGOUFFMDIvNUZGQTU1NDhC NUEzMTFFRUE5NUM1NzMyQzRGOUFFMDIucm9hMDoGCCsGAQUFBwEHAQH/BCswKTAY BAIAATASAwQCZxaUAwQBylgoAwQAylgrMA0EAgACMAcDBQAkABVgMA0GCSqGSIb3 DQEBCwUAA4IBAQAu0UAKUSAJvIdK5SthkAJHAQp7HGLyxYxgDB8GAf2mnlX9B6gY yFiLfF+nRUMRLf9USXJrFgUC5y9QHly4BNdAxcjdV97S2nUneFni0vf07dsn1BWP 1nJ4sjX19PgVXlzArpuOGcm2xjDI1vrxocVIabG08/KI9M2HHwPHivkXW9oj74ky +xbxhb2olXsg8ulUoZnh+7S7wx2CvAyt6ggKfFLzJitHh+bI5YtENU5LJthNIn2X baFjpD4DzZr/HFlbyXC8JHxCFX3vHBQtVTahYz5dIou8q6yT9VdbE9xwkf7h4tW/ NJ8uiuucWrjikqdkJ5AejFaQ/BEnCzUKgC4Y -----END CERTIFICATE-----Generated at Sat Mar 28 11:48:57 2026 by rpki-client