$ rpki-client -vvf rpki.apnic.net/member_repository/A9191DF4/F41D1C18B38E11E986282B73C4F9AE02/B5D4A156598B11EC82C8685CC4F9AE02.roa File: B5D4A156598B11EC82C8685CC4F9AE02.roa (raw, json) Hash identifier: DFvUjSl+6A6klX7hNwdfn4zHvZwMt+wqIU2vy92vesE= Subject key identifier: 4A:00:57:E2:25:81:D2:23:1B:6E:F2:96:F2:F9:F7:97:92:A9:63:17 Certificate issuer: /CN=A9191DF4/serialNumber=DA47042E376A9473FC0EDFC8445739DD1328AE0E Certificate serial: 0E99 Authority key identifier: DA:47:04:2E:37:6A:94:73:FC:0E:DF:C8:44:57:39:DD:13:28:AE:0E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2kcELjdqlHP8Dt_IRFc53RMorg4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9191DF4/F41D1C18B38E11E986282B73C4F9AE02/B5D4A156598B11EC82C8685CC4F9AE02.roa Signing time: Sun 01 Mar 2026 11:37:13 +0000 ROA not before: Thu 22 May 2025 18:21:10 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 23860 IP address blocks: 103.215.224.0/22 maxlen: 24 157.119.104.0/22 maxlen: 24 2400:3840::/32 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9191DF4/F41D1C18B38E11E986282B73C4F9AE02/2kcELjdqlHP8Dt_IRFc53RMorg4.crl rsync://rpki.apnic.net/member_repository/A9191DF4/F41D1C18B38E11E986282B73C4F9AE02/2kcELjdqlHP8Dt_IRFc53RMorg4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2kcELjdqlHP8Dt_IRFc53RMorg4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 02:14:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3737 (0xe99) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9191DF4, serialNumber=DA47042E376A9473FC0EDFC8445739DD1328AE0E Validity Not Before: May 22 18:21:10 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=69a424e9-4a27 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:3d:1a:ec:2d:0b:84:59:24:19:fc:c7:84:7a: b2:88:2f:6e:3c:5a:0f:57:ee:6c:38:93:d5:03:97: e2:4a:b2:12:d1:3e:d9:24:e1:82:df:dc:be:5c:63: de:1d:17:82:65:61:60:90:14:fd:a2:12:31:a4:c1: 5e:7a:a0:6e:c8:d5:1b:95:ca:d8:e3:96:e0:aa:62: 6d:71:45:a2:fb:fd:d1:fb:5b:f4:db:1d:24:e8:4f: 89:ca:3b:bf:b5:eb:87:e8:2f:6e:2b:66:af:3c:fc: a3:13:4c:b0:6c:14:3f:9c:27:69:54:15:ec:e4:3d: 0c:04:f8:7b:35:ae:54:97:b3:0a:95:79:2a:05:1a: 10:61:21:86:3e:d8:e1:58:6e:9a:14:94:a7:83:03: bd:b6:14:65:39:b1:f8:99:17:16:4b:c1:73:7b:51: b9:59:ee:cd:26:37:0b:59:36:ae:01:8c:b7:5e:15: 46:f3:3c:11:8b:b3:13:b5:16:e2:24:fa:f9:42:9c: fc:d0:c4:3c:7a:43:ba:79:d0:93:65:52:5a:8d:d9: 5c:57:ae:11:67:8b:ca:18:73:d2:3b:8d:b0:f4:97: 83:a4:28:77:06:eb:d8:43:96:87:15:9d:e6:84:ab: 96:77:55:6c:be:7b:41:78:17:83:aa:ee:37:64:cf: 5a:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:00:57:E2:25:81:D2:23:1B:6E:F2:96:F2:F9:F7:97:92:A9:63:17 X509v3 Authority Key Identifier: keyid:DA:47:04:2E:37:6A:94:73:FC:0E:DF:C8:44:57:39:DD:13:28:AE:0E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9191DF4/F41D1C18B38E11E986282B73C4F9AE02/2kcELjdqlHP8Dt_IRFc53RMorg4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2kcELjdqlHP8Dt_IRFc53RMorg4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9191DF4/F41D1C18B38E11E986282B73C4F9AE02/B5D4A156598B11EC82C8685CC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.215.224.0/22 157.119.104.0/22 IPv6: 2400:3840::/32 Signature Algorithm: sha256WithRSAEncryption 25:67:5f:8e:cc:f3:ab:30:87:06:52:8f:25:27:b7:e9:44:2c: 01:1e:68:be:8a:72:be:c1:7e:86:1c:85:ad:62:10:6d:f5:27: 02:50:80:f1:31:da:ea:d9:5a:0a:29:b6:8f:32:95:bb:03:6d: 32:aa:17:4f:59:d7:49:ec:df:fa:61:e6:1c:6b:f0:a1:0f:75: c6:98:79:fc:86:0f:d0:e0:53:55:8c:85:a0:5a:fd:9c:61:58: 08:2e:45:3b:b2:c8:03:00:ce:45:f1:01:fa:87:8b:d8:d6:0d: c1:bc:4a:67:27:fb:47:92:d1:bc:67:95:d9:64:26:4a:67:2a: 6f:31:57:6f:b8:cd:4e:44:0a:e6:f1:88:ef:9d:a2:21:87:5c: 65:03:65:5e:44:f3:65:36:9c:d5:28:c5:08:2d:c4:96:9b:70: 71:a8:02:70:d9:51:5a:e8:f0:70:92:c4:90:27:60:69:11:25: d7:0c:79:77:5b:38:89:39:fc:2a:5c:51:53:71:ff:ce:59:a7: 87:08:d2:db:86:1e:54:39:dd:e9:42:ef:1c:6e:67:96:73:73: 94:06:fc:fc:87:67:73:05:f9:0e:68:43:48:2b:0c:24:a0:49: d0:ab:f5:b2:b4:c5:34:21:56:13:4e:51:61:05:b8:4b:8c:03: 03:82:e3:fb -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgICDpkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTFERjQxMTAvBgNVBAUTKERBNDcwNDJFMzc2QTk0NzNGQzBFREZDODQ0NTczOURE MTMyOEFFMEUwHhcNMjUwNTIyMTgyMTEwWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MjRlOS00YTI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzj0a7C0LhFkkGfzHhHqyiC9uPFoPV+5sOJPVA5fiSrIS0T7ZJOGC39y+XGPe HReCZWFgkBT9ohIxpMFeeqBuyNUblcrY45bgqmJtcUWi+/3R+1v02x0k6E+Jyju/ teuH6C9uK2avPPyjE0ywbBQ/nCdpVBXs5D0MBPh7Na5Ul7MKlXkqBRoQYSGGPtjh WG6aFJSngwO9thRlObH4mRcWS8Fze1G5We7NJjcLWTauAYy3XhVG8zwRi7MTtRbi JPr5Qpz80MQ8ekO6edCTZVJajdlcV64RZ4vKGHPSO42w9JeDpCh3BuvYQ5aHFZ3m hKuWd1VsvntBeBeDqu43ZM9azwIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFEoAV+Il gdIjG27ylvL595eSqWMXMB8GA1UdIwQYMBaAFNpHBC43apRz/A7fyERXOd0TKK4O MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MURGNC9GNDFEMUMxOEIz OEUxMUU5ODYyODJCNzNDNEY5QUUwMi8ya2NFTGpkcWxIUDhEdF9JUkZjNTNSTW9y ZzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJrY0VMamRxbEhQOER0X0lSRmM1M1JNb3JnNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTFERjQvRjQxRDFDMThCMzhFMTFFOTg2MjgyQjczQzRGOUFFMDIvQjVENEExNTY1 OThCMTFFQzgyQzg2ODVDQzRGOUFFMDIucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS BAIAATAMAwQCZ9fgAwQCnXdoMA0EAgACMAcDBQAkADhAMA0GCSqGSIb3DQEBCwUA A4IBAQAlZ1+OzPOrMIcGUo8lJ7fpRCwBHmi+inK+wX6GHIWtYhBt9ScCUIDxMdrq 2VoKKbaPMpW7A20yqhdPWddJ7N/6YeYca/ChD3XGmHn8hg/Q4FNVjIWgWv2cYVgI LkU7ssgDAM5F8QH6h4vY1g3BvEpnJ/tHktG8Z5XZZCZKZypvMVdvuM1ORArm8Yjv naIhh1xlA2VeRPNlNpzVKMUILcSWm3BxqAJw2VFa6PBwksSQJ2BpESXXDHl3WziJ OfwqXFFTcf/OWaeHCNLbhh5UOd3pQu8cbmeWc3OUBvz8h2dzBfkOaENIKwwkoEnQ q/WytMU0IVYTTlFhBbhLjAMDguP7 -----END CERTIFICATE-----Generated at Mon Mar 2 07:28:26 2026 by rpki-client