$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/0FB07E54D28311EDB1655152C4F9AE02.roa File: 0FB07E54D28311EDB1655152C4F9AE02.roa (raw, json) Hash identifier: 3IlwneiT3OIjV7tuhT2g5I0grdOyE91JkHSLmUB2BEY= Subject key identifier: 9C:B7:71:2E:2E:D8:BC:9A:23:3F:2F:93:31:AA:28:4C:CC:A5:20:06 Certificate issuer: /CN=A91FDD4D/serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Certificate serial: 2259 Authority key identifier: 72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/0FB07E54D28311EDB1655152C4F9AE02.roa Signing time: Wed 04 Mar 2026 16:19:36 +0000 ROA not before: Wed 04 Mar 2026 16:19:36 +0000 ROA not after: Sat 01 May 2027 00:00:00 +0000 asID: 137549 IP address blocks: 43.230.176.0/22 maxlen: 24 103.80.120.0/22 maxlen: 22 103.80.120.0/23 maxlen: 23 103.80.122.0/23 maxlen: 23 103.100.28.0/22 maxlen: 24 103.226.104.0/22 maxlen: 24 116.206.184.0/22 maxlen: 24 202.40.0.0/22 maxlen: 24 2401:b740::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 15:49:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8793 (0x2259) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FDD4D, serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Validity Not Before: Mar 4 16:19:36 2026 GMT Not After : May 1 00:00:00 2027 GMT Subject: CN=69a85b98-1eb6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:a2:0e:3a:3a:4d:ca:f3:7a:67:63:2e:ba:ca: ef:e2:6e:8d:11:fc:4f:42:8c:bb:b2:f4:12:b7:fb: d8:4f:a2:55:67:36:cb:bd:37:9f:0f:44:4d:b8:05: d6:91:2d:0b:31:74:56:28:ab:3f:33:27:e6:6d:55: 49:f0:9d:57:7d:98:cd:a1:6a:64:d5:71:bf:00:29: 52:06:9a:9a:92:a7:e6:34:b6:d8:a1:df:3c:d5:e8: d3:ed:a3:ef:3a:fd:e9:86:0a:47:5f:e3:6c:a6:45: d6:40:30:84:9f:8b:34:77:8f:e0:65:95:6e:43:69: 0b:77:eb:ee:3e:4a:88:44:22:91:e1:21:15:08:6a: de:6d:bb:e1:a1:de:98:b4:08:55:33:9a:aa:5c:33: 59:39:28:4c:32:c5:21:ed:6d:15:ee:bd:88:89:60: c0:61:43:bc:f0:60:71:e2:29:b4:bd:d4:d6:de:43: 9a:d4:83:d2:49:f1:f1:f3:55:8e:ff:23:26:7a:a3: 9b:e9:c8:60:eb:ed:24:7b:f7:26:7c:f5:d7:09:f9: cd:f6:45:43:73:2e:96:9e:ae:a5:54:41:73:e8:57: cc:26:aa:4b:c2:55:57:4b:95:dc:11:28:8c:72:1b: 9e:80:80:f7:77:a6:20:c6:c9:49:26:7b:60:b2:04: 1d:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:B7:71:2E:2E:D8:BC:9A:23:3F:2F:93:31:AA:28:4C:CC:A5:20:06 X509v3 Authority Key Identifier: keyid:72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/0FB07E54D28311EDB1655152C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.230.176.0/22 103.80.120.0/22 103.100.28.0/22 103.226.104.0/22 116.206.184.0/22 202.40.0.0/22 IPv6: 2401:b740::/32 Signature Algorithm: sha256WithRSAEncryption 09:c9:eb:f6:4f:a6:5b:26:ca:03:36:ac:62:7e:f7:95:da:c0: 99:f2:77:27:24:94:cf:1e:e1:ae:e4:a1:35:1f:a8:4f:7e:87: 4e:09:06:eb:a1:ac:45:82:71:81:5d:41:eb:be:27:aa:dc:b9: f0:33:cd:66:7e:da:84:51:f5:be:9a:5b:fc:ff:36:76:4c:e6: 1d:a7:91:8b:17:b7:af:70:64:52:44:53:37:47:df:0e:f6:15: a2:bf:44:1f:58:cf:cb:e0:d6:09:a7:b9:bd:16:fa:a0:7b:34: 29:b6:de:c0:3b:b6:90:f7:17:48:08:70:82:99:23:84:14:a2: 15:c9:79:e8:26:f0:ae:60:03:f2:21:19:2e:bd:cf:9f:c9:fb: 5c:8c:73:22:5a:da:33:5a:bc:2c:ad:e5:56:8a:fb:0f:70:c1: 91:3f:b7:6a:d7:e2:af:10:75:f7:b4:9a:5f:79:55:f2:de:d8: 01:ee:85:4f:19:57:25:48:be:89:bc:79:52:01:2d:fc:1d:a4: 68:92:d9:29:df:b0:4f:94:f1:f2:70:d4:96:d6:d9:d3:05:3f: 4f:ac:55:3c:c2:7d:bd:8c:f8:0d:5c:df:32:24:b9:92:8b:fd: 69:3d:57:ac:00:e9:e8:72:61:cb:98:a6:ba:68:56:1a:0b:c8: d3:8b:a6:f0 -----BEGIN CERTIFICATE----- MIIFaTCCBFGgAwIBAgICIlkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkRENEQxMTAvBgNVBAUTKDcyQUZCQUVCQzlFQ0REQTJFRUQyRDQ5QjEzRTYwNDhF QTNFNDFFNjAwHhcNMjYwMzA0MTYxOTM2WhcNMjcwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE4NWI5OC0xZWI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv6IOOjpNyvN6Z2Muusrv4m6NEfxPQoy7svQSt/vYT6JVZzbLvTefD0RNuAXW kS0LMXRWKKs/MyfmbVVJ8J1XfZjNoWpk1XG/AClSBpqakqfmNLbYod881ejT7aPv Ov3phgpHX+NspkXWQDCEn4s0d4/gZZVuQ2kLd+vuPkqIRCKR4SEVCGrebbvhod6Y tAhVM5qqXDNZOShMMsUh7W0V7r2IiWDAYUO88GBx4im0vdTW3kOa1IPSSfHx81WO /yMmeqOb6chg6+0ke/cmfPXXCfnN9kVDcy6Wnq6lVEFz6FfMJqpLwlVXS5XcESiM chuegID3d6YgxslJJntgsgQdSQIDAQABo4ICjTCCAokwHQYDVR0OBBYEFJy3cS4u 2LyaIz8vkzGqKEzMpSAGMB8GA1UdIwQYMBaAFHKvuuvJ7N2i7tLUmxPmBI6j5B5g MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREQ0RC9CQUUxMDhDNEVB NjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNhTHUwdFNiRS1ZRWpxUGtI bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NxLTY2OG5zM2FMdTB0U2JFLVlFanFQa0htQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RkRENEQvQkFFMTA4QzRFQTYwMTFFNTg4MTU3NzBDQzRGOUFFMDIvMEZCMDdFNTRE MjgzMTFFREIxNjU1MTUyQzRGOUFFMDIucm9hMEwGCCsGAQUFBwEHAQH/BD0wOzAq BAIAATAkAwQCK+awAwQCZ1B4AwQCZ2QcAwQCZ+JoAwQCdM64AwQCyigAMA0EAgAC MAcDBQAkAbdAMA0GCSqGSIb3DQEBCwUAA4IBAQAJyev2T6ZbJsoDNqxifveV2sCZ 8ncnJJTPHuGu5KE1H6hPfodOCQbroaxFgnGBXUHrvieq3LnwM81mftqEUfW+mlv8 /zZ2TOYdp5GLF7evcGRSRFM3R98O9hWiv0QfWM/L4NYJp7m9FvqgezQptt7AO7aQ 9xdICHCCmSOEFKIVyXnoJvCuYAPyIRkuvc+fyftcjHMiWtozWrwsreVWivsPcMGR P7dq1+KvEHX3tJpfeVXy3tgB7oVPGVclSL6JvHlSAS38HaRoktkp37BPlPHycNSW 1tnTBT9PrFU8wn29jPgNXN8yJLmSi/1pPVesAOnocmHLmKa6aFYaC8jTi6bw -----END CERTIFICATE-----Generated at Thu Mar 26 08:47:40 2026 by rpki-client