$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAC82/CBD893A04ED311EAAD7BA211C4F9AE02/2FC13F564ED511EA945E3314C4F9AE02.roa File: 2FC13F564ED511EA945E3314C4F9AE02.roa (raw, json) Hash identifier: ioS23iGIP3uzA+1OKUGYBP4QYkMLTLuRrz1j1/Q9s4U= Subject key identifier: 81:04:3D:9A:64:AD:91:36:41:03:82:21:56:C5:B1:8F:E0:E7:79:C7 Certificate issuer: /CN=A91EAC82/serialNumber=0A9B6981B12D5A4D2DF36EE9D280A6595C325136 Certificate serial: 0B6E Authority key identifier: 0A:9B:69:81:B1:2D:5A:4D:2D:F3:6E:E9:D2:80:A6:59:5C:32:51:36 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CptpgbEtWk0t827p0oCmWVwyUTY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EAC82/CBD893A04ED311EAAD7BA211C4F9AE02/2FC13F564ED511EA945E3314C4F9AE02.roa Signing time: Sun 01 Mar 2026 09:27:13 +0000 ROA not before: Thu 12 Jun 2025 19:35:02 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 138965 IP address blocks: 103.137.204.0/22 maxlen: 22 103.137.204.0/24 maxlen: 24 103.137.205.0/24 maxlen: 24 103.137.206.0/24 maxlen: 24 103.137.207.0/24 maxlen: 24 2400:d3e0::/32 maxlen: 32 2400:d3e0::/35 maxlen: 35 2400:d3e0::/48 maxlen: 48 2400:d3e0:1::/48 maxlen: 48 2400:d3e0:2::/48 maxlen: 48 2400:d3e0:3::/48 maxlen: 48 2400:d3e0:4::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EAC82/CBD893A04ED311EAAD7BA211C4F9AE02/CptpgbEtWk0t827p0oCmWVwyUTY.crl rsync://rpki.apnic.net/member_repository/A91EAC82/CBD893A04ED311EAAD7BA211C4F9AE02/CptpgbEtWk0t827p0oCmWVwyUTY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CptpgbEtWk0t827p0oCmWVwyUTY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 18:59:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2926 (0xb6e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EAC82, serialNumber=0A9B6981B12D5A4D2DF36EE9D280A6595C325136 Validity Not Before: Jun 12 19:35:02 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=69a40671-b7d6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:96:ee:d0:c5:a6:99:79:c0:dc:ed:d3:f8:80: 35:77:05:f8:64:f9:08:71:f4:d6:2e:52:ca:84:1c: 84:84:da:03:4b:c0:78:b1:35:02:39:fd:f6:63:51: db:fc:91:c2:7a:49:16:32:39:88:4c:f4:65:9d:c9: 47:d9:ea:d1:3d:d1:b0:53:ea:0a:51:bc:58:65:be: cb:bd:f0:68:32:86:7b:7f:eb:9a:39:31:fe:42:e9: 35:24:99:78:d3:8d:40:9f:15:47:d2:e9:78:2f:32: ba:87:6c:1c:61:a8:cb:14:cc:e3:1f:a7:72:da:91: 27:ec:3a:32:ea:63:ff:23:b9:57:7a:c7:04:4b:26: fe:5d:88:ef:da:65:64:bb:b8:6b:0d:cd:9b:3f:e9: 5c:a1:ac:c3:d9:5d:d8:3f:37:58:d0:0c:60:93:35: 5a:56:e2:00:01:e3:88:3c:06:50:1c:df:00:ef:5e: 4e:b2:d3:c1:3c:48:e6:16:74:52:fc:72:48:f4:99: a0:73:e8:a0:01:4a:fd:59:bf:89:f4:ee:a0:4f:c8: 64:7f:10:d0:b7:7c:e7:33:27:3e:09:da:06:19:d8: ea:da:9c:b6:b3:00:de:26:59:00:1f:99:13:32:ed: 24:ee:94:8e:f5:b9:fe:39:3e:29:7d:6e:b9:c4:87: b4:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:04:3D:9A:64:AD:91:36:41:03:82:21:56:C5:B1:8F:E0:E7:79:C7 X509v3 Authority Key Identifier: keyid:0A:9B:69:81:B1:2D:5A:4D:2D:F3:6E:E9:D2:80:A6:59:5C:32:51:36 