$ rpki-client -vvf rpki.apnic.net/member_repository/A91FF74B/094489FE32CE11EB9C143F7EC4F9AE02/4CA8BBE232CF11EBADB5497FC4F9AE02.roa File: 4CA8BBE232CF11EBADB5497FC4F9AE02.roa (raw, json) Hash identifier: HQuRdESoi7V9MH0qlb4VprCHquKyLIPG4oL00SZEHfc= Subject key identifier: D8:96:A4:F5:AD:4A:66:42:CF:87:47:2C:A0:DA:0B:BB:24:A5:4B:89 Certificate issuer: /CN=A91FF74B/serialNumber=540DDAC668D8B50C96605712195A988A1CAD9E3F Certificate serial: 0800 Authority key identifier: 54:0D:DA:C6:68:D8:B5:0C:96:60:57:12:19:5A:98:8A:1C:AD:9E:3F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VA3axmjYtQyWYFcSGVqYihytnj8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FF74B/094489FE32CE11EB9C143F7EC4F9AE02/4CA8BBE232CF11EBADB5497FC4F9AE02.roa Signing time: Mon 02 Mar 2026 05:17:32 +0000 ROA not before: Tue 11 Nov 2025 13:41:46 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 56201 IP address blocks: 103.84.216.0/23 maxlen: 23 103.84.216.0/24 maxlen: 24 103.84.217.0/24 maxlen: 24 103.84.218.0/23 maxlen: 23 103.84.218.0/24 maxlen: 24 103.84.219.0/24 maxlen: 24 103.89.74.0/23 maxlen: 23 103.89.74.0/24 maxlen: 24 103.89.75.0/24 maxlen: 24 103.117.158.0/23 maxlen: 23 103.117.158.0/24 maxlen: 24 103.117.159.0/24 maxlen: 24 2001:df0:217::/48 maxlen: 48 2400:6d20::/47 maxlen: 47 2400:6d20::/48 maxlen: 48 2400:6d20:1::/48 maxlen: 48 2400:6d20:2::/47 maxlen: 47 2400:6d20:2::/48 maxlen: 48 2400:6d20:3::/48 maxlen: 48 2400:6d20:10::/47 maxlen: 47 2400:6d20:12::/47 maxlen: 47 2400:6d20:fc00::/47 maxlen: 47 2400:6d20:fc02::/47 maxlen: 47 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FF74B/094489FE32CE11EB9C143F7EC4F9AE02/VA3axmjYtQyWYFcSGVqYihytnj8.crl rsync://rpki.apnic.net/member_repository/A91FF74B/094489FE32CE11EB9C143F7EC4F9AE02/VA3axmjYtQyWYFcSGVqYihytnj8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VA3axmjYtQyWYFcSGVqYihytnj8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 02 Apr 2026 05:36:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2048 (0x800) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FF74B, serialNumber=540DDAC668D8B50C96605712195A988A1CAD9E3F Validity Not Before: Nov 11 13:41:46 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=69a51d6b-5cbf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:a5:0a:d5:7b:87:c7:60:ca:bb:fd:6c:b4:d1: 88:c6:41:24:79:b7:6a:12:4c:35:d3:bd:c0:a2:5e: 7d:df:9c:ee:d1:ca:42:d4:3c:25:ba:c0:14:82:1c: b6:59:01:be:8f:7c:7f:04:42:e3:67:f1:d5:a5:47: da:38:bb:ad:3c:3c:73:09:44:75:7e:67:ed:94:06: d7:61:8e:3d:85:fc:85:a2:99:60:c3:d9:01:ab:d7: 2f:1e:1d:eb:8f:72:8a:6a:aa:38:9e:72:25:76:90: 15:0f:f8:43:60:97:3e:cf:35:4a:8d:a2:a4:6a:ab: 37:40:4e:1e:97:01:81:78:53:a0:a7:b5:4f:4f:5a: 36:c6:c4:c9:35:06:ae:23:ac:44:b0:86:2d:f5:8a: aa:2a:78:d7:46:50:28:bb:48:f3:01:f2:d4:51:0e: 3f:b7:42:92:d2:03:a2:07:1a:8c:65:0e:cd:d5:a9: 1b:9c:8c:13:57:5e:d0:0f:ce:79:85:91:37:8c:fd: 87:26:42:95:0a:29:75:5e:d3:fb:2a:cc:b2:18:37: 97:8b:f2:b0:60:b2:b8:4f:60:b7:bd:1c:c4:3b:78: 70:52:a1:29:18:06:19:83:27:b4:1b:c3:9c:0e:d8: c2:69:c9:8b:53:53:3b:44:f8:60:a9:5f:28:91:56: 53:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:96:A4:F5:AD:4A:66:42:CF:87:47:2C:A0:DA:0B:BB:24:A5:4B:89 X509v3 