$ rpki-client -vvf rpki.apnic.net/member_repository/A91452AC/A48D5966BB3E11EAA29EE321C4F9AE02/72E60DEA3CC911EDA5EBD21DC4F9AE02.roa File: 72E60DEA3CC911EDA5EBD21DC4F9AE02.roa (raw, json) Hash identifier: z5nXpQYggF7FtxvjRhPO50T8ACMAQ3fNgZEPR5O1d4k= Subject key identifier: 6A:72:A3:A2:67:64:23:2A:A8:0D:D3:28:03:BB:2B:54:95:A3:C9:00 Certificate issuer: /CN=A91452AC/serialNumber=36D77E9243ABBA2FD5496A291830B7D38B0BCBC4 Certificate serial: 0964 Authority key identifier: 36:D7:7E:92:43:AB:BA:2F:D5:49:6A:29:18:30:B7:D3:8B:0B:CB:C4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ntd-kkOrui_VSWopGDC304sLy8Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91452AC/A48D5966BB3E11EAA29EE321C4F9AE02/72E60DEA3CC911EDA5EBD21DC4F9AE02.roa Signing time: Sun 01 Mar 2026 17:10:58 +0000 ROA not before: Tue 04 Nov 2025 20:39:33 +0000 ROA not after: Sun 31 Jan 2027 00:00:00 +0000 asID: 133115 IP address blocks: 43.249.28.0/24 maxlen: 24 43.249.29.0/24 maxlen: 24 43.249.30.0/24 maxlen: 24 43.249.31.0/24 maxlen: 24 103.43.160.0/24 maxlen: 24 103.43.161.0/24 maxlen: 24 103.243.180.0/24 maxlen: 24 103.243.181.0/24 maxlen: 24 103.243.182.0/24 maxlen: 24 103.243.183.0/24 maxlen: 24 202.43.238.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91452AC/A48D5966BB3E11EAA29EE321C4F9AE02/Ntd-kkOrui_VSWopGDC304sLy8Q.crl rsync://rpki.apnic.net/member_repository/A91452AC/A48D5966BB3E11EAA29EE321C4F9AE02/Ntd-kkOrui_VSWopGDC304sLy8Q.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ntd-kkOrui_VSWopGDC304sLy8Q.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 02:29:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2404 (0x964) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91452AC, serialNumber=36D77E9243ABBA2FD5496A291830B7D38B0BCBC4 Validity Not Before: Nov 4 20:39:33 2025 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=69a47322-246d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:ce:01:84:3a:57:02:c3:a2:dd:cf:84:d3:54: 40:05:e8:22:97:d4:57:27:16:bd:86:e9:f0:ce:53: 9d:19:1c:63:ea:de:98:97:aa:87:3b:0d:9d:b1:db: d1:1b:9b:a0:62:bb:ed:12:83:c0:b0:38:3f:f8:4a: 9f:fd:c0:b1:b9:5c:65:d0:53:14:58:7f:e4:b4:ef: ce:b0:16:a2:69:5c:a8:48:a3:00:5e:d4:c2:09:96: 32:cd:d0:81:5b:b0:ba:fe:51:08:8a:21:a0:29:ee: ce:bf:e6:24:03:90:b2:67:83:f1:70:8c:4f:51:13: 9a:16:74:e1:5a:2c:a1:f0:95:b2:29:90:b7:5c:e9: ea:a3:c0:66:24:fe:9a:80:c4:bf:b2:19:9b:d4:4b: 41:a2:d5:22:6f:55:29:84:f9:da:e3:ad:4f:de:b5: 7d:a5:3b:57:c0:91:e8:6a:70:c6:91:ac:de:73:b2: 01:3c:26:1a:9a:5f:ad:eb:24:f0:16:e5:d8:2a:84: ae:41:6c:85:cb:b8:e7:4b:19:ce:fa:45:e2:9d:a6: 66:e0:e4:7e:92:58:0e:b0:fb:31:c9:3c:61:6e:98: 1b:87:8d:5b:66:e6:e6:01:f1:c2:13:b2:4a:31:0e: 1c:1d:53:9c:67:64:c4:1d:82:6a:e4:64:7c:db:b6: c6:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:72:A3:A2:67:64:23:2A:A8:0D:D3:28:03:BB:2B:54:95:A3:C9:00 X509v3 Authority Key Identifier: