$ rpki-client -vvf rpki.apnic.net/member_repository/A91366F8/A4243970BE4A11ECB279552AC4F9AE02/591A8C06BE4D11EC8DADB22CC4F9AE02.roa File: 591A8C06BE4D11EC8DADB22CC4F9AE02.roa (raw, json) Hash identifier: kwuEtkxI8SjDfFvUJf4GMc+wWyPK1zhCxRhlUWI8rz4= Subject key identifier: 53:9C:14:52:9A:AE:2E:2F:FD:E1:95:3F:1E:6D:CE:14:D9:40:9A:12 Certificate issuer: /CN=A91366F8/serialNumber=73914D1410A1CD3F85AD1E1B0A50FF3F8BD60C10 Certificate serial: 03DD Authority key identifier: 73:91:4D:14:10:A1:CD:3F:85:AD:1E:1B:0A:50:FF:3F:8B:D6:0C:10 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c5FNFBChzT-FrR4bClD_P4vWDBA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91366F8/A4243970BE4A11ECB279552AC4F9AE02/591A8C06BE4D11EC8DADB22CC4F9AE02.roa Signing time: Sun 01 Mar 2026 17:06:31 +0000 ROA not before: Sat 13 Sep 2025 01:07:13 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 8849 IP address blocks: 103.172.116.0/23 maxlen: 24 2407:d140::/32 maxlen: 32 2407:d140::/36 maxlen: 36 2407:d140:1000::/36 maxlen: 36 2407:d140:2000::/36 maxlen: 36 2407:d140:3000::/36 maxlen: 36 2407:d140:4000::/35 maxlen: 36 2407:d140:6000::/36 maxlen: 36 2407:d140:7000::/36 maxlen: 36 2407:d140:8000::/34 maxlen: 34 2407:d140:8000::/36 maxlen: 36 2407:d140:9000::/36 maxlen: 36 2407:d140:a000::/36 maxlen: 36 2407:d140:b000::/36 maxlen: 36 2407:d140:c000::/36 maxlen: 36 2407:d140:d000::/36 maxlen: 36 2407:d140:e000::/36 maxlen: 36 2407:d140:f000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91366F8/A4243970BE4A11ECB279552AC4F9AE02/c5FNFBChzT-FrR4bClD_P4vWDBA.crl rsync://rpki.apnic.net/member_repository/A91366F8/A4243970BE4A11ECB279552AC4F9AE02/c5FNFBChzT-FrR4bClD_P4vWDBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c5FNFBChzT-FrR4bClD_P4vWDBA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:43:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 989 (0x3dd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91366F8, serialNumber=73914D1410A1CD3F85AD1E1B0A50FF3F8BD60C10 Validity Not Before: Sep 13 01:07:13 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=69a47217-c6b9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:56:03:05:7e:42:6e:90:58:1e:49:e9:fc:e9: a5:44:1d:cf:70:49:8b:b8:cb:7a:61:2c:de:02:e6: d9:7b:40:b9:63:fc:c7:f4:40:d4:9b:d5:c8:51:a2: 40:c3:c6:1e:7c:f6:e4:8b:52:a3:e3:f0:5b:2b:e7: b4:fe:3f:fa:a2:1d:c8:dc:77:fd:6a:d9:2d:37:06: 90:ae:4f:18:f4:fc:43:c3:fe:bd:5b:a7:9b:06:3b: b7:95:d5:87:6c:e0:b8:df:0b:d1:c0:d5:40:a3:92: c8:7d:88:2c:b3:1c:40:a7:47:37:9f:f2:84:76:5b: 74:33:76:98:41:19:3a:81:dc:26:8d:43:b5:3b:32: f3:3c:3a:55:6f:cb:a4:1d:c3:be:06:19:c9:35:50: 6d:60:50:47:76:0b:84:73:fd:05:f4:7d:a8:e4:29: bc:86:1d:e4:6c:ec:6e:17:3f:cd:a7:01:73:fa:9f: bc:55:7a:d4:2a:05:1b:97:e2:50:fc:13:38:fc:c9: 75:9f:16:6a:9d:94:a1:15:04:ef:a8:8b:92:ec:8f: 36:9b:10:97:58:ef:9f:c3:81:31:16:b1:c2:72:e2: e8:ae:00:70:6d:17:21:e3:0d:e1:65:2a:e3:75:2b: 4d:b5:e2:39:e5:a8:bb:2b:82:2f:98:aa:a7:be:dd: 4b:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:9C:14:52:9A:AE:2E:2F:FD:E1:95:3F:1E:6D:CE:14:D9:40:9A:12 