$ rpki-client -vvf rpki.apnic.net/member_repository/A91275FD/E1EFD9B6DECE11E4A14F0068C4F9AE02/C4F9C4A03CCB11F0A0971A87C4F9AE02.roa File: C4F9C4A03CCB11F0A0971A87C4F9AE02.roa (raw, json) Hash identifier: 4zdkL+ubxFMiBz2EGyRhXs9bkxQDKdLzCR7waEkvP9s= Subject key identifier: 13:02:DB:E1:07:97:3D:01:A0:CF:A2:21:2B:17:12:7E:25:E2:EF:6B Certificate issuer: /CN=A91275FD/serialNumber=4E10F13F295FBF2B359C84DDD1651BC851AA8AF5 Certificate serial: 27F6 Authority key identifier: 4E:10:F1:3F:29:5F:BF:2B:35:9C:84:DD:D1:65:1B:C8:51:AA:8A:F5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ThDxPylfvys1nITd0WUbyFGqivU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91275FD/E1EFD9B6DECE11E4A14F0068C4F9AE02/C4F9C4A03CCB11F0A0971A87C4F9AE02.roa Signing time: Sun 01 Mar 2026 14:32:31 +0000 ROA not before: Thu 29 May 2025 20:31:29 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 17970 IP address blocks: 43.255.216.0/22 maxlen: 22 61.9.32.0/19 maxlen: 22 61.9.96.0/19 maxlen: 22 61.14.192.0/21 maxlen: 24 103.239.200.0/22 maxlen: 22 202.81.168.0/21 maxlen: 22 202.81.172.0/24 maxlen: 24 202.81.173.0/24 maxlen: 24 202.81.174.0/24 maxlen: 24 202.81.175.0/24 maxlen: 24 203.76.192.0/21 maxlen: 22 203.76.195.0/24 maxlen: 24 203.76.196.0/24 maxlen: 24 219.90.80.0/20 maxlen: 20 219.90.80.0/22 maxlen: 22 219.90.84.0/22 maxlen: 22 219.90.84.0/24 maxlen: 24 219.90.86.0/24 maxlen: 24 219.90.87.0/24 maxlen: 24 219.90.88.0/22 maxlen: 22 219.90.90.0/24 maxlen: 24 219.90.91.0/24 maxlen: 24 219.90.92.0/22 maxlen: 22 219.90.92.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91275FD/E1EFD9B6DECE11E4A14F0068C4F9AE02/ThDxPylfvys1nITd0WUbyFGqivU.crl rsync://rpki.apnic.net/member_repository/A91275FD/E1EFD9B6DECE11E4A14F0068C4F9AE02/ThDxPylfvys1nITd0WUbyFGqivU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ThDxPylfvys1nITd0WUbyFGqivU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 23:32:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10230 (0x27f6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91275FD, serialNumber=4E10F13F295FBF2B359C84DDD1651BC851AA8AF5 Validity Not Before: May 29 20:31:29 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=69a44dff-8c26 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:5d:7d:51:a0:42:58:45:64:fd:28:86:97:14: 78:df:a0:b7:84:14:ca:fb:64:cc:54:ce:e4:96:c8: 4e:5b:8f:eb:83:31:5c:36:fd:3a:76:05:88:58:bd: 77:ca:e0:e3:7b:5e:de:d1:99:03:27:90:d9:7b:b2: c9:8b:4f:73:de:1c:77:eb:53:1d:ea:b5:39:4a:ce: 41:a0:18:62:bc:e6:ad:be:50:89:d0:a5:57:5a:27: 48:65:b5:34:cc:10:1f:c3:c1:34:0c:96:84:55:66: dc:c7:15:7e:c1:8c:12:f5:95:9d:bc:fa:98:89:3f: 20:2f:4b:4f:3d:4b:d1:93:01:7e:15:58:ca:79:dd: 45:77:10:1e:19:25:71:82:1c:fd:cb:17:39:ee:f8: 0a:6c:2f:84:b0:db:06:02:9b:81:8d:f4:47:94:e1: 69:37:1d:79:63:97:6c:43:88:01:9a:62:e0:a5:12: 2a:ca:ae:7c:4f:a4:7b:b2:76:31:1e:c3:57:14:d1: 93:98:c7:2b:48:0a:b1:ce:a5:77:08:99:03:46:87: d8:a4:1b:a2:45:5c:46:50:88:02:55:ac:b1:e6:a3: 62:84:f1:2d:77:14:2c:82:2b:54:63:aa:f2:6a:d3: af:03:3e:f5:6c:fe:92:12:4f:4e:91:dc:eb:9a:94: 1b:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:02:DB:E1:07:97:3D:01:A0:CF:A2:21:2B:17:12:7E:25:E2:EF:6B