$ rpki-client -vvf rpki.apnic.net/member_repository/A91594AE/3D8B8C4852B511EAA4A9D20EC4F9AE02/38CAF4EC52B911EAACE8041BC4F9AE02.roa File: 38CAF4EC52B911EAACE8041BC4F9AE02.roa (raw, json) Hash identifier: 2kchKpo2ef+tq0KVzYBizBB1nwWONKOXgZleTuR8Mw8= Subject key identifier: 40:15:A4:E4:B1:CD:2C:4B:9E:78:62:D0:37:FF:B2:8A:78:D2:56:A1 Certificate issuer: /CN=A91594AE/serialNumber=CDA47E0A1EEB525F3B5A0FAFB2FA0DBB363BFA4D Certificate serial: 0B4A Authority key identifier: CD:A4:7E:0A:1E:EB:52:5F:3B:5A:0F:AF:B2:FA:0D:BB:36:3B:FA:4D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zaR-Ch7rUl87Wg-vsvoNuzY7-k0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91594AE/3D8B8C4852B511EAA4A9D20EC4F9AE02/38CAF4EC52B911EAACE8041BC4F9AE02.roa Signing time: Sun 01 Mar 2026 09:27:25 +0000 ROA not before: Fri 02 May 2025 20:00:39 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 45665 IP address blocks: 103.209.244.0/22 maxlen: 24 203.10.3.0/24 maxlen: 24 203.11.75.0/24 maxlen: 24 203.11.218.0/24 maxlen: 24 2001:df0:71::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91594AE/3D8B8C4852B511EAA4A9D20EC4F9AE02/zaR-Ch7rUl87Wg-vsvoNuzY7-k0.crl rsync://rpki.apnic.net/member_repository/A91594AE/3D8B8C4852B511EAA4A9D20EC4F9AE02/zaR-Ch7rUl87Wg-vsvoNuzY7-k0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zaR-Ch7rUl87Wg-vsvoNuzY7-k0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 03:08:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2890 (0xb4a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91594AE, serialNumber=CDA47E0A1EEB525F3B5A0FAFB2FA0DBB363BFA4D Validity Not Before: May 2 20:00:39 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=69a4067d-164f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:34:4b:f8:6e:5b:98:35:a7:68:58:1b:25:ec: 36:ee:8c:a0:ef:0f:97:6b:a0:ce:75:f6:42:c4:00: 70:99:13:70:a2:76:97:d7:a2:6d:f7:70:c9:14:22: 85:fd:2b:c4:d1:cb:6b:f2:2b:c3:40:b2:1f:45:f3: a9:e5:48:62:71:a1:a2:ee:29:ca:54:2e:75:01:d8: 2b:9c:ee:04:f7:35:12:11:a5:be:f5:77:5a:e0:8a: a3:86:3a:c8:7a:f1:87:34:8c:37:2f:77:3b:97:10: d9:fd:56:aa:80:95:d8:2b:12:f4:43:8a:73:6b:01: d2:10:be:29:39:98:8e:46:c4:05:cb:d2:4f:fd:f3: 35:61:38:30:42:10:41:46:23:7c:4a:f1:68:22:d7: 01:fe:29:68:fa:d5:76:fc:19:71:68:e5:c3:d8:df: 50:d7:b3:70:c2:34:ff:19:e1:6e:44:0e:4e:ec:74: 39:45:5f:99:4c:d7:c6:2c:f7:46:43:7c:06:ed:d5: 73:db:1a:18:83:ad:6d:89:52:80:d0:d2:2c:e9:b6: 84:00:bf:d5:2a:dd:0b:83:aa:4c:db:e6:34:17:7f: d5:ba:a5:eb:7e:5d:1e:32:f4:b3:8a:3b:83:f4:55: 29:cb:76:e5:da:06:d9:d2:86:c1:8d:cc:74:c4:3a: 80:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:15:A4:E4:B1:CD:2C:4B:9E:78:62:D0:37:FF:B2:8A:78:D2:56:A1 X509v3 Authority Key Identifier: keyid:CD:A4:7E:0A:1E:EB:52:5F:3B:5A:0F:AF:B2:FA:0D:BB:36:3B:FA:4D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91594AE/3D8B8C4852B511EAA4A9D20EC4F9AE02/zaR-Ch7rUl87Wg-vsvoNuzY7-k0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zaR-Ch7rUl87Wg-vsvoNuzY7-k0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91594AE/3D8B8C4852B511EAA4A9D20EC4F9AE02/38CAF4EC52B911EAACE8041BC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.209.244.0/22 203.10.3.0/24 203.11.75.0/24 203.11.218.0/24 IPv6: 2001:df0:71::/48 Signature Algorithm: sha256WithRSAEncryption 5e:4a:fa:61:29:7d:d6:51:ae:47:21:5e:6c:23:3e:5d:47:45: 74:4b:30:1a:16:d5:47:46:b8:80:11:a2:53:02:11:6c:6b:d9: e7:db:23:96:41:38:85:99:86:c4:64:db:61:28:21:34:6a:c6: be:71:5a:94:c6:08:8a:61:97:91:37:cd:18:b1:f6:bc:e7:c6: 3c:b8:e7:47:f7:a8:81:40:ae:e5:a2:f4:61:d6:39:bc:78:e3: 5e:41:1e:34:70:5c:07:72:b0:87:32:47:a5:d3:d1:2a:20:29: 7f:ec:40:a7:59:76:eb:77:2f:58:bf:de:5e:a1:db:a2:7f:77: 24:61:2f:14:e9:31:8e:f7:ef:b4:ea:b4:94:82:ae:63:b3:8a: 13:dd:92:a2:8c:c9:1c:be:c8:7c:f2:ab:e2:cc:98:6e:b7:a3: f7:49:19:25:e0:7d:14:42:af:76:79:cf:8f:b7:da:e6:41:74: ba:71:82:22:0c:2c:50:67:36:ce:72:b5:39:6e:bb:0d:00:3d: 9a:63:08:2d:2b:ca:ed:4d:48:da:fe:f1:88:d6:38:97:bb:83: bc:9a:d2:e4:ca:18:42:62:5d:24:c5:30:6d:2c:8f:9b:44:7e: 24:b4:5c:7b:9d:41:c0:35:25:ad:31:f7:99:1e:b7:20:bc:62: 86:e8:d0:bc -----BEGIN CERTIFICATE----- MIIFXzCCBEegAwIBAgICC0owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTk0QUUxMTAvBgNVBAUTKENEQTQ3RTBBMUVFQjUyNUYzQjVBMEZBRkIyRkEwREJC MzYzQkZBNEQwHhcNMjUwNTAyMjAwMDM5WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MDY3ZC0xNjRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoDRL+G5bmDWnaFgbJew27oyg7w+Xa6DOdfZCxABwmRNwonaX16Jt93DJFCKF /SvE0ctr8ivDQLIfRfOp5UhicaGi7inKVC51AdgrnO4E9zUSEaW+9Xda4IqjhjrI evGHNIw3L3c7lxDZ/VaqgJXYKxL0Q4pzawHSEL4pOZiORsQFy9JP/fM1YTgwQhBB RiN8SvFoItcB/ilo+tV2/BlxaOXD2N9Q17NwwjT/GeFuRA5O7HQ5RV+ZTNfGLPdG Q3wG7dVz2xoYg61tiVKA0NIs6baEAL/VKt0Lg6pM2+Y0F3/VuqXrfl0eMvSzijuD 9FUpy3bl2gbZ0obBjcx0xDqAFQIDAQABo4ICgzCCAn8wHQYDVR0OBBYEFEAVpOSx zSxLnnhi0Df/sop40lahMB8GA1UdIwQYMBaAFM2kfgoe61JfO1oPr7L6Dbs2O/pN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OTRBRS8zRDhCOEM0ODUy QjUxMUVBQTRBOUQyMEVDNEY5QUUwMi96YVItQ2g3clVsODdXZy12c3ZvTnV6WTct azAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3phUi1DaDdyVWw4N1dnLXZzdm9OdXpZNy1rMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTk0QUUvM0Q4QjhDNDg1MkI1MTFFQUE0QTlEMjBFQzRGOUFFMDIvMzhDQUY0RUM1 MkI5MTFFQUFDRTgwNDFCQzRGOUFFMDIucm9hMEIGCCsGAQUFBwEHAQH/BDMwMTAe BAIAATAYAwQCZ9H0AwQAywoDAwQAywtLAwQAywvaMA8EAgACMAkDBwAgAQ3wAHEw DQYJKoZIhvcNAQELBQADggEBAF5K+mEpfdZRrkchXmwjPl1HRXRLMBoW1UdGuIAR olMCEWxr2efbI5ZBOIWZhsRk22EoITRqxr5xWpTGCIphl5E3zRix9rznxjy450f3 qIFAruWi9GHWObx4415BHjRwXAdysIcyR6XT0SogKX/sQKdZdut3L1i/3l6h26J/ dyRhLxTpMY7377TqtJSCrmOzihPdkqKMyRy+yHzyq+LMmG63o/dJGSXgfRRCr3Z5 z4+32uZBdLpxgiIMLFBnNs5ytTluuw0APZpjCC0ryu1NSNr+8YjWOJe7g7ya0uTK GEJiXSTFMG0sj5tEfiS0XHudQcA1Ja0x95ketyC8Yobo0Lw= -----END CERTIFICATE-----Generated at Mon Mar 2 20:15:23 2026 by rpki-client