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EAC82/CBD893A04ED311EAAD7BA211C4F9AE02/CptpgbEtWk0t827p0oCmWVwyUTY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CptpgbEtWk0t827p0oCmWVwyUTY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAC82/CBD893A04ED311EAAD7BA211C4F9AE02/2FC13F564ED511EA945E3314C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.137.204.0/22 IPv6: 2400:d3e0::/32 Signature Algorithm: sha256WithRSAEncryption 82:f1:f5:3a:46:9a:36:ac:ae:23:7a:87:02:d4:5b:23:d4:73: ec:f6:b1:6f:40:1d:94:d2:ee:7a:2e:50:2e:46:67:ef:27:9a: db:7e:c9:fe:dc:66:a8:1d:82:9d:17:3f:97:3d:5a:04:e8:43: c9:58:89:c0:a6:dd:a3:0f:9e:1e:78:8a:33:79:b7:aa:56:d3: dc:a0:b0:e8:10:02:c0:47:a8:59:df:6c:5d:2a:d6:0b:08:ad: 11:73:7b:13:59:71:47:46:84:84:57:e8:f5:b0:00:08:05:d4: ac:21:e4:67:7f:91:66:9b:52:d3:ec:e8:6e:c3:18:50:5b:a5: b5:cd:02:38:e7:0f:d8:09:e0:6d:95:24:b0:92:85:50:48:a0: 0e:32:39:b2:08:ba:a5:69:d3:67:df:ae:4c:9e:7a:bb:dd:7c: 77:dc:fe:fa:43:38:3e:b7:3d:c9:7c:58:e2:4c:7d:43:da:79: 84:ad:81:83:95:d2:4d:03:60:a3:e9:68:44:e2:83:ac:00:e5: e0:0a:e3:ba:43:85:54:c5:8a:90:ed:de:29:6f:27:69:81:3b: 82:83:fa:ab:7c:b4:ad:41:fe:8d:ff:a0:d3:88:e6:df:bf:f2: 32:04:a0:6c:d6:71:2e:a8:6a:19:9b:05:c8:90:94:38:1b:8d: c6:36:a2:19 -----BEGIN CERTIFICATE----- MIIFSzCCBDOgAwIBAgICC24wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUFDODIxMTAvBgNVBAUTKDBBOUI2OTgxQjEyRDVBNEQyREYzNkVFOUQyODBBNjU5 NUMzMjUxMzYwHhcNMjUwNjEyMTkzNTAyWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MDY3MS1iN2Q2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAkJbu0MWmmXnA3O3T+IA1dwX4ZPkIcfTWLlLKhByEhNoDS8B4sTUCOf32Y1Hb /JHCekkWMjmITPRlnclH2erRPdGwU+oKUbxYZb7LvfBoMoZ7f+uaOTH+Quk1JJl4 041AnxVH0ul4LzK6h2wcYajLFMzjH6dy2pEn7Doy6mP/I7lXescESyb+XYjv2mVk u7hrDc2bP+lcoazD2V3YPzdY0AxgkzVaVuIAAeOIPAZQHN8A715OstPBPEjmFnRS /HJI9Jmgc+igAUr9Wb+J9O6gT8hkfxDQt3znMyc+CdoGGdjq2py2swDeJlkAH5kT Mu0k7pSO9bn+OT4pfW65xIe0XQIDAQABo4ICbzCCAmswHQYDVR0OBBYEFIEEPZpk rZE2QQOCIVbFsY/g53nHMB8GA1UdIwQYMBaAFAqbaYGxLVpNLfNu6dKApllcMlE2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUM4Mi9DQkQ4OTNBMDRF RDMxMUVBQUQ3QkEyMTFDNEY5QUUwMi9DcHRwZ2JFdFdrMHQ4MjdwMG9DbVdWd3lV VFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NwdHBnYkV0V2swdDgyN3Awb0NtV1Z3eVVUWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUFDODIvQ0JEODkzQTA0RUQzMTFFQUFEN0JBMjExQzRGOUFFMDIvMkZDMTNGNTY0 RUQ1MTFFQTk0NUUzMzE0QzRGOUFFMDIucm9hMC4GCCsGAQUFBwEHAQH/BB8wHTAM BAIAATAGAwQCZ4nMMA0EAgACMAcDBQAkANPgMA0GCSqGSIb3DQEBCwUAA4IBAQCC 8fU6Rpo2rK4jeocC1Fsj1HPs9rFvQB2U0u56LlAuRmfvJ5rbfsn+3GaoHYKdFz+X PVoE6EPJWInApt2jD54eeIozebeqVtPcoLDoEALAR6hZ32xdKtYLCK0Rc3sTWXFH RoSEV+j1sAAIBdSsIeRnf5Fmm1LT7OhuwxhQW6W1zQI45w/YCeBtlSSwkoVQSKAO MjmyCLqladNn365Mnnq73Xx33P76Qzg+tz3JfFjiTH1D2nmErYGDldJNA2Cj6WhE 4oOsAOXgCuO6Q4VUxYqQ7d4pbydpgTuCg/qrfLStQf6N/6DTiObfv/IyBKBs1nEu qGoZmwXIkJQ4G43GNqIZ -----END CERTIFICATE-----Generated at Thu Mar 26 04:40:05 2026 by rpki-client