$ rpki-client -vvf rpki.apnic.net/member_repository/A91D5C25/687A10A6765A11E99D01E42EC4F9AE02/4ECF0A4C765C11E9A01A6E34C4F9AE02.roa File: 4ECF0A4C765C11E9A01A6E34C4F9AE02.roa (raw, json) Hash identifier: TTgnDZfqcx7ykCHCc5SaW91kxpbz+cLOZ7D9yI6DF3w= Subject key identifier: D7:A6:37:B7:40:CE:78:62:87:50:56:24:94:3F:26:78:7A:E6:09:55 Certificate issuer: /CN=A91D5C25/serialNumber=CBF2A9DA88AC08F8D5106DECBD72D6FA09C818E9 Certificate serial: 0FB9 Authority key identifier: CB:F2:A9:DA:88:AC:08:F8:D5:10:6D:EC:BD:72:D6:FA:09:C8:18:E9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y_Kp2oisCPjVEG3svXLW-gnIGOk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D5C25/687A10A6765A11E99D01E42EC4F9AE02/4ECF0A4C765C11E9A01A6E34C4F9AE02.roa Signing time: Mon 02 Mar 2026 05:18:17 +0000 ROA not before: Fri 28 Mar 2025 17:58:39 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 59340 IP address blocks: 103.87.112.0/22 maxlen: 22 103.87.112.0/23 maxlen: 23 103.87.112.0/24 maxlen: 24 103.87.113.0/24 maxlen: 24 103.87.114.0/23 maxlen: 23 103.87.114.0/24 maxlen: 24 103.87.115.0/24 maxlen: 24 116.204.220.0/22 maxlen: 22 116.204.220.0/23 maxlen: 23 116.204.220.0/24 maxlen: 24 116.204.221.0/24 maxlen: 24 116.204.222.0/23 maxlen: 23 116.204.222.0/24 maxlen: 24 116.204.223.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D5C25/687A10A6765A11E99D01E42EC4F9AE02/y_Kp2oisCPjVEG3svXLW-gnIGOk.crl rsync://rpki.apnic.net/member_repository/A91D5C25/687A10A6765A11E99D01E42EC4F9AE02/y_Kp2oisCPjVEG3svXLW-gnIGOk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y_Kp2oisCPjVEG3svXLW-gnIGOk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 17:23:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4025 (0xfb9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D5C25, serialNumber=CBF2A9DA88AC08F8D5106DECBD72D6FA09C818E9 Validity Not Before: Mar 28 17:58:39 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=69a51d99-9f40 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:58:fc:da:eb:4a:40:e0:cd:ba:5f:96:0e:5d: 41:41:0d:6d:52:63:ab:bf:8b:04:b8:b1:6f:80:3f: b7:8a:56:b7:f1:85:67:7e:f4:b7:8e:cb:6d:53:33: 60:c6:62:9c:26:58:a7:08:fc:c2:c2:5e:c8:2f:18: 90:85:e5:84:10:20:8a:9d:a8:8d:c1:db:8e:76:ba: 7e:80:13:40:54:d9:24:fd:e2:30:9b:75:d2:ba:60: 04:34:43:1a:df:81:5e:76:3a:5f:72:d9:82:d7:86: 57:85:33:6c:3f:fd:db:b0:86:a9:d1:90:6d:ff:ec: 81:8a:10:38:95:31:54:c0:fe:01:44:8b:e0:6c:06: 00:7b:da:86:62:04:04:43:75:11:03:93:e4:d8:42: 83:33:53:27:40:a2:c2:10:bb:41:b7:40:9d:44:8a: 67:86:bd:6b:df:7d:cd:9a:d2:09:a0:c7:b0:cf:43: e9:ec:e3:88:6f:36:9c:35:dc:4c:51:ac:2b:0a:85: a9:d8:f1:65:5e:06:0e:36:c0:f1:63:91:7b:52:9f: f4:f4:a4:2b:ed:79:15:ca:8f:35:36:fa:ab:79:d7: 70:21:7c:ab:66:94:04:08:64:46:db:7d:2a:d2:2a: 84:3a:bd:eb:b4:62:ca:88:c2:82:f1:cd:15:61:b6: ae:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:A6:37:B7:40:CE:78:62:87:50:56:24:94:3F:26:78:7A:E6:09:55 X509v3 Authority Key Identifier: keyid:CB:F2:A9:DA:88:AC:08:F8:D5:10:6D:EC:BD:72:D6:FA:09:C8:18:E9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D5C25/687A10A6765A11E99D01E42EC4F9AE02/y_Kp2oisCPjVEG3svXLW-gnIGOk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y_Kp2oisCPjVEG3svXLW-gnIGOk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D5C25/687A10A6765A11E99D01E42EC4F9AE02/4ECF0A4C765C11E9A01A6E34C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.87.112.0/22 116.204.220.0/22 Signature Algorithm: sha256WithRSAEncryption 3e:7b:48:a8:0f:7f:53:39:c5:5e:6e:36:2d:30:b0:62:b5:7a: d5:ae:a4:eb:99:b1:8d:b5:be:3d:7a:38:2e:c0:61:07:c2:f8: 7c:c6:eb:cc:97:7c:15:7b:49:4f:ba:a0:5f:00:08:60:50:bb: db:68:fd:e9:44:97:7d:21:6d:85:76:33:38:e8:dd:83:29:8d: 79:1b:9f:0a:21:a5:d9:8e:fa:2b:40:c1:9c:2c:34:a2:9f:b8: 0f:4c:e0:f9:be:a4:14:55:8a:9c:68:9a:c5:7f:53:93:66:0a: 6d:8c:56:b0:99:26:d6:62:4c:73:f9:45:29:91:a3:36:5f:b2: a2:00:bc:5d:bc:7e:be:88:32:87:e3:90:36:51:56:18:b3:33: b7:ea:54:7c:cd:c3:81:02:6c:9d:40:82:9b:61:f3:46:7b:4b: c0:c2:68:0c:09:82:3d:39:dd:87:85:17:05:1c:85:e2:e3:61: 29:85:a9:d4:d8:0b:f0:97:77:59:65:4c:85:4e:75:0c:76:63: ff:12:db:79:6d:4c:18:9e:be:32:82:ff:ee:9d:2b:c9:4d:d6: cb:d1:27:0f:8c:8e:de:1d:6f:d9:46:61:e1:5a:35:45:81:fd: 42:33:47:aa:57:a2:79:b5:31:c7:c3:cb:18:06:4f:2f:2c:ee: d2:05:f3:90 -----BEGIN CERTIFICATE----- MIIFQjCCBCqgAwIBAgICD7kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDVDMjUxMTAvBgNVBAUTKENCRjJBOURBODhBQzA4RjhENTEwNkRFQ0JENzJENkZB MDlDODE4RTkwHhcNMjUwMzI4MTc1ODM5WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02OWE1MWQ5OS05ZjQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmFj82utKQODNul+WDl1BQQ1tUmOrv4sEuLFvgD+3ila38YVnfvS3jsttUzNg xmKcJlinCPzCwl7ILxiQheWEECCKnaiNwduOdrp+gBNAVNkk/eIwm3XSumAENEMa 34FedjpfctmC14ZXhTNsP/3bsIap0ZBt/+yBihA4lTFUwP4BRIvgbAYAe9qGYgQE Q3URA5Pk2EKDM1MnQKLCELtBt0CdRIpnhr1r333NmtIJoMewz0Pp7OOIbzacNdxM UawrCoWp2PFlXgYONsDxY5F7Up/09KQr7XkVyo81NvqreddwIXyrZpQECGRG230q 0iqEOr3rtGLKiMKC8c0VYbauGwIDAQABo4ICZjCCAmIwHQYDVR0OBBYEFNemN7dA znhih1BWJJQ/Jnh65glVMB8GA1UdIwQYMBaAFMvyqdqIrAj41RBt7L1y1voJyBjp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENUMyNS82ODdBMTBBNjc2 NUExMUU5OUQwMUU0MkVDNEY5QUUwMi95X0twMm9pc0NQalZFRzNzdlhMVy1nbklH T2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lfS3Ayb2lzQ1BqVkVHM3N2WExXLWduSUdPay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDVDMjUvNjg3QTEwQTY3NjVBMTFFOTlEMDFFNDJFQzRGOUFFMDIvNEVDRjBBNEM3 NjVDMTFFOUEwMUE2RTM0QzRGOUFFMDIucm9hMCUGCCsGAQUFBwEHAQH/BBYwFDAS BAIAATAMAwQCZ1dwAwQCdMzcMA0GCSqGSIb3DQEBCwUAA4IBAQA+e0ioD39TOcVe bjYtMLBitXrVrqTrmbGNtb49ejguwGEHwvh8xuvMl3wVe0lPuqBfAAhgULvbaP3p RJd9IW2FdjM46N2DKY15G58KIaXZjvorQMGcLDSin7gPTOD5vqQUVYqcaJrFf1OT ZgptjFawmSbWYkxz+UUpkaM2X7KiALxdvH6+iDKH45A2UVYYszO36lR8zcOBAmyd QIKbYfNGe0vAwmgMCYI9Od2HhRcFHIXi42EphanU2Avwl3dZZUyFTnUMdmP/Ett5 bUwYnr4ygv/unSvJTdbL0ScPjI7eHW/ZRmHhWjVFgf1CM0eqV6J5tTHHw8sYBk8v LO7SBfOQ -----END CERTIFICATE-----Generated at Thu Mar 26 17:21:16 2026 by rpki-client