$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8119/A7EC596C133311E5B83D0F7BC4F9AE02/171130AE15F011EC805A0A2FC4F9AE02.roa File: 171130AE15F011EC805A0A2FC4F9AE02.roa (raw, json) Hash identifier: OkYL9yCBMETHaZgdXd4jZyNgPnKLNw6+6FHJVPhZs8k= Subject key identifier: 53:B4:FB:BC:85:46:D4:B2:5A:63:98:44:A9:C0:DB:83:80:A3:B1:4A Certificate issuer: /CN=A91F8119/serialNumber=5F38F419516162BD886E40BDA927F55DC6FF3E62 Certificate serial: 263B Authority key identifier: 5F:38:F4:19:51:61:62:BD:88:6E:40:BD:A9:27:F5:5D:C6:FF:3E:62 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xzj0GVFhYr2IbkC9qSf1Xcb_PmI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F8119/A7EC596C133311E5B83D0F7BC4F9AE02/171130AE15F011EC805A0A2FC4F9AE02.roa Signing time: Sun 01 Mar 2026 12:13:36 +0000 ROA not before: Sat 30 Aug 2025 16:07:32 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 56099 IP address blocks: 103.89.236.0/22 maxlen: 24 223.25.0.0/22 maxlen: 24 223.25.4.0/22 maxlen: 24 223.25.8.0/22 maxlen: 24 223.25.12.0/22 maxlen: 24 223.25.16.0/22 maxlen: 24 223.25.20.0/22 maxlen: 24 223.25.24.0/22 maxlen: 24 223.25.28.0/22 maxlen: 24 223.25.32.0/22 maxlen: 24 223.25.36.0/22 maxlen: 24 223.25.40.0/22 maxlen: 24 223.25.44.0/22 maxlen: 24 223.25.48.0/22 maxlen: 24 223.25.52.0/22 maxlen: 24 223.25.56.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F8119/A7EC596C133311E5B83D0F7BC4F9AE02/Xzj0GVFhYr2IbkC9qSf1Xcb_PmI.crl rsync://rpki.apnic.net/member_repository/A91F8119/A7EC596C133311E5B83D0F7BC4F9AE02/Xzj0GVFhYr2IbkC9qSf1Xcb_PmI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xzj0GVFhYr2IbkC9qSf1Xcb_PmI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 02 Apr 2026 14:54:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9787 (0x263b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F8119, serialNumber=5F38F419516162BD886E40BDA927F55DC6FF3E62 Validity Not Before: Aug 30 16:07:32 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=69a42d70-57f0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:f8:a2:0a:db:e4:ca:aa:45:21:3a:1c:f7:23: bf:87:82:d6:61:0e:83:a6:d1:2e:44:b9:6c:0b:71: d7:f9:92:f3:84:a5:c7:33:24:27:02:3d:f4:e4:ea: 19:85:b1:d9:1e:2d:5f:33:7e:7a:76:2e:c0:94:92: 5a:8f:95:5f:c4:1f:e6:a8:03:69:73:31:85:a5:e9: 62:ca:94:5b:f9:34:eb:d2:1d:13:3c:b1:ba:f0:0c: de:a8:fd:34:27:bf:ae:13:81:67:e3:40:c8:6c:3d: a1:42:23:73:df:c3:46:a5:d7:2c:de:f1:36:e5:f3: 78:ee:40:a0:1a:ff:80:5e:e6:bc:69:47:00:b2:d0: 85:14:f2:1c:7d:be:fc:9e:50:6d:67:d7:3f:36:64: 73:78:e0:14:6e:1a:b8:1e:76:57:31:7d:20:20:63: 8b:a3:a3:ae:c0:db:af:fe:3c:ca:51:17:d3:ca:6c: 8d:db:86:e9:17:86:c1:d2:85:7b:11:06:31:7a:64: 97:01:31:ae:b7:5f:a9:55:8e:11:e0:df:2f:e0:ff: 06:fd:42:d3:8a:9b:25:7f:8f:4b:45:0d:06:52:27: e7:26:f3:07:51:13:90:14:1a:a0:91:ac:0f:0a:ff: db:b1:fe:62:8a:f6:95:53:a2:1b:9d:f9:d0:1d:90: 3e:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:B4:FB:BC:85:46:D4:B2:5A:63:98:44:A9:C0:DB:83:80:A3:B1:4A X509v3 Authority Key Identifier: keyid:5F:38:F4:19:51:61:62:BD:88:6E:40:BD:A9:27:F5:5D:C6:FF:3E:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F8119/A7EC596C133311E5B83D0F7BC4F9AE02/Xzj0GVFhYr2IbkC9qSf1Xcb_PmI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xzj0GVFhYr2IbkC9qSf1Xcb_PmI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8119/A7EC596C133311E5B83D0F7BC4F9AE02/171130AE15F011EC805A0A2FC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.89.236.0/22 223.25.0.0-223.25.59.255 Signature Algorithm: sha256WithRSAEncryption 76:90:c9:1d:fe:a7:fb:bc:7b:59:f4:96:59:4e:ba:46:67:96: 20:d1:7b:4f:e3:c1:75:5d:1a:de:a1:49:11:b1:13:53:f3:73: 9c:b3:76:4c:3d:95:da:af:85:16:15:0c:6b:13:24:d6:34:66: 4b:07:5a:49:d8:4a:3e:45:d2:27:09:60:e2:00:5b:dc:e1:73: 0a:1a:2c:57:4c:eb:d1:a5:a4:6b:4c:ae:8a:a9:e4:e3:c0:99: 41:0d:9c:1d:12:e6:4f:7d:d9:5a:1d:d3:da:cd:72:25:e3:eb: 88:03:2d:be:cf:1e:ce:77:ad:94:1f:58:49:fd:84:ed:82:06: 52:7c:3c:57:1c:75:53:8c:5f:b9:2c:dc:4b:4b:1f:d3:01:f8: e6:89:d3:61:28:72:f3:58:9a:de:12:bb:69:18:51:8d:fc:02: 51:6d:1f:ff:e5:ec:d2:bc:46:9f:36:5c:46:26:b6:e1:cf:eb: 24:ef:3e:8d:46:bb:40:03:bd:ef:0a:37:16:54:69:bd:ec:4c: 89:ac:3f:f3:0b:a6:0a:d5:01:d3:c3:b2:87:eb:77:50:f5:f0: 14:c3:61:d5:7d:3e:ca:76:67:e9:54:89:ca:61:60:df:ea:92: 78:f9:1c:cb:77:5d:de:82:71:dc:7e:be:95:7f:61:c9:2f:db: 59:b0:ce:b4 -----BEGIN CERTIFICATE----- MIIFSTCCBDGgAwIBAgICJjswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjgxMTkxMTAvBgNVBAUTKDVGMzhGNDE5NTE2MTYyQkQ4ODZFNDBCREE5MjdGNTVE QzZGRjNFNjIwHhcNMjUwODMwMTYwNzMyWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MmQ3MC01N2YwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz/iiCtvkyqpFIToc9yO/h4LWYQ6DptEuRLlsC3HX+ZLzhKXHMyQnAj305OoZ hbHZHi1fM356di7AlJJaj5VfxB/mqANpczGFpeliypRb+TTr0h0TPLG68AzeqP00 J7+uE4Fn40DIbD2hQiNz38NGpdcs3vE25fN47kCgGv+AXua8aUcAstCFFPIcfb78 nlBtZ9c/NmRzeOAUbhq4HnZXMX0gIGOLo6OuwNuv/jzKURfTymyN24bpF4bB0oV7 EQYxemSXATGut1+pVY4R4N8v4P8G/ULTipslf49LRQ0GUifnJvMHUROQFBqgkawP Cv/bsf5iivaVU6IbnfnQHZA+XQIDAQABo4ICbTCCAmkwHQYDVR0OBBYEFFO0+7yF RtSyWmOYRKnA24OAo7FKMB8GA1UdIwQYMBaAFF849BlRYWK9iG5Avakn9V3G/z5i MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGODExOS9BN0VDNTk2QzEz MzMxMUU1QjgzRDBGN0JDNEY5QUUwMi9YemowR1ZGaFlyMklia0M5cVNmMVhjYl9Q bUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1h6ajBHVkZoWXIySWJrQzlxU2YxWGNiX1BtSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjgxMTkvQTdFQzU5NkMxMzMzMTFFNUI4M0QwRjdCQzRGOUFFMDIvMTcxMTMwQUUx NUYwMTFFQzgwNUEwQTJGQzRGOUFFMDIucm9hMCwGCCsGAQUFBwEHAQH/BB0wGzAZ BAIAATATAwQCZ1nsMAsDAwDfGQMEAt8ZODANBgkqhkiG9w0BAQsFAAOCAQEAdpDJ Hf6n+7x7WfSWWU66RmeWINF7T+PBdV0a3qFJEbETU/NznLN2TD2V2q+FFhUMaxMk 1jRmSwdaSdhKPkXSJwlg4gBb3OFzChosV0zr0aWka0yuiqnk48CZQQ2cHRLmT33Z Wh3T2s1yJePriAMtvs8eznetlB9YSf2E7YIGUnw8Vxx1U4xfuSzcS0sf0wH45onT YShy81ia3hK7aRhRjfwCUW0f/+Xs0rxGnzZcRia24c/rJO8+jUa7QAO97wo3FlRp vexMiaw/8wumCtUB08Oyh+t3UPXwFMNh1X0+ynZn6VSJymFg3+qSePkcy3dd3oJx 3H6+lX9hyS/bWbDOtA== -----END CERTIFICATE-----Generated at Thu Mar 26 20:58:27 2026 by rpki-client