$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB21D/632CD3E6A7F611EDB9D60C43C4F9AE02/D8D317ACE7CE11F0AC86B9F45C6F56BC.roa File: D8D317ACE7CE11F0AC86B9F45C6F56BC.roa (raw, json) Hash identifier: 1IF3HCjLUpn5Rqg27GBvL6hXv6iteBjvIyKUpAO7Dio= Subject key identifier: 04:32:F8:50:42:FC:77:22:85:FB:A9:A8:7B:D1:3A:70:EC:AB:21:72 Certificate issuer: /CN=A91CB21D/serialNumber=9B1E8188CE64397E8B4241E6758D429DA0FF2E70 Certificate serial: 0260 Authority key identifier: 9B:1E:81:88:CE:64:39:7E:8B:42:41:E6:75:8D:42:9D:A0:FF:2E:70 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mx6BiM5kOX6LQkHmdY1CnaD_LnA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CB21D/632CD3E6A7F611EDB9D60C43C4F9AE02/D8D317ACE7CE11F0AC86B9F45C6F56BC.roa Signing time: Sun 01 Mar 2026 18:19:37 +0000 ROA not before: Sat 03 Jan 2026 01:21:10 +0000 ROA not after: Tue 02 Mar 2027 00:00:00 +0000 asID: 9423 IP address blocks: 103.31.116.0/24 maxlen: 24 103.31.117.0/24 maxlen: 24 2001:df1:7f40::/48 maxlen: 48 2001:df1:7f41::/48 maxlen: 48 2001:df1:7f42::/48 maxlen: 48 2001:df1:7f43::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CB21D/632CD3E6A7F611EDB9D60C43C4F9AE02/mx6BiM5kOX6LQkHmdY1CnaD_LnA.crl rsync://rpki.apnic.net/member_repository/A91CB21D/632CD3E6A7F611EDB9D60C43C4F9AE02/mx6BiM5kOX6LQkHmdY1CnaD_LnA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mx6BiM5kOX6LQkHmdY1CnaD_LnA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Apr 2026 01:45:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 608 (0x260) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CB21D, serialNumber=9B1E8188CE64397E8B4241E6758D429DA0FF2E70 Validity Not Before: Jan 3 01:21:10 2026 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=69a48339-4792 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:11:fd:e3:e9:73:ae:09:ad:16:8f:b7:81:bd: ca:93:9e:5f:4a:66:26:59:51:67:a0:4d:b6:84:99: b0:48:27:f5:38:59:6e:30:21:0c:e9:de:c9:8f:58: e5:3a:56:8c:f8:c3:4e:a8:48:c7:72:6a:1a:ac:f6: 78:ba:dd:3f:79:8b:cd:c7:4e:09:9d:20:32:e5:63: af:b8:b7:9a:5b:08:f1:8e:33:13:3a:87:0f:1c:ad: bc:57:93:a6:8e:04:2e:31:a6:c1:1c:5c:4c:78:13: 00:67:a0:f4:7c:4c:2a:ed:09:a1:23:e8:18:82:01: 1a:57:85:c0:77:96:ae:f2:36:fc:f0:75:3e:e7:8b: c2:02:f1:f7:05:c8:84:94:6d:9a:d9:d4:a8:a2:c2: c2:a6:cf:85:5b:21:5e:d3:af:8e:19:20:d8:cb:49: 52:87:34:a2:74:6e:2a:da:8e:ef:77:4e:51:ff:f7: 43:bb:ab:70:b8:6a:7b:a3:2d:62:bf:7a:12:0a:bd: 05:3f:b9:20:d9:28:45:b0:50:3e:27:48:52:13:63: 18:a2:6c:75:06:81:c5:fd:38:3c:5e:89:19:8c:84: 63:6d:35:3b:bc:45:83:6b:6e:f8:1a:da:f8:c3:5f: f0:d4:23:13:b4:b5:06:2e:4e:68:61:8e:e5:f1:44: f0:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:32:F8:50:42:FC:77:22:85:FB:A9:A8:7B:D1:3A:70:EC:AB:21:72 X509v3 Authority Key Identifier: keyid:9B:1E:81:88:CE:64:39:7E:8B:42:41:E6:75:8D:42:9D:A0:FF:2E:70 