$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9350/3913BCA01D8711E2B42B02DF08B02CD2/568554A2493411EF859C1D49C4F9AE02.roa File: 568554A2493411EF859C1D49C4F9AE02.roa (raw, json) Hash identifier: noD3TirSagzbqT2L9ICLQJHoEsSHAvv6URv0K3T+cWc= Subject key identifier: 76:7D:BA:A7:D5:9C:50:04:32:5F:C9:04:6F:E0:B5:E2:6F:82:7A:F2 Certificate issuer: /CN=A91C9350/serialNumber=CF706D8147D779207D99AF9AD39DD5F2DFE59DE4 Certificate serial: 354D Authority key identifier: CF:70:6D:81:47:D7:79:20:7D:99:AF:9A:D3:9D:D5:F2:DF:E5:9D:E4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3BtgUfXeSB9ma-a053V8t_lneQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C9350/3913BCA01D8711E2B42B02DF08B02CD2/568554A2493411EF859C1D49C4F9AE02.roa Signing time: Sun 01 Mar 2026 17:32:50 +0000 ROA not before: Mon 11 Aug 2025 08:12:47 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 14618 IP address blocks: 103.35.251.0/24 maxlen: 24 103.195.128.0/24 maxlen: 24 103.195.129.0/24 maxlen: 24 103.195.130.0/24 maxlen: 24 103.212.169.0/24 maxlen: 24 103.212.170.0/24 maxlen: 24 160.202.137.0/24 maxlen: 24 160.202.138.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C9350/3913BCA01D8711E2B42B02DF08B02CD2/z3BtgUfXeSB9ma-a053V8t_lneQ.crl rsync://rpki.apnic.net/member_repository/A91C9350/3913BCA01D8711E2B42B02DF08B02CD2/z3BtgUfXeSB9ma-a053V8t_lneQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3BtgUfXeSB9ma-a053V8t_lneQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 14:28:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13645 (0x354d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C9350, serialNumber=CF706D8147D779207D99AF9AD39DD5F2DFE59DE4 Validity Not Before: Aug 11 08:12:47 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=69a47842-7fa4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:c4:67:11:01:10:bb:9d:8f:61:21:10:bc:8f: 6f:7d:46:cf:87:ab:a1:d4:21:82:6f:33:21:ab:96: 41:27:82:09:35:4b:c8:7a:bf:f2:a9:67:5f:73:00: 8f:ce:d4:68:89:4b:d4:5d:94:79:f4:0c:c5:12:ef: a5:2f:07:ec:8b:1d:db:de:67:ae:55:c5:ec:f2:cf: 12:47:6a:ee:1a:8e:44:e0:22:a2:d8:6e:c1:dc:39: 68:19:46:df:7d:eb:4b:6e:dd:25:89:1c:81:ae:f8: 7f:f4:ee:f7:99:36:cd:9c:a6:26:e8:de:eb:f9:8f: 2e:a1:c9:d6:d3:fa:c3:01:83:ff:08:fc:7a:d2:e7: a4:bb:53:77:06:27:2b:98:56:96:6b:5e:e2:04:bb: a6:7a:6c:0d:9a:63:5d:59:6c:26:21:e0:93:bb:a7: 93:3b:de:bc:62:2a:4c:1f:e6:23:1f:6b:79:66:88: 6d:65:70:ce:e3:db:50:b3:6e:36:ca:f3:9e:89:7c: 8d:08:74:bd:0e:c0:09:93:4b:71:2c:d4:9e:d1:1d: d8:2f:72:ab:ae:29:69:7a:14:cf:cc:3c:6a:d3:3f: 78:ee:77:2e:73:8c:4d:6f:87:ba:4d:4d:f0:bc:09: 10:ca:cf:3e:2a:a2:13:e0:a7:46:8f:98:c7:e1:78: eb:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:7D:BA:A7:D5:9C:50:04:32:5F:C9:04:6F:E0:B5:E2:6F:82:7A:F2 X509v3 Authority Key Identifier: keyid:CF:70:6D:81:47:D7:79:20:7D:99:AF:9A:D3:9D:D5:F2:DF:E5:9D:E4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C9350/3913BCA01D8711E2B42B02DF08B02CD2/z3BtgUfXeSB9ma-a053V8t_lneQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3BtgUfXeSB9ma-a053V8t_lneQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9350/3913BCA01D8711E2B42B02DF08B02CD2/568554A2493411EF859C1D49C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.35.251.0/24 103.195.128.0-103.195.130.255 103.212.169.0-103.212.170.255 160.202.137.0-160.202.138.255 Signature Algorithm: sha256WithRSAEncryption 38:3b:53:8d:43:44:19:4d:32:19:b6:4f:2a:41:42:62:a1:7b: d6:2c:93:2d:f8:5d:08:58:e4:f5:c4:a5:3b:8e:3e:d7:d7:3d: db:4c:05:d3:42:f6:02:3f:d1:a2:c5:10:72:f6:6c:7f:c3:4f: ff:76:a1:8f:17:a7:6b:db:d8:b7:9d:60:ca:ce:8a:16:15:d4: e9:cf:33:26:54:8f:3a:83:4c:bd:e6:36:1b:52:49:0e:77:41: ae:d2:58:ee:c7:93:f0:2f:32:f3:ac:0f:ab:db:1f:b5:bd:90: 14:8a:0d:d0:3a:3c:21:7b:22:1d:46:5b:89:cf:d8:0d:12:18: 06:a3:ee:9e:4b:a8:fe:28:6d:8d:6f:8d:da:ea:0c:f2:45:fb: 91:09:80:f2:cf:e2:65:d7:af:74:b3:d9:6e:c2:f9:4f:13:17: 14:ef:c2:e8:a1:4f:ef:93:7b:d4:6f:11:e8:e9:35:d6:d4:a5: db:d4:39:4f:82:f1:fd:ff:9c:61:24:f6:3b:7c:69:cf:40:1e: 5a:62:4f:2d:6f:1c:ed:45:ee:2b:d7:a2:e4:cf:6b:24:9d:59: e2:37:21:23:ae:89:85:52:0c:0c:c1:1c:4d:7b:a2:0b:32:d1: 07:6d:10:5c:01:8d:d7:18:26:24:63:a0:84:6e:94:7e:6e:d5: f0:9d:1f:96 -----BEGIN CERTIFICATE----- MIIFZjCCBE6gAwIBAgICNU0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzkzNTAxMTAvBgNVBAUTKENGNzA2RDgxNDdENzc5MjA3RDk5QUY5QUQzOURENUYy REZFNTlERTQwHhcNMjUwODExMDgxMjQ3WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0Nzg0Mi03ZmE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAp8RnEQEQu52PYSEQvI9vfUbPh6uh1CGCbzMhq5ZBJ4IJNUvIer/yqWdfcwCP ztRoiUvUXZR59AzFEu+lLwfsix3b3meuVcXs8s8SR2ruGo5E4CKi2G7B3DloGUbf fetLbt0liRyBrvh/9O73mTbNnKYm6N7r+Y8uocnW0/rDAYP/CPx60ueku1N3Bicr mFaWa17iBLumemwNmmNdWWwmIeCTu6eTO968YipMH+YjH2t5ZohtZXDO49tQs242 yvOeiXyNCHS9DsAJk0txLNSe0R3YL3KrrilpehTPzDxq0z947ncuc4xNb4e6TU3w vAkQys8+KqIT4KdGj5jH4Xjr+wIDAQABo4ICijCCAoYwHQYDVR0OBBYEFHZ9uqfV nFAEMl/JBG/gteJvgnryMB8GA1UdIwQYMBaAFM9wbYFH13kgfZmvmtOd1fLf5Z3k MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOTM1MC8zOTEzQkNBMDFE ODcxMUUyQjQyQjAyREYwOEIwMkNEMi96M0J0Z1VmWGVTQjltYS1hMDUzVjh0X2xu ZVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ozQnRnVWZYZVNCOW1hLWEwNTNWOHRfbG5lUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzkzNTAvMzkxM0JDQTAxRDg3MTFFMkI0MkIwMkRGMDhCMDJDRDIvNTY4NTU0QTI0 OTM0MTFFRjg1OUMxRDQ5QzRGOUFFMDIucm9hMEkGCCsGAQUFBwEHAQH/BDowODA2 BAIAATAwAwQAZyP7MAwDBAdnw4ADBABnw4IwDAMEAGfUqQMEAGfUqjAMAwQAoMqJ AwQAoMqKMA0GCSqGSIb3DQEBCwUAA4IBAQA4O1ONQ0QZTTIZtk8qQUJioXvWLJMt +F0IWOT1xKU7jj7X1z3bTAXTQvYCP9GixRBy9mx/w0//dqGPF6dr29i3nWDKzooW FdTpzzMmVI86g0y95jYbUkkOd0Gu0ljux5PwLzLzrA+r2x+1vZAUig3QOjwheyId RluJz9gNEhgGo+6eS6j+KG2Nb43a6gzyRfuRCYDyz+Jl1690s9luwvlPExcU78Lo oU/vk3vUbxHo6TXW1KXb1DlPgvH9/5xhJPY7fGnPQB5aYk8tbxztRe4r16Lkz2sk nVniNyEjromFUgwMwRxNe6ILMtEHbRBcAY3XGCYkY6CEbpR+btXwnR+W -----END CERTIFICATE-----Generated at Thu Mar 26 07:58:09 2026 by rpki-client