$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE4A1/85FA0CE880B711EC9FEB2C67C4F9AE02/2D81FF3680BB11EC8FD7663DC4F9AE02.roa File: 2D81FF3680BB11EC8FD7663DC4F9AE02.roa (raw, json) Hash identifier: ZXvDIWbTCb8WCYYshIJ3J2xiGTpcfDrsr3NF1q6+AQM= Subject key identifier: 0A:51:BF:26:5D:29:B3:9E:4E:42:BA:49:00:22:44:C0:EB:E6:9E:1D Certificate issuer: /CN=A91CE4A1/serialNumber=15473EFB3C5AE8A0C47647B7E0FDE5886B6B1FA3 Certificate serial: 048F Authority key identifier: 15:47:3E:FB:3C:5A:E8:A0:C4:76:47:B7:E0:FD:E5:88:6B:6B:1F:A3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FUc--zxa6KDEdke34P3liGtrH6M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE4A1/85FA0CE880B711EC9FEB2C67C4F9AE02/2D81FF3680BB11EC8FD7663DC4F9AE02.roa Signing time: Sun 01 Mar 2026 10:00:14 +0000 ROA not before: Thu 31 Jul 2025 01:06:51 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 139029 IP address blocks: 103.138.172.0/23 maxlen: 23 103.138.172.0/24 maxlen: 24 103.138.173.0/24 maxlen: 24 2406:6fc0::/32 maxlen: 32 2406:6fc0::/48 maxlen: 48 2406:6fc0:1::/48 maxlen: 48 2406:6fc0:2::/48 maxlen: 48 2406:6fc0:3::/48 maxlen: 48 2406:6fc0:4::/48 maxlen: 48 2406:6fc0:5::/48 maxlen: 48 2406:6fc0:6::/48 maxlen: 48 2406:6fc0:7::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE4A1/85FA0CE880B711EC9FEB2C67C4F9AE02/FUc--zxa6KDEdke34P3liGtrH6M.crl rsync://rpki.apnic.net/member_repository/A91CE4A1/85FA0CE880B711EC9FEB2C67C4F9AE02/FUc--zxa6KDEdke34P3liGtrH6M.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FUc--zxa6KDEdke34P3liGtrH6M.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 02 Apr 2026 23:50:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1167 (0x48f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE4A1, serialNumber=15473EFB3C5AE8A0C47647B7E0FDE5886B6B1FA3 Validity Not Before: Jul 31 01:06:51 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=69a40e2d-d99c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:57:f4:ff:43:3f:52:d5:5a:9a:1c:a6:50:d1: 0a:64:bc:87:2f:f5:71:33:f0:0a:94:55:c5:60:af: ee:18:c4:d5:06:cf:be:37:6f:fe:a2:a0:6b:8f:f3: 77:62:e6:ad:22:13:a6:e7:59:45:17:74:00:51:5a: dc:06:13:8d:75:59:63:05:ae:db:4a:ec:c9:61:3c: 87:de:d6:13:50:a2:ba:dc:d4:0a:37:0f:21:2a:ec: 40:fa:d0:89:08:c1:9a:20:28:e6:5b:ec:df:42:e0: 1f:36:20:86:99:0a:2b:f5:be:61:ca:cc:1a:a9:e4: 26:f9:62:f1:be:3f:5a:ee:21:2a:1d:6a:4f:fd:00: 1f:f6:c8:bf:d5:ad:b9:8f:0f:dc:42:e9:1f:64:91: f1:26:53:3f:a3:e7:e8:cc:f1:26:2f:54:01:37:94: b2:98:32:02:89:cd:6c:b6:78:8b:8b:de:0b:37:15: cf:9c:3e:dc:a5:81:4e:5d:01:f7:32:88:7c:02:d9: 6f:fe:7d:5b:86:f8:83:c1:57:bf:63:7b:20:c7:19: e2:2d:01:3c:57:c4:15:6d:e6:32:d6:de:ab:70:52: 4e:43:f0:4e:9a:4c:8a:52:97:74:1e:2b:54:cb:74: 44:71:57:81:33:c9:3f:1f:45:9c:0a:26:6d:c1:c5: 1a:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:51:BF:26:5D:29:B3:9E:4E:42:BA:49:00:22:44:C0:EB:E6:9E:1D X509v3 Authority Key Identifier: