$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9E72/E6B44902848011EFAAD8E233C4F9AE02/5440C4C8848111EF9F3ECE34C4F9AE02.roa File: 5440C4C8848111EF9F3ECE34C4F9AE02.roa (raw, json) Hash identifier: 57TiW0HF6uS3fetdAv+csAzQQDRYUvp9sAcbYt2exJ4= Subject key identifier: 57:BC:E2:6E:09:8B:57:7B:C6:B1:4E:4D:F3:60:93:B8:B2:56:00:BC Certificate issuer: /CN=A91C9E72/serialNumber=73D900924E701548E6E3203880F6C0972A4C291A Certificate serial: 0112 Authority key identifier: 73:D9:00:92:4E:70:15:48:E6:E3:20:38:80:F6:C0:97:2A:4C:29:1A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c9kAkk5wFUjm4yA4gPbAlypMKRo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C9E72/E6B44902848011EFAAD8E233C4F9AE02/5440C4C8848111EF9F3ECE34C4F9AE02.roa Signing time: Mon 02 Mar 2026 12:40:33 +0000 ROA not before: Wed 29 Oct 2025 05:50:52 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 58411 IP address blocks: 43.252.148.0/24 maxlen: 24 43.252.149.0/24 maxlen: 24 43.252.150.0/24 maxlen: 24 43.252.151.0/24 maxlen: 24 103.242.140.0/24 maxlen: 24 103.242.141.0/24 maxlen: 24 103.242.142.0/24 maxlen: 24 103.242.143.0/24 maxlen: 24 2401:1380::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C9E72/E6B44902848011EFAAD8E233C4F9AE02/c9kAkk5wFUjm4yA4gPbAlypMKRo.crl rsync://rpki.apnic.net/member_repository/A91C9E72/E6B44902848011EFAAD8E233C4F9AE02/c9kAkk5wFUjm4yA4gPbAlypMKRo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c9kAkk5wFUjm4yA4gPbAlypMKRo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Apr 2026 05:04:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 274 (0x112) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C9E72, serialNumber=73D900924E701548E6E3203880F6C0972A4C291A Validity Not Before: Oct 29 05:50:52 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=69a58541-8b3d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:d8:f8:2c:00:2f:7b:85:6a:1f:3f:a9:fe:c4: c1:27:3f:75:53:a6:04:56:80:ad:7c:90:f8:99:a5: 40:54:ff:2c:7d:4a:a9:cd:8e:a2:81:11:d3:1d:32: 4d:64:33:12:fa:45:62:6f:f0:ca:80:49:14:52:24: 71:a5:bc:92:b2:ec:3c:c0:3a:8b:73:7c:4b:21:93: ee:b4:13:6d:61:bc:ce:a4:4a:d5:ed:69:19:86:24: ff:2f:f5:a6:c9:9a:96:a7:01:86:8b:db:47:2f:2b: 4c:6b:58:56:05:e5:83:ea:2b:9a:a3:50:b5:1a:60: 51:b8:2f:26:b2:53:9d:45:e6:67:78:3d:c8:45:a8: 19:6f:ec:f8:9b:d4:8c:3c:c9:c6:6f:13:37:0a:d1: f4:a0:b7:9a:42:57:dc:76:ab:e4:61:40:6b:dc:b2: 32:9d:2a:4d:b0:95:fd:6d:1f:04:1e:32:a0:2f:99: ba:37:85:0b:9c:d4:87:66:34:fe:fd:d4:4d:42:18: 3e:61:d9:15:fa:81:69:a7:42:cc:f2:73:49:cf:2e: 8b:c1:00:4a:8e:0d:a0:68:ec:e9:a1:15:eb:d9:d9: 25:1e:8a:92:20:3c:67:cc:7b:15:72:19:db:bf:cc: 55:22:46:fc:42:9d:62:3d:0f:9f:de:4a:6a:aa:eb: d6:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:BC:E2:6E:09:8B:57:7B:C6:B1:4E:4D:F3:60:93:B8:B2:56:00:BC X509v3 Authority Key Identifier: keyid:73:D9:00:92:4E:70:15:48:E6:E3:20:38:80:F6:C0:97:2A:4C:29:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C9E72/E6B44902848011EFAAD8E233C4F9AE02/c9kAkk5wFUjm4yA4gPbAlypMKRo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c9kAkk5wFUjm4yA4gPbAlypMKRo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9E72/E6B44902848011EFAAD8E233C4F9AE02/5440C4C8848111EF9F3ECE34C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.252.148.0/22 103.242.140.0/22 IPv6: 2401:1380::/32 Signature Algorithm: sha256WithRSAEncryption 45:79:89:a5:f2:13:9b:8e:6e:28:5e:07:5e:fb:c4:46:e7:b4: 22:f5:4f:fe:9f:9c:fe:16:a9:e7:25:40:53:fe:ad:19:4e:30: 58:05:99:0f:4e:9b:0a:2f:5e:fe:36:0b:1a:22:29:e2:9e:2c: 91:f1:4a:c9:db:ed:58:57:bf:2c:a5:3a:ab:80:df:a7:f2:eb: 2f:98:7f:ad:d9:ef:90:58:61:aa:9b:78:f4:e4:dc:89:8a:c4: b4:f2:85:a5:58:8a:9d:34:a4:cb:b5:7e:32:61:49:79:c6:de: 04:b9:99:75:93:3f:9d:f2:c1:ff:de:97:25:9e:7b:72:ca:0b: 6d:a4:aa:12:00:b1:62:4c:2b:0a:e7:2c:2c:2f:77:50:61:ae: d6:ba:56:24:a0:1d:ef:1f:10:2e:74:b6:60:2e:96:7c:4c:b5: 03:2b:5d:dd:31:e1:df:c0:bd:8f:42:1f:b0:7c:75:60:84:8c: d0:56:01:e7:63:11:45:6d:f1:c0:99:a3:88:7d:1b:74:bf:fc: ea:6c:f3:52:92:09:a2:38:62:ca:e8:b1:93:0a:4e:d0:b2:6c: ef:86:d6:1d:0e:9b:33:f6:f4:21:69:7e:6e:b0:94:99:e1:cb: 4e:89:fc:20:8a:54:99:b8:ca:f1:ed:27:2c:6f:ef:6f:03:ab: 99:3a:b2:4a -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgICARIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzlFNzIxMTAvBgNVBAUTKDczRDkwMDkyNEU3MDE1NDhFNkUzMjAzODgwRjZDMDk3 MkE0QzI5MUEwHhcNMjUxMDI5MDU1MDUyWhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE1ODU0MS04YjNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvtj4LAAve4VqHz+p/sTBJz91U6YEVoCtfJD4maVAVP8sfUqpzY6igRHTHTJN ZDMS+kVib/DKgEkUUiRxpbySsuw8wDqLc3xLIZPutBNtYbzOpErV7WkZhiT/L/Wm yZqWpwGGi9tHLytMa1hWBeWD6iuao1C1GmBRuC8mslOdReZneD3IRagZb+z4m9SM PMnGbxM3CtH0oLeaQlfcdqvkYUBr3LIynSpNsJX9bR8EHjKgL5m6N4ULnNSHZjT+ /dRNQhg+YdkV+oFpp0LM8nNJzy6LwQBKjg2gaOzpoRXr2dklHoqSIDxnzHsVchnb v8xVIkb8Qp1iPQ+f3kpqquvWxwIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFFe84m4J i1d7xrFOTfNgk7iyVgC8MB8GA1UdIwQYMBaAFHPZAJJOcBVI5uMgOID2wJcqTCka MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOUU3Mi9FNkI0NDkwMjg0 ODAxMUVGQUFEOEUyMzNDNEY5QUUwMi9jOWtBa2s1d0ZVam00eUE0Z1BiQWx5cE1L Um8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2M5a0FrazV3RlVqbTR5QTRnUGJBbHlwTUtSby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzlFNzIvRTZCNDQ5MDI4NDgwMTFFRkFBRDhFMjMzQzRGOUFFMDIvNTQ0MEM0Qzg4 NDgxMTFFRjlGM0VDRTM0QzRGOUFFMDIucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS BAIAATAMAwQCK/yUAwQCZ/KMMA0EAgACMAcDBQAkAROAMA0GCSqGSIb3DQEBCwUA A4IBAQBFeYml8hObjm4oXgde+8RG57Qi9U/+n5z+FqnnJUBT/q0ZTjBYBZkPTpsK L17+NgsaIininiyR8UrJ2+1YV78spTqrgN+n8usvmH+t2e+QWGGqm3j05NyJisS0 8oWlWIqdNKTLtX4yYUl5xt4EuZl1kz+d8sH/3pclnntyygttpKoSALFiTCsK5yws L3dQYa7WulYkoB3vHxAudLZgLpZ8TLUDK13dMeHfwL2PQh+wfHVghIzQVgHnYxFF bfHAmaOIfRt0v/zqbPNSkgmiOGLK6LGTCk7QsmzvhtYdDpsz9vQhaX5usJSZ4ctO ifwgilSZuMrx7Scsb+9vA6uZOrJK -----END CERTIFICATE-----Generated at Thu Mar 26 14:55:36 2026 by rpki-client