$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/DDF4B0D2F08C11EEB70A1F76C4F9AE02.roa File: DDF4B0D2F08C11EEB70A1F76C4F9AE02.roa (raw, json) Hash identifier: 9wXfax8XfEz0WLGCBKAePLKNXcUyi15PNn60ZKYLt68= Subject key identifier: B9:89:41:8A:25:60:ED:33:8C:F8:C1:47:07:F6:1D:25:95:6F:F5:90 Certificate issuer: /CN=A91CE978/serialNumber=6A1E4F72847EB3699522C93D26773F0DF8396EBE Certificate serial: 3604 Authority key identifier: 6A:1E:4F:72:84:7E:B3:69:95:22:C9:3D:26:77:3F:0D:F8:39:6E:BE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/DDF4B0D2F08C11EEB70A1F76C4F9AE02.roa Signing time: Tue 12 May 2026 15:13:02 +0000 ROA not before: Tue 12 May 2026 15:13:02 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 23838 IP address blocks: 43.255.160.0/22 maxlen: 22 43.255.160.0/24 maxlen: 24 43.255.161.0/24 maxlen: 24 43.255.162.0/24 maxlen: 24 43.255.163.0/24 maxlen: 24 103.8.252.0/22 maxlen: 23 116.90.135.0/24 maxlen: 24 120.136.48.0/20 maxlen: 20 120.136.48.0/21 maxlen: 21 120.136.49.0/24 maxlen: 24 120.136.53.0/24 maxlen: 24 120.136.56.0/21 maxlen: 21 120.136.56.0/24 maxlen: 24 120.136.58.0/24 maxlen: 24 2401:f000:6::/48 maxlen: 48 2401:f000:8::/48 maxlen: 48 2401:f000:16::/48 maxlen: 48 2401:f000:18::/48 maxlen: 48 2402:1c00::/32 maxlen: 32 2402:1c00::/32 maxlen: 48 2402:1c00:4000::/36 maxlen: 36 2402:1c00:8000::/36 maxlen: 36 2402:1c00:9000::/37 maxlen: 37 2402:1c00:c000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.crl rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 19 May 2026 15:13:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13828 (0x3604) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE978, serialNumber=6A1E4F72847EB3699522C93D26773F0DF8396EBE Validity Not Before: May 12 15:13:02 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6a03437e-e03d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:96:ad:f1:f5:70:ae:45:69:9b:42:38:0f:e6: fd:8d:99:b8:e3:67:18:d1:2a:1b:66:9e:8e:3b:c1: 1d:c7:ba:dc:8d:c3:22:81:f6:f7:5e:ac:c0:28:a4: ac:f1:0f:ff:fe:61:39:8b:8d:07:a9:99:50:cb:27: 8f:d0:7a:fe:bc:31:8d:49:f3:ea:43:54:05:ec:16: 07:2f:27:a7:0c:bc:46:8d:11:57:db:4d:b9:c2:64: 01:1d:f0:f5:c9:8e:79:3a:04:8f:f0:a5:9f:70:52: fb:3f:d0:99:5c:93:41:c2:42:cd:a6:5c:ba:8d:95: df:15:e6:74:32:9b:92:ca:9e:d2:ea:99:7d:b3:4c: 32:73:58:51:54:8b:21:fd:8e:2f:f6:a8:5b:b9:86: dd:31:56:d5:9c:20:26:11:c9:25:4b:61:67:a3:5c: 4b:0f:bd:49:d9:05:40:a9:ca:41:83:da:9f:92:f9: 33:01:ac:f4:0a:03:5a:95:77:65:0f:d2:d4:dd:85: 6c:8b:c7:f2:46:b5:51:29:ec:98:ba:ca:e8:55:5d: 8c:41:7d:4d:f6:1c:34:bc:08:f0:9f:af:a2:2b:7b: 16:81:51:b6:25:18:0d:7a:87:b2:ab:6d:1b:ae:14: 79:80:1e:20:d9:44:52:03:73:2f:f7:92:ed:ab:93: 0b:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:89:41:8A:25:60:ED:33:8C:F8:C1:47:07:F6:1D:25:95:6F:F5:90 X509v3 Authority Key Identifier: