$ rpki-client -vvf rpki.apnic.net/member_repository/A91F61DD/7C78E2BC309311ECAB68433FC4F9AE02/BFEEB5E4309D11ECABBBBF25C4F9AE02.roa File: BFEEB5E4309D11ECABBBBF25C4F9AE02.roa (raw, json) Hash identifier: uwBd+LUs0WLRGeth+RhrSQgjQ8eS60NPtQG9hRifa0Q= Subject key identifier: 58:04:FE:DF:7F:D6:5B:14:0C:7C:A8:1E:3C:34:FC:31:8D:9F:B4:48 Certificate issuer: /CN=A91F61DD/serialNumber=15D60D60D6A4F50091099A72E0D05EEF3EAF76E9 Certificate serial: 054A Authority key identifier: 15:D6:0D:60:D6:A4:F5:00:91:09:9A:72:E0:D0:5E:EF:3E:AF:76:E9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FdYNYNak9QCRCZpy4NBe7z6vduk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F61DD/7C78E2BC309311ECAB68433FC4F9AE02/BFEEB5E4309D11ECABBBBF25C4F9AE02.roa Signing time: Sun 01 Mar 2026 09:57:14 +0000 ROA not before: Sat 23 Aug 2025 00:04:59 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 147174 IP address blocks: 103.171.20.0/23 maxlen: 23 103.171.20.0/24 maxlen: 24 103.171.21.0/24 maxlen: 24 2407:bcc0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F61DD/7C78E2BC309311ECAB68433FC4F9AE02/FdYNYNak9QCRCZpy4NBe7z6vduk.crl rsync://rpki.apnic.net/member_repository/A91F61DD/7C78E2BC309311ECAB68433FC4F9AE02/FdYNYNak9QCRCZpy4NBe7z6vduk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FdYNYNak9QCRCZpy4NBe7z6vduk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 02 Apr 2026 23:13:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1354 (0x54a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F61DD, serialNumber=15D60D60D6A4F50091099A72E0D05EEF3EAF76E9 Validity Not Before: Aug 23 00:04:59 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=69a40d7a-d770 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:aa:98:fb:f4:45:a3:63:f3:f4:0b:e4:58:c2: 22:a9:51:7c:62:8c:28:3d:f0:dd:50:2f:a4:d8:f7: d1:77:47:58:d0:1e:17:7b:ba:56:27:75:78:22:55: be:84:61:1f:fe:b9:69:ca:99:64:8d:a1:a4:8a:02: f2:93:cd:1e:ff:5f:e8:15:ac:22:94:c3:56:4f:b6: 88:9d:21:87:49:39:f9:39:99:49:26:c8:e5:db:a2: c6:bd:56:0a:0d:3b:38:66:7d:83:6f:b7:c5:ee:03: e6:05:48:5d:91:8a:7d:ec:38:34:00:0a:72:97:6d: f5:f9:d2:20:20:08:09:b7:08:6c:bb:a6:0a:54:97: e2:b4:29:d5:f2:5e:27:f2:a5:fe:65:e1:a1:34:e8: 8d:fe:36:b0:9b:aa:f2:8d:05:b8:8c:9d:dd:be:35: 86:6b:a0:ed:e6:06:3e:2c:cb:60:f3:b3:f6:36:d3: 32:36:f8:85:ea:f8:2f:23:d8:70:7b:12:38:45:2b: 4c:35:f4:de:01:63:99:00:39:c9:f8:f0:27:47:cd: 59:01:99:e1:33:14:71:08:b6:6f:77:8e:b6:63:57: 66:00:7b:d2:df:d7:43:49:d9:f7:a9:4c:37:85:4a: c7:f0:e4:15:6c:67:ee:be:42:62:90:8d:b1:70:14: c1:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:04:FE:DF:7F:D6:5B:14:0C:7C:A8:1E:3C:34:FC:31:8D:9F:B4:48 X509v3 Authority Key Identifier: keyid:15:D6:0D:60:D6:A4:F5:00:91:09:9A:72:E0:D0:5E:EF:3E:AF:76:E9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F61DD/7C78E2BC309311ECAB68433FC4F9AE02/FdYNYNak9QCRCZpy4NBe7z6vduk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FdYNYNak9QCRCZpy4NBe7z6vduk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F61DD/7C78E2BC309311ECAB68433FC4F9AE02/BFEEB5E4309D11ECABBBBF25C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.171.20.0/23 IPv6: 2407:bcc0::/32 Signature Algorithm: sha256WithRSAEncryption 56:94:be:4f:e0:f7:bf:41:9d:6e:02:7e:5b:c4:86:fb:a7:8c: 2d:62:45:15:81:ed:2e:f3:49:21:8d:f8:cf:ce:ba:67:20:05: 29:c8:43:76:a9:af:b9:3d:c2:a8:55:e8:43:9d:86:df:74:9b: 1c:87:e8:ee:02:fc:e6:63:bc:3d:7e:6b:44:41:e3:42:2d:af: cd:66:fb:76:35:0d:bf:63:8d:b3:e4:cc:89:51:25:9b:fb:31: 6a:e1:a8:67:d4:da:ef:a4:82:ce:74:cd:eb:72:3c:5e:5a:5d: 25:6a:f7:40:f0:78:a0:c3:10:ac:b3:ff:3f:ef:1e:eb:a5:73: 59:8b:2b:17:7c:2a:30:f6:8e:5c:d0:0a:17:55:3b:f4:9a:22: b2:55:a5:21:1d:b9:6c:9c:77:3c:14:b5:c2:25:7b:50:54:ad: d1:d9:0a:d5:aa:fa:f5:3e:34:35:8c:69:5d:8a:a3:ae:f6:65: 2b:59:52:5b:9c:cb:e4:a6:c3:a6:0f:1f:48:e5:bc:5d:c4:8c: 43:c0:43:8c:30:d8:be:7d:a7:de:2d:96:e5:06:8d:21:6d:eb: 3a:59:49:ec:64:ed:fe:34:d9:b7:9b:b2:e5:db:fd:dc:6a:13: a3:9b:31:40:3d:5b:08:27:04:32:c8:21:8e:ec:8c:38:59:91: 5e:bf:99:5d -----BEGIN CERTIFICATE----- MIIFSzCCBDOgAwIBAgICBUowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjYxREQxMTAvBgNVBAUTKDE1RDYwRDYwRDZBNEY1MDA5MTA5OUE3MkUwRDA1RUVG M0VBRjc2RTkwHhcNMjUwODIzMDAwNDU5WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MGQ3YS1kNzcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAraqY+/RFo2Pz9AvkWMIiqVF8YowoPfDdUC+k2PfRd0dY0B4Xe7pWJ3V4IlW+ hGEf/rlpyplkjaGkigLyk80e/1/oFawilMNWT7aInSGHSTn5OZlJJsjl26LGvVYK DTs4Zn2Db7fF7gPmBUhdkYp97Dg0AApyl231+dIgIAgJtwhsu6YKVJfitCnV8l4n 8qX+ZeGhNOiN/jawm6ryjQW4jJ3dvjWGa6Dt5gY+LMtg87P2NtMyNviF6vgvI9hw exI4RStMNfTeAWOZADnJ+PAnR81ZAZnhMxRxCLZvd462Y1dmAHvS39dDSdn3qUw3 hUrH8OQVbGfuvkJikI2xcBTB0wIDAQABo4ICbzCCAmswHQYDVR0OBBYEFFgE/t9/ 1lsUDHyoHjw0/DGNn7RIMB8GA1UdIwQYMBaAFBXWDWDWpPUAkQmacuDQXu8+r3bp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjFERC83Qzc4RTJCQzMw OTMxMUVDQUI2ODQzM0ZDNEY5QUUwMi9GZFlOWU5hazlRQ1JDWnB5NE5CZTd6NnZk dWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZkWU5ZTmFrOVFDUkNacHk0TkJlN3o2dmR1ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjYxREQvN0M3OEUyQkMzMDkzMTFFQ0FCNjg0MzNGQzRGOUFFMDIvQkZFRUI1RTQz MDlEMTFFQ0FCQkJCRjI1QzRGOUFFMDIucm9hMC4GCCsGAQUFBwEHAQH/BB8wHTAM BAIAATAGAwQBZ6sUMA0EAgACMAcDBQAkB7zAMA0GCSqGSIb3DQEBCwUAA4IBAQBW lL5P4Pe/QZ1uAn5bxIb7p4wtYkUVge0u80khjfjPzrpnIAUpyEN2qa+5PcKoVehD nYbfdJsch+juAvzmY7w9fmtEQeNCLa/NZvt2NQ2/Y42z5MyJUSWb+zFq4ahn1Nrv pILOdM3rcjxeWl0lavdA8HigwxCss/8/7x7rpXNZiysXfCow9o5c0AoXVTv0miKy VaUhHblsnHc8FLXCJXtQVK3R2QrVqvr1PjQ1jGldiqOu9mUrWVJbnMvkpsOmDx9I 5bxdxIxDwEOMMNi+fafeLZblBo0hbes6WUnsZO3+NNm3m7Ll2/3cahOjmzFAPVsI JwQyyCGO7Iw4WZFev5ld -----END CERTIFICATE-----Generated at Sat Mar 28 12:07:33 2026 by rpki-client