$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3BB3/95AEA9E8CBE411EA806A4A75C4F9AE02/D0CF108ED85111EF9DC0826CC4F9AE02.roa File: D0CF108ED85111EF9DC0826CC4F9AE02.roa (raw, json) Hash identifier: wbC8vyImx6v6ewZMr1D8zOdi43W+XjTwWRTdg25wKL8= Subject key identifier: 87:40:96:CD:AE:3A:EA:B5:A8:C9:F7:03:43:18:CC:06:7B:58:5E:3B Certificate issuer: /CN=A91E3BB3/serialNumber=3CDF43D717FC5849F23A94E29A772B28A5D701E3 Certificate serial: 08E0 Authority key identifier: 3C:DF:43:D7:17:FC:58:49:F2:3A:94:E2:9A:77:2B:28:A5:D7:01:E3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PN9D1xf8WEnyOpTimncrKKXXAeM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3BB3/95AEA9E8CBE411EA806A4A75C4F9AE02/D0CF108ED85111EF9DC0826CC4F9AE02.roa Signing time: Sun 01 Mar 2026 11:54:13 +0000 ROA not before: Sat 30 Aug 2025 21:12:36 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 140933 IP address blocks: 103.153.152.0/23 maxlen: 24 2406:46c0::/32 maxlen: 32 2406:46c0::/36 maxlen: 36 2406:46c0:1000::/36 maxlen: 36 2406:46c0:2000::/36 maxlen: 36 2406:46c0:3000::/36 maxlen: 36 2406:46c0:4000::/36 maxlen: 36 2406:46c0:5000::/36 maxlen: 36 2406:46c0:6000::/36 maxlen: 36 2406:46c0:7000::/36 maxlen: 36 2406:46c0:8000::/36 maxlen: 36 2406:46c0:9000::/36 maxlen: 36 2406:46c0:a000::/36 maxlen: 36 2406:46c0:b000::/36 maxlen: 36 2406:46c0:c000::/36 maxlen: 36 2406:46c0:d000::/36 maxlen: 36 2406:46c0:e000::/36 maxlen: 36 2406:46c0:f000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3BB3/95AEA9E8CBE411EA806A4A75C4F9AE02/PN9D1xf8WEnyOpTimncrKKXXAeM.crl rsync://rpki.apnic.net/member_repository/A91E3BB3/95AEA9E8CBE411EA806A4A75C4F9AE02/PN9D1xf8WEnyOpTimncrKKXXAeM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PN9D1xf8WEnyOpTimncrKKXXAeM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 20:08:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2272 (0x8e0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3BB3, serialNumber=3CDF43D717FC5849F23A94E29A772B28A5D701E3 Validity Not Before: Aug 30 21:12:36 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=69a428e5-006d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:c2:53:4a:1d:54:e0:b4:21:b9:f7:e3:19:63: 28:32:aa:27:c8:6a:f2:49:49:f5:f0:a6:da:0f:bf: 07:c1:4f:87:cc:53:06:4d:e8:aa:e1:c7:b5:0e:94: 83:a1:fd:30:95:95:b8:c4:0f:8b:e8:e5:9e:b7:ca: 9e:89:70:e0:24:7a:ac:25:ea:f5:e2:a9:e9:50:89: a2:e0:59:88:a3:0a:64:49:29:52:6c:05:7f:91:75: 90:7e:25:83:b6:4a:1f:44:2c:32:1a:18:29:b1:51: 8c:eb:99:04:28:aa:4f:fb:ae:75:ef:c8:72:63:ba: b6:11:70:66:cc:9d:83:eb:8e:f9:18:75:34:49:3d: 27:af:57:81:45:8b:a9:92:dd:ca:1d:91:a7:e9:60: d4:c8:19:d6:54:92:9f:27:c1:9c:c6:1f:fb:98:d9: 59:3a:35:c6:3c:02:01:6f:bc:a3:8a:6b:ee:73:51: 80:96:47:73:3b:21:f1:9f:b2:39:44:c9:59:7a:85: ce:fd:b1:74:b4:69:ab:97:7a:10:66:77:94:8b:28: 2c:10:3c:1c:d7:d0:2e:f8:fd:35:20:c7:f1:e4:13: b0:3a:c7:29:46:f3:9b:62:f1:3d:24:3d:b1:39:92: 47:14:27:d0:9d:90:ce:8a:b5:ed:50:8d:c3:a1:16: 1d:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:40:96:CD:AE:3A:EA:B5:A8:C9:F7:03:43:18:CC:06:7B:58:5E:3B