keyid:6A:1E:4F:72:84:7E:B3:69:95:22:C9:3D:26:77:3F:0D:F8:39:6E:BE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ah5PcoR-s2mVIsk9Jnc_Dfg5br4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE978/3223F35E1D9811E28A8C2E8208B02CD2/DDF4B0D2F08C11EEB70A1F76C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.255.160.0/22 103.8.252.0/22 116.90.135.0/24 120.136.48.0/20 IPv6: 2401:f000:6::/48 2401:f000:8::/48 2401:f000:16::/48 2401:f000:18::/48 2402:1c00::/32 Signature Algorithm: sha256WithRSAEncryption 19:c7:b2:d9:64:2a:a4:0d:64:4d:6c:c1:52:58:48:74:ce:9e: 75:2b:4b:81:45:c1:3d:36:b4:2b:c3:8a:c8:27:ea:a4:b3:0f: 3b:ae:23:1e:40:31:08:8b:65:2c:97:0d:20:e1:c5:55:26:44: c0:ac:58:8c:db:88:e6:20:3b:6c:32:f4:f1:7e:ba:45:35:a0: 97:e9:3e:4a:87:62:f6:58:d1:ac:a0:fb:97:23:66:27:33:1b: f5:16:9e:71:0e:d2:51:37:e7:20:c1:a6:a6:91:d7:8d:d5:b5: 92:3c:f7:21:ed:28:03:91:6b:bc:d8:a6:62:bc:97:f0:59:0a: 76:7c:40:05:5d:03:3b:14:e9:e3:23:cc:4e:7d:00:ce:fe:50: ab:09:0b:e5:92:52:2f:82:31:af:c1:49:8c:af:42:87:19:7f: a2:26:34:42:5d:ed:7f:63:70:1e:0a:ce:91:77:87:ed:2f:a2: 6d:11:ac:17:55:78:e1:5c:4e:31:cf:5f:ed:cd:71:3f:ef:7a: 95:b3:62:37:3b:95:64:95:09:2c:19:8b:3a:38:77:e9:a1:f7: 26:a2:07:19:bc:44:99:0e:ce:44:7c:94:43:cc:fc:e9:67:81: 9c:ba:1f:60:60:48:7d:da:15:45:3a:35:8d:a2:d4:92:84:76: 62:12:2f:8b -----BEGIN CERTIFICATE----- MIIFgTCCBGmgAwIBAgICNgQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0U5NzgxMTAvBgNVBAUTKDZBMUU0RjcyODQ3RUIzNjk5NTIyQzkzRDI2NzczRjBE RjgzOTZFQkUwHhcNMjYwNTEyMTUxMzAyWhcNMjcwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02YTAzNDM3ZS1lMDNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAppat8fVwrkVpm0I4D+b9jZm442cY0SobZp6OO8Edx7rcjcMigfb3XqzAKKSs 8Q///mE5i40HqZlQyyeP0Hr+vDGNSfPqQ1QF7BYHLyenDLxGjRFX2025wmQBHfD1 yY55OgSP8KWfcFL7P9CZXJNBwkLNply6jZXfFeZ0MpuSyp7S6pl9s0wyc1hRVIsh /Y4v9qhbuYbdMVbVnCAmEcklS2Fno1xLD71J2QVAqcpBg9qfkvkzAaz0CgNalXdl D9LU3YVsi8fyRrVRKeyYusroVV2MQX1N9hw0vAjwn6+iK3sWgVG2JRgNeoeyq20b rhR5gB4g2URSA3Mv95Ltq5MLiwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLmJQYol YO0zjPjBRwf2HSWVb/WQMB8GA1UdIwQYMBaAFGoeT3KEfrNplSLJPSZ3Pw34OW6+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTk3OC8zMjIzRjM1RTFE OTgxMUUyOEE4QzJFODIwOEIwMkNEMi9haDVQY29SLXMybVZJc2s5Sm5jX0RmZzVi cjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2FoNVBjb1ItczJtVklzazlKbmNfRGZnNWJyNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0U5NzgvMzIyM0YzNUUxRDk4MTFFMjhBOEMyRTgyMDhCMDJDRDIvRERGNEIwRDJG MDhDMTFFRUI3MEExRjc2QzRGOUFFMDIucm9hMGQGCCsGAQUFBwEHAQH/BFUwUzAe BAIAATAYAwQCK/+gAwQCZwj8AwQAdFqHAwQEeIgwMDEEAgACMCsDBwAkAfAAAAYD BwAkAfAAAAgDBwAkAfAAABYDBwAkAfAAABgDBQAkAhwAMA0GCSqGSIb3DQEBCwUA A4IBAQAZx7LZZCqkDWRNbMFSWEh0zp51K0uBRcE9NrQrw4rIJ+qksw87riMeQDEI i2Uslw0g4cVVJkTArFiM24jmIDtsMvTxfrpFNaCX6T5Kh2L2WNGsoPuXI2YnMxv1 Fp5xDtJRN+cgwaamkdeN1bWSPPch7SgDkWu82KZivJfwWQp2fEAFXQM7FOnjI8xO fQDO/lCrCQvlklIvgjGvwUmMr0KHGX+iJjRCXe1/Y3AeCs6Rd4ftL6JtEawXVXjh XE4xz1/tzXE/73qVs2I3O5VklQksGYs6OHfpofcmogcZvESZDs5EfJRDzPzpZ4Gc uh9gYEh92hVFOjWNotSShHZiEi+L -----END CERTIFICATE-----Generated at Wed May 13 01:46:24 2026 by rpki-client