$ rpki-client -vvf rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/21C0B7E23BD311F0B1BF6C56C4F9AE02.roa File: 21C0B7E23BD311F0B1BF6C56C4F9AE02.roa (raw, json) Hash identifier: ei/pNFfYuuTuQw4Uvc9PFgEYvRb+k6YfbWf/kyJWsGU= Subject key identifier: C5:E3:BA:50:08:28:57:E7:01:EE:9B:7C:40:19:7E:65:20:88:AC:31 Certificate issuer: /CN=A91AA48F/serialNumber=BE0E7A890F7281C654632E8BE80EBBF9FFB56503 Certificate serial: 3580 Authority key identifier: BE:0E:7A:89:0F:72:81:C6:54:63:2E:8B:E8:0E:BB:F9:FF:B5:65:03 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/21C0B7E23BD311F0B1BF6C56C4F9AE02.roa Signing time: Sun 01 Mar 2026 18:19:54 +0000 ROA not before: Mon 10 Nov 2025 15:00:39 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 3758 IP address blocks: 111.65.100.0/24 maxlen: 24 111.65.101.0/24 maxlen: 24 111.65.102.0/23 maxlen: 23 111.65.104.0/21 maxlen: 22 111.65.112.0/20 maxlen: 20 202.78.52.0/22 maxlen: 22 202.78.55.0/24 maxlen: 24 2400:1c00:13::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.crl rsync://rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:11:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13696 (0x3580) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AA48F, serialNumber=BE0E7A890F7281C654632E8BE80EBBF9FFB56503 Validity Not Before: Nov 10 15:00:39 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=69a4834a-eff2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:62:c0:5f:d8:f9:b6:06:76:45:08:09:6e:30: 76:d8:31:07:16:a9:42:55:47:6c:51:b1:80:e8:c6: 21:b2:28:3e:ff:2b:15:51:80:ca:b5:06:86:ec:a7: e6:a7:d1:d4:95:87:4a:a9:d9:d7:44:7a:c3:e0:b3: d9:1e:f5:6a:9b:db:f7:3e:94:5c:f3:f8:11:c1:f0: 8d:81:50:78:77:27:25:ae:30:d1:35:32:9c:c0:48: 8e:93:d5:02:74:65:08:80:1c:bc:ae:81:81:6a:b8: 27:4a:bf:a1:0a:56:71:cc:7c:52:71:a1:8d:3a:92: e6:7a:68:99:94:47:b4:04:70:18:98:1a:bb:d7:d0: 50:5b:50:1a:6d:53:5f:1a:31:f9:bd:97:6e:9e:d5: 04:48:c0:dc:8b:42:ce:ac:ec:6e:c3:ac:b7:4f:a7: b1:80:74:0e:b1:49:f1:a6:31:a5:ba:65:28:6a:83: db:60:2c:ba:37:fb:70:79:44:a7:26:57:ad:93:f3: 40:00:16:ad:23:5e:d6:3f:06:af:03:60:af:3c:91: aa:b2:8e:74:31:1e:54:45:e6:b8:ba:74:66:76:e1: 92:0f:f5:24:b2:be:78:43:51:88:2c:e6:91:72:11: e6:22:dc:01:6e:07:61:45:28:7f:9d:fe:a4:db:e7: 3c:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:E3:BA:50:08:28:57:E7:01:EE:9B:7C:40:19:7E:65:20:88:AC:31 X509v3 Authority Key Identifier: keyid:BE:0E:7A:89:0F:72:81:C6:54:63:2E:8B:E8:0E:BB:F9:FF:B5:65:03 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/21C0B7E23BD311F0B1BF6C56C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 111.65.100.0-111.65.127.255 