keyid:36:D7:7E:92:43:AB:BA:2F:D5:49:6A:29:18:30:B7:D3:8B:0B:CB:C4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91452AC/A48D5966BB3E11EAA29EE321C4F9AE02/Ntd-kkOrui_VSWopGDC304sLy8Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ntd-kkOrui_VSWopGDC304sLy8Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91452AC/A48D5966BB3E11EAA29EE321C4F9AE02/72E60DEA3CC911EDA5EBD21DC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.249.28.0/22 103.43.160.0/23 103.243.180.0/22 202.43.238.0/24 Signature Algorithm: sha256WithRSAEncryption 21:0d:9c:fc:11:36:0b:ef:11:63:cd:f0:8f:79:63:2e:06:4b: e1:90:25:c9:e0:f7:2f:9e:77:dc:a2:07:97:54:c1:1b:bf:60: 77:08:17:b3:b7:9d:af:79:66:f4:38:e0:63:25:30:34:15:59: a9:5c:b2:12:7a:13:b6:ea:c8:ca:2d:f0:1e:47:6c:36:7e:22: c7:48:7c:ed:c6:2c:b3:34:c9:f2:1a:63:52:4b:95:08:fb:a9: fa:6d:dd:ed:c0:60:4b:a4:8b:2b:1b:79:7c:b4:1b:60:07:33: b5:69:f7:8d:b4:d9:fc:e5:70:33:fd:bf:cb:14:f5:5d:c4:5f: cc:ff:d8:cb:40:4d:8e:b3:9f:67:25:12:65:61:4e:4f:d8:9d: 5a:79:ee:70:35:17:3c:3d:0b:9c:31:4b:6b:08:ef:93:27:a4: 19:87:3b:bd:03:4e:67:1f:af:f6:09:59:b1:8c:37:08:b9:12: 57:4e:d9:7c:05:72:11:61:05:3f:9b:22:43:95:dd:a1:ac:08: f9:45:9f:2b:a7:9c:de:d7:69:24:63:fd:f5:f4:b6:3b:78:92: ca:c2:77:77:ed:4d:16:52:9a:c7:24:0c:8a:6f:50:ad:e2:fa: 38:2b:0c:03:8b:fd:3e:cb:5b:b7:7e:53:ae:6f:0d:df:e6:ce: 48:e9:10:ac -----BEGIN CERTIFICATE----- MIIFTjCCBDagAwIBAgICCWQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDUyQUMxMTAvBgNVBAUTKDM2RDc3RTkyNDNBQkJBMkZENTQ5NkEyOTE4MzBCN0Qz OEIwQkNCQzQwHhcNMjUxMTA0MjAzOTMzWhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NzMyMi0yNDZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAic4BhDpXAsOi3c+E01RABegil9RXJxa9hunwzlOdGRxj6t6Yl6qHOw2dsdvR G5ugYrvtEoPAsDg/+Eqf/cCxuVxl0FMUWH/ktO/OsBaiaVyoSKMAXtTCCZYyzdCB W7C6/lEIiiGgKe7Ov+YkA5CyZ4PxcIxPUROaFnThWiyh8JWyKZC3XOnqo8BmJP6a gMS/shmb1EtBotUib1UphPna461P3rV9pTtXwJHoanDGkazec7IBPCYaml+t6yTw FuXYKoSuQWyFy7jnSxnO+kXinaZm4OR+klgOsPsxyTxhbpgbh41bZubmAfHCE7JK MQ4cHVOcZ2TEHYJq5GR827bGbwIDAQABo4ICcjCCAm4wHQYDVR0OBBYEFGpyo6Jn ZCMqqA3TKAO7K1SVo8kAMB8GA1UdIwQYMBaAFDbXfpJDq7ov1UlqKRgwt9OLC8vE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTJBQy9BNDhENTk2NkJC M0UxMUVBQTI5RUUzMjFDNEY5QUUwMi9OdGQta2tPcnVpX1ZTV29wR0RDMzA0c0x5 OFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL050ZC1ra09ydWlfVlNXb3BHREMzMDRzTHk4US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDUyQUMvQTQ4RDU5NjZCQjNFMTFFQUEyOUVFMzIxQzRGOUFFMDIvNzJFNjBERUEz Q0M5MTFFREE1RUJEMjFEQzRGOUFFMDIucm9hMDEGCCsGAQUFBwEHAQH/BCIwIDAe BAIAATAYAwQCK/kcAwQBZyugAwQCZ/O0AwQAyivuMA0GCSqGSIb3DQEBCwUAA4IB AQAhDZz8ETYL7xFjzfCPeWMuBkvhkCXJ4PcvnnfcogeXVMEbv2B3CBezt52veWb0 OOBjJTA0FVmpXLISehO26sjKLfAeR2w2fiLHSHztxiyzNMnyGmNSS5UI+6n6bd3t wGBLpIsrG3l8tBtgBzO1afeNtNn85XAz/b/LFPVdxF/M/9jLQE2Os59nJRJlYU5P 2J1aee5wNRc8PQucMUtrCO+TJ6QZhzu9A05nH6/2CVmxjDcIuRJXTtl8BXIRYQU/ myJDld2hrAj5RZ8rp5ze12kkY/319LY7eJLKwnd37U0WUprHJAyKb1Ct4vo4KwwD i/0+y1u3flOubw3f5s5I6RCs -----END CERTIFICATE-----Generated at Mon Mar 2 15:35:05 2026 by rpki-client