$ rpki-client -vvf rpki.apnic.net/member_repository/A91C37DD/24855D80096511EFA4BCE87AC4F9AE02/8670D60E096611EF99F30750C4F9AE02.roa File: 8670D60E096611EF99F30750C4F9AE02.roa (raw, json) Hash identifier: 0yhvKskd5GqZK6c8Xx+j5Xrsh1PS3EvaAWcxy1VCVk0= Subject key identifier: 23:46:CF:05:76:45:DA:08:70:2B:3E:06:1C:A9:C8:16:A1:6F:15:77 Certificate issuer: /CN=A91C37DD/serialNumber=3FE3AE355A9277B91D73E2AC52F5387F095F189A Certificate serial: 016B Authority key identifier: 3F:E3:AE:35:5A:92:77:B9:1D:73:E2:AC:52:F5:38:7F:09:5F:18:9A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P-OuNVqSd7kdc-KsUvU4fwlfGJo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C37DD/24855D80096511EFA4BCE87AC4F9AE02/8670D60E096611EF99F30750C4F9AE02.roa Signing time: Mon 02 Mar 2026 14:08:08 +0000 ROA not before: Wed 11 Jun 2025 11:56:51 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 152732 IP address blocks: 103.136.212.0/23 maxlen: 23 103.136.212.0/24 maxlen: 24 103.136.213.0/24 maxlen: 24 2401:9960::/32 maxlen: 32 2401:9960::/48 maxlen: 48 2401:9960:1::/48 maxlen: 48 2401:9960:2::/48 maxlen: 48 2401:9960:3::/48 maxlen: 48 2401:9960:4::/48 maxlen: 48 2401:9960:5::/48 maxlen: 48 2401:9960:6::/48 maxlen: 48 2401:9960:7::/48 maxlen: 48 2401:9960:8::/48 maxlen: 48 2401:9960:9::/48 maxlen: 48 2401:9960:10::/48 maxlen: 48 2401:9960:100::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C37DD/24855D80096511EFA4BCE87AC4F9AE02/P-OuNVqSd7kdc-KsUvU4fwlfGJo.crl rsync://rpki.apnic.net/member_repository/A91C37DD/24855D80096511EFA4BCE87AC4F9AE02/P-OuNVqSd7kdc-KsUvU4fwlfGJo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P-OuNVqSd7kdc-KsUvU4fwlfGJo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Apr 2026 04:08:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 363 (0x16b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C37DD, serialNumber=3FE3AE355A9277B91D73E2AC52F5387F095F189A Validity Not Before: Jun 11 11:56:51 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=69a599c8-3e79 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:27:b4:f1:1b:d6:1b:e3:12:1f:74:40:28:c8: 70:fc:d1:ee:43:09:6b:ee:28:ef:95:e4:a1:a9:e7: 85:5c:56:56:fb:5d:52:0e:89:2d:11:c0:1f:46:d4: 8d:63:77:5a:62:5e:73:6c:55:c0:36:5e:6d:c6:89: 99:d2:a7:eb:75:7e:24:4f:ec:be:5f:7d:37:c0:7b: b5:39:10:82:f2:55:85:6d:b2:52:72:91:62:ba:06: 6b:de:ee:33:00:a1:df:0b:40:a0:7f:d3:5d:1c:ad: 75:7f:5f:d2:d5:28:df:61:1a:9e:e8:df:5a:db:b1: 54:67:ef:53:c8:40:50:a5:75:a6:eb:65:0e:16:2a: ae:26:a8:81:f7:70:00:cd:59:e8:07:95:b5:2b:46: 9d:8e:2a:0f:01:df:9f:57:91:43:0e:5b:04:f9:5b: 9b:4b:ce:52:60:f1:d8:25:60:d6:bc:ba:81:fa:5f: c4:6c:bb:b9:34:fa:29:09:36:a4:9d:c4:30:b4:a6: 00:91:80:d0:76:4d:17:b6:8d:ec:74:23:a2:27:8d: a5:66:44:57:5d:9b:c2:29:f6:9f:b2:3d:15:ff:20: 08:d3:78:f0:9a:82:1d:5b:aa:5a:2c:e3:9e:69:67: 65:be:8f:24:2e:40:3c:c9:3d:36:eb:93:e4:fc:bc: a5:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:46:CF:05:76:45:DA:08:70:2B:3E:06:1C:A9:C8:16:A1:6F:15:77 X509v3 Authority Key Identifier: