$ rpki-client -vvf rpki.apnic.net/member_repository/A91CAA69/40E1FC9C9EB011E9B07E7A82C4F9AE02/DF5D49F6985611ECBE7ED328C4F9AE02.roa File: DF5D49F6985611ECBE7ED328C4F9AE02.roa (raw, json) Hash identifier: me+rFWsAlEbbeSVKyP+HO1shOhFMom4laprHvdMZ2FI= Subject key identifier: DF:30:D5:99:37:53:CD:61:43:B9:14:11:0A:DF:4B:11:9E:06:86:37 Certificate issuer: /CN=A91CAA69/serialNumber=946AA2F34CFAF9E4BD6E345BA09A9DE9B9C2D14D Certificate serial: 0EED Authority key identifier: 94:6A:A2:F3:4C:FA:F9:E4:BD:6E:34:5B:A0:9A:9D:E9:B9:C2:D1:4D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lGqi80z6-eS9bjRboJqd6bnC0U0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CAA69/40E1FC9C9EB011E9B07E7A82C4F9AE02/DF5D49F6985611ECBE7ED328C4F9AE02.roa Signing time: Sun 01 Mar 2026 12:17:28 +0000 ROA not before: Sat 12 Apr 2025 17:57:20 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 16509 IP address blocks: 103.85.214.0/24 maxlen: 24 103.85.215.0/24 maxlen: 24 2001:df5:6d00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CAA69/40E1FC9C9EB011E9B07E7A82C4F9AE02/lGqi80z6-eS9bjRboJqd6bnC0U0.crl rsync://rpki.apnic.net/member_repository/A91CAA69/40E1FC9C9EB011E9B07E7A82C4F9AE02/lGqi80z6-eS9bjRboJqd6bnC0U0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lGqi80z6-eS9bjRboJqd6bnC0U0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 17:30:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3821 (0xeed) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CAA69, serialNumber=946AA2F34CFAF9E4BD6E345BA09A9DE9B9C2D14D Validity Not Before: Apr 12 17:57:20 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=69a42e58-3245 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:38:0f:d9:67:f3:af:01:02:32:40:5e:e7:8c: b5:3c:f9:c0:43:b3:01:9c:7b:40:e5:6f:0b:db:f6: bb:e4:85:d3:cb:6f:5e:fa:65:8a:5a:b5:e8:a6:7c: 3d:54:61:71:72:82:75:d0:d1:af:98:98:cc:f5:da: 87:c0:a7:59:14:43:f1:99:3f:05:5d:51:1a:ec:ef: 4a:ac:06:19:67:29:f5:2d:32:1b:64:f5:d0:33:17: 54:5b:8e:65:4f:f4:64:8d:40:5e:37:fb:f2:44:25: cb:48:5e:b7:b7:d5:b5:06:a0:79:d5:db:0f:1e:dc: 44:15:ae:ed:81:11:06:6b:69:99:1c:3b:1c:2b:f1: 69:b9:56:64:40:e9:d4:59:7b:ef:e2:6b:f0:2e:9f: d5:2c:92:34:9a:e2:ea:1d:aa:ae:c1:df:f9:c3:00: a7:64:97:ad:33:7c:dc:6f:ae:d8:0b:3c:7c:cd:f3: 15:a6:bd:d1:55:2c:5e:e0:64:34:51:04:9e:8a:43: 18:a2:c3:1d:36:a9:6b:18:f2:f4:70:b0:6d:c2:7b: eb:19:83:46:da:5d:5a:21:53:61:d0:43:fe:78:c1: 3a:a0:a6:ac:d8:a7:d4:f4:80:42:53:34:b3:50:f5: 8d:a8:0c:eb:3a:64:28:40:5b:f2:42:22:cb:3c:ea: 7e:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:30:D5:99:37:53:CD:61:43:B9:14:11:0A:DF:4B:11:9E:06:86:37 X509v3 Authority Key Identifier: