$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2CA8/870322581D9A11E2AA86C28708B02CD2/08FA1EC60C0911EDBDF8C44FC4F9AE02.roa File: 08FA1EC60C0911EDBDF8C44FC4F9AE02.roa (raw, json) Hash identifier: Uji+jzs6NFG4wqDWKqkDcEMRN/9KSog3h0uKrHTnUXM= Subject key identifier: 18:D1:D0:6F:CA:2A:BC:D3:1F:1E:94:A5:79:F8:10:01:DE:5E:DA:61 Certificate issuer: /CN=A91F2CA8/serialNumber=1E752C3D16048C3F3F6323D2B91070BF247D6866 Certificate serial: 3532 Authority key identifier: 1E:75:2C:3D:16:04:8C:3F:3F:63:23:D2:B9:10:70:BF:24:7D:68:66 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HnUsPRYEjD8_YyPSuRBwvyR9aGY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F2CA8/870322581D9A11E2AA86C28708B02CD2/08FA1EC60C0911EDBDF8C44FC4F9AE02.roa Signing time: Sun 01 Mar 2026 13:35:53 +0000 ROA not before: Tue 28 Oct 2025 15:00:53 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 45768 IP address blocks: 27.111.64.0/21 maxlen: 24 113.29.208.0/21 maxlen: 21 180.95.0.0/24 maxlen: 24 180.95.64.0/19 maxlen: 19 180.95.96.0/20 maxlen: 20 180.95.112.0/21 maxlen: 21 202.134.51.0/24 maxlen: 24 203.34.155.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F2CA8/870322581D9A11E2AA86C28708B02CD2/HnUsPRYEjD8_YyPSuRBwvyR9aGY.crl rsync://rpki.apnic.net/member_repository/A91F2CA8/870322581D9A11E2AA86C28708B02CD2/HnUsPRYEjD8_YyPSuRBwvyR9aGY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HnUsPRYEjD8_YyPSuRBwvyR9aGY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 14:54:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13618 (0x3532) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F2CA8, serialNumber=1E752C3D16048C3F3F6323D2B91070BF247D6866 Validity Not Before: Oct 28 15:00:53 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=69a440b9-f88a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:a4:95:a4:a2:e2:d2:88:c6:39:a6:47:29:2c: ad:fa:7a:88:ac:d0:9d:c3:fa:35:3f:57:95:8e:4d: cb:78:82:c8:a4:31:b3:54:51:98:b1:7b:e0:67:bb: 19:41:c9:72:cd:33:d9:52:09:70:54:3e:2d:cf:90: cd:1d:b1:e5:92:75:f0:ba:a3:3a:40:92:a9:a4:cd: b9:fd:13:82:7d:db:1c:35:bb:f9:a3:f0:1b:d8:5a: 32:d6:c2:e4:a5:65:6c:b5:3a:f4:99:1c:1b:e5:3f: 4f:0d:09:9d:f7:07:7a:cd:66:c8:f1:3e:02:eb:4b: 30:4f:3f:34:e6:b4:bf:96:62:4f:bb:12:3d:64:9a: 5a:9e:7c:98:84:2f:b9:2c:2b:51:6e:3e:dc:84:9a: 2f:ab:fa:ff:a9:f9:c2:64:d2:25:fb:20:2e:2c:69: 5c:5c:16:f2:da:fb:b9:f7:3c:dd:fb:6c:74:7e:0e: 5d:dd:d0:e6:67:c1:09:50:23:6c:8c:a4:36:e3:3b: 33:9c:74:61:33:3a:20:2f:b9:88:e2:a1:7b:31:92: 52:65:0a:35:72:94:46:35:ce:cc:9a:ab:ff:67:71: c6:09:0b:80:18:cf:98:45:b9:4f:a9:f4:7d:e7:22: 37:e8:39:09:99:87:a6:55:ed:a3:7b:89:6e:1a:55: 2e:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:D1:D0:6F:CA:2A:BC:D3:1F:1E:94:A5:79:F8:10:01:DE:5E:DA:61 X509v3 Authority Key Identifier: