$ rpki-client -vvf rpki.apnic.net/member_repository/A91BEA2A/3D350FD2025611EDA1322D5DC4F9AE02/CFF0FDEC025911EDA0A85765C4F9AE02.roa File: CFF0FDEC025911EDA0A85765C4F9AE02.roa (raw, json) Hash identifier: WTlHRr9EKax6T/O9fwj+YYNDRY6mwviUU1kAbrECVpw= Subject key identifier: 82:D8:74:36:56:59:1B:D3:08:B7:84:63:04:46:40:16:A2:0D:37:FE Certificate issuer: /CN=A91BEA2A/serialNumber=23559E9A7157E7AE7F604C428837292DE03309A0 Certificate serial: 0330 Authority key identifier: 23:55:9E:9A:71:57:E7:AE:7F:60:4C:42:88:37:29:2D:E0:33:09:A0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I1WemnFX565_YExCiDcpLeAzCaA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BEA2A/3D350FD2025611EDA1322D5DC4F9AE02/CFF0FDEC025911EDA0A85765C4F9AE02.roa Signing time: Sun 01 Mar 2026 15:50:56 +0000 ROA not before: Sat 03 Jan 2026 00:20:27 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 139200 IP address blocks: 103.123.109.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BEA2A/3D350FD2025611EDA1322D5DC4F9AE02/I1WemnFX565_YExCiDcpLeAzCaA.crl rsync://rpki.apnic.net/member_repository/A91BEA2A/3D350FD2025611EDA1322D5DC4F9AE02/I1WemnFX565_YExCiDcpLeAzCaA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I1WemnFX565_YExCiDcpLeAzCaA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Apr 2026 00:42:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 816 (0x330) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BEA2A, serialNumber=23559E9A7157E7AE7F604C428837292DE03309A0 Validity Not Before: Jan 3 00:20:27 2026 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=69a46060-2705 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:f9:89:c3:1c:45:77:99:13:c1:fc:2a:3a:b6: 27:55:96:0f:f6:92:c3:df:19:b7:7e:05:6f:d7:e7: ad:29:75:75:29:73:73:0f:e7:7d:5c:0c:78:65:07: 09:b1:72:74:ab:96:ed:f9:c7:e5:36:4d:de:da:9b: 54:a0:ae:8c:30:44:3d:e2:fc:0f:36:f5:c3:69:21: 8e:52:2d:b3:c7:a4:0b:80:d8:e7:3c:ed:f7:72:01: cc:9b:27:f7:5b:8f:c7:b2:77:61:7a:df:30:f3:23: 17:93:a5:d9:6f:4d:a6:aa:9b:43:01:28:36:56:10: 8d:a6:3f:e4:9d:e9:89:a6:00:25:ca:23:31:28:71: ea:a1:b6:e2:6c:65:d9:9b:0c:76:01:9b:04:58:e2: e3:bd:72:4c:a2:e9:d1:61:3a:78:24:4f:86:9e:38: 54:71:a6:41:69:f3:67:19:bf:5f:fe:09:cc:07:26: 2c:75:4d:85:e6:6d:0d:a4:73:09:f5:d6:85:cd:09: 42:79:ee:8a:50:51:aa:88:0e:e3:7f:26:43:8a:2b: 30:8b:8f:66:29:c5:e4:a9:60:89:33:ba:c7:87:fb: da:5e:d0:fe:5e:be:bc:dc:56:60:b9:f2:6d:e8:bb: 1f:e5:97:d8:92:9b:91:6b:ea:c2:80:c0:dd:18:6b: 57:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:D8:74:36:56:59:1B:D3:08:B7:84:63:04:46:40:16:A2:0D:37:FE X509v3 Authority Key Identifier: keyid:23:55:9E:9A:71:57:E7:AE:7F:60:4C:42:88:37:29:2D:E0:33:09:A0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BEA2A/3D350FD2025611EDA1322D5DC4F9AE02/I1WemnFX565_YExCiDcpLeAzCaA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I1WemnFX565_YExCiDcpLeAzCaA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BEA2A/3D350FD2025611EDA1322D5DC4F9AE02/CFF0FDEC025911EDA0A85765C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.123.109.0/24 Signature Algorithm: sha256WithRSAEncryption 90:64:54:c0:e3:e7:30:51:b3:76:6b:af:c5:05:a4:56:2f:25: 00:06:7a:e4:be:94:7c:e2:a3:eb:4c:cb:e4:9a:b7:dd:9e:d6: 72:3e:1c:fc:51:d9:82:a7:94:a1:5e:3e:3b:3c:4c:ab:23:a9: 89:de:44:b9:6e:dc:7f:30:ea:bc:32:9c:ba:0f:0a:ab:a3:36: 7c:7d:35:bd:cd:51:d8:5d:8e:ae:2b:a7:c3:ef:ce:be:f6:0f: 8b:ae:97:20:fa:61:da:63:aa:6b:0c:9c:31:8e:7f:ca:1e:4b: 5b:c6:e6:ca:4f:e3:56:c8:8c:59:28:51:99:ec:fb:bf:71:cc: 48:88:fd:5d:28:f8:68:dc:e1:0f:71:05:ec:01:e4:49:46:1b: a0:5b:0d:d4:fe:0c:f2:a7:6f:8e:58:bd:39:7f:3c:e5:9d:15: 3a:b9:8b:66:c4:f2:66:3a:e2:2d:e1:3d:b9:bb:9b:1e:ef:d9: 0e:43:11:a2:34:16:7a:b6:b6:a4:0f:81:51:b8:f0:5c:34:58: 81:79:5e:bb:99:db:7f:06:3c:4f:e9:84:f9:1f:da:64:5d:48: c2:26:7c:f9:35:6e:27:ae:04:c6:87:95:e3:3c:2a:18:b2:f4: 3c:54:38:f7:75:83:32:b4:16:7e:7e:55:26:29:4c:b3:43:6e: b9:fe:1d:ec -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgICAzAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkVBMkExMTAvBgNVBAUTKDIzNTU5RTlBNzE1N0U3QUU3RjYwNEM0Mjg4MzcyOTJE RTAzMzA5QTAwHhcNMjYwMTAzMDAyMDI3WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NjA2MC0yNzA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx/mJwxxFd5kTwfwqOrYnVZYP9pLD3xm3fgVv1+etKXV1KXNzD+d9XAx4ZQcJ sXJ0q5bt+cflNk3e2ptUoK6MMEQ94vwPNvXDaSGOUi2zx6QLgNjnPO33cgHMmyf3 W4/Hsndhet8w8yMXk6XZb02mqptDASg2VhCNpj/knemJpgAlyiMxKHHqobbibGXZ mwx2AZsEWOLjvXJMounRYTp4JE+GnjhUcaZBafNnGb9f/gnMByYsdU2F5m0NpHMJ 9daFzQlCee6KUFGqiA7jfyZDiiswi49mKcXkqWCJM7rHh/vaXtD+Xr683FZgufJt 6Lsf5ZfYkpuRa+rCgMDdGGtXwwIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFILYdDZW WRvTCLeEYwRGQBaiDTf+MB8GA1UdIwQYMBaAFCNVnppxV+euf2BMQog3KS3gMwmg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRUEyQS8zRDM1MEZEMjAy NTYxMUVEQTEzMjJENURDNEY5QUUwMi9JMVdlbW5GWDU2NV9ZRXhDaURjcExlQXpD YUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0kxV2VtbkZYNTY1X1lFeENpRGNwTGVBekNhQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkVBMkEvM0QzNTBGRDIwMjU2MTFFREExMzIyRDVEQzRGOUFFMDIvQ0ZGMEZERUMw MjU5MTFFREEwQTg1NzY1QzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAZ3ttMA0GCSqGSIb3DQEBCwUAA4IBAQCQZFTA4+cwUbN2a6/FBaRW LyUABnrkvpR84qPrTMvkmrfdntZyPhz8UdmCp5ShXj47PEyrI6mJ3kS5btx/MOq8 Mpy6DwqrozZ8fTW9zVHYXY6uK6fD786+9g+Lrpcg+mHaY6prDJwxjn/KHktbxubK T+NWyIxZKFGZ7Pu/ccxIiP1dKPho3OEPcQXsAeRJRhugWw3U/gzyp2+OWL05fzzl nRU6uYtmxPJmOuIt4T25u5se79kOQxGiNBZ6trakD4FRuPBcNFiBeV67mdt/BjxP 6YT5H9pkXUjCJnz5NW4nrgTGh5XjPCoYsvQ8VDj3dYMytBZ+flUmKUyzQ265/h3s -----END CERTIFICATE-----Generated at Thu Mar 26 09:52:36 2026 by rpki-client