$ rpki-client -vvf rpki.apnic.net/member_repository/A91DBAA3/1C17913AD90D11F08680D5F17CD3641D/CF0F37FA1D1B11F1ACF733B0103D8C67.roa File: CF0F37FA1D1B11F1ACF733B0103D8C67.roa (raw, json) Hash identifier: Enic89W+OV3hzIdxS0CHvDqgnWq3iYz6oFq51hnxs94= Subject key identifier: 03:CB:46:1F:1C:39:4F:1C:A6:11:29:34:1F:A5:28:06:FE:42:32:B0 Certificate issuer: /CN=A91DBAA3/serialNumber=F9AE5E2A9DC80B51EAA7577278C3DE061A80AB63 Certificate serial: 35 Authority key identifier: F9:AE:5E:2A:9D:C8:0B:51:EA:A7:57:72:78:C3:DE:06:1A:80:AB:63 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-a5eKp3IC1Hqp1dyeMPeBhqAq2M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DBAA3/1C17913AD90D11F08680D5F17CD3641D/CF0F37FA1D1B11F1ACF733B0103D8C67.roa Signing time: Wed 11 Mar 2026 07:27:50 +0000 ROA not before: Wed 11 Mar 2026 07:27:50 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 13335 IP address blocks: 43.240.36.0/22 maxlen: 24 103.19.188.0/22 maxlen: 24 2400:c680::/32 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DBAA3/1C17913AD90D11F08680D5F17CD3641D/-a5eKp3IC1Hqp1dyeMPeBhqAq2M.crl rsync://rpki.apnic.net/member_repository/A91DBAA3/1C17913AD90D11F08680D5F17CD3641D/-a5eKp3IC1Hqp1dyeMPeBhqAq2M.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-a5eKp3IC1Hqp1dyeMPeBhqAq2M.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Apr 2026 07:46:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53 (0x35) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DBAA3, serialNumber=F9AE5E2A9DC80B51EAA7577278C3DE061A80AB63 Validity Not Before: Mar 11 07:27:50 2026 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=69b11976-d031 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:cc:5c:b4:ad:6f:8a:00:39:f7:51:9f:9d:15: 73:72:3d:bc:7b:b5:a1:d2:4a:96:42:3f:d7:59:6d: f5:38:88:6a:5f:8a:70:5e:04:3c:ca:3e:37:ac:52: ab:a8:26:3d:e4:84:16:23:b2:63:2c:98:0e:33:ca: e8:0f:f7:46:41:70:14:9e:3b:cf:ee:c4:8f:f4:b1: 19:44:0f:bc:11:b9:d7:12:ab:1a:3f:00:b0:2d:d4: 72:41:74:0e:62:d5:28:cf:2e:e5:a7:47:37:25:5a: 1b:86:8a:23:0a:ad:22:2d:04:b4:5d:8b:75:15:16: 71:02:02:ef:b3:d4:0c:08:ea:70:35:6b:17:de:25: d2:3d:39:9a:53:ac:59:49:c1:38:6f:ef:86:c4:8f: 29:23:92:c3:86:1a:f4:76:8b:53:ac:82:f0:6c:a7: 1c:46:0d:a9:b4:e5:c3:35:3b:65:e8:ab:f8:07:ea: 73:66:3d:07:19:08:fa:ce:9b:c1:7c:21:c2:5d:43: bc:c0:51:d2:c2:4f:c8:17:f3:a8:98:bf:13:a7:8d: 2c:66:d7:f9:71:e8:f6:64:ac:46:ab:d5:34:bd:6a: 76:4e:30:64:00:6d:c6:69:83:46:de:57:3d:31:dc: bc:a3:f4:26:72:ae:e8:53:af:50:f9:7f:ca:05:70: 5d:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:CB:46:1F:1C:39:4F:1C:A6:11:29:34:1F:A5:28:06:FE:42:32:B0 X509v3 Authority Key Identifier: keyid:F9:AE:5E:2A:9D:C8:0B:51:EA:A7:57:72:78:C3:DE:06:1A:80:AB:63 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DBAA3/1C17913AD90D11F08680D5F17CD3641D/-a5eKp3IC1Hqp1dyeMPeBhqAq2M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-a5eKp3IC1Hqp1dyeMPeBhqAq2M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DBAA3/1C17913AD90D11F08680D5F17CD3641D/CF0F37FA1D1B11F1ACF733B0103D8C67.roa