$ rpki-client -vvf rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/DED77BB2FA2F11EF98728875C4F9AE02.roa File: DED77BB2FA2F11EF98728875C4F9AE02.roa (raw, json) Hash identifier: g+9ZIN0bzKl4hPUjZROdg1CsqMAMZorZF/Wv0UBIawM= Subject key identifier: 2C:3B:9A:F2:6F:8B:1F:F9:79:33:DF:D7:76:B1:F0:75:93:D6:AA:C5 Certificate issuer: /CN=A91E868C/serialNumber=28E670C2E37012F05C63BB566E203C51DC45E2B2 Certificate serial: 0F36 Authority key identifier: 28:E6:70:C2:E3:70:12:F0:5C:63:BB:56:6E:20:3C:51:DC:45:E2:B2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/DED77BB2FA2F11EF98728875C4F9AE02.roa Signing time: Sun 01 Mar 2026 17:01:25 +0000 ROA not before: Sat 30 Aug 2025 18:08:49 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 132021 IP address blocks: 103.5.0.0/22 maxlen: 22 103.5.0.0/23 maxlen: 23 103.5.0.0/24 maxlen: 24 103.5.1.0/24 maxlen: 24 103.5.2.0/23 maxlen: 23 103.5.2.0/24 maxlen: 24 103.5.3.0/24 maxlen: 24 126.209.88.0/22 maxlen: 22 126.209.88.0/23 maxlen: 23 126.209.88.0/24 maxlen: 24 126.209.89.0/24 maxlen: 24 126.209.90.0/24 maxlen: 24 126.209.91.0/24 maxlen: 24 2403:cd00::/32 maxlen: 32 2403:cd00::/40 maxlen: 40 2403:cd00::/48 maxlen: 48 2403:cd00:1::/48 maxlen: 48 2403:cd00:2::/48 maxlen: 48 2403:cd00:100::/40 maxlen: 40 2403:cd00:100::/48 maxlen: 48 2403:cd00:101::/48 maxlen: 48 2403:cd00:102::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 17:33:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3894 (0xf36) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E868C, serialNumber=28E670C2E37012F05C63BB566E203C51DC45E2B2 Validity Not Before: Aug 30 18:08:49 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=69a470e5-19a5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:7f:aa:7a:28:39:35:65:b6:59:50:60:60:06: 1d:62:25:4e:10:37:01:13:2e:9c:35:3c:de:37:b6: cd:ba:03:8f:bc:22:e1:fe:98:4a:13:56:ee:08:d0: 7e:c4:17:5d:e1:e1:5e:13:17:5f:a7:be:a6:0a:02: 8a:a2:25:1c:ac:a0:30:73:f1:f9:b4:20:9f:d1:a0: be:ab:83:c6:00:8f:80:f1:01:eb:57:b0:14:7d:97: 97:64:37:1e:f6:59:39:e4:27:0d:71:58:47:15:35: 33:eb:cc:7a:67:15:89:49:e5:8c:2c:96:be:68:b5: e3:13:db:ec:f6:15:22:83:53:c1:4b:6b:d5:c7:92: f1:1d:f7:55:1f:8c:30:35:34:a9:e5:ba:1a:97:cf: 05:e7:b9:64:a5:2d:e7:96:79:61:fb:b8:85:fe:99: 75:c5:a3:64:8b:31:c2:92:6e:fd:92:5a:8e:65:d3: 05:5f:12:bb:15:f9:23:b2:98:25:10:f6:82:07:8e: 26:d5:04:c3:11:a9:ef:46:42:ba:9f:7d:58:86:97: 0c:2c:08:a6:29:0e:15:5e:50:e4:aa:cf:f6:2a:7a: 6b:ec:38:5c:1e:59:6a:4b:35:ed:1d:6b:1f:76:4d: e7:d7:98:98:52:9b:5f:ed:3f:f0:a2:1e:42:ad:80: 44:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:3B:9A:F2:6F:8B:1F:F9:79:33:DF:D7:76:B1:F0:75:93:D6:AA:C5 X509v3 Authority Key Identifier: keyid:28:E6:70:C2:E3:70:12:F0:5C:63:BB:56:6E:20:3C:51:DC:45:E2:B2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/DED77BB2FA2F11EF98728875C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.5.0.0/22 126.209.88.0/22 IPv6: 2403:cd00::/32 Signature Algorithm: sha256WithRSAEncryption 31:d8:28:e8:7d:dd:d1:fe:dc:f8:53:80:af:7e:dc:68:09:a8: b7:c9:a6:0f:d9:71:81:d6:94:3c:3d:bc:f2:bd:6c:ec:6c:a8: 3d:7a:1e:e4:c8:75:59:f8:4f:ed:ef:6d:25:f6:6c:ad:4a:54: a3:4a:a8:3d:4d:a8:18:24:b9:26:4d:6b:1f:e2:9a:5b:39:a6: b6:09:3b:de:c3:2c:77:ba:b1:7f:01:c6:32:a8:f2:89:b1:d5: 1c:e7:f9:e0:b4:fb:53:2d:41:42:ce:e0:f7:42:db:71:1e:25: ee:8a:29:69:76:20:1f:ce:d2:07:fc:dc:77:6f:f7:d4:df:1c: 2d:42:8a:0a:71:8e:e6:3c:85:ef:a6:8f:67:5d:a5:52:32:cd: 5c:c3:e9:84:30:4a:68:92:0a:37:23:c2:b9:da:36:50:19:34: 24:1c:f7:12:3b:e5:22:84:a4:f7:47:16:a7:74:53:ae:95:13: 08:c3:a6:01:b8:40:15:3d:1f:c5:26:29:5f:dc:be:82:02:5b: 19:5b:46:af:0f:5e:8a:aa:f1:8d:27:9b:10:b7:bb:95:e3:f7: 68:5f:7c:b2:67:5a:c1:0e:df:fa:0e:3a:2d:c8:05:06:40:e2: 68:75:d4:a4:eb:72:0f:21:54:70:5b:a7:b9:7b:55:8b:a7:e3: d4:fe:72:7e -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgICDzYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTg2OEMxMTAvBgNVBAUTKDI4RTY3MEMyRTM3MDEyRjA1QzYzQkI1NjZFMjAzQzUx REM0NUUyQjIwHhcNMjUwODMwMTgwODQ5WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NzBlNS0xOWE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzX+qeig5NWW2WVBgYAYdYiVOEDcBEy6cNTzeN7bNugOPvCLh/phKE1buCNB+ xBdd4eFeExdfp76mCgKKoiUcrKAwc/H5tCCf0aC+q4PGAI+A8QHrV7AUfZeXZDce 9lk55CcNcVhHFTUz68x6ZxWJSeWMLJa+aLXjE9vs9hUig1PBS2vVx5LxHfdVH4ww NTSp5boal88F57lkpS3nlnlh+7iF/pl1xaNkizHCkm79klqOZdMFXxK7Ffkjspgl EPaCB44m1QTDEanvRkK6n31YhpcMLAimKQ4VXlDkqs/2Knpr7DhcHllqSzXtHWsf dk3n15iYUptf7T/woh5CrYBECQIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFCw7mvJv ix/5eTPf13ax8HWT1qrFMB8GA1UdIwQYMBaAFCjmcMLjcBLwXGO7Vm4gPFHcReKy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFODY4Qy8zRkI5MzM2OEE5 REIxMUU5ODQyODUyODZDNEY5QUUwMi9LT1p3d3VOd0V2QmNZN3RXYmlBOFVkeEY0 ckkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tPWnd3dU53RXZCY1k3dFdiaUE4VWR4RjRySS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTg2OEMvM0ZCOTMzNjhBOURCMTFFOTg0Mjg1Mjg2QzRGOUFFMDIvREVENzdCQjJG QTJGMTFFRjk4NzI4ODc1QzRGOUFFMDIucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS BAIAATAMAwQCZwUAAwQCftFYMA0EAgACMAcDBQAkA80AMA0GCSqGSIb3DQEBCwUA A4IBAQAx2Cjofd3R/tz4U4CvftxoCai3yaYP2XGB1pQ8PbzyvWzsbKg9eh7kyHVZ +E/t720l9mytSlSjSqg9TagYJLkmTWsf4ppbOaa2CTvewyx3urF/AcYyqPKJsdUc 5/ngtPtTLUFCzuD3QttxHiXuiilpdiAfztIH/Nx3b/fU3xwtQooKcY7mPIXvpo9n XaVSMs1cw+mEMEpokgo3I8K52jZQGTQkHPcSO+UihKT3RxandFOulRMIw6YBuEAV PR/FJilf3L6CAlsZW0avD16KqvGNJ5sQt7uV4/doX3yyZ1rBDt/6DjotyAUGQOJo ddSk63IPIVRwW6e5e1WLp+PU/nJ+ -----END CERTIFICATE-----Generated at Thu Mar 26 07:49:49 2026 by rpki-client