X509v3 Authority Key Identifier: keyid:73:91:4D:14:10:A1:CD:3F:85:AD:1E:1B:0A:50:FF:3F:8B:D6:0C:10 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91366F8/A4243970BE4A11ECB279552AC4F9AE02/c5FNFBChzT-FrR4bClD_P4vWDBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c5FNFBChzT-FrR4bClD_P4vWDBA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91366F8/A4243970BE4A11ECB279552AC4F9AE02/591A8C06BE4D11EC8DADB22CC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.172.116.0/23 IPv6: 2407:d140::/32 Signature Algorithm: sha256WithRSAEncryption ca:e4:31:92:54:ad:c6:91:b9:f1:f2:16:09:28:7e:2a:21:47: 9b:c6:7e:64:92:18:14:c9:cf:3a:a8:ac:cd:2c:f7:41:5d:f0: 83:6a:6f:bf:a7:24:09:b0:fe:ce:2a:a6:d0:c5:eb:bb:2b:0a: e7:03:56:86:60:0a:28:9f:3b:1b:33:14:38:08:f0:6d:9a:be: 45:0a:bb:26:7a:a7:29:45:30:29:dc:b9:aa:20:92:95:2e:68: 50:ca:9d:ac:ff:12:a4:3e:5f:51:16:8c:f2:e9:6c:66:c6:b3: 82:06:d0:c5:d3:13:aa:ff:63:bf:59:af:85:14:0d:f4:fd:96: 26:3f:c3:9b:16:80:85:fc:57:2f:a2:9d:57:21:f7:ef:a1:e9: f3:fa:da:9e:30:19:5f:3e:f2:4f:76:15:10:97:cc:24:1d:6c: 4f:fb:2b:a2:05:9a:ea:0c:72:38:9a:29:86:e7:cd:7f:0d:b7: 54:14:02:c6:04:cd:d8:6d:9b:4e:a9:c9:08:6f:9a:82:1c:6c: 51:df:29:65:e5:09:89:b9:14:f2:8d:85:1e:33:50:bb:cc:29: 58:bf:39:00:b8:0f:4f:df:a9:91:d5:5a:63:25:e0:54:b1:1c: 58:ca:ed:78:40:f5:4c:0f:9c:27:c7:d2:2f:bd:1e:3f:52:a1: a4:ca:35:65 -----BEGIN CERTIFICATE----- MIIFSzCCBDOgAwIBAgICA90wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzY2RjgxMTAvBgNVBAUTKDczOTE0RDE0MTBBMUNEM0Y4NUFEMUUxQjBBNTBGRjNG OEJENjBDMTAwHhcNMjUwOTEzMDEwNzEzWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NzIxNy1jNmI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApFYDBX5CbpBYHknp/OmlRB3PcEmLuMt6YSzeAubZe0C5Y/zH9EDUm9XIUaJA w8YefPbki1Kj4/BbK+e0/j/6oh3I3Hf9atktNwaQrk8Y9PxDw/69W6ebBju3ldWH bOC43wvRwNVAo5LIfYgssxxAp0c3n/KEdlt0M3aYQRk6gdwmjUO1OzLzPDpVb8uk HcO+BhnJNVBtYFBHdguEc/0F9H2o5Cm8hh3kbOxuFz/NpwFz+p+8VXrUKgUbl+JQ /BM4/Ml1nxZqnZShFQTvqIuS7I82mxCXWO+fw4ExFrHCcuLorgBwbRch4w3hZSrj dStNteI55ai7K4IvmKqnvt1LMQIDAQABo4ICbzCCAmswHQYDVR0OBBYEFFOcFFKa ri4v/eGVPx5tzhTZQJoSMB8GA1UdIwQYMBaAFHORTRQQoc0/ha0eGwpQ/z+L1gwQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNjZGOC9BNDI0Mzk3MEJF NEExMUVDQjI3OTU1MkFDNEY5QUUwMi9jNUZORkJDaHpULUZyUjRiQ2xEX1A0dldE QkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2M1Rk5GQkNoelQtRnJSNGJDbERfUDR2V0RCQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzY2RjgvQTQyNDM5NzBCRTRBMTFFQ0IyNzk1NTJBQzRGOUFFMDIvNTkxQThDMDZC RTREMTFFQzhEQURCMjJDQzRGOUFFMDIucm9hMC4GCCsGAQUFBwEHAQH/BB8wHTAM BAIAATAGAwQBZ6x0MA0EAgACMAcDBQAkB9FAMA0GCSqGSIb3DQEBCwUAA4IBAQDK 5DGSVK3Gkbnx8hYJKH4qIUebxn5kkhgUyc86qKzNLPdBXfCDam+/pyQJsP7OKqbQ xeu7KwrnA1aGYAoonzsbMxQ4CPBtmr5FCrsmeqcpRTAp3LmqIJKVLmhQyp2s/xKk Pl9RFozy6WxmxrOCBtDF0xOq/2O/Wa+FFA30/ZYmP8ObFoCF/Fcvop1XIffvoenz +tqeMBlfPvJPdhUQl8wkHWxP+yuiBZrqDHI4mimG581/DbdUFALGBM3YbZtOqckI b5qCHGxR3yll5QmJuRTyjYUeM1C7zClYvzkAuA9P36mR1VpjJeBUsRxYyu14QPVM D5wnx9IvvR4/UqGkyjVl -----END CERTIFICATE-----Generated at Mon Mar 2 05:43:13 2026 by rpki-client