Authority Key Identifier: keyid:54:0D:DA:C6:68:D8:B5:0C:96:60:57:12:19:5A:98:8A:1C:AD:9E:3F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FF74B/094489FE32CE11EB9C143F7EC4F9AE02/VA3axmjYtQyWYFcSGVqYihytnj8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VA3axmjYtQyWYFcSGVqYihytnj8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FF74B/094489FE32CE11EB9C143F7EC4F9AE02/4CA8BBE232CF11EBADB5497FC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.84.216.0/22 103.89.74.0/23 103.117.158.0/23 IPv6: 2001:df0:217::/48 2400:6d20::/46 2400:6d20:10::/46 2400:6d20:fc00::/46 Signature Algorithm: sha256WithRSAEncryption 67:54:2b:a0:24:b8:30:86:4d:01:e6:70:36:ec:25:06:57:00: 24:03:c1:8e:30:9f:ed:2f:c0:b1:84:1d:80:2b:22:16:55:b9: e3:c4:fa:53:c3:7e:03:4f:fa:ef:40:25:fa:1b:eb:c6:e5:3c: af:0d:a9:5a:50:c5:27:e2:b7:63:17:89:9b:8c:4b:e5:e8:44: 6d:21:ba:39:02:74:92:86:35:c5:06:a6:6f:89:36:68:9a:eb: 68:f8:d6:bb:d3:c7:76:5e:1c:b2:39:83:9d:61:04:db:de:2b: e4:e4:94:52:93:42:0a:71:5d:4f:44:17:2c:b5:a9:99:4b:f4: 8f:99:8f:fe:fe:a9:3b:b6:1f:3e:21:88:83:07:01:88:02:b4: b5:a4:45:e9:1e:f4:23:f3:b8:bb:51:b1:cb:37:6f:3e:32:70: 7a:ec:97:e1:d8:d8:e4:bb:aa:f0:ce:47:b5:56:35:fe:8a:78: cf:5d:e7:4b:e7:35:f0:7a:41:34:8d:8b:11:96:d0:56:87:f0: e8:07:b9:75:bb:cc:a0:78:a9:32:4e:e8:0f:37:da:cb:bb:c1: 57:79:0a:7d:3e:7b:8c:45:1c:25:d2:8c:67:06:7a:6f:6b:ee: 79:67:da:6c:83:95:42:b2:2a:a5:af:da:0a:c2:33:bc:23:d8: 00:8f:86:07 -----BEGIN CERTIFICATE----- MIIFdDCCBFygAwIBAgICCAAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkY3NEIxMTAvBgNVBAUTKDU0MEREQUM2NjhEOEI1MEM5NjYwNTcxMjE5NUE5ODhB MUNBRDlFM0YwHhcNMjUxMTExMTM0MTQ2WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE1MWQ2Yi01Y2JmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAi6UK1XuHx2DKu/1stNGIxkEkebdqEkw1073Aol5935zu0cpC1DwlusAUghy2 WQG+j3x/BELjZ/HVpUfaOLutPDxzCUR1fmftlAbXYY49hfyFoplgw9kBq9cvHh3r j3KKaqo4nnIldpAVD/hDYJc+zzVKjaKkaqs3QE4elwGBeFOgp7VPT1o2xsTJNQau I6xEsIYt9YqqKnjXRlAou0jzAfLUUQ4/t0KS0gOiBxqMZQ7N1akbnIwTV17QD855 hZE3jP2HJkKVCil1XtP7KsyyGDeXi/KwYLK4T2C3vRzEO3hwUqEpGAYZgye0G8Oc DtjCacmLU1M7RPhgqV8okVZTnQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFNiWpPWt SmZCz4dHLKDaC7skpUuJMB8GA1UdIwQYMBaAFFQN2sZo2LUMlmBXEhlamIocrZ4/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRjc0Qi8wOTQ0ODlGRTMy Q0UxMUVCOUMxNDNGN0VDNEY5QUUwMi9WQTNheG1qWXRReVdZRmNTR1ZxWWloeXRu ajguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1ZBM2F4bWpZdFF5V1lGY1NHVnFZaWh5dG5qOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RkY3NEIvMDk0NDg5RkUzMkNFMTFFQjlDMTQzRjdFQzRGOUFFMDIvNENBOEJCRTIz MkNGMTFFQkFEQjU0OTdGQzRGOUFFMDIucm9hMFcGCCsGAQUFBwEHAQH/BEgwRjAY BAIAATASAwQCZ1TYAwQBZ1lKAwQBZ3WeMCoEAgACMCQDBwAgAQ3wAhcDBwIkAG0g AAADBwIkAG0gABADBwIkAG0g/AAwDQYJKoZIhvcNAQELBQADggEBAGdUK6AkuDCG TQHmcDbsJQZXACQDwY4wn+0vwLGEHYArIhZVuePE+lPDfgNP+u9AJfob68blPK8N qVpQxSfit2MXiZuMS+XoRG0hujkCdJKGNcUGpm+JNmia62j41rvTx3ZeHLI5g51h BNveK+TklFKTQgpxXU9EFyy1qZlL9I+Zj/7+qTu2Hz4hiIMHAYgCtLWkReke9CPz uLtRscs3bz4ycHrsl+HY2OS7qvDOR7VWNf6KeM9d50vnNfB6QTSNixGW0FaH8OgH uXW7zKB4qTJO6A832su7wVd5Cn0+e4xFHCXSjGcGem9r7nln2myDlUKyKqWv2grC M7wj2ACPhgc= -----END CERTIFICATE-----Generated at Thu Mar 26 14:20:43 2026 by rpki-client