$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/2CF214DC93A611F0B9B44571C4F9AE02.roa File: 2CF214DC93A611F0B9B44571C4F9AE02.roa (raw, json) Hash identifier: VuO6oFmdrg28zC8aljPGAA2mZqdTmBMcrxACwaZ0phY= Subject key identifier: 0F:F7:83:E9:05:D8:1A:CC:4C:90:59:DD:D1:93:AC:FF:BE:85:98:7E Certificate issuer: /CN=A91F2152/serialNumber=243E4829ABF2F909C12DDA044FE5D36B82105392 Certificate serial: 0CF9 Authority key identifier: 24:3E:48:29:AB:F2:F9:09:C1:2D:DA:04:4F:E5:D3:6B:82:10:53:92 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/2CF214DC93A611F0B9B44571C4F9AE02.roa Signing time: Wed 18 Mar 2026 18:23:43 +0000 ROA not before: Wed 18 Mar 2026 18:23:43 +0000 ROA not after: Sat 01 May 2027 00:00:00 +0000 asID: 135037 IP address blocks: 103.206.228.0/23 maxlen: 23 103.206.228.0/24 maxlen: 24 103.206.229.0/24 maxlen: 24 103.206.230.0/24 maxlen: 24 2405:82c0::/32 maxlen: 32 2405:82c0::/48 maxlen: 48 2405:82c0:1000::/48 maxlen: 48 2405:82c0:2000::/48 maxlen: 48 2405:82c0:3000::/48 maxlen: 48 2405:82c0:4000::/48 maxlen: 48 2405:82c0:5000::/48 maxlen: 48 2405:82c0:6000::/48 maxlen: 48 2405:82c0:7000::/48 maxlen: 48 2405:82c0:8000::/48 maxlen: 48 2405:82c0:9000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.crl rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 18:09:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3321 (0xcf9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F2152, serialNumber=243E4829ABF2F909C12DDA044FE5D36B82105392 Validity Not Before: Mar 18 18:23:43 2026 GMT Not After : May 1 00:00:00 2027 GMT Subject: CN=69baedaf-65af Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:de:df:49:df:90:a6:4c:e0:62:07:68:76:6f: cd:15:4f:f8:c3:4b:53:6f:95:32:15:bd:77:18:b4: c3:ef:11:d3:ef:0a:61:ab:f5:9e:d1:88:ff:cb:55: 6d:af:87:1b:87:15:35:a7:65:69:95:c6:e3:3e:a6: 11:67:f9:5a:79:f6:85:9e:d1:2f:e2:cf:b3:8c:f5: bf:56:67:fe:00:6a:2f:f9:a6:ab:cb:b7:9e:28:b0: 98:48:a5:ad:62:de:9e:33:6d:53:e1:8b:52:ee:96: 4f:b0:55:2a:76:03:ed:a3:d5:81:28:5b:cd:5b:8f: e7:bb:4b:09:2e:d9:64:ed:39:cd:83:b0:0e:80:dd: db:96:04:6e:d6:7c:e7:aa:b4:42:5c:c2:8b:46:38: 36:10:da:10:3e:27:33:72:be:0b:2d:43:c6:46:0e: 4d:13:54:33:c2:f9:f1:16:73:d1:9c:3c:cc:42:da: ae:60:89:48:b5:25:0a:c7:2d:cb:b2:ea:7a:50:9b: cb:a6:d6:0d:4d:f7:64:17:3f:3d:1d:3f:8c:c1:2d: b3:52:25:c2:3b:f8:3a:e0:7b:db:b0:c4:b8:22:7d: a8:1e:21:d4:9b:59:74:3e:fc:4d:cf:f8:04:2f:95: 9a:ec:5e:a9:cb:d1:f3:cf:da:4a:d3:89:84:ba:41: 06:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:F7:83:E9:05:D8:1A:CC:4C:90:59:DD:D1:93:AC:FF:BE:85:98:7E X509v3 Authority Key Identifier: keyid:24:3E:48:29:AB:F2:F9:09:C1:2D:DA:04:4F:E5:D3:6B:82:10:53:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/2CF214DC93A611F0B9B44571C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.206.228.0-103.206.230.255 IPv6: 2405:82c0::/32 Signature Algorithm: sha256WithRSAEncryption 03:6a:71:04:db:3f:97:74:be:68:00:bb:9d:88:00:5e:d4:23: 60:8b:72:97:d8:87:7c:5c:80:59:18:44:5e:c6:f6:92:50:00: 0e:ee:b1:15:34:fd:a6:a9:96:4c:41:ea:f7:34:9b:a5:a6:52: 62:90:cc:14:2e:72:02:41:f6:00:34:53:15:4b:ba:3c:40:50: bc:93:c1:00:4e:e3:e5:51:e7:ef:86:cd:bb:1c:fb:f7:fc:be: e4:05:74:84:49:aa:4c:6f:87:9f:49:a1:ea:d3:ec:86:ba:7b: 0c:80:6d:53:a1:31:04:73:61:ba:3e:59:d0:cf:cc:ed:6e:ef: 66:fe:ad:f2:f8:b1:36:85:6d:4a:94:8f:ba:d0:f8:b0:4f:de: 84:f8:94:05:a4:23:1d:99:7e:b4:a2:66:c3:da:16:a7:5f:4e: 5b:d9:5e:20:08:4d:77:3b:31:0e:0e:04:cd:88:7e:3e:c3:f1: 54:2a:ac:4f:91:fb:f7:10:13:07:ee:4c:68:f1:f7:56:ae:f9: 0e:2a:70:15:9b:ba:67:69:e9:b4:79:b2:e5:41:69:1e:78:d7: f7:23:0e:ea:37:51:2e:a4:46:2d:fc:04:f9:4a:b5:0c:46:ac: 1f:75:d9:d9:49:22:9a:ec:1e:eb:e7:45:7c:f8:dc:8b:9b:b3: cd:b4:5e:08 -----BEGIN CERTIFICATE----- MIIFUzCCBDugAwIBAgICDPkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjIxNTIxMTAvBgNVBAUTKDI0M0U0ODI5QUJGMkY5MDlDMTJEREEwNDRGRTVEMzZC ODIxMDUzOTIwHhcNMjYwMzE4MTgyMzQzWhcNMjcwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWJhZWRhZi02NWFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArd7fSd+QpkzgYgdodm/NFU/4w0tTb5UyFb13GLTD7xHT7wphq/We0Yj/y1Vt r4cbhxU1p2VplcbjPqYRZ/laefaFntEv4s+zjPW/Vmf+AGov+aary7eeKLCYSKWt Yt6eM21T4YtS7pZPsFUqdgPto9WBKFvNW4/nu0sJLtlk7TnNg7AOgN3blgRu1nzn qrRCXMKLRjg2ENoQPiczcr4LLUPGRg5NE1QzwvnxFnPRnDzMQtquYIlItSUKxy3L sup6UJvLptYNTfdkFz89HT+MwS2zUiXCO/g64HvbsMS4In2oHiHUm1l0PvxNz/gE L5Wa7F6py9Hzz9pK04mEukEGjwIDAQABo4ICdzCCAnMwHQYDVR0OBBYEFA/3g+kF 2BrMTJBZ3dGTrP++hZh+MB8GA1UdIwQYMBaAFCQ+SCmr8vkJwS3aBE/l02uCEFOS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMjE1Mi9CN0M2QzYwMDA2 RDIxMUVBOEFBQzkzNDRDNEY5QUUwMi9KRDVJS2F2eS1RbkJMZG9FVC1YVGE0SVFV NUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0pENUlLYXZ5LVFuQkxkb0VULVhUYTRJUVU1SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjIxNTIvQjdDNkM2MDAwNkQyMTFFQThBQUM5MzQ0QzRGOUFFMDIvMkNGMjE0REM5 M0E2MTFGMEI5QjQ0NTcxQzRGOUFFMDIucm9hMDYGCCsGAQUFBwEHAQH/BCcwJTAU BAIAATAOMAwDBAJnzuQDBABnzuYwDQQCAAIwBwMFACQFgsAwDQYJKoZIhvcNAQEL BQADggEBAANqcQTbP5d0vmgAu52IAF7UI2CLcpfYh3xcgFkYRF7G9pJQAA7usRU0 /aaplkxB6vc0m6WmUmKQzBQucgJB9gA0UxVLujxAULyTwQBO4+VR5++Gzbsc+/f8 vuQFdIRJqkxvh59JoerT7Ia6ewyAbVOhMQRzYbo+WdDPzO1u72b+rfL4sTaFbUqU j7rQ+LBP3oT4lAWkIx2ZfrSiZsPaFqdfTlvZXiAITXc7MQ4OBM2Ifj7D8VQqrE+R +/cQEwfuTGjx91au+Q4qcBWbumdp6bR5suVBaR541/cjDuo3US6kRi38BPlKtQxG rB912dlJIprsHuvnRXz43Iubs820Xgg= -----END CERTIFICATE-----Generated at Thu Mar 26 08:49:15 2026 by rpki-client