$ rpki-client -vvf rpki.apnic.net/member_repository/A91C941B/69F6B7DE1A8311EC8C922229C4F9AE02/B3883EE61A8C11ECBD6CCF18C4F9AE02.roa File: B3883EE61A8C11ECBD6CCF18C4F9AE02.roa (raw, json) Hash identifier: mFoBkWfLh0LGrOinTzXA38KoXXGaCtnMvz2q3N7gfu8= Subject key identifier: 88:F7:68:5E:D1:5F:D6:B1:78:DE:9D:1A:7B:58:78:B6:F4:6A:45:3C Certificate issuer: /CN=A91C941B/serialNumber=08025B9B44EED8AE0B76F11E0372CE961877AD9F Certificate serial: 0584 Authority key identifier: 08:02:5B:9B:44:EE:D8:AE:0B:76:F1:1E:03:72:CE:96:18:77:AD:9F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CAJbm0Tu2K4LdvEeA3LOlhh3rZ8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C941B/69F6B7DE1A8311EC8C922229C4F9AE02/B3883EE61A8C11ECBD6CCF18C4F9AE02.roa Signing time: Mon 02 Mar 2026 13:23:28 +0000 ROA not before: Wed 03 Sep 2025 00:15:26 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 136204 IP address blocks: 123.100.228.0/24 maxlen: 24 123.100.229.0/24 maxlen: 24 123.100.230.0/24 maxlen: 24 123.100.231.0/24 maxlen: 24 202.157.178.0/24 maxlen: 24 203.142.9.0/24 maxlen: 24 2405:70c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C941B/69F6B7DE1A8311EC8C922229C4F9AE02/CAJbm0Tu2K4LdvEeA3LOlhh3rZ8.crl rsync://rpki.apnic.net/member_repository/A91C941B/69F6B7DE1A8311EC8C922229C4F9AE02/CAJbm0Tu2K4LdvEeA3LOlhh3rZ8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CAJbm0Tu2K4LdvEeA3LOlhh3rZ8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 22:58:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1412 (0x584) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C941B, serialNumber=08025B9B44EED8AE0B76F11E0372CE961877AD9F Validity Not Before: Sep 3 00:15:26 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=69a58f50-e854 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:bb:f8:da:88:43:7f:df:97:8f:bb:b4:e0:ae: 80:de:7f:00:02:3d:8a:b1:a9:46:62:25:43:c0:ce: 48:b6:fd:db:f7:b4:85:05:a0:65:75:11:55:a4:3a: f8:a0:74:df:8c:09:69:19:71:31:e1:44:74:0d:14: 63:ee:af:7d:4e:20:83:01:f5:06:8c:3b:2b:1a:4f: 64:7c:cb:da:70:4d:0d:e9:55:3e:6f:7e:be:a1:51: 17:f1:7e:67:df:4d:79:17:6a:69:7e:6f:4b:bd:df: c8:0b:27:c2:ea:9a:28:75:8c:c3:6d:50:e0:02:e3: f9:89:bf:2a:19:c5:f2:b0:d9:a0:d3:f5:d6:c9:22: 84:ab:94:59:54:64:80:96:7d:5f:5e:a8:19:fa:96: 6f:32:88:cb:25:3e:4f:df:69:aa:64:4f:1a:c6:2a: fe:0e:7c:fe:d5:33:c6:67:9b:0d:90:16:b7:ef:25: 71:e8:0d:05:fb:7d:2d:fb:98:92:ae:6b:2c:fd:b7: f9:ce:c3:1e:88:6f:d0:e1:dd:40:ad:56:e9:0f:db: 81:a3:1a:2b:e1:1b:67:4e:c6:ce:45:1e:09:d7:01: bc:88:fb:4c:e2:9f:8d:43:4b:04:21:51:f0:9c:2e: 8f:ee:80:db:f0:55:fb:2c:55:b0:c9:c1:ef:8c:d8: ca:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:F7:68:5E:D1:5F:D6:B1:78:DE:9D:1A:7B:58:78:B6:F4:6A:45:3C X509v3 Authority Key Identifier: keyid:08:02:5B:9B:44:EE:D8:AE:0B:76:F1:1E:03:72:CE:96:18:77:AD:9F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C941B/69F6B7DE1A8311EC8C922229C4F9AE02/CAJbm0Tu2K4LdvEeA3LOlhh3rZ8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CAJbm0Tu2K4LdvEeA3LOlhh3rZ8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C941B/69F6B7DE1A8311EC8C922229C4F9AE02/B3883EE61A8C11ECBD6CCF18C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 123.100.228.0/22 202.157.178.0/24 203.142.9.0/24 IPv6: 2405:70c0::/32 Signature Algorithm: sha256WithRSAEncryption 21:dd:ab:2c:88:15:20:4e:be:5e:d7:46:03:1f:08:8e:8e:8d: 56:5a:84:7b:8e:28:7a:d4:07:c8:1a:92:b1:41:f5:a1:be:1f: 64:82:f1:78:1a:a1:26:23:8a:6a:b7:69:3a:ed:d8:98:f6:7f: 15:bc:1c:20:70:2c:e7:db:f9:17:ab:d1:07:27:1c:53:9c:4a: ec:66:4e:a4:f2:d7:c2:0b:2b:ad:45:ad:17:39:4c:fe:a7:70: 9d:08:a6:20:f6:8d:a7:7e:1e:39:05:9b:cb:10:84:d0:46:17: 98:64:04:90:13:80:33:9b:3f:93:0f:7b:11:6c:45:97:c9:89: 94:c1:fb:55:e7:18:5e:1e:0c:4a:d4:f4:eb:32:6c:e9:d8:42: 7d:52:32:21:42:c0:c3:b0:4d:5d:5e:18:dc:12:34:1a:1f:9f: c5:89:12:80:6b:3d:82:08:ed:dd:c1:14:ab:d6:14:8a:c3:1b: 82:e5:d2:20:ba:28:6a:2d:87:0a:41:92:06:0c:57:3f:85:f8: 99:e5:15:4f:d6:25:74:0f:1a:a0:96:47:df:c0:57:c1:a7:f3: bf:3f:f7:17:e5:d6:63:53:68:5a:15:36:64:89:5f:95:27:b6: 1d:dd:38:22:4e:f4:6c:04:fa:b2:51:28:3b:ea:58:2b:1b:15: 36:cc:3a:4f -----BEGIN CERTIFICATE----- MIIFVzCCBD+gAwIBAgICBYQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qzk0MUIxMTAvBgNVBAUTKDA4MDI1QjlCNDRFRUQ4QUUwQjc2RjExRTAzNzJDRTk2 MTg3N0FEOUYwHhcNMjUwOTAzMDAxNTI2WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE1OGY1MC1lODU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxrv42ohDf9+Xj7u04K6A3n8AAj2KsalGYiVDwM5Itv3b97SFBaBldRFVpDr4 oHTfjAlpGXEx4UR0DRRj7q99TiCDAfUGjDsrGk9kfMvacE0N6VU+b36+oVEX8X5n 3015F2ppfm9Lvd/ICyfC6poodYzDbVDgAuP5ib8qGcXysNmg0/XWySKEq5RZVGSA ln1fXqgZ+pZvMojLJT5P32mqZE8axir+Dnz+1TPGZ5sNkBa37yVx6A0F+30t+5iS rmss/bf5zsMeiG/Q4d1ArVbpD9uBoxor4RtnTsbORR4J1wG8iPtM4p+NQ0sEIVHw nC6P7oDb8FX7LFWwycHvjNjKgwIDAQABo4ICezCCAncwHQYDVR0OBBYEFIj3aF7R X9axeN6dGntYeLb0akU8MB8GA1UdIwQYMBaAFAgCW5tE7tiuC3bxHgNyzpYYd62f MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOTQxQi82OUY2QjdERTFB ODMxMUVDOEM5MjIyMjlDNEY5QUUwMi9DQUpibTBUdTJLNExkdkVlQTNMT2xoaDNy WjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NBSmJtMFR1Mks0TGR2RWVBM0xPbGhoM3JaOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Qzk0MUIvNjlGNkI3REUxQTgzMTFFQzhDOTIyMjI5QzRGOUFFMDIvQjM4ODNFRTYx QThDMTFFQ0JENkNDRjE4QzRGOUFFMDIucm9hMDoGCCsGAQUFBwEHAQH/BCswKTAY BAIAATASAwQCe2TkAwQAyp2yAwQAy44JMA0EAgACMAcDBQAkBXDAMA0GCSqGSIb3 DQEBCwUAA4IBAQAh3assiBUgTr5e10YDHwiOjo1WWoR7jih61AfIGpKxQfWhvh9k gvF4GqEmI4pqt2k67diY9n8VvBwgcCzn2/kXq9EHJxxTnErsZk6k8tfCCyutRa0X OUz+p3CdCKYg9o2nfh45BZvLEITQRheYZASQE4Azmz+TD3sRbEWXyYmUwftV5xhe HgxK1PTrMmzp2EJ9UjIhQsDDsE1dXhjcEjQaH5/FiRKAaz2CCO3dwRSr1hSKwxuC 5dIguihqLYcKQZIGDFc/hfiZ5RVP1iV0DxqglkffwFfBp/O/P/cX5dZjU2haFTZk iV+VJ7Yd3TgiTvRsBPqyUSg76lgrGxU2zDpP -----END CERTIFICATE-----Generated at Thu Mar 26 08:55:54 2026 by rpki-client