keyid:1E:75:2C:3D:16:04:8C:3F:3F:63:23:D2:B9:10:70:BF:24:7D:68:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F2CA8/870322581D9A11E2AA86C28708B02CD2/HnUsPRYEjD8_YyPSuRBwvyR9aGY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HnUsPRYEjD8_YyPSuRBwvyR9aGY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2CA8/870322581D9A11E2AA86C28708B02CD2/08FA1EC60C0911EDBDF8C44FC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 27.111.64.0/21 113.29.208.0/21 180.95.0.0/24 180.95.64.0-180.95.119.255 202.134.51.0/24 203.34.155.0/24 Signature Algorithm: sha256WithRSAEncryption 3a:ee:35:3c:53:b9:7c:7c:51:17:72:93:96:4d:12:cb:17:40: 34:b8:0d:2c:04:b9:4c:69:07:1d:d4:63:f1:bf:a6:6e:bf:36: d4:41:c4:a2:1a:53:36:04:9e:44:6c:d5:3d:09:f5:2f:13:f7: 41:a4:e4:9d:ce:f7:21:b1:35:38:11:77:4f:10:25:cf:c3:78: 75:91:4a:28:f4:03:38:8a:bf:e6:ea:c0:23:5d:9a:40:25:90: c3:de:4b:de:c0:0b:60:ce:ba:4d:fa:38:c5:f9:3a:8f:ee:dc: f2:4a:b1:26:20:5b:8e:4f:6d:67:0b:b2:dc:fa:64:70:d2:54: f5:20:90:72:0c:f3:7c:b1:68:a3:98:ac:84:2f:d3:ef:4d:ab: 48:51:37:d3:52:15:d2:ee:93:1e:8d:44:b5:75:6d:d5:f4:80: 99:0e:f9:53:aa:1b:39:e4:38:35:4d:62:e1:64:9b:72:1f:35: f3:ee:8e:35:5e:38:b8:be:21:50:3b:ed:3c:11:18:fb:63:cd: 5b:b4:37:01:c3:51:7f:dd:ec:39:25:cc:fc:62:e4:bb:2b:e7: 70:c4:6b:78:4e:2e:53:6e:95:22:fd:15:67:8d:29:7b:bf:e9: 61:c7:ea:a4:50:5a:bd:cb:a1:00:4a:80:21:bf:f1:e9:4e:42: ed:d2:e5:da -----BEGIN CERTIFICATE----- MIIFYjCCBEqgAwIBAgICNTIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjJDQTgxMTAvBgNVBAUTKDFFNzUyQzNEMTYwNDhDM0YzRjYzMjNEMkI5MTA3MEJG MjQ3RDY4NjYwHhcNMjUxMDI4MTUwMDUzWhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NDBiOS1mODhhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtKSVpKLi0ojGOaZHKSyt+nqIrNCdw/o1P1eVjk3LeILIpDGzVFGYsXvgZ7sZ QclyzTPZUglwVD4tz5DNHbHlknXwuqM6QJKppM25/ROCfdscNbv5o/Ab2Foy1sLk pWVstTr0mRwb5T9PDQmd9wd6zWbI8T4C60swTz805rS/lmJPuxI9ZJpannyYhC+5 LCtRbj7chJovq/r/qfnCZNIl+yAuLGlcXBby2vu59zzd+2x0fg5d3dDmZ8EJUCNs jKQ24zsznHRhMzogL7mI4qF7MZJSZQo1cpRGNc7Mmqv/Z3HGCQuAGM+YRblPqfR9 5yI36DkJmYemVe2je4luGlUusQIDAQABo4IChjCCAoIwHQYDVR0OBBYEFBjR0G/K KrzTHx6UpXn4EAHeXtphMB8GA1UdIwQYMBaAFB51LD0WBIw/P2Mj0rkQcL8kfWhm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMkNBOC84NzAzMjI1ODFE OUExMUUyQUE4NkMyODcwOEIwMkNEMi9IblVzUFJZRWpEOF9ZeVBTdVJCd3Z5Ujlh R1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0huVXNQUllFakQ4X1l5UFN1UkJ3dnlSOWFHWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjJDQTgvODcwMzIyNTgxRDlBMTFFMkFBODZDMjg3MDhCMDJDRDIvMDhGQTFFQzYw QzA5MTFFREJERjhDNDRGQzRGOUFFMDIucm9hMEUGCCsGAQUFBwEHAQH/BDYwNDAy BAIAATAsAwQDG29AAwQDcR3QAwQAtF8AMAwDBAa0X0ADBAO0X3ADBADKhjMDBADL IpswDQYJKoZIhvcNAQELBQADggEBADruNTxTuXx8URdyk5ZNEssXQDS4DSwEuUxp Bx3UY/G/pm6/NtRBxKIaUzYEnkRs1T0J9S8T90Gk5J3O9yGxNTgRd08QJc/DeHWR Sij0AziKv+bqwCNdmkAlkMPeS97AC2DOuk36OMX5Oo/u3PJKsSYgW45PbWcLstz6 ZHDSVPUgkHIM83yxaKOYrIQv0+9Nq0hRN9NSFdLukx6NRLV1bdX0gJkO+VOqGznk ODVNYuFkm3IfNfPujjVeOLi+IVA77TwRGPtjzVu0NwHDUX/d7DklzPxi5Lsr53DE a3hOLlNulSL9FWeNKXu/6WHH6qRQWr3LoQBKgCG/8elOQu3S5do= -----END CERTIFICATE-----Generated at Thu Mar 26 14:26:21 2026 by rpki-client