keyid:3F:E3:AE:35:5A:92:77:B9:1D:73:E2:AC:52:F5:38:7F:09:5F:18:9A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C37DD/24855D80096511EFA4BCE87AC4F9AE02/P-OuNVqSd7kdc-KsUvU4fwlfGJo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P-OuNVqSd7kdc-KsUvU4fwlfGJo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C37DD/24855D80096511EFA4BCE87AC4F9AE02/8670D60E096611EF99F30750C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.136.212.0/23 IPv6: 2401:9960::/32 Signature Algorithm: sha256WithRSAEncryption 8f:f3:6c:d9:e7:76:34:c5:61:22:30:f6:90:dd:3e:c4:9c:08: 7b:72:e9:7f:46:7a:99:b8:69:51:a4:49:7a:8e:f9:9b:27:06: 2c:b0:66:18:d5:17:ca:55:ba:0c:9e:64:48:b5:bd:6c:f9:76: a3:7b:2f:76:6c:66:6d:ca:74:e8:ac:ce:c6:c7:fd:2a:a8:5e: 74:f7:c1:e4:e3:98:db:c8:de:28:4e:f4:f3:c8:a1:c8:21:7a: ec:b4:40:34:fe:dc:84:4a:49:67:0a:ed:66:5e:a7:37:64:78: b9:2a:ab:ee:f3:76:cb:8d:47:f7:f0:b7:80:05:e9:c3:d6:61: c8:6c:b9:ca:4a:33:03:3d:61:df:af:8e:5d:58:05:27:86:2f: 35:b8:65:20:d1:73:99:2b:ee:a0:92:30:fe:dd:c0:de:50:05: 68:14:00:f7:ac:63:a8:73:62:e4:5d:c0:52:4d:eb:69:a8:7a: b1:65:ac:27:13:3b:25:90:dd:f8:58:74:08:11:85:77:1d:65: 4b:45:92:c9:1d:d0:92:a4:e7:11:de:3f:89:43:d9:45:e4:69: a5:51:98:23:03:f9:02:70:10:90:93:a1:44:10:32:03:21:70: 17:fd:19:c0:b3:08:77:d8:33:f7:d3:b5:40:09:df:e5:b6:fc: a7:1e:d0:e4 -----BEGIN CERTIFICATE----- MIIFSzCCBDOgAwIBAgICAWswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzM3REQxMTAvBgNVBAUTKDNGRTNBRTM1NUE5Mjc3QjkxRDczRTJBQzUyRjUzODdG MDk1RjE4OUEwHhcNMjUwNjExMTE1NjUxWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE1OTljOC0zZTc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqye08RvWG+MSH3RAKMhw/NHuQwlr7ijvleShqeeFXFZW+11SDoktEcAfRtSN Y3daYl5zbFXANl5txomZ0qfrdX4kT+y+X303wHu1ORCC8lWFbbJScpFiugZr3u4z AKHfC0Cgf9NdHK11f1/S1SjfYRqe6N9a27FUZ+9TyEBQpXWm62UOFiquJqiB93AA zVnoB5W1K0adjioPAd+fV5FDDlsE+VubS85SYPHYJWDWvLqB+l/EbLu5NPopCTak ncQwtKYAkYDQdk0Xto3sdCOiJ42lZkRXXZvCKfafsj0V/yAI03jwmoIdW6paLOOe aWdlvo8kLkA8yT0265Pk/LylowIDAQABo4ICbzCCAmswHQYDVR0OBBYEFCNGzwV2 RdoIcCs+BhypyBahbxV3MB8GA1UdIwQYMBaAFD/jrjVakne5HXPirFL1OH8JXxia MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMzdERC8yNDg1NUQ4MDA5 NjUxMUVGQTRCQ0U4N0FDNEY5QUUwMi9QLU91TlZxU2Q3a2RjLUtzVXZVNGZ3bGZH Sm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1AtT3VOVnFTZDdrZGMtS3NVdlU0ZndsZkdKby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzM3REQvMjQ4NTVEODAwOTY1MTFFRkE0QkNFODdBQzRGOUFFMDIvODY3MEQ2MEUw OTY2MTFFRjk5RjMwNzUwQzRGOUFFMDIucm9hMC4GCCsGAQUFBwEHAQH/BB8wHTAM BAIAATAGAwQBZ4jUMA0EAgACMAcDBQAkAZlgMA0GCSqGSIb3DQEBCwUAA4IBAQCP 82zZ53Y0xWEiMPaQ3T7EnAh7cul/RnqZuGlRpEl6jvmbJwYssGYY1RfKVboMnmRI tb1s+Xajey92bGZtynTorM7Gx/0qqF5098Hk45jbyN4oTvTzyKHIIXrstEA0/tyE SklnCu1mXqc3ZHi5Kqvu83bLjUf38LeABenD1mHIbLnKSjMDPWHfr45dWAUnhi81 uGUg0XOZK+6gkjD+3cDeUAVoFAD3rGOoc2LkXcBSTetpqHqxZawnEzslkN34WHQI EYV3HWVLRZLJHdCSpOcR3j+JQ9lF5GmlUZgjA/kCcBCQk6FEEDIDIXAX/RnAswh3 2DP307VACd/ltvynHtDk -----END CERTIFICATE-----Generated at Thu Mar 26 14:33:08 2026 by rpki-client