$ rpki-client -vvf rpki.apnic.net/member_repository/A91BA9CE/54F15DA4011111EABD4F0A49C4F9AE02/DBED3B7C011411EAAB0EF153C4F9AE02.roa File: DBED3B7C011411EAAB0EF153C4F9AE02.roa (raw, json) Hash identifier: wE1GPx9wnoFcfEYGMUAJqz9RuXU5yBbJIWxjAwW0zyI= Subject key identifier: EC:B1:95:3B:0C:69:4D:D0:AA:73:41:0B:B5:B9:15:BE:A8:8D:B2:86 Certificate issuer: /CN=A91BA9CE/serialNumber=E9690BBB9F36C09D4C2ED4F66CF55DC35275FB72 Certificate serial: 0D1D Authority key identifier: E9:69:0B:BB:9F:36:C0:9D:4C:2E:D4:F6:6C:F5:5D:C3:52:75:FB:72 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6WkLu582wJ1MLtT2bPVdw1J1-3I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BA9CE/54F15DA4011111EABD4F0A49C4F9AE02/DBED3B7C011411EAAB0EF153C4F9AE02.roa Signing time: Sun 01 Mar 2026 17:01:53 +0000 ROA not before: Wed 04 Jun 2025 18:41:54 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 24028 IP address blocks: 43.239.103.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BA9CE/54F15DA4011111EABD4F0A49C4F9AE02/6WkLu582wJ1MLtT2bPVdw1J1-3I.crl rsync://rpki.apnic.net/member_repository/A91BA9CE/54F15DA4011111EABD4F0A49C4F9AE02/6WkLu582wJ1MLtT2bPVdw1J1-3I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6WkLu582wJ1MLtT2bPVdw1J1-3I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 18:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3357 (0xd1d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BA9CE, serialNumber=E9690BBB9F36C09D4C2ED4F66CF55DC35275FB72 Validity Not Before: Jun 4 18:41:54 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=69a47101-0cdd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:5b:a0:67:63:9a:5b:d7:ab:44:85:44:38:44: ce:3d:af:a8:ab:0a:94:7b:e4:3f:40:cf:63:11:09: 90:b9:e4:2b:08:0e:df:61:f6:c9:45:f5:29:0e:ae: 28:cb:73:1a:a8:65:1f:76:3d:6b:2a:5e:14:da:1f: 67:82:18:45:9d:21:81:81:30:e3:03:03:8d:ac:3a: 94:50:5d:f4:dd:08:b1:05:e1:67:c2:d8:52:fe:31: ac:73:29:88:1b:e7:b0:2f:3e:c6:d2:e4:b1:5a:f9: ef:9b:5e:83:93:ab:5c:d7:04:5f:61:99:10:b7:1f: 3b:5d:15:88:f4:02:53:2a:78:59:f8:62:87:eb:d8: 39:4f:16:0a:8f:75:28:eb:87:13:8c:7d:df:9b:88: 7b:d6:d4:b6:bb:b6:81:62:f0:2a:62:db:3b:07:0f: 8c:c2:4b:8b:a8:24:49:49:af:a1:1d:8d:3f:1f:90: 72:e1:62:a8:f7:39:11:23:2f:f0:a8:58:cd:aa:b3: 50:7d:14:c6:99:04:93:63:8e:55:ef:48:11:34:ca: d4:1e:69:62:fe:88:3d:f4:91:4c:25:ad:b5:f3:22: 56:44:82:63:28:4b:f8:00:2c:71:02:af:a8:a0:ec: 3a:93:64:0d:2c:84:18:1e:5a:9f:bf:54:2d:f5:c4: 25:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:B1:95:3B:0C:69:4D:D0:AA:73:41:0B:B5:B9:15:BE:A8:8D:B2:86 X509v3 Authority Key Identifier: keyid:E9:69:0B:BB:9F:36:C0:9D:4C:2E:D4:F6:6C:F5:5D:C3:52:75:FB:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BA9CE/54F15DA4011111EABD4F0A49C4F9AE02/6WkLu582wJ1MLtT2bPVdw1J1-3I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6WkLu582wJ1MLtT2bPVdw1J1-3I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BA9CE/54F15DA4011111EABD4F0A49C4F9AE02/DBED3B7C011411EAAB0EF153C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.239.103.0/24 Signature Algorithm: sha256WithRSAEncryption 16:0a:84:15:e6:1f:84:e1:e9:8f:6b:0d:cd:2e:aa:cc:71:78: d5:0d:ae:d6:ff:22:66:15:c8:4d:13:36:b6:f0:f0:47:10:c8: 4c:a5:b7:05:4d:28:bd:e8:e3:55:1a:21:ad:2d:74:33:2b:a6: f5:74:e1:ea:70:40:23:84:16:e0:fe:07:72:5c:99:c9:6f:23: 47:48:ed:df:2f:81:76:6e:4a:39:a8:37:9d:d0:4d:b0:96:89: ae:7f:30:19:37:30:18:79:2e:15:20:43:97:16:c2:70:0f:fd: 6e:9a:20:18:7b:b8:f7:1a:69:53:be:7b:cc:f2:d5:33:e1:05: 25:9d:e4:f0:54:12:07:21:33:8f:fd:bb:d9:6d:3c:a4:71:52: a8:f1:f2:0e:8f:50:5b:e1:2c:bb:4c:29:e2:3f:1d:81:8c:bf: 37:ac:91:c7:73:9a:58:ff:dc:2d:ce:ed:d4:53:ca:aa:8e:b3: 60:31:66:71:3a:ee:2f:b1:b9:73:93:ba:27:04:4b:99:69:8f: 18:41:ea:f7:a2:af:4f:bc:b3:82:c4:2a:6d:37:0c:6f:0d:dc: e0:26:10:97:6d:dc:57:c9:5a:c0:8a:90:4d:96:e6:ff:17:ed: f1:a1:0a:34:10:b9:81:95:af:79:b4:65:d9:bb:87:b5:82:9e: d3:f6:a8:7b -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgICDR0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkE5Q0UxMTAvBgNVBAUTKEU5NjkwQkJCOUYzNkMwOUQ0QzJFRDRGNjZDRjU1REMz NTI3NUZCNzIwHhcNMjUwNjA0MTg0MTU0WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NzEwMS0wY2RkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5lugZ2OaW9erRIVEOETOPa+oqwqUe+Q/QM9jEQmQueQrCA7fYfbJRfUpDq4o y3MaqGUfdj1rKl4U2h9nghhFnSGBgTDjAwONrDqUUF303QixBeFnwthS/jGscymI G+ewLz7G0uSxWvnvm16Dk6tc1wRfYZkQtx87XRWI9AJTKnhZ+GKH69g5TxYKj3Uo 64cTjH3fm4h71tS2u7aBYvAqYts7Bw+MwkuLqCRJSa+hHY0/H5By4WKo9zkRIy/w qFjNqrNQfRTGmQSTY45V70gRNMrUHmli/og99JFMJa218yJWRIJjKEv4ACxxAq+o oOw6k2QNLIQYHlqfv1Qt9cQlDwIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFOyxlTsM aU3QqnNBC7W5Fb6ojbKGMB8GA1UdIwQYMBaAFOlpC7ufNsCdTC7U9mz1XcNSdfty MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQTlDRS81NEYxNURBNDAx MTExMUVBQkQ0RjBBNDlDNEY5QUUwMi82V2tMdTU4MndKMU1MdFQyYlBWZHcxSjEt M0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzZXa0x1NTgyd0oxTUx0VDJiUFZkdzFKMS0zSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkE5Q0UvNTRGMTVEQTQwMTExMTFFQUJENEYwQTQ5QzRGOUFFMDIvREJFRDNCN0Mw MTE0MTFFQUFCMEVGMTUzQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK+9nMA0GCSqGSIb3DQEBCwUAA4IBAQAWCoQV5h+E4emPaw3NLqrM cXjVDa7W/yJmFchNEza28PBHEMhMpbcFTSi96ONVGiGtLXQzK6b1dOHqcEAjhBbg /gdyXJnJbyNHSO3fL4F2bko5qDed0E2wlomufzAZNzAYeS4VIEOXFsJwD/1umiAY e7j3GmlTvnvM8tUz4QUlneTwVBIHITOP/bvZbTykcVKo8fIOj1Bb4Sy7TCniPx2B jL83rJHHc5pY/9wtzu3UU8qqjrNgMWZxOu4vsblzk7onBEuZaY8YQer3oq9PvLOC xCptNwxvDdzgJhCXbdxXyVrAipBNlub/F+3xoQo0ELmBla95tGXZu4e1gp7T9qh7 -----END CERTIFICATE-----Generated at Thu Mar 26 14:23:11 2026 by rpki-client