$ rpki-client -vvf rpki.apnic.net/member_repository/A91941E9/DAD8FB80079011EBBB98C076C4F9AE02/B0425744D7E211ECBD1D447FC4F9AE02.roa File: B0425744D7E211ECBD1D447FC4F9AE02.roa (raw, json) Hash identifier: zK8lUhZa1na50xQ4Bvd6rY8FeNFiFoaMC4JLuzhMCUs= Subject key identifier: 27:8E:24:09:CE:FB:F3:70:AC:28:78:C4:99:BB:02:67:D9:CA:49:2B Certificate issuer: /CN=A91941E9/serialNumber=05AD3E4AA1961BA7ECBE02935725C25CD26BD6BC Certificate serial: 0868 Authority key identifier: 05:AD:3E:4A:A1:96:1B:A7:EC:BE:02:93:57:25:C2:5C:D2:6B:D6:BC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ba0-SqGWG6fsvgKTVyXCXNJr1rw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91941E9/DAD8FB80079011EBBB98C076C4F9AE02/B0425744D7E211ECBD1D447FC4F9AE02.roa Signing time: Sun 01 Mar 2026 14:51:57 +0000 ROA not before: Tue 19 Aug 2025 02:49:25 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 2519 IP address blocks: 43.231.220.0/22 maxlen: 22 43.251.48.0/22 maxlen: 22 103.3.28.0/22 maxlen: 22 103.8.240.0/22 maxlen: 22 103.20.156.0/22 maxlen: 22 103.37.236.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91941E9/DAD8FB80079011EBBB98C076C4F9AE02/Ba0-SqGWG6fsvgKTVyXCXNJr1rw.crl rsync://rpki.apnic.net/member_repository/A91941E9/DAD8FB80079011EBBB98C076C4F9AE02/Ba0-SqGWG6fsvgKTVyXCXNJr1rw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ba0-SqGWG6fsvgKTVyXCXNJr1rw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 22:42:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2152 (0x868) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91941E9, serialNumber=05AD3E4AA1961BA7ECBE02935725C25CD26BD6BC Validity Not Before: Aug 19 02:49:25 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=69a4528d-9937 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:c1:2e:65:f4:45:5d:8a:17:13:fe:4a:88:8f: b0:46:a3:77:66:98:bc:02:1f:b5:56:a2:20:72:a9: 74:fc:2e:0f:ca:11:c2:00:b0:88:2b:0a:35:c6:cf: d4:9d:6c:f8:4e:f5:fd:95:9f:2b:19:fe:1f:59:9e: dc:c1:d0:cc:b7:be:e0:af:08:15:2a:90:f6:b4:ae: f8:80:c4:40:1f:75:71:b9:5b:62:6a:e9:ec:ba:be: e8:fa:24:04:95:44:93:e8:10:d1:a8:d7:7f:55:2d: 18:da:8b:38:39:5a:df:10:96:73:ec:cd:54:af:da: 24:59:ef:5a:50:21:79:1f:cc:04:92:e8:95:72:a2: e2:ac:36:80:a6:20:7e:e9:df:f9:05:b1:32:04:99: 6c:83:df:26:c9:68:f0:29:e4:3b:4a:74:77:9e:20: 1a:c6:a5:81:d7:db:c3:83:53:c5:55:e1:86:8a:83: 1e:eb:4f:fa:9f:ac:61:60:09:81:28:2d:1e:63:fd: ec:49:52:4c:ff:b6:83:e5:46:90:22:08:f7:61:7a: 66:17:ed:76:52:ab:74:7c:ed:17:2a:6d:1c:8a:53: fc:10:aa:b5:eb:c7:d2:da:f5:cc:21:99:1e:6c:f8: 3c:21:11:72:d0:77:41:44:2d:bd:e9:20:fa:8f:60: 04:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:8E:24:09:CE:FB:F3:70:AC:28:78:C4:99:BB:02:67:D9:CA:49:2B X509v3 Authority Key Identifier: keyid:05:AD:3E:4A:A1:96:1B:A7:EC:BE:02:93:57:25:C2:5C:D2:6B:D6:BC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91941E9/DAD8FB80079011EBBB98C076C4F9AE02/Ba0-SqGWG6fsvgKTVyXCXNJr1rw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ba0-SqGWG6fsvgKTVyXCXNJr1rw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91941E9/DAD8FB80079011EBBB98C076C4F9AE02/B0425744D7E211ECBD1D447FC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.231.220.0/22 43.251.48.0/22 103.3.28.0/22 103.8.240.0/22 103.20.156.0/22 103.37.236.0/22 Signature Algorithm: sha256WithRSAEncryption a3:ff:2f:8a:24:ec:2b:32:2b:f6:04:21:1d:b1:01:94:4f:5e: 4b:5c:0b:39:5d:c8:31:1f:71:74:91:8e:cc:0a:40:f8:3d:44: 8d:e9:da:0c:bf:f9:a7:b4:b4:e0:18:df:7c:17:2d:66:f5:06: 9e:82:57:10:ac:19:ab:48:d7:ba:73:f4:8c:1d:89:4d:fe:34: b9:7f:66:be:4c:71:93:15:cc:20:d6:ce:4e:3c:6e:47:fe:28: b4:df:1b:ed:35:5d:00:44:d1:9f:11:aa:47:dc:27:38:46:02: 07:34:a9:f7:e2:79:ea:77:d9:4b:b9:52:9c:2c:7b:2a:27:31: a6:d7:ab:30:ab:48:8c:2d:ea:30:9f:a4:f4:87:ce:a2:01:e4: 14:b9:47:d8:f8:50:5a:dc:bc:aa:bd:8c:65:8d:2b:ff:af:7a: aa:e1:9b:db:55:fe:6d:6c:52:19:b7:a7:dc:fb:1a:95:74:a1: 85:31:1d:92:91:50:68:d4:9a:b2:5f:32:c6:1c:bc:9e:3d:ff: f9:20:98:13:ca:77:f8:b3:02:36:5a:8c:a0:4c:bd:ba:df:76: 2d:7f:ca:05:cf:10:b8:00:58:62:80:a3:b9:e7:b2:16:23:53: cc:3e:1f:28:f2:5d:6b:8a:1d:cd:42:11:8e:51:fd:c3:f8:3d: b4:0d:fd:2e -----BEGIN CERTIFICATE----- MIIFWjCCBEKgAwIBAgICCGgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTQxRTkxMTAvBgNVBAUTKDA1QUQzRTRBQTE5NjFCQTdFQ0JFMDI5MzU3MjVDMjVD RDI2QkQ2QkMwHhcNMjUwODE5MDI0OTI1WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NTI4ZC05OTM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArMEuZfRFXYoXE/5KiI+wRqN3Zpi8Ah+1VqIgcql0/C4PyhHCALCIKwo1xs/U nWz4TvX9lZ8rGf4fWZ7cwdDMt77grwgVKpD2tK74gMRAH3VxuVtiaunsur7o+iQE lUST6BDRqNd/VS0Y2os4OVrfEJZz7M1Ur9okWe9aUCF5H8wEkuiVcqLirDaApiB+ 6d/5BbEyBJlsg98myWjwKeQ7SnR3niAaxqWB19vDg1PFVeGGioMe60/6n6xhYAmB KC0eY/3sSVJM/7aD5UaQIgj3YXpmF+12Uqt0fO0XKm0cilP8EKq168fS2vXMIZke bPg8IRFy0HdBRC296SD6j2AEtQIDAQABo4ICfjCCAnowHQYDVR0OBBYEFCeOJAnO +/NwrCh4xJm7AmfZykkrMB8GA1UdIwQYMBaAFAWtPkqhlhun7L4Ck1clwlzSa9a8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NDFFOS9EQUQ4RkI4MDA3 OTAxMUVCQkI5OEMwNzZDNEY5QUUwMi9CYTAtU3FHV0c2ZnN2Z0tUVnlYQ1hOSnIx cncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0JhMC1TcUdXRzZmc3ZnS1RWeVhDWE5KcjFydy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTQxRTkvREFEOEZCODAwNzkwMTFFQkJCOThDMDc2QzRGOUFFMDIvQjA0MjU3NDRE N0UyMTFFQ0JEMUQ0NDdGQzRGOUFFMDIucm9hMD0GCCsGAQUFBwEHAQH/BC4wLDAq BAIAATAkAwQCK+fcAwQCK/swAwQCZwMcAwQCZwjwAwQCZxScAwQCZyXsMA0GCSqG SIb3DQEBCwUAA4IBAQCj/y+KJOwrMiv2BCEdsQGUT15LXAs5XcgxH3F0kY7MCkD4 PUSN6doMv/mntLTgGN98Fy1m9QaeglcQrBmrSNe6c/SMHYlN/jS5f2a+THGTFcwg 1s5OPG5H/ii03xvtNV0ARNGfEapH3Cc4RgIHNKn34nnqd9lLuVKcLHsqJzGm16sw q0iMLeown6T0h86iAeQUuUfY+FBa3LyqvYxljSv/r3qq4ZvbVf5tbFIZt6fc+xqV dKGFMR2SkVBo1JqyXzLGHLyePf/5IJgTynf4swI2WoygTL2633Ytf8oFzxC4AFhi gKO557IWI1PMPh8o8l1rih3NQhGOUf3D+D20Df0u -----END CERTIFICATE-----Generated at Mon Mar 2 12:49:38 2026 by rpki-client