$ rpki-client -vvf rpki.apnic.net/member_repository/A91EB45A/1E448A481DA111E29F56079308B02CD2/17BB4C20F17E11EAA3CC597BC4F9AE02.roa File: 17BB4C20F17E11EAA3CC597BC4F9AE02.roa (raw, json) Hash identifier: 19iYpTQxec7phX7aSuAR7eVYx46KurWTZFsnfBvWqQo= Subject key identifier: 9F:C1:0B:CF:79:95:7B:93:62:4C:C6:5A:23:5B:E3:E0:27:31:FA:38 Certificate issuer: /CN=A91EB45A/serialNumber=C1422A0C4CFF248D517358EBDF7B4E802BACC0E7 Certificate serial: 352A Authority key identifier: C1:42:2A:0C:4C:FF:24:8D:51:73:58:EB:DF:7B:4E:80:2B:AC:C0:E7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wUIqDEz_JI1Rc1jr33tOgCuswOc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EB45A/1E448A481DA111E29F56079308B02CD2/17BB4C20F17E11EAA3CC597BC4F9AE02.roa Signing time: Sun 01 Mar 2026 13:36:22 +0000 ROA not before: Thu 18 Sep 2025 15:21:14 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 45945 IP address blocks: 43.245.124.0/22 maxlen: 22 43.245.124.0/24 maxlen: 24 43.245.125.0/24 maxlen: 24 43.245.126.0/24 maxlen: 24 43.245.127.0/24 maxlen: 24 103.1.148.0/22 maxlen: 22 103.1.148.0/24 maxlen: 24 103.1.149.0/24 maxlen: 24 103.1.150.0/24 maxlen: 24 103.1.151.0/24 maxlen: 24 124.150.140.0/22 maxlen: 22 124.150.140.0/24 maxlen: 24 124.150.141.0/24 maxlen: 24 124.150.142.0/24 maxlen: 24 124.150.143.0/24 maxlen: 24 2401:fd00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EB45A/1E448A481DA111E29F56079308B02CD2/wUIqDEz_JI1Rc1jr33tOgCuswOc.crl rsync://rpki.apnic.net/member_repository/A91EB45A/1E448A481DA111E29F56079308B02CD2/wUIqDEz_JI1Rc1jr33tOgCuswOc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wUIqDEz_JI1Rc1jr33tOgCuswOc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 15:02:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13610 (0x352a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EB45A, serialNumber=C1422A0C4CFF248D517358EBDF7B4E802BACC0E7 Validity Not Before: Sep 18 15:21:14 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=69a440d6-e2b8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:6b:1b:94:27:6b:c6:2c:4f:b8:10:92:24:4e: 6e:b2:0a:fc:48:6a:92:6f:ff:bc:00:12:39:73:1c: ff:89:48:c0:c2:4e:08:2e:27:6c:6e:73:b5:f3:5e: aa:95:b8:78:64:98:c3:7f:90:76:3c:a1:59:de:62: 7e:c7:75:30:b4:6f:99:51:43:e4:8c:62:8c:32:fb: a6:c9:ca:97:55:6a:07:1a:28:44:d3:87:9e:0d:8f: 88:9e:31:78:50:cb:0a:82:7a:87:6c:97:60:91:7d: f6:1d:f8:1b:7d:d1:61:68:c1:bf:e8:0d:fb:6e:8f: 54:85:ca:69:56:9e:08:be:76:69:94:76:2c:76:2f: 51:3c:bd:e0:fc:04:eb:45:c7:1c:b5:bd:7d:40:e2: 2c:8d:af:5e:7f:0e:5c:14:af:ff:5b:9c:88:ca:99: 47:e4:0e:fe:35:af:5e:63:4a:ed:c4:11:29:18:31: 65:1c:a1:4a:ab:da:2d:ac:9d:d0:b4:5d:ac:e9:97: b0:df:3b:ef:6b:04:74:2c:85:1c:10:87:69:fb:cc: b2:e3:cc:f3:40:94:73:72:a2:5b:b0:45:49:c3:16: 82:74:bf:d1:c4:c3:a9:08:f9:8b:47:7b:9b:cd:e7: 55:a5:6f:1b:f1:be:7b:08:01:77:5d:c6:29:f4:60: 7c:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:C1:0B:CF:79:95:7B:93:62:4C:C6:5A:23:5B:E3:E0:27:31:FA:38 X509v3 Authority Key Identifier: keyid:C1:42:2A:0C:4C:FF:24:8D:51:73:58:EB:DF:7B:4E:80:2B:AC:C0:E7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EB45A/1E448A481DA111E29F56079308B02CD2/wUIqDEz_JI1Rc1jr33tOgCuswOc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wUIqDEz_JI1Rc1jr33tOgCuswOc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EB45A/1E448A481DA111E29F56079308B02CD2/17BB4C20F17E11EAA3CC597BC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.245.124.0/22 103.1.148.0/22 124.150.140.0/22 IPv6: 2401:fd00::/32 Signature Algorithm: sha256WithRSAEncryption 8a:51:a6:29:42:e0:97:e0:cf:a4:3f:37:fc:9e:12:7f:a8:96: fa:11:ad:66:c3:be:ae:9e:b0:4a:02:6a:2a:1d:c5:44:55:2e: ce:5c:e6:95:2b:1c:2e:fc:e1:b2:90:42:b0:4e:0e:ce:15:4b: 09:9f:a9:48:8d:c4:bd:55:ed:a4:c8:6f:ca:b1:a4:84:19:7e: 0a:1b:4d:53:0f:6e:f6:ea:21:f1:2d:30:a3:be:43:86:f0:9f: f8:0e:c4:65:9c:1e:a5:d9:4b:2d:9c:f8:45:12:2a:44:20:d0: 12:db:06:10:fd:cd:9a:6d:e8:a3:30:3c:23:da:da:bb:11:dc: 0b:80:df:d9:d6:fe:3d:8a:80:7a:9e:8d:68:1f:03:2a:ce:0c: 4d:ce:e7:a7:2d:56:dc:9e:43:bd:fd:7b:b7:59:38:ae:0d:11: 30:28:ab:9a:f3:83:4c:e6:05:2c:c4:be:21:83:d3:df:5d:0c: 28:c1:29:39:68:2d:05:46:8c:ba:da:30:70:fc:27:9d:c6:8b: 76:68:5e:e5:e0:33:7a:11:29:c6:c3:ad:c1:68:9c:bc:68:83: 4e:a3:fe:75:01:40:48:9c:75:1a:c5:63:cd:30:60:a3:df:f3: 0a:85:45:c3:b4:84:45:0c:66:64:8f:e4:29:7a:77:8b:55:71: 5c:34:33:83 -----BEGIN CERTIFICATE----- MIIFVzCCBD+gAwIBAgICNSowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUI0NUExMTAvBgNVBAUTKEMxNDIyQTBDNENGRjI0OEQ1MTczNThFQkRGN0I0RTgw MkJBQ0MwRTcwHhcNMjUwOTE4MTUyMTE0WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NDBkNi1lMmI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzmsblCdrxixPuBCSJE5usgr8SGqSb/+8ABI5cxz/iUjAwk4ILidsbnO1816q lbh4ZJjDf5B2PKFZ3mJ+x3UwtG+ZUUPkjGKMMvumycqXVWoHGihE04eeDY+InjF4 UMsKgnqHbJdgkX32HfgbfdFhaMG/6A37bo9UhcppVp4IvnZplHYsdi9RPL3g/ATr Rccctb19QOIsja9efw5cFK//W5yIyplH5A7+Na9eY0rtxBEpGDFlHKFKq9otrJ3Q tF2s6Zew3zvvawR0LIUcEIdp+8yy48zzQJRzcqJbsEVJwxaCdL/RxMOpCPmLR3ub zedVpW8b8b57CAF3XcYp9GB8xwIDAQABo4ICezCCAncwHQYDVR0OBBYEFJ/BC895 lXuTYkzGWiNb4+AnMfo4MB8GA1UdIwQYMBaAFMFCKgxM/ySNUXNY6997ToArrMDn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQjQ1QS8xRTQ0OEE0ODFE QTExMUUyOUY1NjA3OTMwOEIwMkNEMi93VUlxREV6X0pJMVJjMWpyMzN0T2dDdXN3 T2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3dVSXFERXpfSkkxUmMxanIzM3RPZ0N1c3dPYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUI0NUEvMUU0NDhBNDgxREExMTFFMjlGNTYwNzkzMDhCMDJDRDIvMTdCQjRDMjBG MTdFMTFFQUEzQ0M1OTdCQzRGOUFFMDIucm9hMDoGCCsGAQUFBwEHAQH/BCswKTAY BAIAATASAwQCK/V8AwQCZwGUAwQCfJaMMA0EAgACMAcDBQAkAf0AMA0GCSqGSIb3 DQEBCwUAA4IBAQCKUaYpQuCX4M+kPzf8nhJ/qJb6Ea1mw76unrBKAmoqHcVEVS7O XOaVKxwu/OGykEKwTg7OFUsJn6lIjcS9Ve2kyG/KsaSEGX4KG01TD2726iHxLTCj vkOG8J/4DsRlnB6l2UstnPhFEipEINAS2wYQ/c2abeijMDwj2tq7EdwLgN/Z1v49 ioB6no1oHwMqzgxNzuenLVbcnkO9/Xu3WTiuDREwKKua84NM5gUsxL4hg9PfXQwo wSk5aC0FRoy62jBw/Cedxot2aF7l4DN6ESnGw63BaJy8aINOo/51AUBInHUaxWPN MGCj3/MKhUXDtIRFDGZkj+QpeneLVXFcNDOD -----END CERTIFICATE-----Generated at Thu Mar 26 14:32:02 2026 by rpki-client