$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/F894F5B0E09411F0B3B2B389426F56BC.roa File: F894F5B0E09411F0B3B2B389426F56BC.roa (raw, json) Hash identifier: DJZwP5yqSI9PpNu/UVHT95YfSOvYQlnM/XHLUm3H7T4= Subject key identifier: CF:1B:01:C8:4B:F0:AC:65:28:BA:37:94:4C:AA:D1:08:21:32:C4:77 Certificate issuer: /CN=A91A4402/serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846 Certificate serial: 0D5B Authority key identifier: B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/F894F5B0E09411F0B3B2B389426F56BC.roa Signing time: Thu 16 Apr 2026 12:49:12 +0000 ROA not before: Thu 16 Apr 2026 12:49:12 +0000 ROA not after: Fri 28 May 2027 00:00:00 +0000 asID: 2914 IP address blocks: 43.231.190.0/24 maxlen: 24 43.231.191.0/24 maxlen: 24 43.246.199.0/24 maxlen: 24 103.7.208.0/24 maxlen: 24 103.7.211.0/24 maxlen: 24 103.197.208.0/24 maxlen: 24 103.197.209.0/24 maxlen: 24 103.197.210.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.crl rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Apr 2026 18:51:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3419 (0xd5b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A4402, serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846 Validity Not Before: Apr 16 12:49:12 2026 GMT Not After : May 28 00:00:00 2027 GMT Subject: CN=69e0dac8-b1b2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:59:bd:95:f4:48:91:bd:82:bc:c6:8c:7b:d4: 5c:d4:05:b0:02:8a:d2:60:1c:62:fe:31:51:2b:00: 32:71:ff:ce:78:5a:8e:ad:bb:27:ad:c0:02:b9:2d: ed:e8:a8:48:6b:c8:c6:ba:b1:1a:d0:73:01:bd:9d: 3f:22:7e:b2:76:32:6a:bd:ce:8c:e6:1a:13:a1:a8: b1:ec:98:c5:7a:a0:d2:00:05:42:b5:ca:c7:81:10: 1b:59:a8:9a:48:6e:c8:dc:0a:53:4e:74:7a:a9:8c: 45:10:6f:82:6d:bc:97:be:80:0e:d6:09:93:08:8f: e4:92:92:42:7d:1f:0a:3d:08:3e:26:fd:70:1e:3c: 88:50:ee:e3:0d:3e:72:a5:e3:68:0d:e6:49:ab:ab: 20:2e:e6:51:c6:bb:2d:ce:d9:87:c7:7f:e4:57:41: 6f:df:3a:d7:ff:39:6a:9b:70:6f:f0:dd:6f:a2:cc: 1b:d3:23:5c:dd:e4:66:b3:88:40:5a:5b:16:9b:86: d7:13:00:10:5c:5d:57:58:76:c2:1d:d4:c0:44:a8: 51:e3:85:67:ad:a6:da:9b:bb:d3:53:ca:09:ea:9b: ff:e1:bd:0d:c9:a0:cd:6e:24:a6:bb:83:ec:b8:1d: c2:1c:af:ef:de:e2:df:20:c1:9c:6c:f2:77:78:ea: e2:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:1B:01:C8:4B:F0:AC:65:28:BA:37:94:4C:AA:D1:08:21:32:C4:77 X509v3 Authority Key Identifier: keyid:B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/F894F5B0E09411F0B3B2B389426F56BC.roa sbgp-ipAddrBlock: critical IPv4: 43.231.190.0/23 43.246.199.0/24 103.7.208.0/24 103.7.211.0/24 103.197.208.0/22 Signature