$ rpki-client -vvf rpki.apnic.net/member_repository/A91A06F2/8B8C4DD23F4711EA8E5DA87CC4F9AE02/3BFE8CEC3F4911EAA91D9A7FC4F9AE02.roa File: 3BFE8CEC3F4911EAA91D9A7FC4F9AE02.roa (raw, json) Hash identifier: yHiEBDvlcyXKE4TpKn114IGYxQdtuGdLDYmaaMzfwkk= Subject key identifier: 10:8D:9E:72:EA:9A:2E:F5:6E:C2:51:15:86:3E:62:9B:9F:EF:F6:40 Certificate issuer: /CN=A91A06F2/serialNumber=E74F464C408659ED2589DB664CE8EF6A6C600C47 Certificate serial: 0BBB Authority key identifier: E7:4F:46:4C:40:86:59:ED:25:89:DB:66:4C:E8:EF:6A:6C:60:0C:47 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/509GTECGWe0lidtmTOjvamxgDEc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A06F2/8B8C4DD23F4711EA8E5DA87CC4F9AE02/3BFE8CEC3F4911EAA91D9A7FC4F9AE02.roa Signing time: Sun 01 Mar 2026 11:44:32 +0000 ROA not before: Fri 18 Apr 2025 19:41:30 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 135155 IP address blocks: 103.211.28.0/22 maxlen: 22 103.211.28.0/24 maxlen: 24 103.211.29.0/24 maxlen: 24 103.211.30.0/24 maxlen: 24 103.211.31.0/24 maxlen: 24 146.196.48.0/22 maxlen: 22 146.196.48.0/24 maxlen: 24 146.196.49.0/24 maxlen: 24 146.196.50.0/24 maxlen: 24 146.196.51.0/24 maxlen: 24 2407:5f80::/32 maxlen: 32 2407:5f80::/36 maxlen: 36 2407:5f80:1000::/36 maxlen: 36 2407:5f80:2000::/36 maxlen: 36 2407:5f80:3000::/36 maxlen: 36 2407:5f80:4000::/36 maxlen: 36 2407:5f80:5000::/36 maxlen: 36 2407:5f80:6000::/36 maxlen: 36 2407:5f80:7000::/36 maxlen: 36 2407:5f80:8000::/36 maxlen: 36 2407:5f80:9000::/36 maxlen: 36 2407:5f80:a000::/36 maxlen: 36 2407:5f80:b000::/36 maxlen: 36 2407:5f80:c000::/36 maxlen: 36 2407:5f80:d000::/36 maxlen: 36 2407:5f80:e000::/36 maxlen: 36 2407:5f80:f000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A06F2/8B8C4DD23F4711EA8E5DA87CC4F9AE02/509GTECGWe0lidtmTOjvamxgDEc.crl rsync://rpki.apnic.net/member_repository/A91A06F2/8B8C4DD23F4711EA8E5DA87CC4F9AE02/509GTECGWe0lidtmTOjvamxgDEc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/509GTECGWe0lidtmTOjvamxgDEc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:43:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3003 (0xbbb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A06F2, serialNumber=E74F464C408659ED2589DB664CE8EF6A6C600C47 Validity Not Before: Apr 18 19:41:30 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=69a426a0-b1f8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:d8:77:05:41:d8:e1:ef:92:26:01:47:41:04: 71:b7:88:fc:4c:9a:eb:dc:e9:3a:ac:77:0e:1c:0b: 67:b2:cc:e0:94:32:45:61:50:1b:1a:c5:1a:3d:e4: 5d:74:3e:d0:15:00:aa:5c:d2:60:d1:ba:24:c8:4c: 92:2a:3c:4c:36:f1:f3:e0:a2:df:f6:f7:1a:39:c3: 2f:41:a9:6b:15:50:c9:32:f3:aa:e0:88:4f:5e:a6: de:d8:bf:24:ff:e6:af:50:b6:d5:93:c1:18:04:0a: eb:17:7a:ba:38:de:c0:d2:b7:64:91:32:fc:14:6f: fb:26:c5:c3:a7:f5:9f:19:80:84:b3:ad:2b:93:3d: e2:8d:73:b8:90:61:a9:b5:31:49:d4:25:4f:87:c2: 5a:f6:ff:e8:fd:04:f5:b6:ef:fb:a8:eb:56:19:9a: f7:8f:f6:20:46:50:15:58:f6:eb:65:55:e4:63:3e: 0c:97:62:99:4f:97:ad:bb:2a:d7:fe:d1:21:e2:0e: 23:22:d6:99:cd:bf:fd:32:5c:8b:e9:b4:79:d1:fc: 0e:6a:f1:65:90:13:e6:bc:21:4c:c6:10:95:e9:a7: 3c:1d:86:c0:29:bb:5d:1c:40:11:8a:31:59:44:5c: 03:9e:b4:42:d3:e0:c0:86:ad:6e:19:16:d1:16:ba: 40:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:8D:9E:72:EA:9A:2E:F5:6E:C2:51:15:86:3E:62:9B:9F:EF:F6:40 X509v3 Authority Key Identifier: keyid:E7:4F:46:4C:40:86:59:ED:25:89:DB:66:4C:E8:EF:6A:6C:60:0C:47 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A06F2/8B8C4DD23F4711EA8E5DA87CC4F9AE02/509GTECGWe0lidtmTOjvamxgDEc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/509GTECGWe0lidtmTOjvamxgDEc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A06F2/8B8C4DD23F4711EA8E5DA87CC4F9AE02/3BFE8CEC3F4911EAA91D9A7FC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.211.28.0/22 146.196.48.0/22 IPv6: 2407:5f80::/32 Signature Algorithm: sha256WithRSAEncryption 73:3e:4a:a2:d8:91:30:45:c7:ea:f8:d5:6a:4b:07:99:39:68: e6:0f:0d:30:f9:9a:49:0b:3a:ef:1b:08:f7:c5:a1:f3:6a:a8: 01:09:37:07:e0:a9:b4:25:0a:ac:64:24:9b:8b:f5:1a:96:7e: c1:af:9b:1a:8d:71:bd:de:05:ad:38:a3:16:4e:f2:16:04:1d: b9:53:3c:bd:3a:b1:98:58:c0:49:38:73:4f:89:d9:60:68:8d: 99:08:76:bc:81:c2:1e:3b:30:97:35:76:c0:b7:b6:e5:68:e0: a2:b8:f6:e0:1c:e7:28:41:be:b2:00:92:56:06:80:68:11:21: b9:11:5d:ea:0f:02:62:25:f8:9d:d9:39:c9:ae:d8:7b:81:ab: e9:b4:59:ef:30:75:87:06:72:77:43:17:64:a4:1f:ab:92:8e: e0:22:78:69:c7:29:50:97:5f:86:fc:71:97:2b:d7:49:12:f0: d9:36:fa:a6:f1:a8:2b:c7:1f:a4:54:37:69:66:2c:8e:61:a3: 00:2e:2b:66:71:0f:7a:46:a0:c2:18:1d:4a:1b:c6:37:b5:54: 79:7e:db:66:6d:14:19:b9:5c:df:6c:dd:60:29:6a:3b:31:9b: 4e:00:04:e5:b7:77:6e:37:f5:70:40:51:e0:08:f5:2c:8a:ef: 57:be:0f:c4 -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgICC7swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTA2RjIxMTAvBgNVBAUTKEU3NEY0NjRDNDA4NjU5RUQyNTg5REI2NjRDRThFRjZB NkM2MDBDNDcwHhcNMjUwNDE4MTk0MTMwWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MjZhMC1iMWY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAn9h3BUHY4e+SJgFHQQRxt4j8TJrr3Ok6rHcOHAtnsszglDJFYVAbGsUaPeRd dD7QFQCqXNJg0bokyEySKjxMNvHz4KLf9vcaOcMvQalrFVDJMvOq4IhPXqbe2L8k /+avULbVk8EYBArrF3q6ON7A0rdkkTL8FG/7JsXDp/WfGYCEs60rkz3ijXO4kGGp tTFJ1CVPh8Ja9v/o/QT1tu/7qOtWGZr3j/YgRlAVWPbrZVXkYz4Ml2KZT5etuyrX /tEh4g4jItaZzb/9MlyL6bR50fwOavFlkBPmvCFMxhCV6ac8HYbAKbtdHEARijFZ RFwDnrRC0+DAhq1uGRbRFrpAcwIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFBCNnnLq mi71bsJRFYY+Ypuf7/ZAMB8GA1UdIwQYMBaAFOdPRkxAhlntJYnbZkzo72psYAxH MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDZGMi84QjhDNEREMjNG NDcxMUVBOEU1REE4N0NDNEY5QUUwMi81MDlHVEVDR1dlMGxpZHRtVE9qdmFteGdE RWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzUwOUdURUNHV2UwbGlkdG1UT2p2YW14Z0RFYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTA2RjIvOEI4QzRERDIzRjQ3MTFFQThFNURBODdDQzRGOUFFMDIvM0JGRThDRUMz RjQ5MTFFQUE5MUQ5QTdGQzRGOUFFMDIucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS BAIAATAMAwQCZ9McAwQCksQwMA0EAgACMAcDBQAkB1+AMA0GCSqGSIb3DQEBCwUA A4IBAQBzPkqi2JEwRcfq+NVqSweZOWjmDw0w+ZpJCzrvGwj3xaHzaqgBCTcH4Km0 JQqsZCSbi/Ualn7Br5sajXG93gWtOKMWTvIWBB25Uzy9OrGYWMBJOHNPidlgaI2Z CHa8gcIeOzCXNXbAt7blaOCiuPbgHOcoQb6yAJJWBoBoESG5EV3qDwJiJfid2TnJ rth7gavptFnvMHWHBnJ3QxdkpB+rko7gInhpxylQl1+G/HGXK9dJEvDZNvqm8agr xx+kVDdpZiyOYaMALitmcQ96RqDCGB1KG8Y3tVR5fttmbRQZuVzfbN1gKWo7MZtO AATlt3duN/VwQFHgCPUsiu9Xvg/E -----END CERTIFICATE-----Generated at Mon Mar 2 03:59:42 2026 by rpki-client