$ rpki-client -vvf rpki.apnic.net/member_repository/A91BDC3F/5CE810460EB011EF872E8127C4F9AE02/7980C32AA71B11EFA8320136C4F9AE02.roa File: 7980C32AA71B11EFA8320136C4F9AE02.roa (raw, json) Hash identifier: 7L805w4NJZDw/aT5my+9YcknXYTue/CgMt2GXEK4uAA= Subject key identifier: BF:11:3E:4A:7E:1E:BC:0B:D8:2A:BF:7A:01:88:EA:5E:E2:2B:ED:07 Certificate issuer: /CN=A91BDC3F/serialNumber=6CE0E949711B203E4ACB22B680F3FFF47ED16C61 Certificate serial: 016C Authority key identifier: 6C:E0:E9:49:71:1B:20:3E:4A:CB:22:B6:80:F3:FF:F4:7E:D1:6C:61 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bODpSXEbID5KyyK2gPP_9H7RbGE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BDC3F/5CE810460EB011EF872E8127C4F9AE02/7980C32AA71B11EFA8320136C4F9AE02.roa Signing time: Mon 02 Mar 2026 14:53:01 +0000 ROA not before: Thu 03 Apr 2025 05:33:45 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 38532 IP address blocks: 43.227.231.0/24 maxlen: 24 43.229.84.0/22 maxlen: 22 43.229.128.0/23 maxlen: 23 43.229.130.0/24 maxlen: 24 103.7.8.0/22 maxlen: 22 103.14.212.0/22 maxlen: 22 103.26.40.0/22 maxlen: 22 103.26.41.0/24 maxlen: 24 103.36.92.0/22 maxlen: 22 103.62.4.0/22 maxlen: 24 103.254.255.0/24 maxlen: 24 113.11.248.0/21 maxlen: 21 113.197.32.0/21 maxlen: 21 116.12.48.0/21 maxlen: 21 124.6.60.0/22 maxlen: 24 2400:1480::/48 maxlen: 48 2407:d200::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BDC3F/5CE810460EB011EF872E8127C4F9AE02/bODpSXEbID5KyyK2gPP_9H7RbGE.crl rsync://rpki.apnic.net/member_repository/A91BDC3F/5CE810460EB011EF872E8127C4F9AE02/bODpSXEbID5KyyK2gPP_9H7RbGE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bODpSXEbID5KyyK2gPP_9H7RbGE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Apr 2026 04:10:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 364 (0x16c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BDC3F, serialNumber=6CE0E949711B203E4ACB22B680F3FFF47ED16C61 Validity Not Before: Apr 3 05:33:45 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=69a5a44c-5946 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:6f:e1:84:7d:32:f7:d1:fc:8e:2c:dc:14:63: ba:9c:47:e5:ee:bb:4d:fe:30:23:e6:1f:b3:a3:c9: 54:52:db:1b:65:6e:e4:f1:80:dc:3d:7c:86:3f:ae: 83:5b:b5:95:3a:c4:0e:f9:62:9d:9e:d9:7a:f1:f8: ae:02:22:05:02:a8:16:9f:bd:31:d1:8e:81:48:27: 9f:19:bc:66:bb:89:1a:5c:a9:f9:5f:e0:82:53:0a: 72:e9:78:39:2e:e2:19:36:fb:41:78:bc:8e:0f:13: 45:86:e0:14:39:29:cc:5b:66:ad:f8:ac:77:43:d2: c1:f3:c1:a8:2a:d6:87:48:00:da:88:77:c4:cd:51: 91:16:5b:b6:2e:2c:85:b4:c0:01:69:33:73:8e:84: e4:ca:d1:65:0a:ae:0f:68:1b:ee:99:9d:b6:78:9f: e8:5f:87:de:a0:49:8d:06:e2:21:44:6a:02:54:5e: c3:5c:0c:2e:dc:b8:0f:1e:b1:73:a3:24:a2:53:b1: 14:2f:f3:0c:8f:97:3a:13:f1:10:01:d0:34:be:2c: b6:09:bc:4d:1e:75:10:b5:de:83:f1:31:56:a7:d6: 59:3d:99:77:b6:c0:7a:92:ec:03:3c:8a:60:5a:84: 5d:d0:ad:4f:25:c5:60:06:72:4a:3d:a6:00:5d:52: 63:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:11:3E:4A:7E:1E:BC:0B:D8:2A:BF:7A:01:88:EA:5E:E2:2B:ED:07 X509v3 Authority Key Identifier: keyid:6C:E0:E9:49:71:1B:20:3E:4A:CB:22:B6:80:F3:FF:F4:7E:D1:6C:61 