202.78.52.0/22 IPv6: 2400:1c00:13::/48 Signature Algorithm: sha256WithRSAEncryption 4e:b1:9b:55:c5:e8:f3:fb:c1:98:9e:91:bc:84:59:a0:f4:da: 09:a2:d9:4f:04:81:b1:94:01:29:11:0d:9b:60:5a:03:d2:f6: 90:33:1c:d5:22:32:b0:5b:a5:10:2f:6d:f0:8e:58:2b:f7:00: fe:41:f6:fd:6d:15:e8:88:0e:88:59:2a:f8:44:22:a6:15:db: b3:f4:e5:4e:69:04:69:0d:2f:bb:b6:5f:ea:ab:b4:d3:d5:a2: ef:63:d4:8b:ba:7b:6c:d2:0f:62:0f:40:d0:65:df:08:a9:3c: 33:82:c6:b6:10:84:a3:ef:02:9d:bf:93:57:67:cb:5c:f5:a9: 8a:52:31:2a:b5:c5:2a:b3:59:6c:97:5e:b6:fd:39:95:69:b3: 1f:ea:6a:e0:27:79:78:db:8d:20:1b:37:b5:e6:76:4f:a9:f7: 11:62:58:5b:0d:d7:51:a9:f7:a5:02:41:8d:68:1b:10:02:0c: ad:f2:e2:64:1d:5a:aa:e0:bb:de:97:8f:3a:38:9e:e9:14:e2: 70:6b:ac:a3:ff:ed:8c:e3:f7:5a:e2:63:78:5a:fe:3c:10:6d: 1a:1d:15:65:58:8e:31:0a:b6:3a:e8:58:eb:1e:6d:e2:4e:ae: 4f:a7:b7:6d:5d:f6:42:b5:fa:16:f5:9a:9f:7f:3f:12:09:36: 56:5a:8a:6b -----BEGIN CERTIFICATE----- MIIFWzCCBEOgAwIBAgICNYAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUE0OEYxMTAvBgNVBAUTKEJFMEU3QTg5MEY3MjgxQzY1NDYzMkU4QkU4MEVCQkY5 RkZCNTY1MDMwHhcNMjUxMTEwMTUwMDM5WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0ODM0YS1lZmYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt2LAX9j5tgZ2RQgJbjB22DEHFqlCVUdsUbGA6MYhsig+/ysVUYDKtQaG7Kfm p9HUlYdKqdnXRHrD4LPZHvVqm9v3PpRc8/gRwfCNgVB4dyclrjDRNTKcwEiOk9UC dGUIgBy8roGBargnSr+hClZxzHxScaGNOpLmemiZlEe0BHAYmBq719BQW1AabVNf GjH5vZduntUESMDci0LOrOxuw6y3T6exgHQOsUnxpjGlumUoaoPbYCy6N/tweUSn Jletk/NAABatI17WPwavA2CvPJGqso50MR5URea4unRmduGSD/Uksr54Q1GILOaR chHmItwBbgdhRSh/nf6k2+c8JQIDAQABo4ICfzCCAnswHQYDVR0OBBYEFMXjulAI KFfnAe6bfEAZfmUgiKwxMB8GA1UdIwQYMBaAFL4OeokPcoHGVGMui+gOu/n/tWUD MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQTQ4Ri84QzgxQTg1NjFE OEQxMUUyODY2QzUwRUIwOEIwMkNEMi92ZzU2aVE5eWdjWlVZeTZMNkE2Ny1mLTFa UU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ZnNTZpUTl5Z2NaVVl5Nkw2QTY3LWYtMVpRTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUE0OEYvOEM4MUE4NTYxRDhEMTFFMjg2NkM1MEVCMDhCMDJDRDIvMjFDMEI3RTIz QkQzMTFGMEIxQkY2QzU2QzRGOUFFMDIucm9hMD4GCCsGAQUFBwEHAQH/BC8wLTAa BAIAATAUMAwDBAJvQWQDBAdvQQADBALKTjQwDwQCAAIwCQMHACQAHAAAEzANBgkq hkiG9w0BAQsFAAOCAQEATrGbVcXo8/vBmJ6RvIRZoPTaCaLZTwSBsZQBKRENm2Ba A9L2kDMc1SIysFulEC9t8I5YK/cA/kH2/W0V6IgOiFkq+EQiphXbs/TlTmkEaQ0v u7Zf6qu009Wi72PUi7p7bNIPYg9A0GXfCKk8M4LGthCEo+8Cnb+TV2fLXPWpilIx KrXFKrNZbJdetv05lWmzH+pq4Cd5eNuNIBs3teZ2T6n3EWJYWw3XUan3pQJBjWgb EAIMrfLiZB1aquC73pePOjie6RTicGuso//tjOP3WuJjeFr+PBBtGh0VZViOMQq2 OuhY6x5t4k6uT6e3bV32QrX6FvWan38/Egk2VlqKaw== -----END CERTIFICATE-----Generated at Mon Mar 2 10:13:55 2026 by rpki-client