$ rpki-client -vvf rpki.apnic.net/member_repository/A91DDCB6/F077598ECC3D11EA8BC45C29C4F9AE02/9CB5878688DD11ECAC36C11FC4F9AE02.roa File: 9CB5878688DD11ECAC36C11FC4F9AE02.roa (raw, json) Hash identifier: Sq9EIeOgYCx84pdJfu94sh0DvGiS1iot7O0NRrEDMaM= Subject key identifier: 1C:B5:3D:7D:CE:9B:7C:EA:45:94:91:BC:11:27:2F:55:99:CF:25:80 Certificate issuer: /CN=A91DDCB6/serialNumber=FEA14F23FDB977AC6489D2106E35E023B28968DC Certificate serial: 0914 Authority key identifier: FE:A1:4F:23:FD:B9:77:AC:64:89:D2:10:6E:35:E0:23:B2:89:68:DC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_qFPI_25d6xkidIQbjXgI7KJaNw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DDCB6/F077598ECC3D11EA8BC45C29C4F9AE02/9CB5878688DD11ECAC36C11FC4F9AE02.roa Signing time: Sun 01 Mar 2026 15:42:00 +0000 ROA not before: Wed 08 Oct 2025 20:51:36 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 132420 IP address blocks: 43.252.88.0/22 maxlen: 24 101.53.128.0/19 maxlen: 24 103.20.212.0/22 maxlen: 24 103.250.244.0/22 maxlen: 24 116.204.172.0/22 maxlen: 24 139.5.188.0/22 maxlen: 24 2001:df0:411::/48 maxlen: 48 2001:df4:3500::/48 maxlen: 48 2406:69c0::/32 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DDCB6/F077598ECC3D11EA8BC45C29C4F9AE02/_qFPI_25d6xkidIQbjXgI7KJaNw.crl rsync://rpki.apnic.net/member_repository/A91DDCB6/F077598ECC3D11EA8BC45C29C4F9AE02/_qFPI_25d6xkidIQbjXgI7KJaNw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_qFPI_25d6xkidIQbjXgI7KJaNw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 20:08:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2324 (0x914) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DDCB6, serialNumber=FEA14F23FDB977AC6489D2106E35E023B28968DC Validity Not Before: Oct 8 20:51:36 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=69a45e48-e822 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:4b:8c:8a:4e:22:43:07:b4:64:71:8e:01:5b: 35:62:e8:13:89:25:06:fd:40:dd:dd:9b:74:b0:cc: f4:07:58:c2:b7:d2:98:ce:7e:18:6d:d0:33:5f:b7: e5:5e:72:c0:b2:30:74:9b:96:45:f8:7c:2e:60:b1: 0a:47:fb:e9:c9:a7:fc:af:03:07:0c:52:0d:d7:94: 28:ff:39:e9:8b:cc:8d:ac:8c:28:f3:7c:c7:6b:4c: 54:96:61:60:9b:c5:6f:e8:07:d8:1a:a2:48:a8:5b: 2d:a0:f3:08:9b:24:ec:f5:ce:77:70:8a:71:36:c0: 88:07:cd:56:9d:7e:79:2b:39:35:81:7c:a8:8d:a3: ac:b5:49:c1:64:99:28:96:32:7b:c4:e6:d0:c2:40: 14:2c:73:25:f0:de:f4:e3:bd:20:ac:81:1e:de:51: ee:8f:15:65:3f:f0:10:b2:d6:2b:7f:ef:a1:f8:31: 04:67:74:bd:c6:9e:c0:bb:e8:42:a5:ac:d5:49:5d: 46:09:ce:a1:c0:82:32:44:c5:1c:bd:75:8a:01:90: 16:2d:ac:cd:09:2b:82:34:e4:15:dc:3f:1e:8b:4e: 26:fa:cf:66:d4:67:cc:3a:3c:1a:b7:74:6f:53:f4: a9:ad:7f:7c:44:ac:71:6d:cb:8c:46:6a:98:05:e0: fc:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:B5:3D:7D:CE:9B:7C:EA:45:94:91:BC:11:27:2F:55:99:CF:25:80 X509v3 Authority Key Identifier: keyid:FE:A1:4F:23:FD:B9:77:AC:64:89:D2:10:6E:35:E0:23:B2:89:68:DC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DDCB6/F077598ECC3D11EA8BC45C29C4F9AE02/_qFPI_25d6xkidIQbjXgI7KJaNw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_qFPI_25d6xkidIQbjXgI7KJaNw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DDCB6/F077598ECC3D11EA8BC45C29C4F9AE02/9CB5878688DD11ECAC36C11FC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.252.88.0/22 101.53.128.0/19 103.20.212.0/22 103.250.244.0/22 116.204.172.0/22 139.5.188.0/22 IPv6: 2001:df0:411::/48 2001:df4:3500::/48 2406:69c0::/32 Signature Algorithm: sha256WithRSAEncryption 84:76:3d:e6:08:8a:3c:dc:bc:9a:bc:46:72:8e:8e:8e:c3:2f: 9c:ce:b3:75:a0:35:ce:36:ca:8b:14:bc:39:c5:81:61:25:95: 21:e7:4e:86:98:c7:e7:8f:dd:e5:4b:56:f3:ef:2c:b7:3f:77: f3:46:48:90:42:71:bd:63:ab:4b:5f:d5:14:3c:70:65:b0:0b: be:b9:37:03:0c:dd:90:ac:39:51:6c:66:29:0e:cd:22:d5:27: e2:55:93:5a:09:2d:36:a3:76:60:7d:6c:2f:5d:8b:63:33:4a: 2d:33:36:d7:e3:c4:8a:3f:3a:4d:52:2f:8f:d5:0e:b3:29:6e: e0:bb:b0:8e:22:07:a6:99:ca:7f:e2:a8:2e:95:1e:98:ae:1e: 36:26:27:ed:bd:70:4b:80:b9:04:9f:e1:51:34:61:a7:8c:68: 0f:31:19:66:bf:06:4b:30:bd:75:4b:86:ce:a3:90:3a:7d:37: ae:a1:5c:71:f4:e1:8e:35:f8:5b:40:1d:37:f8:99:45:c3:d4: c7:bf:b5:79:32:c4:a7:27:f4:8b:8c:cc:0d:30:ce:23:15:83: 8f:74:65:80:74:c1:96:ac:f7:be:dc:26:6d:32:6c:0e:7f:e3: bd:53:87:c0:15:fd:3a:5f:9e:11:80:91:f8:49:1b:8e:c1:ed: 19:2e:48:76 -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgICCRQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RERDQjYxMTAvBgNVBAUTKEZFQTE0RjIzRkRCOTc3QUM2NDg5RDIxMDZFMzVFMDIz QjI4OTY4REMwHhcNMjUxMDA4MjA1MTM2WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NWU0OC1lODIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw0uMik4iQwe0ZHGOAVs1YugTiSUG/UDd3Zt0sMz0B1jCt9KYzn4YbdAzX7fl XnLAsjB0m5ZF+HwuYLEKR/vpyaf8rwMHDFIN15Qo/znpi8yNrIwo83zHa0xUlmFg m8Vv6AfYGqJIqFstoPMImyTs9c53cIpxNsCIB81WnX55Kzk1gXyojaOstUnBZJko ljJ7xObQwkAULHMl8N70470grIEe3lHujxVlP/AQstYrf++h+DEEZ3S9xp7Au+hC pazVSV1GCc6hwIIyRMUcvXWKAZAWLazNCSuCNOQV3D8ei04m+s9m1GfMOjwat3Rv U/SprX98RKxxbcuMRmqYBeD86QIDAQABo4ICnzCCApswHQYDVR0OBBYEFBy1PX3O m3zqRZSRvBEnL1WZzyWAMB8GA1UdIwQYMBaAFP6hTyP9uXesZInSEG414COyiWjc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERENCNi9GMDc3NTk4RUND M0QxMUVBOEJDNDVDMjlDNEY5QUUwMi9fcUZQSV8yNWQ2eGtpZElRYmpYZ0k3S0ph TncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL19xRlBJXzI1ZDZ4a2lkSVFialhnSTdLSmFOdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RERDQjYvRjA3NzU5OEVDQzNEMTFFQThCQzQ1QzI5QzRGOUFFMDIvOUNCNTg3ODY4 OEREMTFFQ0FDMzZDMTFGQzRGOUFFMDIucm9hMF4GCCsGAQUFBwEHAQH/BE8wTTAq BAIAATAkAwQCK/xYAwQFZTWAAwQCZxTUAwQCZ/r0AwQCdMysAwQCiwW8MB8EAgAC MBkDBwAgAQ3wBBEDBwAgAQ30NQADBQAkBmnAMA0GCSqGSIb3DQEBCwUAA4IBAQCE dj3mCIo83LyavEZyjo6Owy+czrN1oDXONsqLFLw5xYFhJZUh506GmMfnj93lS1bz 7yy3P3fzRkiQQnG9Y6tLX9UUPHBlsAu+uTcDDN2QrDlRbGYpDs0i1SfiVZNaCS02 o3ZgfWwvXYtjM0otMzbX48SKPzpNUi+P1Q6zKW7gu7COIgemmcp/4qgulR6Yrh42 JiftvXBLgLkEn+FRNGGnjGgPMRlmvwZLML11S4bOo5A6fTeuoVxx9OGONfhbQB03 +JlFw9THv7V5MsSnJ/SLjMwNMM4jFYOPdGWAdMGWrPe+3CZtMmwOf+O9U4fAFf06 X54RgJH4SRuOwe0ZLkh2 -----END CERTIFICATE-----Generated at Thu Mar 26 12:54:40 2026 by rpki-client