$ rpki-client -vvf rpki.apnic.net/member_repository/A91A531A/2BDDFACE219711EBB45B0359C4F9AE02/43C467CA219911EB8F75645EC4F9AE02.roa File: 43C467CA219911EB8F75645EC4F9AE02.roa (raw, json) Hash identifier: //kyIlIYFX3+08S3h9a7dEmLAcY3BX1jLjRJO0SJN6s= Subject key identifier: A7:25:5F:C7:4C:7B:61:42:32:61:84:AD:37:6D:75:2D:F0:62:04:5C Certificate issuer: /CN=A91A531A/serialNumber=C9935943691AD1E95366E741C139301FB7F7E6DB Certificate serial: 07F0 Authority key identifier: C9:93:59:43:69:1A:D1:E9:53:66:E7:41:C1:39:30:1F:B7:F7:E6:DB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yZNZQ2ka0elTZudBwTkwH7f35ts.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A531A/2BDDFACE219711EBB45B0359C4F9AE02/43C467CA219911EB8F75645EC4F9AE02.roa Signing time: Sun 01 Mar 2026 14:08:59 +0000 ROA not before: Sun 28 Dec 2025 21:17:31 +0000 ROA not after: Tue 02 Mar 2027 00:00:00 +0000 asID: 141404 IP address blocks: 103.158.86.0/23 maxlen: 23 103.158.86.0/24 maxlen: 24 103.158.87.0/24 maxlen: 24 2001:df5:4b80::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A531A/2BDDFACE219711EBB45B0359C4F9AE02/yZNZQ2ka0elTZudBwTkwH7f35ts.crl rsync://rpki.apnic.net/member_repository/A91A531A/2BDDFACE219711EBB45B0359C4F9AE02/yZNZQ2ka0elTZudBwTkwH7f35ts.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yZNZQ2ka0elTZudBwTkwH7f35ts.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 02:17:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2032 (0x7f0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A531A, serialNumber=C9935943691AD1E95366E741C139301FB7F7E6DB Validity Not Before: Dec 28 21:17:31 2025 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=69a4487b-c97e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:75:0b:db:c5:6b:d9:62:ae:94:48:bb:a9:fa: a8:63:76:28:19:57:39:60:57:c3:3f:d9:fb:4a:1b: 42:b7:39:07:91:dd:e1:90:03:ca:07:fe:7d:76:af: 64:04:56:a2:a7:4f:a1:24:6e:1e:8a:d8:8c:b8:b8: 55:8f:30:aa:47:d5:12:b9:75:e6:90:f9:85:7f:e1: 99:25:2f:07:97:36:36:88:96:6f:dc:c5:2a:8e:fa: 50:28:fb:1a:77:b9:59:ca:2a:e3:3a:a9:f2:1a:57: 33:03:53:91:e6:36:29:6d:d3:a3:c4:7c:04:5c:a3: d8:d2:33:7c:95:b5:3e:d5:c5:25:72:6c:3a:53:c4: a8:34:01:ce:b5:8e:f6:31:2f:c4:06:20:05:07:76: 59:18:f9:fc:ab:11:79:c0:f2:e0:78:8d:48:29:72: 36:81:b8:29:4f:83:d7:70:be:a1:bf:85:e8:3d:a2: 18:f5:6f:8b:92:2e:db:23:29:d9:61:5d:36:bf:9a: 4d:b9:3e:5f:37:da:f6:67:8f:ab:51:17:48:e7:f4: 3e:73:ed:23:2e:f8:04:f0:bd:5c:0d:3e:7d:d5:bb: 12:7c:53:72:ff:95:9f:a5:ba:43:89:88:46:05:45: 5d:08:b0:f9:f8:58:dc:46:b6:47:6e:b4:7e:5b:63: b8:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:25:5F:C7:4C:7B:61:42:32:61:84:AD:37:6D:75:2D:F0:62:04:5C X509v3 Authority Key Identifier: keyid:C9:93:59:43:69:1A:D1:E9:53:66:E7:41:C1:39:30:1F:B7:F7:E6:DB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A531A/2BDDFACE219711EBB45B0359C4F9AE02/yZNZQ2ka0elTZudBwTkwH7f35ts.