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BDC3F/5CE810460EB011EF872E8127C4F9AE02/bODpSXEbID5KyyK2gPP_9H7RbGE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bODpSXEbID5KyyK2gPP_9H7RbGE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BDC3F/5CE810460EB011EF872E8127C4F9AE02/7980C32AA71B11EFA8320136C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.227.231.0/24 43.229.84.0/22 43.229.128.0-43.229.130.255 103.7.8.0/22 103.14.212.0/22 103.26.40.0/22 103.36.92.0/22 103.62.4.0/22 103.254.255.0/24 113.11.248.0/21 113.197.32.0/21 116.12.48.0/21 124.6.60.0/22 IPv6: 2400:1480::/48 2407:d200::/32 Signature Algorithm: sha256WithRSAEncryption 45:c7:50:8e:23:41:47:10:3b:5b:b7:89:d5:97:c4:99:8f:98: cd:2b:17:9b:74:02:c2:68:9f:5b:c2:74:c9:70:14:dd:5e:61: 61:04:09:3c:8b:f5:33:a5:bb:9a:fe:c7:6a:d3:5d:a5:06:d5: 6a:79:c4:47:d5:19:b1:89:16:96:23:7f:05:b6:6c:16:80:b7: d2:78:82:43:15:69:e3:03:81:26:ce:45:70:bf:94:ad:a3:82: 3e:a9:a6:94:0d:9e:df:7e:6f:5a:ec:75:e4:5c:37:86:4e:22: 83:7e:2f:e4:ef:83:b4:17:e9:00:22:eb:c1:10:1a:1f:cd:0c: e7:e4:b4:a1:ea:b7:ff:24:ac:c8:f4:ba:56:25:e4:cc:08:25: 13:e1:d8:b2:bb:cf:73:e0:c5:1c:ea:bd:ea:56:68:7f:1b:74: f9:6b:15:34:73:0e:70:65:dd:29:2e:cb:02:c6:7a:4e:ff:65: 32:0c:9c:72:df:ff:8a:7b:54:ca:10:22:2b:ca:16:e9:fd:f6: ed:c6:b1:08:4f:59:48:4b:04:b5:01:62:cf:96:3f:ad:d4:2d: 88:26:94:e7:23:14:07:45:ac:23:05:f1:c4:79:c4:83:f8:82: 65:0b:80:af:4a:20:24:ee:e7:11:9e:02:f4:94:9c:9b:2c:54: 43:8f:f9:ab -----BEGIN CERTIFICATE----- MIIFpTCCBI2gAwIBAgICAWwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkRDM0YxMTAvBgNVBAUTKDZDRTBFOTQ5NzExQjIwM0U0QUNCMjJCNjgwRjNGRkY0 N0VEMTZDNjEwHhcNMjUwNDAzMDUzMzQ1WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE1YTQ0Yy01OTQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAo2/hhH0y99H8jizcFGO6nEfl7rtN/jAj5h+zo8lUUtsbZW7k8YDcPXyGP66D W7WVOsQO+WKdntl68fiuAiIFAqgWn70x0Y6BSCefGbxmu4kaXKn5X+CCUwpy6Xg5 LuIZNvtBeLyODxNFhuAUOSnMW2at+Kx3Q9LB88GoKtaHSADaiHfEzVGRFlu2LiyF tMABaTNzjoTkytFlCq4PaBvumZ22eJ/oX4feoEmNBuIhRGoCVF7DXAwu3LgPHrFz oySiU7EUL/MMj5c6E/EQAdA0viy2CbxNHnUQtd6D8TFWp9ZZPZl3tsB6kuwDPIpg WoRd0K1PJcVgBnJKPaYAXVJjuQIDAQABo4ICyTCCAsUwHQYDVR0OBBYEFL8RPkp+ HrwL2Cq/egGI6l7iK+0HMB8GA1UdIwQYMBaAFGzg6UlxGyA+SssitoDz//R+0Wxh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCREMzRi81Q0U4MTA0NjBF QjAxMUVGODcyRTgxMjdDNEY5QUUwMi9iT0RwU1hFYklENUt5eUsyZ1BQXzlIN1Ji R0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2JPRHBTWEViSUQ1S3l5SzJnUFBfOUg3UmJHRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkRDM0YvNUNFODEwNDYwRUIwMTFFRjg3MkU4MTI3QzRGOUFFMDIvNzk4MEMzMkFB NzFCMTFFRkE4MzIwMTM2QzRGOUFFMDIucm9hMIGHBggrBgEFBQcBBwEB/wR4MHYw XAQCAAEwVgMEACvj5wMEAivlVDAMAwQHK+WAAwQAK+WCAwQCZwcIAwQCZw7UAwQC ZxooAwQCZyRcAwQCZz4EAwQAZ/7/AwQDcQv4AwQDccUgAwQDdAwwAwQCfAY8MBYE AgACMBADBwAkABSAAAADBQAkB9IAMA0GCSqGSIb3DQEBCwUAA4IBAQBFx1COI0FH EDtbt4nVl8SZj5jNKxebdALCaJ9bwnTJcBTdXmFhBAk8i/Uzpbua/sdq012lBtVq ecRH1RmxiRaWI38FtmwWgLfSeIJDFWnjA4EmzkVwv5Sto4I+qaaUDZ7ffm9a7HXk XDeGTiKDfi/k74O0F+kAIuvBEBofzQzn5LSh6rf/JKzI9LpWJeTMCCUT4diyu89z 4MUc6r3qVmh/G3T5axU0cw5wZd0pLssCxnpO/2UyDJxy3/+Ke1TKECIryhbp/fbt xrEIT1lISwS1AWLPlj+t1C2IJpTnIxQHRawjBfHEecSD+IJlC4CvSiAk7ucRngL0 lJybLFRDj/mr -----END CERTIFICATE-----Generated at Thu Mar 26 15:18:13 2026 by rpki-client