$ rpki-client -vvf rpki.apnic.net/member_repository/A91852BA/856517C00BCB11ECBD9C200BC4F9AE02/17679A100BCE11EC85811A0DC4F9AE02.roa File: 17679A100BCE11EC85811A0DC4F9AE02.roa (raw, json) Hash identifier: SfVrLwu0/hb9g42RiXp5yjlYQFRmDAk0DOmeUwdGOYM= Subject key identifier: 44:BA:86:AE:00:A3:DF:FE:CD:2A:A3:8C:7D:85:19:4B:65:83:1E:3D Certificate issuer: /CN=A91852BA/serialNumber=F66964F99BC88D37761D389815D3C9E9D0A17A4D Certificate serial: 059B Authority key identifier: F6:69:64:F9:9B:C8:8D:37:76:1D:38:98:15:D3:C9:E9:D0:A1:7A:4D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9mlk-ZvIjTd2HTiYFdPJ6dChek0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91852BA/856517C00BCB11ECBD9C200BC4F9AE02/17679A100BCE11EC85811A0DC4F9AE02.roa Signing time: Sun 01 Mar 2026 08:51:16 +0000 ROA not before: Wed 14 May 2025 23:54:16 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 53587 IP address blocks: 43.248.168.0/22 maxlen: 22 43.248.168.0/24 maxlen: 24 43.248.169.0/24 maxlen: 24 43.248.170.0/24 maxlen: 24 43.248.171.0/24 maxlen: 24 103.228.92.0/22 maxlen: 22 103.228.92.0/24 maxlen: 24 103.228.93.0/24 maxlen: 24 103.228.94.0/24 maxlen: 24 103.228.95.0/24 maxlen: 24 2401:9d80::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91852BA/856517C00BCB11ECBD9C200BC4F9AE02/9mlk-ZvIjTd2HTiYFdPJ6dChek0.crl rsync://rpki.apnic.net/member_repository/A91852BA/856517C00BCB11ECBD9C200BC4F9AE02/9mlk-ZvIjTd2HTiYFdPJ6dChek0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9mlk-ZvIjTd2HTiYFdPJ6dChek0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 02:50:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1435 (0x59b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91852BA, serialNumber=F66964F99BC88D37761D389815D3C9E9D0A17A4D Validity Not Before: May 14 23:54:16 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=69a3fe04-1059 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:4f:cd:92:0b:dd:3c:f4:3e:ee:17:e6:36:b0: 3b:76:ff:c9:5c:7d:ee:a9:51:79:73:4c:67:7e:04: 86:58:67:f7:10:97:c0:b3:9b:6f:07:48:14:f4:fa: f2:44:89:2c:47:36:31:40:99:f3:e6:46:29:90:9e: 75:85:6b:f8:2d:35:7a:69:68:ba:9d:75:6a:19:92: 9f:61:51:59:8e:87:6b:c1:90:f6:99:bd:c8:11:22: b3:2a:66:c7:7e:cc:da:8b:ff:24:af:08:1a:29:32: 50:03:da:9a:c8:85:66:7c:34:b8:34:a0:79:01:a8: 97:c7:fe:76:19:16:26:af:b9:f2:d8:53:01:43:89: 8a:f3:63:a7:4a:06:5c:d0:16:20:27:e3:ea:88:75: 2c:0f:44:ca:4a:ee:52:57:5e:bd:5e:d7:fd:90:47: 5c:32:00:b3:04:2a:58:a6:62:59:28:38:6a:88:68: 01:c9:4d:6f:fd:7f:d2:df:45:44:11:78:91:22:ba: e3:10:ff:45:82:21:75:44:77:57:78:d9:de:43:cb: 73:1b:4e:8e:73:1d:e2:10:a6:c7:d2:8b:82:e6:11: d1:63:2b:86:04:93:20:7e:35:c9:06:b8:dc:6c:4a: 77:3e:74:d8:4f:89:63:93:de:ac:37:e1:b3:b5:14: 18:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:BA:86:AE:00:A3:DF:FE:CD:2A:A3:8C:7D:85:19:4B:65:83:1E:3D X509v3 Authority Key Identifier: keyid:F6:69:64:F9:9B:C8:8D:37:76:1D:38:98:15:D3:C9:E9:D0:A1:7A:4D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91852BA/856517C00BCB11ECBD9C200BC4F9AE02/9mlk-ZvIjTd2HTiYFdPJ6dChek0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9mlk-ZvIjTd2HTiYFdPJ6dChek0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91852BA/856517C00BCB11ECBD9C200BC4F9AE02/17679A100BCE11EC85811A0DC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.248.168.0/22 103.228.92.0/22 IPv6: 2401:9d80::/32 Signature Algorithm: sha256WithRSAEncryption 95:23:e1:39:08:12:24:49:99:71:38:06:fb:d6:f4:df:2d:4e: d2:f7:1e:90:d0:38:89:16:9c:d8:7e:a4:4e:21:b5:09:a4:f9: c9:d6:ac:18:b4:76:75:3d:2f:dc:29:15:b0:ad:0f:be:8b:89: 12:b2:a8:44:3e:2d:bf:59:39:6d:a1:d4:21:75:3a:ec:95:3e: 23:96:6a:f6:7d:d6:e5:8f:b2:c4:bb:d1:c7:22:49:e5:c1:aa: fa:bb:28:48:09:de:2d:f0:54:09:77:8f:70:e4:95:05:e2:47: a9:e1:d9:d5:ea:50:d6:49:69:cc:99:8e:39:eb:78:75:68:9a: fc:25:35:bc:33:59:fd:3f:47:7e:82:5f:93:bf:83:89:d3:7d: c7:2f:20:81:8d:59:b9:a5:9d:0c:ce:86:04:52:5d:59:a9:21: 57:dd:41:c6:5f:3b:03:42:c4:10:f2:9b:b7:36:9f:e8:f0:43: be:36:a0:5e:7d:ce:f1:98:78:a0:5e:26:f7:cd:91:8d:74:5a: 05:b2:56:f2:d2:e3:3c:a3:e0:d3:8d:e2:d5:1e:3b:f8:fd:9e: d5:80:4c:59:03:fb:a0:e2:93:cb:b9:66:03:61:50:fa:b8:65: 20:47:0d:6c:b7:0a:a4:6f:b8:68:6d:2d:9f:8e:7d:1a:a2:06: 22:11:e8:39 -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgICBZswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODUyQkExMTAvBgNVBAUTKEY2Njk2NEY5OUJDODhEMzc3NjFEMzg5ODE1RDNDOUU5 RDBBMTdBNEQwHhcNMjUwNTE0MjM1NDE2WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWEzZmUwNC0xMDU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3k/NkgvdPPQ+7hfmNrA7dv/JXH3uqVF5c0xnfgSGWGf3EJfAs5tvB0gU9Pry RIksRzYxQJnz5kYpkJ51hWv4LTV6aWi6nXVqGZKfYVFZjodrwZD2mb3IESKzKmbH fszai/8krwgaKTJQA9qayIVmfDS4NKB5AaiXx/52GRYmr7ny2FMBQ4mK82OnSgZc 0BYgJ+PqiHUsD0TKSu5SV169Xtf9kEdcMgCzBCpYpmJZKDhqiGgByU1v/X/S30VE EXiRIrrjEP9FgiF1RHdXeNneQ8tzG06Ocx3iEKbH0ouC5hHRYyuGBJMgfjXJBrjc bEp3PnTYT4ljk96sN+GztRQYsQIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFES6hq4A o9/+zSqjjH2FGUtlgx49MB8GA1UdIwQYMBaAFPZpZPmbyI03dh04mBXTyenQoXpN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NTJCQS84NTY1MTdDMDBC Q0IxMUVDQkQ5QzIwMEJDNEY5QUUwMi85bWxrLVp2SWpUZDJIVGlZRmRQSjZkQ2hl azAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzltbGstWnZJalRkMkhUaVlGZFBKNmRDaGVrMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODUyQkEvODU2NTE3QzAwQkNCMTFFQ0JEOUMyMDBCQzRGOUFFMDIvMTc2NzlBMTAw QkNFMTFFQzg1ODExQTBEQzRGOUFFMDIucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS BAIAATAMAwQCK/ioAwQCZ+RcMA0EAgACMAcDBQAkAZ2AMA0GCSqGSIb3DQEBCwUA A4IBAQCVI+E5CBIkSZlxOAb71vTfLU7S9x6Q0DiJFpzYfqROIbUJpPnJ1qwYtHZ1 PS/cKRWwrQ++i4kSsqhEPi2/WTltodQhdTrslT4jlmr2fdblj7LEu9HHIknlwar6 uyhICd4t8FQJd49w5JUF4kep4dnV6lDWSWnMmY4563h1aJr8JTW8M1n9P0d+gl+T v4OJ033HLyCBjVm5pZ0MzoYEUl1ZqSFX3UHGXzsDQsQQ8pu3Np/o8EO+NqBefc7x mHigXib3zZGNdFoFslby0uM8o+DTjeLVHjv4/Z7VgExZA/ug4pPLuWYDYVD6uGUg Rw1stwqkb7hobS2fjn0aogYiEeg5 -----END CERTIFICATE-----Generated at Mon Mar 2 07:43:23 2026 by rpki-client