X509v3 Authority Key Identifier: keyid:3C:DF:43:D7:17:FC:58:49:F2:3A:94:E2:9A:77:2B:28:A5:D7:01:E3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3BB3/95AEA9E8CBE411EA806A4A75C4F9AE02/PN9D1xf8WEnyOpTimncrKKXXAeM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PN9D1xf8WEnyOpTimncrKKXXAeM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3BB3/95AEA9E8CBE411EA806A4A75C4F9AE02/D0CF108ED85111EF9DC0826CC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.153.152.0/23 IPv6: 2406:46c0::/32 Signature Algorithm: sha256WithRSAEncryption 2a:41:98:b7:71:c7:55:16:37:3c:83:02:b6:04:0c:26:53:f4: 7d:43:51:c8:96:e6:ec:bf:bd:bb:bc:16:41:8b:b7:0a:a5:dc: 2a:12:3a:1a:26:1b:f7:69:b7:db:f6:21:62:62:d4:85:0d:6e: f5:b5:7d:c7:ef:7b:26:33:98:4b:63:a3:aa:20:68:4c:bc:47: f0:86:60:a6:2b:e1:a6:0a:99:c3:7d:80:49:61:97:88:48:9d: 54:72:54:8a:8a:cc:8b:35:ed:72:15:c3:a3:09:aa:b3:de:d7: aa:fd:31:d8:03:82:6f:cd:49:c1:30:f9:46:e1:b2:06:5b:27: 40:98:9c:32:7f:f6:68:fc:fc:d5:f5:6f:51:29:7a:cd:28:e0: 45:0f:ab:98:7f:6a:47:3c:31:a4:d6:d5:d8:58:c7:aa:67:68: af:39:01:e7:2e:0c:ac:47:bb:65:d2:fb:a6:1e:e7:7d:6d:eb: 78:91:a6:a9:89:e6:c9:74:42:76:c6:0f:19:c6:d2:8a:d6:32: 96:6f:a3:48:65:b6:c0:f4:89:0a:da:09:91:90:6a:0f:bd:52: 0f:e7:cf:92:2b:fe:44:5e:c1:7e:c9:b7:e5:48:3b:75:72:7d: d4:ce:80:e4:31:96:cc:52:e4:ac:14:5e:74:8e:b5:f2:b2:47: e9:54:1d:4b -----BEGIN CERTIFICATE----- MIIFSzCCBDOgAwIBAgICCOAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNCQjMxMTAvBgNVBAUTKDNDREY0M0Q3MTdGQzU4NDlGMjNBOTRFMjlBNzcyQjI4 QTVENzAxRTMwHhcNMjUwODMwMjExMjM2WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MjhlNS0wMDZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAq8JTSh1U4LQhuffjGWMoMqonyGrySUn18KbaD78HwU+HzFMGTeiq4ce1DpSD of0wlZW4xA+L6OWet8qeiXDgJHqsJer14qnpUImi4FmIowpkSSlSbAV/kXWQfiWD tkofRCwyGhgpsVGM65kEKKpP+65178hyY7q2EXBmzJ2D6475GHU0ST0nr1eBRYup kt3KHZGn6WDUyBnWVJKfJ8Gcxh/7mNlZOjXGPAIBb7yjimvuc1GAlkdzOyHxn7I5 RMlZeoXO/bF0tGmrl3oQZneUiygsEDwc19Au+P01IMfx5BOwOscpRvObYvE9JD2x OZJHFCfQnZDOirXtUI3DoRYd4QIDAQABo4ICbzCCAmswHQYDVR0OBBYEFIdAls2u Ouq1qMn3A0MYzAZ7WF47MB8GA1UdIwQYMBaAFDzfQ9cX/FhJ8jqU4pp3Kyil1wHj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0JCMy85NUFFQTlFOENC RTQxMUVBODA2QTRBNzVDNEY5QUUwMi9QTjlEMXhmOFdFbnlPcFRpbW5jcktLWFhB ZU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1BOOUQxeGY4V0VueU9wVGltbmNyS0tYWEFlTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTNCQjMvOTVBRUE5RThDQkU0MTFFQTgwNkE0QTc1QzRGOUFFMDIvRDBDRjEwOEVE ODUxMTFFRjlEQzA4MjZDQzRGOUFFMDIucm9hMC4GCCsGAQUFBwEHAQH/BB8wHTAM BAIAATAGAwQBZ5mYMA0EAgACMAcDBQAkBkbAMA0GCSqGSIb3DQEBCwUAA4IBAQAq QZi3ccdVFjc8gwK2BAwmU/R9Q1HIlubsv727vBZBi7cKpdwqEjoaJhv3abfb9iFi YtSFDW71tX3H73smM5hLY6OqIGhMvEfwhmCmK+GmCpnDfYBJYZeISJ1UclSKisyL Ne1yFcOjCaqz3teq/THYA4JvzUnBMPlG4bIGWydAmJwyf/Zo/PzV9W9RKXrNKOBF D6uYf2pHPDGk1tXYWMeqZ2ivOQHnLgysR7tl0vumHud9bet4kaapiebJdEJ2xg8Z xtKK1jKWb6NIZbbA9IkK2gmRkGoPvVIP58+SK/5EXsF+ybflSDt1cn3UzoDkMZbM UuSsFF50jrXyskfpVB1L -----END CERTIFICATE-----Generated at Thu Mar 26 10:52:24 2026 by rpki-client