Algorithm: sha256WithRSAEncryption 82:b0:1b:79:c3:52:a0:2b:c1:c9:d7:41:89:e5:f3:6b:98:eb: 2c:1d:f5:b6:59:0e:f2:ed:15:cb:0b:52:f1:c7:27:5c:26:7f: 23:f9:7d:a1:35:2d:b1:f1:c4:83:cb:78:e1:4a:87:60:fa:3e: f5:14:2e:21:26:4a:6a:b1:8e:35:4f:0e:15:7d:10:41:3a:ac: 76:8a:af:92:2d:48:00:2b:2f:1e:11:94:58:bf:26:47:79:80: 49:9d:16:9c:d4:9d:31:b4:4d:6d:c7:37:18:77:b3:e7:99:fa: f9:ff:92:65:62:7a:98:5b:80:b6:2a:25:98:cf:5d:77:72:bc: b4:7c:ab:20:48:55:48:3d:76:83:1b:0e:e1:d9:3a:a2:b2:93: 69:65:5d:fc:94:cf:24:6f:b8:14:b6:25:3f:75:63:ec:32:dd: a8:72:ea:38:fa:00:aa:da:5c:bb:75:e3:95:f0:ef:17:b1:d5: 4b:1d:6c:cb:2d:4c:bf:39:aa:dd:94:d2:ae:28:6f:00:96:e7: 4a:44:40:6f:b4:af:3e:da:b0:73:73:8b:9e:05:2d:ba:71:55: 1f:0e:ea:64:10:9c:07:a9:9f:94:43:a3:56:51:e2:4d:a2:57: 62:fe:d6:e4:37:a6:2e:13:6a:83:3a:f0:2b:46:1c:c6:ec:94: f4:8f:8f:ec -----BEGIN CERTIFICATE----- MIIFVDCCBDygAwIBAgICDVswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTQ0MDIxMTAvBgNVBAUTKEI0MTE2QThFNkRBOTkxRkRDRjcxNjI2RTdCRUExMUZG NjlDQkE4NDYwHhcNMjYwNDE2MTI0OTEyWhcNMjcwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02OWUwZGFjOC1iMWIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxlm9lfRIkb2CvMaMe9Rc1AWwAorSYBxi/jFRKwAycf/OeFqOrbsnrcACuS3t 6KhIa8jGurEa0HMBvZ0/In6ydjJqvc6M5hoToaix7JjFeqDSAAVCtcrHgRAbWaia SG7I3ApTTnR6qYxFEG+CbbyXvoAO1gmTCI/kkpJCfR8KPQg+Jv1wHjyIUO7jDT5y peNoDeZJq6sgLuZRxrstztmHx3/kV0Fv3zrX/zlqm3Bv8N1voswb0yNc3eRms4hA WlsWm4bXEwAQXF1XWHbCHdTARKhR44Vnrabam7vTU8oJ6pv/4b0NyaDNbiSmu4Ps uB3CHK/v3uLfIMGcbPJ3eOriiQIDAQABo4ICeDCCAnQwHQYDVR0OBBYEFM8bAchL 8KxlKLo3lEyq0QghMsR3MB8GA1UdIwQYMBaAFLQRao5tqZH9z3FibnvqEf9py6hG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDQwMi9GREJGRDAyMDNE OTYxMUVBOEVBMDcwMkZDNEY5QUUwMi90QkZxam0ycGtmM1BjV0p1ZS1vUl8ybkxx RVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3RCRnFqbTJwa2YzUGNXSnVlLW9SXzJuTHFFWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTQ0MDIvRkRCRkQwMjAzRDk2MTFFQThFQTA3MDJGQzRGOUFFMDIvRjg5NEY1QjBF MDk0MTFGMEIzQjJCMzg5NDI2RjU2QkMucm9hMDcGCCsGAQUFBwEHAQH/BCgwJjAk BAIAATAeAwQBK+e+AwQAK/bHAwQAZwfQAwQAZwfTAwQCZ8XQMA0GCSqGSIb3DQEB CwUAA4IBAQCCsBt5w1KgK8HJ10GJ5fNrmOssHfW2WQ7y7RXLC1LxxydcJn8j+X2h NS2x8cSDy3jhSodg+j71FC4hJkpqsY41Tw4VfRBBOqx2iq+SLUgAKy8eEZRYvyZH eYBJnRac1J0xtE1txzcYd7Pnmfr5/5JlYnqYW4C2KiWYz113cry0fKsgSFVIPXaD Gw7h2TqispNpZV38lM8kb7gUtiU/dWPsMt2ocuo4+gCq2ly7deOV8O8XsdVLHWzL LUy/OardlNKuKG8AludKREBvtK8+2rBzc4ueBS26cVUfDupkEJwHqZ+UQ6NWUeJN oldi/tbkN6YuE2qDOvArRhzG7JT0j4/s -----END CERTIFICATE-----Generated at Fri Apr 17 03:52:55 2026 by rpki-client