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CB21D/632CD3E6A7F611EDB9D60C43C4F9AE02/mx6BiM5kOX6LQkHmdY1CnaD_LnA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mx6BiM5kOX6LQkHmdY1CnaD_LnA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB21D/632CD3E6A7F611EDB9D60C43C4F9AE02/D8D317ACE7CE11F0AC86B9F45C6F56BC.roa sbgp-ipAddrBlock: critical IPv4: 103.31.116.0/23 IPv6: 2001:df1:7f40::/46 Signature Algorithm: sha256WithRSAEncryption 65:ab:3e:62:e2:68:90:c6:e0:f6:c6:29:db:ff:24:88:4c:f2: 86:4e:14:97:a6:50:75:48:8a:26:c7:0d:f5:59:45:58:cf:3e: 70:bc:b6:b3:c6:25:4e:11:22:87:d0:68:9e:ea:07:a8:48:56: 74:0a:f1:bd:c9:31:8c:5c:bd:08:5e:63:65:6d:6d:02:11:6f: ac:7e:37:d7:4d:7d:28:f4:1a:fd:27:e6:ff:a2:93:7a:db:b6: 3a:9b:1c:f4:51:e3:00:dc:df:19:9d:54:b5:cc:2d:8b:62:85: 3e:f4:10:7d:45:19:8a:04:09:7d:81:37:49:42:7c:4a:fc:87: 30:64:43:5e:3f:2f:e9:77:6f:28:64:fd:57:da:47:6a:95:85: 59:11:90:a6:b9:60:1d:31:2d:bd:90:ea:01:22:69:48:33:8f: 9b:72:51:0d:d2:7f:92:88:bf:ee:ee:a3:dd:8d:0d:d7:85:fb: 49:e0:ec:36:44:d9:43:8a:d5:5f:db:97:3b:09:4f:55:aa:72: 76:21:df:25:8f:c8:84:a1:38:b7:b3:59:43:ec:b0:89:5e:3a: 12:7a:cd:ee:6f:93:4e:11:1f:83:25:4c:38:d5:73:22:36:eb: ae:63:35:24:b3:e2:de:4f:11:9c:60:b8:8c:12:bf:a9:c3:c5: 01:3d:3b:d1 -----BEGIN CERTIFICATE----- MIIFTTCCBDWgAwIBAgICAmAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0IyMUQxMTAvBgNVBAUTKDlCMUU4MTg4Q0U2NDM5N0U4QjQyNDFFNjc1OEQ0MjlE QTBGRjJFNzAwHhcNMjYwMTAzMDEyMTEwWhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0ODMzOS00NzkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAohH94+lzrgmtFo+3gb3Kk55fSmYmWVFnoE22hJmwSCf1OFluMCEM6d7Jj1jl OlaM+MNOqEjHcmoarPZ4ut0/eYvNx04JnSAy5WOvuLeaWwjxjjMTOocPHK28V5Om jgQuMabBHFxMeBMAZ6D0fEwq7QmhI+gYggEaV4XAd5au8jb88HU+54vCAvH3BciE lG2a2dSoosLCps+FWyFe06+OGSDYy0lShzSidG4q2o7vd05R//dDu6twuGp7oy1i v3oSCr0FP7kg2ShFsFA+J0hSE2MYomx1BoHF/Tg8XokZjIRjbTU7vEWDa274Gtr4 w1/w1CMTtLUGLk5oYY7l8UTw8QIDAQABo4ICcTCCAm0wHQYDVR0OBBYEFAQy+FBC /HcihfupqHvROnDsqyFyMB8GA1UdIwQYMBaAFJsegYjOZDl+i0JB5nWNQp2g/y5w MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjIxRC82MzJDRDNFNkE3 RjYxMUVEQjlENjBDNDNDNEY5QUUwMi9teDZCaU01a09YNkxRa0htZFkxQ25hRF9M bkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL214NkJpTTVrT1g2TFFrSG1kWTFDbmFEX0xuQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0IyMUQvNjMyQ0QzRTZBN0Y2MTFFREI5RDYwQzQzQzRGOUFFMDIvRDhEMzE3QUNF N0NFMTFGMEFDODZCOUY0NUM2RjU2QkMucm9hMDAGCCsGAQUFBwEHAQH/BCEwHzAM BAIAATAGAwQBZx90MA8EAgACMAkDBwIgAQ3xf0AwDQYJKoZIhvcNAQELBQADggEB AGWrPmLiaJDG4PbGKdv/JIhM8oZOFJemUHVIiibHDfVZRVjPPnC8trPGJU4RIofQ aJ7qB6hIVnQK8b3JMYxcvQheY2VtbQIRb6x+N9dNfSj0Gv0n5v+ik3rbtjqbHPRR 4wDc3xmdVLXMLYtihT70EH1FGYoECX2BN0lCfEr8hzBkQ14/L+l3byhk/VfaR2qV hVkRkKa5YB0xLb2Q6gEiaUgzj5tyUQ3Sf5KIv+7uo92NDdeF+0ng7DZE2UOK1V/b lzsJT1WqcnYh3yWPyIShOLezWUPssIleOhJ6ze5vk04RH4MlTDjVcyI2665jNSSz 4t5PEZxguIwSv6nDxQE9O9E= -----END CERTIFICATE-----Generated at Thu Mar 26 08:19:11 2026 by rpki-client