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yZNZQ2ka0elTZudBwTkwH7f35ts.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A531A/2BDDFACE219711EBB45B0359C4F9AE02/43C467CA219911EB8F75645EC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.158.86.0/23 IPv6: 2001:df5:4b80::/48 Signature Algorithm: sha256WithRSAEncryption 45:5e:75:bd:10:0b:81:ea:f0:35:94:9a:33:97:5e:c1:43:64: 4c:ae:e2:ea:32:5e:00:05:75:33:50:41:9b:15:43:46:02:d6: b7:cf:c2:1f:4e:29:90:9d:82:1b:32:58:4a:bb:c3:19:42:cf: 32:3e:63:2b:d0:33:28:c7:92:c3:c1:46:09:0f:c2:00:18:89: 02:c2:c4:bf:b3:05:2a:44:a7:33:41:c1:95:f7:66:6a:6f:d8: ab:ab:44:b8:1b:d1:6a:b2:cd:e2:e1:5b:dc:91:81:4d:7f:0e: 8f:32:7c:df:fd:4c:97:0f:71:cb:0c:0e:46:55:38:f5:a8:0d: b8:fd:1d:68:b2:27:92:f3:9a:75:a0:c8:38:3f:dd:ba:c7:07: 56:ec:90:49:03:a4:81:8b:ed:dd:f1:f0:5a:9b:fa:37:e7:5d: 99:d0:c4:81:7c:b6:11:35:5d:30:cd:77:1d:93:60:b5:da:f6: f2:5c:2c:ac:be:54:26:34:2c:4a:ad:4a:a8:cc:d9:47:34:62: 72:87:cf:1b:04:78:c1:d3:85:18:d4:22:85:c3:e2:49:f9:f5: 35:1b:e4:bd:73:25:50:8c:8b:f4:98:4f:70:2d:37:30:af:3e: 4f:51:c9:fb:77:72:3c:dd:2c:9b:9d:b7:16:d1:d6:95:08:42: 78:41:26:5d -----BEGIN CERTIFICATE----- MIIFTTCCBDWgAwIBAgICB/AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTUzMUExMTAvBgNVBAUTKEM5OTM1OTQzNjkxQUQxRTk1MzY2RTc0MUMxMzkzMDFG QjdGN0U2REIwHhcNMjUxMjI4MjExNzMxWhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NDg3Yi1jOTdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArnUL28Vr2WKulEi7qfqoY3YoGVc5YFfDP9n7ShtCtzkHkd3hkAPKB/59dq9k BFaip0+hJG4eitiMuLhVjzCqR9USuXXmkPmFf+GZJS8HlzY2iJZv3MUqjvpQKPsa d7lZyirjOqnyGlczA1OR5jYpbdOjxHwEXKPY0jN8lbU+1cUlcmw6U8SoNAHOtY72 MS/EBiAFB3ZZGPn8qxF5wPLgeI1IKXI2gbgpT4PXcL6hv4XoPaIY9W+Lki7bIynZ YV02v5pNuT5fN9r2Z4+rURdI5/Q+c+0jLvgE8L1cDT591bsSfFNy/5WfpbpDiYhG BUVdCLD5+FjcRrZHbrR+W2O4FQIDAQABo4ICcTCCAm0wHQYDVR0OBBYEFKclX8dM e2FCMmGErTdtdS3wYgRcMB8GA1UdIwQYMBaAFMmTWUNpGtHpU2bnQcE5MB+39+bb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTMxQS8yQkRERkFDRTIx OTcxMUVCQjQ1QjAzNTlDNEY5QUUwMi95Wk5aUTJrYTBlbFRadWRCd1Rrd0g3ZjM1 dHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3laTlpRMmthMGVsVFp1ZEJ3VGt3SDdmMzV0cy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTUzMUEvMkJEREZBQ0UyMTk3MTFFQkI0NUIwMzU5QzRGOUFFMDIvNDNDNDY3Q0Ey MTk5MTFFQjhGNzU2NDVFQzRGOUFFMDIucm9hMDAGCCsGAQUFBwEHAQH/BCEwHzAM BAIAATAGAwQBZ55WMA8EAgACMAkDBwAgAQ31S4AwDQYJKoZIhvcNAQELBQADggEB AEVedb0QC4Hq8DWUmjOXXsFDZEyu4uoyXgAFdTNQQZsVQ0YC1rfPwh9OKZCdghsy WEq7wxlCzzI+YyvQMyjHksPBRgkPwgAYiQLCxL+zBSpEpzNBwZX3Zmpv2KurRLgb 0WqyzeLhW9yRgU1/Do8yfN/9TJcPccsMDkZVOPWoDbj9HWiyJ5LzmnWgyDg/3brH B1bskEkDpIGL7d3x8Fqb+jfnXZnQxIF8thE1XTDNdx2TYLXa9vJcLKy+VCY0LEqt SqjM2Uc0YnKHzxsEeMHThRjUIoXD4kn59TUb5L1zJVCMi/SYT3AtNzCvPk9Ryft3 cjzdLJudtxbR1pUIQnhBJl0= -----END CERTIFICATE-----Generated at Mon Mar 2 09:55:56 2026 by rpki-client