keyid:15:47:3E:FB:3C:5A:E8:A0:C4:76:47:B7:E0:FD:E5:88:6B:6B:1F:A3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE4A1/85FA0CE880B711EC9FEB2C67C4F9AE02/FUc--zxa6KDEdke34P3liGtrH6M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FUc--zxa6KDEdke34P3liGtrH6M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE4A1/85FA0CE880B711EC9FEB2C67C4F9AE02/2D81FF3680BB11EC8FD7663DC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.138.172.0/23 IPv6: 2406:6fc0::/32 Signature Algorithm: sha256WithRSAEncryption 1e:37:15:49:52:ec:c7:14:6e:5c:21:da:3f:30:41:42:e8:95: 60:9d:8e:c8:59:87:42:db:74:3a:9d:29:3e:de:c4:16:28:1f: f1:cf:0b:48:49:c3:5e:9f:03:5a:55:03:14:29:da:7c:9c:14: d9:b9:4e:16:82:12:ac:8b:30:d9:03:8c:75:25:e9:56:9b:ef: 39:cb:68:30:d3:97:ca:56:ca:f6:59:b8:34:0d:72:ff:59:7d: fd:4a:b6:5f:85:0b:dd:75:9b:55:01:75:74:66:4f:7c:47:90: 87:f7:1d:8a:ed:aa:b0:d3:5f:aa:18:c1:84:0e:e4:2b:64:89: 4a:81:10:fa:ab:e0:36:1a:fd:9b:19:ef:c1:1f:28:0b:6c:14: 80:a3:7e:21:fe:57:ef:8b:f7:90:e2:22:db:e7:a3:30:fe:00: 63:43:69:e8:ae:df:0d:80:34:7c:e0:7a:9b:3a:bf:7d:79:59: b3:8e:3c:78:32:d1:f8:4c:80:46:0e:c6:bc:e3:0e:db:90:01: 76:81:9d:7e:61:9b:09:2f:c2:b1:87:9e:ec:a4:af:0b:cc:73: 49:24:3b:fb:2a:30:ac:d9:3e:11:7e:0c:43:8a:9a:71:2e:3c: de:8f:57:58:d6:49:d2:14:f2:f7:be:39:46:5b:74:24:c9:34: 83:3f:3d:f1 -----BEGIN CERTIFICATE----- MIIFSzCCBDOgAwIBAgICBI8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0U0QTExMTAvBgNVBAUTKDE1NDczRUZCM0M1QUU4QTBDNDc2NDdCN0UwRkRFNTg4 NkI2QjFGQTMwHhcNMjUwNzMxMDEwNjUxWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MGUyZC1kOTljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArFf0/0M/UtVamhymUNEKZLyHL/VxM/AKlFXFYK/uGMTVBs++N2/+oqBrj/N3 YuatIhOm51lFF3QAUVrcBhONdVljBa7bSuzJYTyH3tYTUKK63NQKNw8hKuxA+tCJ CMGaICjmW+zfQuAfNiCGmQor9b5hyswaqeQm+WLxvj9a7iEqHWpP/QAf9si/1a25 jw/cQukfZJHxJlM/o+fozPEmL1QBN5SymDICic1stniLi94LNxXPnD7cpYFOXQH3 Moh8Atlv/n1bhviDwVe/Y3sgxxniLQE8V8QVbeYy1t6rcFJOQ/BOmkyKUpd0HitU y3REcVeBM8k/H0WcCiZtwcUaBQIDAQABo4ICbzCCAmswHQYDVR0OBBYEFApRvyZd KbOeTkK6SQAiRMDr5p4dMB8GA1UdIwQYMBaAFBVHPvs8WuigxHZHt+D95Yhrax+j MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTRBMS84NUZBMENFODgw QjcxMUVDOUZFQjJDNjdDNEY5QUUwMi9GVWMtLXp4YTZLREVka2UzNFAzbGlHdHJI Nk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZVYy0tenhhNktERWRrZTM0UDNsaUd0ckg2TS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0U0QTEvODVGQTBDRTg4MEI3MTFFQzlGRUIyQzY3QzRGOUFFMDIvMkQ4MUZGMzY4 MEJCMTFFQzhGRDc2NjNEQzRGOUFFMDIucm9hMC4GCCsGAQUFBwEHAQH/BB8wHTAM BAIAATAGAwQBZ4qsMA0EAgACMAcDBQAkBm/AMA0GCSqGSIb3DQEBCwUAA4IBAQAe NxVJUuzHFG5cIdo/MEFC6JVgnY7IWYdC23Q6nSk+3sQWKB/xzwtIScNenwNaVQMU Kdp8nBTZuU4WghKsizDZA4x1JelWm+85y2gw05fKVsr2Wbg0DXL/WX39SrZfhQvd dZtVAXV0Zk98R5CH9x2K7aqw01+qGMGEDuQrZIlKgRD6q+A2Gv2bGe/BHygLbBSA o34h/lfvi/eQ4iLb56Mw/gBjQ2nort8NgDR84HqbOr99eVmzjjx4MtH4TIBGDsa8 4w7bkAF2gZ1+YZsJL8Kxh57spK8LzHNJJDv7KjCs2T4RfgxDippxLjzej1dY1knS FPL3vjlGW3QkyTSDPz3x -----END CERTIFICATE-----Generated at Fri Mar 27 03:26:23 2026 by rpki-client