$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFAB9/E853382C9F1311EC9E45D572C4F9AE02/596CCC4E9F1911EC8FDFEA7DC4F9AE02.roa File: 596CCC4E9F1911EC8FDFEA7DC4F9AE02.roa (raw, json) Hash identifier: dEISD/WDoWooLj71u5FYjt6CjHXEIUg8FSxxishj644= Subject key identifier: 14:DB:83:46:CD:06:DC:48:BC:2A:DD:A1:6B:E2:14:FD:85:7B:A8:B5 Certificate issuer: /CN=A91CFAB9/serialNumber=DD8A2B88654C3366FFE7FCF6556A9786002AA65B Certificate serial: 0433 Authority key identifier: DD:8A:2B:88:65:4C:33:66:FF:E7:FC:F6:55:6A:97:86:00:2A:A6:5B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3YoriGVMM2b_5_z2VWqXhgAqpls.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFAB9/E853382C9F1311EC9E45D572C4F9AE02/596CCC4E9F1911EC8FDFEA7DC4F9AE02.roa Signing time: Sun 01 Mar 2026 15:03:14 +0000 ROA not before: Tue 04 Nov 2025 02:36:54 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 135069 IP address blocks: 103.208.140.0/22 maxlen: 22 103.208.140.0/24 maxlen: 24 103.208.141.0/24 maxlen: 24 103.208.142.0/24 maxlen: 24 103.208.143.0/24 maxlen: 24 163.47.109.0/24 maxlen: 24 180.235.104.0/22 maxlen: 22 180.235.104.0/24 maxlen: 24 180.235.105.0/24 maxlen: 24 180.235.106.0/24 maxlen: 24 180.235.107.0/24 maxlen: 24 202.37.108.0/24 maxlen: 24 203.28.247.0/24 maxlen: 24 223.26.24.0/22 maxlen: 22 223.26.24.0/24 maxlen: 24 223.26.25.0/24 maxlen: 24 223.26.26.0/24 maxlen: 24 223.26.27.0/24 maxlen: 24 2404:4880::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFAB9/E853382C9F1311EC9E45D572C4F9AE02/3YoriGVMM2b_5_z2VWqXhgAqpls.crl rsync://rpki.apnic.net/member_repository/A91CFAB9/E853382C9F1311EC9E45D572C4F9AE02/3YoriGVMM2b_5_z2VWqXhgAqpls.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3YoriGVMM2b_5_z2VWqXhgAqpls.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 23:59:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1075 (0x433) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFAB9, serialNumber=DD8A2B88654C3366FFE7FCF6556A9786002AA65B Validity Not Before: Nov 4 02:36:54 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=69a45532-5989 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:ff:fd:28:45:09:18:0b:41:d7:fa:e1:cc:de: d7:a2:01:c1:08:33:bf:33:c0:58:1f:a7:cc:d9:07: fd:6a:24:81:c3:a1:0d:ee:95:62:1d:c0:75:06:85: e8:57:a6:ca:e6:4d:e1:f5:47:0e:b1:78:69:46:9b: 28:dd:24:3d:da:53:58:e9:b8:f4:34:60:06:21:5a: 04:0e:e5:a4:3e:09:54:93:25:53:7b:11:46:97:3e: b3:5e:eb:6d:e5:4e:03:4c:64:9e:ed:ed:71:e0:59: dd:53:b7:b8:c2:6d:ba:93:a9:ab:46:ae:4f:3f:aa: 6d:3f:6f:f8:7d:2a:d4:25:0b:f2:45:65:60:42:7b: e7:e4:47:c5:d3:00:80:ce:d6:87:ec:43:5f:e8:c7: d5:03:e1:83:ad:59:6a:aa:00:b5:c5:35:3a:b9:03: 6c:22:70:e7:a1:61:a3:36:e0:9b:3f:bc:5f:90:ad: a1:3c:6d:e1:0b:4d:65:6b:9b:97:c5:bf:1e:be:1a: 95:43:d1:8e:6b:1e:20:37:c7:d7:d5:4a:eb:95:d7: d1:6f:6d:e0:ec:1a:a3:fc:51:2e:85:67:bd:a4:1d: e0:94:d2:b6:5a:f5:b9:20:d8:0e:24:5d:36:8c:8c: cc:14:c1:a6:f6:d0:94:79:57:b5:cb:d1:57:b5:ec: 41:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:DB:83:46:CD:06:DC:48:BC:2A:DD:A1:6B:E2:14:FD:85:7B:A8:B5 X509v3 Authority Key Identifier: keyid:DD:8A:2B:88:65:4C:33:66:FF:E7:FC:F6:55:6A:97:86:00:2A:A6:5B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFAB9/E853382C9F1311EC9E45D572C4F9AE02/3YoriGVMM2b_5_z2VWqXhgAqpls.