$ rpki-client -vvf rpki.apnic.net/member_repository/A91A459D/5FAB972E7EF611EAA979A32DC4F9AE02/21028CF67EF811EAAD47CD30C4F9AE02.roa File: 21028CF67EF811EAAD47CD30C4F9AE02.roa (raw, json) Hash identifier: JFcci2znca0vHiIk+UWEW9yz/LlVcRJaRvUq96O997U= Subject key identifier: C1:5A:DB:32:02:0B:3C:F1:F6:F9:2C:78:F0:98:A8:BC:B8:16:3C:82 Certificate issuer: /CN=A91A459D/serialNumber=52B21995429C44F8A7F4EC99E53040870D6D385B Certificate serial: 0A67 Authority key identifier: 52:B2:19:95:42:9C:44:F8:A7:F4:EC:99:E5:30:40:87:0D:6D:38:5B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UrIZlUKcRPin9OyZ5TBAhw1tOFs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A459D/5FAB972E7EF611EAA979A32DC4F9AE02/21028CF67EF811EAAD47CD30C4F9AE02.roa Signing time: Sun 01 Mar 2026 09:30:13 +0000 ROA not before: Tue 22 Apr 2025 20:20:17 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 138684 IP address blocks: 103.136.132.0/22 maxlen: 22 103.136.132.0/24 maxlen: 24 103.136.133.0/24 maxlen: 24 103.136.134.0/24 maxlen: 24 103.136.135.0/24 maxlen: 24 2404:93c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A459D/5FAB972E7EF611EAA979A32DC4F9AE02/UrIZlUKcRPin9OyZ5TBAhw1tOFs.crl rsync://rpki.apnic.net/member_repository/A91A459D/5FAB972E7EF611EAA979A32DC4F9AE02/UrIZlUKcRPin9OyZ5TBAhw1tOFs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UrIZlUKcRPin9OyZ5TBAhw1tOFs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 01:42:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2663 (0xa67) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A459D, serialNumber=52B21995429C44F8A7F4EC99E53040870D6D385B Validity Not Before: Apr 22 20:20:17 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=69a40724-0672 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:97:c8:5d:6f:3a:f8:91:04:dd:9f:19:7b:fc: ee:17:fb:c8:b2:3b:08:ec:ec:1b:30:f4:ad:27:2b: 4b:5b:ff:0c:42:fb:45:31:4c:72:51:8b:a5:46:af: 0b:5e:bc:61:b9:4b:3b:5b:3b:c4:f2:39:b1:f0:c8: cb:58:26:ce:09:15:70:db:99:70:29:61:3a:6a:90: d8:8e:57:35:d0:5c:7b:da:7e:ad:51:da:28:cd:27: 7d:db:1b:ac:e0:3a:80:dd:eb:79:2a:90:7a:28:3a: 5b:07:b4:7d:0c:c7:2b:81:e5:48:4e:fb:33:07:d3: 30:b2:55:2a:b1:49:4c:c6:67:a8:31:7d:a9:95:89: 2f:1c:ef:b6:75:05:ae:67:d5:1a:eb:13:81:7c:5e: 65:5a:0b:18:45:75:5b:33:b6:9a:1c:85:4f:14:fa: 58:32:cd:6f:79:d0:44:3f:73:40:2d:f0:21:9f:2e: 25:fc:75:65:d5:96:74:97:30:15:a1:41:e8:f0:d7: d8:f2:5a:2a:fd:e6:36:c3:70:73:74:fb:df:25:b6: 88:1b:57:cf:55:42:78:e0:6f:55:9f:9b:0c:fa:0c: 57:ee:82:39:ff:18:df:77:d9:0f:f5:c8:a1:b7:6f: 8c:b7:ed:dc:3b:85:d6:7f:55:8e:95:2f:c2:b1:42: 26:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:5A:DB:32:02:0B:3C:F1:F6:F9:2C:78:F0:98:A8:BC:B8:16:3C:82 X509v3 Authority Key Identifier: keyid:52:B2:19:95:42:9C:44:F8:A7:F4:EC:99:E5:30:40:87:0D:6D:38:5B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A459D/5FAB972E7EF611EAA979A32DC4F9AE02/UrIZlUKcRPin9OyZ5TBAhw1tOFs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UrIZlUKcRPin9OyZ5TBAhw1tOFs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A459D/5FAB972E7EF611EAA979A32DC4F9AE02/21028CF67EF811EAAD47CD30C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.136.132.0/22 IPv6: 2404:93c0::/32 Signature Algorithm: sha256WithRSAEncryption 73:9a:d1:88:6e:94:c0:5b:1b:71:d9:45:58:5a:a9:53:cf:de: 2a:ec:59:0a:e4:32:34:ce:82:4c:71:92:d9:3c:4d:e6:f9:56: e9:af:2e:d9:0d:51:69:49:23:8d:7d:a6:77:2a:21:a9:f5:64: dd:88:d8:48:72:1f:2f:ce:1b:f2:a1:22:07:59:49:a5:71:2e: 00:ae:6d:a0:b8:ef:a8:6a:e5:22:d1:f0:8b:16:f8:e1:e2:d1: 51:35:26:03:66:e9:3c:09:4d:23:45:c8:28:f4:34:af:f7:79: 39:0d:84:dd:44:2e:1a:f1:ec:d9:fa:36:45:2a:07:1e:41:e6: a1:30:9b:4a:0b:b7:2b:68:c5:72:56:91:c7:89:f6:21:89:3d: 1b:29:1b:fb:59:35:c2:2c:36:cf:59:75:37:ba:a8:85:03:91: 4f:05:55:49:5a:f1:c7:e4:a9:6b:82:da:c7:82:2f:d9:c5:7b: f2:67:97:e4:3b:03:cf:e6:f0:a3:a6:72:87:b1:92:8f:33:19: 4f:ab:41:29:73:55:f3:16:1b:17:87:68:b1:99:04:27:d0:25: 11:13:e1:78:e4:54:c9:c6:f0:fe:88:3e:81:de:04:9e:ea:04: b4:35:85:93:39:78:4c:ca:c9:ea:2c:d8:05:95:0f:1a:cb:40: 9b:3d:f3:33 -----BEGIN CERTIFICATE----- MIIFSzCCBDOgAwIBAgICCmcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTQ1OUQxMTAvBgNVBAUTKDUyQjIxOTk1NDI5QzQ0RjhBN0Y0RUM5OUU1MzA0MDg3 MEQ2RDM4NUIwHhcNMjUwNDIyMjAyMDE3WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MDcyNC0wNjcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqpfIXW86+JEE3Z8Ze/zuF/vIsjsI7OwbMPStJytLW/8MQvtFMUxyUYulRq8L XrxhuUs7WzvE8jmx8MjLWCbOCRVw25lwKWE6apDYjlc10Fx72n6tUdoozSd92xus 4DqA3et5KpB6KDpbB7R9DMcrgeVITvszB9MwslUqsUlMxmeoMX2plYkvHO+2dQWu Z9Ua6xOBfF5lWgsYRXVbM7aaHIVPFPpYMs1vedBEP3NALfAhny4l/HVl1ZZ0lzAV oUHo8NfY8loq/eY2w3BzdPvfJbaIG1fPVUJ44G9Vn5sM+gxX7oI5/xjfd9kP9cih t2+Mt+3cO4XWf1WOlS/CsUImKQIDAQABo4ICbzCCAmswHQYDVR0OBBYEFMFa2zIC Czzx9vksePCYqLy4FjyCMB8GA1UdIwQYMBaAFFKyGZVCnET4p/TsmeUwQIcNbThb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDU5RC81RkFCOTcyRTdF RjYxMUVBQTk3OUEzMkRDNEY5QUUwMi9VcklabFVLY1JQaW45T3laNVRCQWh3MXRP RnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1VySVpsVUtjUlBpbjlPeVo1VEJBaHcxdE9Gcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTQ1OUQvNUZBQjk3MkU3RUY2MTFFQUE5NzlBMzJEQzRGOUFFMDIvMjEwMjhDRjY3 RUY4MTFFQUFENDdDRDMwQzRGOUFFMDIucm9hMC4GCCsGAQUFBwEHAQH/BB8wHTAM BAIAATAGAwQCZ4iEMA0EAgACMAcDBQAkBJPAMA0GCSqGSIb3DQEBCwUAA4IBAQBz mtGIbpTAWxtx2UVYWqlTz94q7FkK5DI0zoJMcZLZPE3m+Vbpry7ZDVFpSSONfaZ3 KiGp9WTdiNhIch8vzhvyoSIHWUmlcS4Arm2guO+oauUi0fCLFvjh4tFRNSYDZuk8 CU0jRcgo9DSv93k5DYTdRC4a8ezZ+jZFKgceQeahMJtKC7craMVyVpHHifYhiT0b KRv7WTXCLDbPWXU3uqiFA5FPBVVJWvHH5KlrgtrHgi/ZxXvyZ5fkOwPP5vCjpnKH sZKPMxlPq0Epc1XzFhsXh2ixmQQn0CURE+F45FTJxvD+iD6B3gSe6gS0NYWTOXhM ysnqLNgFlQ8ay0CbPfMz -----END CERTIFICATE-----Generated at Mon Mar 2 09:44:44 2026 by rpki-client