$ rpki-client -vvf rpki.apnic.net/member_repository/A91673ED/4D8FA20E7D4911EBA165737BC4F9AE02/CD1F0EC07D4D11EBAE81AF83C4F9AE02.roa File: CD1F0EC07D4D11EBAE81AF83C4F9AE02.roa (raw, json) Hash identifier: htsQTL9h1dFStX/S8fGPhD/iB1SnRc1hDGyCcwP3e/U= Subject key identifier: DD:D5:BD:37:8D:82:EB:94:43:2A:EB:09:F0:63:54:57:03:09:62:B5 Certificate issuer: /CN=A91673ED/serialNumber=393566F441786D958D8A79118E8EF56FC872E5C5 Certificate serial: 070C Authority key identifier: 39:35:66:F4:41:78:6D:95:8D:8A:79:11:8E:8E:F5:6F:C8:72:E5:C5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OTVm9EF4bZWNinkRjo71b8hy5cU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91673ED/4D8FA20E7D4911EBA165737BC4F9AE02/CD1F0EC07D4D11EBAE81AF83C4F9AE02.roa Signing time: Sun 01 Mar 2026 09:43:50 +0000 ROA not before: Thu 22 May 2025 22:22:27 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 56186 IP address blocks: 43.245.240.0/22 maxlen: 23 103.13.8.0/22 maxlen: 22 202.3.80.0/21 maxlen: 21 202.92.216.0/21 maxlen: 21 202.92.222.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91673ED/4D8FA20E7D4911EBA165737BC4F9AE02/OTVm9EF4bZWNinkRjo71b8hy5cU.crl rsync://rpki.apnic.net/member_repository/A91673ED/4D8FA20E7D4911EBA165737BC4F9AE02/OTVm9EF4bZWNinkRjo71b8hy5cU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OTVm9EF4bZWNinkRjo71b8hy5cU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 01:46:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1804 (0x70c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91673ED, serialNumber=393566F441786D958D8A79118E8EF56FC872E5C5 Validity Not Before: May 22 22:22:27 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=69a40a56-240f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:e8:2a:aa:83:ab:a3:60:2c:88:6e:a0:05:34: 58:44:23:0a:a2:e7:7e:97:d3:f5:9b:00:f5:99:14: c1:ef:81:56:11:e2:46:ae:5a:88:87:b9:67:b6:f0: fd:99:f3:d8:3c:e3:1e:87:d3:b6:3b:32:8a:fa:e5: 42:64:ea:54:61:33:e4:fc:95:d2:d0:4f:fe:80:6a: fe:36:68:7d:67:81:4f:75:cf:3f:22:d7:7a:8e:10: b1:78:06:8d:15:de:46:f9:56:b6:68:4e:ca:20:48: a9:a2:f2:3f:b7:85:36:b0:16:88:f9:0e:24:e7:5e: 97:9b:0e:4a:b7:d3:f7:c3:cf:8b:77:7a:a2:89:af: 30:d1:d0:c8:ad:b5:c9:60:43:64:2b:f2:be:67:40: 95:be:13:e0:6c:39:9a:a4:e9:a0:bc:c4:5a:27:bc: 51:c9:7b:8f:39:cd:2a:12:39:c2:28:54:70:5d:1d: e3:be:1e:6e:bc:bb:3d:81:ea:af:0a:e9:1f:39:cd: 8e:65:df:3e:ee:2b:0f:6d:31:03:8c:33:ee:07:63: 24:e7:c0:9d:d8:98:2d:a1:d8:80:d8:bc:5c:dd:39: eb:fe:b0:6d:e3:77:1b:ae:84:fe:e1:cb:ce:9b:66: 9b:5d:08:9c:39:8d:76:a7:2e:a7:b6:5f:f4:24:65: 46:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:D5:BD:37:8D:82:EB:94:43:2A:EB:09:F0:63:54:57:03:09:62:B5 X509v3 Authority Key Identifier: keyid:39:35:66:F4:41:78:6D:95:8D:8A:79:11:8E:8E:F5:6F:C8:72:E5:C5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91673ED/4D8FA20E7D4911EBA165737BC4F9AE02/OTVm9EF4bZWNinkRjo71b8hy5cU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OTVm9EF4bZWNinkRjo71b8hy5cU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91673ED/4D8FA20E7D4911EBA165737BC4F9AE02/CD1F0EC07D4D11EBAE81AF83C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.245.240.0/22 103.13.8.0/22 202.3.80.0/21 202.92.216.0/21 Signature Algorithm: sha256WithRSAEncryption 2e:dc:f0:a0:4c:3c:a5:6d:06:84:0b:72:ae:2a:d4:f3:40:25: ce:3d:a2:51:0b:07:74:ce:f6:d4:ea:1a:bf:b3:0a:3f:b6:ad: df:c1:58:3b:64:4a:13:f9:fe:a7:62:fa:8e:b1:15:78:4a:9a: 89:64:59:c1:d9:4f:82:23:58:36:32:3b:ca:c9:72:63:03:5c: 96:da:b8:a4:8c:c0:3e:07:71:b8:81:d5:64:4f:37:2e:cb:50: 2c:ea:44:07:00:29:17:3b:76:7c:48:b6:bc:65:94:26:e6:93: 09:6c:fc:05:2a:25:a9:82:54:de:3a:11:9e:e9:19:f5:71:2e: b8:4a:5d:1b:81:fa:37:6f:e8:ef:d1:62:ac:55:d4:cb:84:6c: 71:67:8e:c5:92:b5:58:22:74:7a:2b:3d:8b:97:90:b7:dd:1c: 4b:a3:4d:60:f9:a8:10:4d:34:7a:68:63:02:e2:9b:f4:d0:25: aa:1c:48:3f:c1:82:ae:15:7a:96:a7:6a:52:b2:91:73:15:6b: 98:e6:04:6f:ab:ee:a3:da:c0:e3:08:38:f6:df:07:cb:34:d5: 14:9b:85:bf:d1:45:97:b4:55:b9:24:5a:1e:f7:d7:46:e0:a2: 33:f8:d1:c5:10:dc:a1:f7:b9:a7:f5:69:3b:74:09:6c:54:49: 8b:2d:6c:e2 -----BEGIN CERTIFICATE----- MIIFTjCCBDagAwIBAgICBwwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjczRUQxMTAvBgNVBAUTKDM5MzU2NkY0NDE3ODZEOTU4RDhBNzkxMThFOEVGNTZG Qzg3MkU1QzUwHhcNMjUwNTIyMjIyMjI3WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MGE1Ni0yNDBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzegqqoOro2AsiG6gBTRYRCMKoud+l9P1mwD1mRTB74FWEeJGrlqIh7lntvD9 mfPYPOMeh9O2OzKK+uVCZOpUYTPk/JXS0E/+gGr+Nmh9Z4FPdc8/Itd6jhCxeAaN Fd5G+Va2aE7KIEipovI/t4U2sBaI+Q4k516Xmw5Kt9P3w8+Ld3qiia8w0dDIrbXJ YENkK/K+Z0CVvhPgbDmapOmgvMRaJ7xRyXuPOc0qEjnCKFRwXR3jvh5uvLs9geqv CukfOc2OZd8+7isPbTEDjDPuB2Mk58Cd2JgtodiA2Lxc3Tnr/rBt43cbroT+4cvO m2abXQicOY12py6ntl/0JGVGxwIDAQABo4ICcjCCAm4wHQYDVR0OBBYEFN3VvTeN guuUQyrrCfBjVFcDCWK1MB8GA1UdIwQYMBaAFDk1ZvRBeG2VjYp5EY6O9W/IcuXF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NzNFRC80RDhGQTIwRTdE NDkxMUVCQTE2NTczN0JDNEY5QUUwMi9PVFZtOUVGNGJaV05pbmtSam83MWI4aHk1 Y1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09UVm05RUY0YlpXTmlua1JqbzcxYjhoeTVjVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NjczRUQvNEQ4RkEyMEU3RDQ5MTFFQkExNjU3MzdCQzRGOUFFMDIvQ0QxRjBFQzA3 RDREMTFFQkFFODFBRjgzQzRGOUFFMDIucm9hMDEGCCsGAQUFBwEHAQH/BCIwIDAe BAIAATAYAwQCK/XwAwQCZw0IAwQDygNQAwQDylzYMA0GCSqGSIb3DQEBCwUAA4IB AQAu3PCgTDylbQaEC3KuKtTzQCXOPaJRCwd0zvbU6hq/swo/tq3fwVg7ZEoT+f6n YvqOsRV4SpqJZFnB2U+CI1g2MjvKyXJjA1yW2rikjMA+B3G4gdVkTzcuy1As6kQH ACkXO3Z8SLa8ZZQm5pMJbPwFKiWpglTeOhGe6Rn1cS64Sl0bgfo3b+jv0WKsVdTL hGxxZ47FkrVYInR6Kz2Ll5C33RxLo01g+agQTTR6aGMC4pv00CWqHEg/wYKuFXqW p2pSspFzFWuY5gRvq+6j2sDjCDj23wfLNNUUm4W/0UWXtFW5JFoe99dG4KIz+NHF ENyh97mn9Wk7dAlsVEmLLWzi -----END CERTIFICATE-----Generated at Mon Mar 2 03:56:57 2026 by rpki-client