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3YoriGVMM2b_5_z2VWqXhgAqpls.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFAB9/E853382C9F1311EC9E45D572C4F9AE02/596CCC4E9F1911EC8FDFEA7DC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.208.140.0/22 163.47.109.0/24 180.235.104.0/22 202.37.108.0/24 203.28.247.0/24 223.26.24.0/22 IPv6: 2404:4880::/32 Signature Algorithm: sha256WithRSAEncryption 02:a4:bf:a0:91:6b:c2:3d:e6:79:cd:72:fe:87:2a:b8:ef:00: 18:9a:41:dd:5e:d6:18:87:09:4c:4f:c6:7e:e7:3e:23:8c:c2: 6e:75:3a:7c:44:3e:30:f0:07:34:a7:a7:59:bc:7a:86:aa:91: a9:98:95:89:17:ce:75:45:06:d1:f0:29:51:48:be:d2:09:2a: 77:ed:36:2f:1f:75:15:cd:ff:a2:c9:39:63:16:24:bd:1d:3d: 93:ab:f1:7f:0c:c4:47:79:6a:fc:74:c5:a1:7a:4b:8b:4c:a1: eb:1e:b2:46:6b:ed:52:8a:d3:14:26:1b:5a:36:f8:ec:dc:78: 81:01:b0:b2:f8:d6:e7:24:6e:78:15:30:9c:00:13:e3:62:5e: 42:1c:56:32:b3:f2:81:93:28:59:d9:16:08:cd:18:9a:dc:9f: 35:c7:9a:89:b9:65:ad:7c:b1:e4:8b:87:aa:6e:3d:fa:b9:f2: a2:83:1a:bd:c7:4f:01:b4:6d:a1:fa:9e:56:fb:6d:d2:59:15: e8:a5:34:aa:2f:f4:cb:cc:83:61:a8:28:d1:33:ac:42:b3:1d: 2b:d1:58:03:0b:10:ea:46:1d:7a:2f:27:08:80:dc:30:c8:63: b1:0f:c7:b7:34:05:1e:f2:a9:f0:66:8f:12:fc:ba:1d:24:00: 3e:d9:a5:c5 -----BEGIN CERTIFICATE----- MIIFaTCCBFGgAwIBAgICBDMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0ZBQjkxMTAvBgNVBAUTKEREOEEyQjg4NjU0QzMzNjZGRkU3RkNGNjU1NkE5Nzg2 MDAyQUE2NUIwHhcNMjUxMTA0MDIzNjU0WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NTUzMi01OTg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzv/9KEUJGAtB1/rhzN7XogHBCDO/M8BYH6fM2Qf9aiSBw6EN7pViHcB1BoXo V6bK5k3h9UcOsXhpRpso3SQ92lNY6bj0NGAGIVoEDuWkPglUkyVTexFGlz6zXutt 5U4DTGSe7e1x4FndU7e4wm26k6mrRq5PP6ptP2/4fSrUJQvyRWVgQnvn5EfF0wCA ztaH7ENf6MfVA+GDrVlqqgC1xTU6uQNsInDnoWGjNuCbP7xfkK2hPG3hC01la5uX xb8evhqVQ9GOax4gN8fX1UrrldfRb23g7Bqj/FEuhWe9pB3glNK2WvW5INgOJF02 jIzMFMGm9tCUeVe1y9FXtexBUQIDAQABo4ICjTCCAokwHQYDVR0OBBYEFBTbg0bN BtxIvCrdoWviFP2Fe6i1MB8GA1UdIwQYMBaAFN2KK4hlTDNm/+f89lVql4YAKqZb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkFCOS9FODUzMzgyQzlG MTMxMUVDOUU0NUQ1NzJDNEY5QUUwMi8zWW9yaUdWTU0yYl81X3oyVldxWGhnQXFw bHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNZb3JpR1ZNTTJiXzVfejJWV3FYaGdBcXBscy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0ZBQjkvRTg1MzM4MkM5RjEzMTFFQzlFNDVENTcyQzRGOUFFMDIvNTk2Q0NDNEU5 RjE5MTFFQzhGREZFQTdEQzRGOUFFMDIucm9hMEwGCCsGAQUFBwEHAQH/BD0wOzAq BAIAATAkAwQCZ9CMAwQAoy9tAwQCtOtoAwQAyiVsAwQAyxz3AwQC3xoYMA0EAgAC MAcDBQAkBEiAMA0GCSqGSIb3DQEBCwUAA4IBAQACpL+gkWvCPeZ5zXL+hyq47wAY mkHdXtYYhwlMT8Z+5z4jjMJudTp8RD4w8Ac0p6dZvHqGqpGpmJWJF851RQbR8ClR SL7SCSp37TYvH3UVzf+iyTljFiS9HT2Tq/F/DMRHeWr8dMWhekuLTKHrHrJGa+1S itMUJhtaNvjs3HiBAbCy+NbnJG54FTCcABPjYl5CHFYys/KBkyhZ2RYIzRia3J81 x5qJuWWtfLHki4eqbj36ufKigxq9x08BtG2h+p5W+23SWRXopTSqL/TLzINhqCjR M6xCsx0r0VgDCxDqRh16LycIgNwwyGOxD8e3NAUe8qnwZo8S/LodJAA+2aXF -----END CERTIFICATE-----Generated at Thu Mar 26 07:45:03 2026 by rpki-client