keyid:94:6A:A2:F3:4C:FA:F9:E4:BD:6E:34:5B:A0:9A:9D:E9:B9:C2:D1:4D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CAA69/40E1FC9C9EB011E9B07E7A82C4F9AE02/lGqi80z6-eS9bjRboJqd6bnC0U0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lGqi80z6-eS9bjRboJqd6bnC0U0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CAA69/40E1FC9C9EB011E9B07E7A82C4F9AE02/DF5D49F6985611ECBE7ED328C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.85.214.0/23 IPv6: 2001:df5:6d00::/48 Signature Algorithm: sha256WithRSAEncryption b0:b3:b0:bd:e8:33:51:4e:af:d3:b8:80:ec:4c:a7:c2:d2:c5: 91:e4:99:8d:f0:a8:bd:af:7b:18:7e:c9:01:e7:4b:af:9d:11: 2f:9c:51:f7:32:69:5e:f0:0e:e0:ee:77:96:6e:9b:bb:63:40: f6:b4:23:7a:cc:8d:a8:d2:a5:8d:fe:fb:60:d6:6c:0d:84:af: 8c:45:41:88:29:70:f0:5b:4b:9c:98:28:5b:b8:2c:ab:4d:d9: c8:c5:70:7f:98:13:92:bb:01:59:c4:a5:13:80:f2:3a:91:c1: 40:1d:01:6b:b5:59:e7:6d:d5:c9:3d:6f:95:3d:ec:f2:1a:6b: 14:42:ac:4b:b2:be:a9:50:6d:81:db:7a:24:a9:e3:c0:7e:65: f3:a9:fa:4d:9d:99:de:5e:0f:c2:f6:e5:41:35:32:e4:84:8d: c2:f1:9d:c4:c4:4a:b5:fb:de:15:19:37:cd:fa:51:44:ec:f5: fa:ee:56:46:c1:a4:ad:9a:2a:3e:cf:06:ca:12:d2:44:c7:84: 07:d9:f7:fa:02:76:06:ee:ff:76:15:7e:ed:89:df:66:ad:fb: 42:13:4e:69:18:46:b3:70:cf:88:38:81:a5:58:5c:26:8f:6b: e3:e5:b7:19:d5:0c:5a:8b:22:bc:4e:43:7a:18:5e:c8:5e:aa: dd:e3:4e:cf -----BEGIN CERTIFICATE----- MIIFTTCCBDWgAwIBAgICDu0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0FBNjkxMTAvBgNVBAUTKDk0NkFBMkYzNENGQUY5RTRCRDZFMzQ1QkEwOUE5REU5 QjlDMkQxNEQwHhcNMjUwNDEyMTc1NzIwWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MmU1OC0zMjQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuzgP2WfzrwECMkBe54y1PPnAQ7MBnHtA5W8L2/a75IXTy29e+mWKWrXopnw9 VGFxcoJ10NGvmJjM9dqHwKdZFEPxmT8FXVEa7O9KrAYZZyn1LTIbZPXQMxdUW45l T/RkjUBeN/vyRCXLSF63t9W1BqB51dsPHtxEFa7tgREGa2mZHDscK/FpuVZkQOnU WXvv4mvwLp/VLJI0muLqHaquwd/5wwCnZJetM3zcb67YCzx8zfMVpr3RVSxe4GQ0 UQSeikMYosMdNqlrGPL0cLBtwnvrGYNG2l1aIVNh0EP+eME6oKas2KfU9IBCUzSz UPWNqAzrOmQoQFvyQiLLPOp+ZwIDAQABo4ICcTCCAm0wHQYDVR0OBBYEFN8w1Zk3 U81hQ7kUEQrfSxGeBoY3MB8GA1UdIwQYMBaAFJRqovNM+vnkvW40W6Canem5wtFN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQUE2OS80MEUxRkM5QzlF QjAxMUU5QjA3RTdBODJDNEY5QUUwMi9sR3FpODB6Ni1lUzlialJib0pxZDZibkMw VTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xHcWk4MHo2LWVTOWJqUmJvSnFkNmJuQzBVMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0FBNjkvNDBFMUZDOUM5RUIwMTFFOUIwN0U3QTgyQzRGOUFFMDIvREY1RDQ5RjY5 ODU2MTFFQ0JFN0VEMzI4QzRGOUFFMDIucm9hMDAGCCsGAQUFBwEHAQH/BCEwHzAM BAIAATAGAwQBZ1XWMA8EAgACMAkDBwAgAQ31bQAwDQYJKoZIhvcNAQELBQADggEB ALCzsL3oM1FOr9O4gOxMp8LSxZHkmY3wqL2vexh+yQHnS6+dES+cUfcyaV7wDuDu d5Zum7tjQPa0I3rMjajSpY3++2DWbA2Er4xFQYgpcPBbS5yYKFu4LKtN2cjFcH+Y E5K7AVnEpROA8jqRwUAdAWu1Wedt1ck9b5U97PIaaxRCrEuyvqlQbYHbeiSp48B+ ZfOp+k2dmd5eD8L25UE1MuSEjcLxncTESrX73hUZN836UUTs9fruVkbBpK2aKj7P BsoS0kTHhAfZ9/oCdgbu/3YVfu2J32at+0ITTmkYRrNwz4g4gaVYXCaPa+PltxnV DFqLIrxOQ3oYXsheqt3jTs8= -----END CERTIFICATE-----Generated at Thu Mar 26 03:30:31 2026 by rpki-client