sbgp-ipAddrBlock: critical IPv4: 43.240.36.0/22 103.19.188.0/22 IPv6: 2400:c680::/32 Signature Algorithm: sha256WithRSAEncryption 68:69:99:b9:13:5f:5a:d8:eb:30:ae:b8:42:40:5a:3c:3a:e3: 2a:c5:bd:36:d4:eb:60:49:66:5e:7d:d5:22:65:db:03:24:88: 9f:85:be:e3:b7:ba:02:90:03:a7:4e:04:2e:13:9f:72:62:18: 50:df:97:69:d2:a6:ed:3f:a7:ac:93:04:01:72:1d:e1:92:50: 96:43:33:10:0e:f6:82:54:21:c8:4b:1c:d8:56:66:6e:2a:b3: e9:01:19:4f:f1:47:5d:16:7e:22:01:3d:fd:43:1a:2a:16:0a: 57:d9:86:8f:6f:77:a4:10:3b:86:03:03:ad:e9:51:ed:12:fa: c1:48:cc:d5:b0:ca:02:82:90:50:9e:c2:bc:ea:33:4b:ad:2b: 95:44:17:0b:17:6e:c9:28:5c:d0:a1:bf:b0:4e:f0:4b:06:52: 41:3f:d7:c9:18:33:92:a5:90:df:44:5f:a4:4e:69:32:75:6a: 4e:c2:e4:ff:89:2b:45:55:d5:da:b1:a5:62:08:47:9e:b3:87: ef:5e:dc:11:af:11:e2:8c:f9:ac:53:52:39:b1:fd:a2:75:e8: 01:60:05:4c:bf:5f:f1:c4:2b:be:7e:b4:1f:5d:68:60:de:9d: 4b:16:0b:1f:a6:6b:08:f3:a1:bf:c9:87:2e:30:7c:62:79:e6: 7f:5c:2f:70 -----BEGIN CERTIFICATE----- MIIFUDCCBDigAwIBAgIBNTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE QkFBMzExMC8GA1UEBRMoRjlBRTVFMkE5REM4MEI1MUVBQTc1NzcyNzhDM0RFMDYx QTgwQUI2MzAeFw0yNjAzMTEwNzI3NTBaFw0yNjA3MDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY5YjExOTc2LWQwMzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC6zFy0rW+KADn3UZ+dFXNyPbx7taHSSpZCP9dZbfU4iGpfinBeBDzKPjesUquo Jj3khBYjsmMsmA4zyugP90ZBcBSeO8/uxI/0sRlED7wRudcSqxo/ALAt1HJBdA5i 1SjPLuWnRzclWhuGiiMKrSItBLRdi3UVFnECAu+z1AwI6nA1axfeJdI9OZpTrFlJ wThv74bEjykjksOGGvR2i1OsgvBspxxGDam05cM1O2Xoq/gH6nNmPQcZCPrOm8F8 IcJdQ7zAUdLCT8gX86iYvxOnjSxm1/lx6PZkrEar1TS9anZOMGQAbcZpg0beVz0x 3Lyj9CZyruhTr1D5f8oFcF1BAgMBAAGjggJ1MIICcTAdBgNVHQ4EFgQUA8tGHxw5 TxymESk0H6UoBv5CMrAwHwYDVR0jBBgwFoAU+a5eKp3IC1Hqp1dyeMPeBhqAq2Mw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURCQUEzLzFDMTc5MTNBRDkw RDExRjA4NjgwRDVGMTdDRDM2NDFELy1hNWVLcDNJQzFIcXAxZHllTVBlQmhxQXEy TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvLWE1ZUtwM0lDMUhxcDFkeWVNUGVCaHFBcTJNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgZYGCCsGAQUFBwELBIGJMIGGMIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QkFBMy8xQzE3OTEzQUQ5MEQxMUYwODY4MEQ1RjE3Q0QzNjQxRC9DRjBGMzdGQTFE MUIxMUYxQUNGNzMzQjAxMDNEOEM2Ny5yb2EwNAYIKwYBBQUHAQcBAf8EJTAjMBIE AgABMAwDBAIr8CQDBAJnE7wwDQQCAAIwBwMFACQAxoAwDQYJKoZIhvcNAQELBQAD ggEBAGhpmbkTX1rY6zCuuEJAWjw64yrFvTbU62BJZl591SJl2wMkiJ+FvuO3ugKQ A6dOBC4Tn3JiGFDfl2nSpu0/p6yTBAFyHeGSUJZDMxAO9oJUIchLHNhWZm4qs+kB GU/xR10WfiIBPf1DGioWClfZho9vd6QQO4YDA63pUe0S+sFIzNWwygKCkFCewrzq M0utK5VEFwsXbskoXNChv7BO8EsGUkE/18kYM5KlkN9EX6ROaTJ1ak7C5P+JK0VV 1dqxpWIIR56zh+9e3BGvEeKM+axTUjmx/aJ16AFgBUy/X/HEK75+tB9daGDenUsW Cx+mawjzob/Jhy4wfGJ55n9cL3A= -----END CERTIFICATE-----Generated at Thu Mar 26 06:02:50 2026 by rpki-client