X509v3 Authority Key Identifier: keyid:4E:10:F1:3F:29:5F:BF:2B:35:9C:84:DD:D1:65:1B:C8:51:AA:8A:F5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91275FD/E1EFD9B6DECE11E4A14F0068C4F9AE02/ThDxPylfvys1nITd0WUbyFGqivU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ThDxPylfvys1nITd0WUbyFGqivU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91275FD/E1EFD9B6DECE11E4A14F0068C4F9AE02/C4F9C4A03CCB11F0A0971A87C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.255.216.0/22 61.9.32.0/19 61.9.96.0/19 61.14.192.0/21 103.239.200.0/22 202.81.168.0/21 203.76.192.0/21 219.90.80.0/20 Signature Algorithm: sha256WithRSAEncryption 4b:ab:11:99:85:8f:41:05:2a:4d:55:e5:49:6b:89:f8:e6:cf: 2a:71:0c:8a:c2:ff:32:21:c5:fe:f6:3c:31:96:a3:2b:3f:5a: 2d:a9:ee:71:cb:19:36:c8:38:cd:79:60:74:3a:a6:24:46:00: f5:1f:94:e8:13:b3:95:66:0f:6c:92:d3:b2:73:82:6f:7f:17: f8:a4:eb:8f:2c:6a:b5:99:04:29:98:39:06:45:e4:7d:b4:37: cd:c7:6e:7d:d7:2b:72:77:39:58:c6:1d:21:c9:6d:ef:e5:1d: 5c:16:45:0a:20:9f:35:1d:3a:f6:4f:47:6f:cc:f8:18:77:90: ca:65:6c:03:0d:67:68:75:fb:b6:f6:6a:19:20:d6:26:40:84: 7f:77:4b:96:84:2f:30:17:60:3e:fa:40:de:3a:7b:42:45:86: d7:a6:a8:b0:03:2d:be:13:7e:e1:a5:0b:d2:6d:70:5d:4d:a2: 88:4d:43:93:50:5d:a6:da:2b:50:3d:22:eb:d1:99:66:b8:e7: b4:29:95:fd:9b:0d:04:17:fe:1b:23:9b:87:77:60:ca:e1:d2: d2:0c:48:d6:5f:91:a1:8f:df:df:0a:95:42:8f:43:55:5e:75: 1b:32:f9:56:1d:39:45:68:8a:8b:6a:d2:37:43:2e:4e:ad:28: e4:08:88:31 -----BEGIN CERTIFICATE----- MIIFZjCCBE6gAwIBAgICJ/YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Mjc1RkQxMTAvBgNVBAUTKDRFMTBGMTNGMjk1RkJGMkIzNTlDODREREQxNjUxQkM4 NTFBQThBRjUwHhcNMjUwNTI5MjAzMTI5WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NGRmZi04YzI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAml19UaBCWEVk/SiGlxR436C3hBTK+2TMVM7klshOW4/rgzFcNv06dgWIWL13 yuDje17e0ZkDJ5DZe7LJi09z3hx361Md6rU5Ss5BoBhivOatvlCJ0KVXWidIZbU0 zBAfw8E0DJaEVWbcxxV+wYwS9ZWdvPqYiT8gL0tPPUvRkwF+FVjKed1FdxAeGSVx ghz9yxc57vgKbC+EsNsGApuBjfRHlOFpNx15Y5dsQ4gBmmLgpRIqyq58T6R7snYx HsNXFNGTmMcrSAqxzqV3CJkDRofYpBuiRVxGUIgCVayx5qNihPEtdxQsgitUY6ry atOvAz71bP6SEk9OkdzrmpQbVQIDAQABo4ICijCCAoYwHQYDVR0OBBYEFBMC2+EH lz0BoM+iISsXEn4l4u9rMB8GA1UdIwQYMBaAFE4Q8T8pX78rNZyE3dFlG8hRqor1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNzVGRC9FMUVGRDlCNkRF Q0UxMUU0QTE0RjAwNjhDNEY5QUUwMi9UaER4UHlsZnZ5czFuSVRkMFdVYnlGR3Fp dlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1RoRHhQeWxmdnlzMW5JVGQwV1VieUZHcWl2VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Mjc1RkQvRTFFRkQ5QjZERUNFMTFFNEExNEYwMDY4QzRGOUFFMDIvQzRGOUM0QTAz Q0NCMTFGMEEwOTcxQTg3QzRGOUFFMDIucm9hMEkGCCsGAQUFBwEHAQH/BDowODA2 BAIAATAwAwQCK//YAwQFPQkgAwQFPQlgAwQDPQ7AAwQCZ+/IAwQDylGoAwQDy0zA AwQE21pQMA0GCSqGSIb3DQEBCwUAA4IBAQBLqxGZhY9BBSpNVeVJa4n45s8qcQyK wv8yIcX+9jwxlqMrP1otqe5xyxk2yDjNeWB0OqYkRgD1H5ToE7OVZg9sktOyc4Jv fxf4pOuPLGq1mQQpmDkGReR9tDfNx2591ytydzlYxh0hyW3v5R1cFkUKIJ81HTr2 T0dvzPgYd5DKZWwDDWdodfu29moZINYmQIR/d0uWhC8wF2A++kDeOntCRYbXpqiw Ay2+E37hpQvSbXBdTaKITUOTUF2m2itQPSLr0ZlmuOe0KZX9mw0EF/4bI5uHd2DK 4dLSDEjWX5Ghj9/fCpVCj0NVXnUbMvlWHTlFaIqLatI3Qy5OrSjkCIgx -----END CERTIFICATE-----Generated at Mon Mar 2 03:35:30 2026 by rpki-client