$ rpki-client -vvf rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/4D12993446CC11F08EB9471AC4F9AE02.roa File: 4D12993446CC11F08EB9471AC4F9AE02.roa (raw, json) Hash identifier: kZ0uphZPyCd+wbYNkHA1SsHf26EQjAMAFcs0tjZEC/Q= Subject key identifier: DB:C0:9F:AA:10:68:80:25:0D:23:A1:CC:9C:7E:5F:EC:DA:1D:6C:C1 Certificate issuer: /CN=A91590E3/serialNumber=BB976A598E5ECB05E37FAC00A5B7888E57F51C52 Certificate serial: 1991 Authority key identifier: BB:97:6A:59:8E:5E:CB:05:E3:7F:AC:00:A5:B7:88:8E:57:F5:1C:52 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u5dqWY5eywXjf6wApbeIjlf1HFI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/4D12993446CC11F08EB9471AC4F9AE02.roa Signing time: Sun 01 Mar 2026 15:30:34 +0000 ROA not before: Fri 26 Sep 2025 16:45:41 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 136948 IP address blocks: 103.99.249.0/24 maxlen: 24 103.99.250.0/24 maxlen: 24 103.99.251.0/24 maxlen: 24 2401:b640::/32 maxlen: 32 2401:b640::/48 maxlen: 48 2401:b640:1::/48 maxlen: 48 2401:b640:2::/48 maxlen: 48 2401:b640:3::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/u5dqWY5eywXjf6wApbeIjlf1HFI.crl rsync://rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/u5dqWY5eywXjf6wApbeIjlf1HFI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u5dqWY5eywXjf6wApbeIjlf1HFI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 01:39:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6545 (0x1991) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91590E3, serialNumber=BB976A598E5ECB05E37FAC00A5B7888E57F51C52 Validity Not Before: Sep 26 16:45:41 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=69a45b9a-2f98 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:53:a9:db:b6:fb:87:4e:8c:93:85:9c:26:99: bc:04:31:9c:da:59:c7:8f:35:e8:52:96:e5:f3:49: 3a:ef:0e:6e:92:9e:29:21:fe:98:2b:85:54:52:5d: ba:ea:e8:02:3d:bc:cf:1a:0c:3e:00:e6:b9:91:38: 05:0f:ce:4c:10:b3:da:d6:16:a8:7f:b6:1a:d3:48: 0d:f4:a8:46:fa:8c:36:fd:1a:9e:34:c5:01:56:97: 1d:b9:b6:0b:b6:9e:ee:1c:9e:1e:1e:7c:89:b9:cf: 60:77:fc:8d:bd:8d:22:02:93:e9:34:35:bf:86:f9: 74:ea:6b:bb:1d:ae:61:76:ed:dc:73:cf:e8:16:e0: f3:7f:87:02:2c:3b:32:42:c6:eb:27:d5:b8:e6:f4: 1d:75:cb:d7:cc:4d:c3:a9:ea:fe:a2:c3:d9:f5:50: f2:30:db:ff:bd:d5:16:07:4a:34:e2:aa:e5:54:59: 8a:26:01:75:50:7f:70:f8:b0:8a:92:c5:ac:2e:93: ca:4d:57:17:f0:13:9e:62:26:57:ff:72:bb:dd:76: 7c:d1:4d:b9:95:83:58:16:38:47:c0:2b:32:9b:4b: 79:94:eb:c0:85:5d:00:c6:1a:42:0e:29:ee:55:3f: 87:9f:bf:e2:8e:f8:81:57:3b:48:cd:bb:e9:75:41: 4a:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:C0:9F:AA:10:68:80:25:0D:23:A1:CC:9C:7E:5F:EC:DA:1D:6C:C1 X509v3 Authority Key Identifier: keyid:BB:97:6A:59:8E:5E:CB:05:E3:7F:AC:00:A5:B7:88:8E:57:F5:1C:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/u5dqWY5eywXjf6wApbeIjlf1HFI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u5dqWY5eywXjf6wApbeIjlf1HFI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/4D12993446CC11F08EB9471AC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.99.249.0-103.99.251.255 IPv6: 2401:b640::/32 Signature Algorithm: sha256WithRSAEncryption 79:f8:1c:30:34:5a:3d:d1:ac:92:26:ec:d3:45:d4:d1:64:f9: a8:7b:51:ef:65:f9:07:a2:48:2b:cf:3c:27:a4:10:58:ec:bb: fb:54:d8:53:5b:96:52:ad:77:3b:40:9a:ef:0e:32:16:03:60: 9b:4c:67:b7:5a:6f:e9:38:2a:f7:13:cc:52:c5:76:e1:64:b0: 57:4b:06:66:fb:41:f6:4b:33:09:55:fa:bb:fb:f0:8d:47:82: 1b:d3:6f:8a:5f:da:c5:46:94:eb:bf:40:3f:57:1f:d8:7a:60: 63:80:17:08:08:d2:05:0f:05:f7:e9:15:c1:4b:45:54:91:65: 71:fa:7b:15:a9:38:a0:a6:88:00:3c:f2:ac:2e:0b:a5:ab:d6: 24:11:41:9c:fc:6a:18:04:1b:2f:a1:ec:e7:94:e4:21:db:cd: b9:73:2e:39:2f:83:1a:28:35:31:7b:05:81:38:04:3c:82:67: 6c:2b:a8:63:3e:ad:37:ca:63:e2:ff:72:f4:24:5f:e5:ee:38: 7c:9b:12:a9:ce:81:33:70:d1:9f:bf:03:aa:5f:5d:a1:52:35: e4:bb:72:3c:8b:a5:f9:63:a5:b6:fd:f9:61:4a:ce:73:54:82: 1d:36:45:4d:8b:63:78:99:70:2f:06:a2:e3:e5:6d:76:dd:dd: 1a:e2:d9:06 -----BEGIN CERTIFICATE----- MIIFUzCCBDugAwIBAgICGZEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTkwRTMxMTAvBgNVBAUTKEJCOTc2QTU5OEU1RUNCMDVFMzdGQUMwMEE1Qjc4ODhF NTdGNTFDNTIwHhcNMjUwOTI2MTY0NTQxWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NWI5YS0yZjk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAo1Op27b7h06Mk4WcJpm8BDGc2lnHjzXoUpbl80k67w5ukp4pIf6YK4VUUl26 6ugCPbzPGgw+AOa5kTgFD85MELPa1haof7Ya00gN9KhG+ow2/RqeNMUBVpcdubYL tp7uHJ4eHnyJuc9gd/yNvY0iApPpNDW/hvl06mu7Ha5hdu3cc8/oFuDzf4cCLDsy QsbrJ9W45vQddcvXzE3Dqer+osPZ9VDyMNv/vdUWB0o04qrlVFmKJgF1UH9w+LCK ksWsLpPKTVcX8BOeYiZX/3K73XZ80U25lYNYFjhHwCsym0t5lOvAhV0AxhpCDinu VT+Hn7/ijviBVztIzbvpdUFKxwIDAQABo4ICdzCCAnMwHQYDVR0OBBYEFNvAn6oQ aIAlDSOhzJx+X+zaHWzBMB8GA1UdIwQYMBaAFLuXalmOXssF43+sAKW3iI5X9RxS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OTBFMy9EQTE4QjE4NDlB NDkxMUU3OUE5RjMwMzBDNEY5QUUwMi91NWRxV1k1ZXl3WGpmNndBcGJlSWpsZjFI RkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3U1ZHFXWTVleXdYamY2d0FwYmVJamxmMUhGSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTkwRTMvREExOEIxODQ5QTQ5MTFFNzlBOUYzMDMwQzRGOUFFMDIvNEQxMjk5MzQ0 NkNDMTFGMDhFQjk0NzFBQzRGOUFFMDIucm9hMDYGCCsGAQUFBwEHAQH/BCcwJTAU BAIAATAOMAwDBABnY/kDBAJnY/gwDQQCAAIwBwMFACQBtkAwDQYJKoZIhvcNAQEL BQADggEBAHn4HDA0Wj3RrJIm7NNF1NFk+ah7Ue9l+QeiSCvPPCekEFjsu/tU2FNb llKtdztAmu8OMhYDYJtMZ7dab+k4KvcTzFLFduFksFdLBmb7QfZLMwlV+rv78I1H ghvTb4pf2sVGlOu/QD9XH9h6YGOAFwgI0gUPBffpFcFLRVSRZXH6exWpOKCmiAA8 8qwuC6Wr1iQRQZz8ahgEGy+h7OeU5CHbzblzLjkvgxooNTF7BYE4BDyCZ2wrqGM+ rTfKY+L/cvQkX+XuOHybEqnOgTNw0Z+/A6pfXaFSNeS7cjyLpfljpbb9+WFKznNU gh02RU2LY3iZcC8GouPlbXbd3Rri2QY= -----END CERTIFICATE-----Generated at Mon Mar 2 18:12:50 2026 by rpki-client