$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACF30/3B912F12F18211EAA537970AC4F9AE02/40965650EA4311EEA09F786BC4F9AE02.roa File: 40965650EA4311EEA09F786BC4F9AE02.roa (raw, json) Hash identifier: sO2TDcTaubul6PYFHdknsF44FU2zYp0hWwsMezsv3Lc= Subject key identifier: 3F:01:F6:8A:5C:BB:FB:08:9C:1E:B9:FD:D9:24:14:3C:0D:AE:63:22 Certificate issuer: /CN=A91ACF30/serialNumber=D3267AF9FB969089C3C12AFEBFD0FDE9BD867581 Certificate serial: 088C Authority key identifier: D3:26:7A:F9:FB:96:90:89:C3:C1:2A:FE:BF:D0:FD:E9:BD:86:75:81 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0yZ6-fuWkInDwSr-v9D96b2GdYE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ACF30/3B912F12F18211EAA537970AC4F9AE02/40965650EA4311EEA09F786BC4F9AE02.roa Signing time: Sun 01 Mar 2026 12:22:12 +0000 ROA not before: Tue 08 Jul 2025 21:32:11 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 38278 IP address blocks: 45.114.28.0/22 maxlen: 22 103.115.220.0/24 maxlen: 24 103.115.221.0/24 maxlen: 24 103.115.222.0/24 maxlen: 24 103.115.223.0/24 maxlen: 24 103.248.108.0/22 maxlen: 24 103.251.0.0/22 maxlen: 24 111.221.48.0/21 maxlen: 24 202.169.24.0/21 maxlen: 24 2402:eec0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ACF30/3B912F12F18211EAA537970AC4F9AE02/0yZ6-fuWkInDwSr-v9D96b2GdYE.crl rsync://rpki.apnic.net/member_repository/A91ACF30/3B912F12F18211EAA537970AC4F9AE02/0yZ6-fuWkInDwSr-v9D96b2GdYE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0yZ6-fuWkInDwSr-v9D96b2GdYE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 02:39:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2188 (0x88c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ACF30, serialNumber=D3267AF9FB969089C3C12AFEBFD0FDE9BD867581 Validity Not Before: Jul 8 21:32:11 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=69a42f74-fa8d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:0d:df:70:92:d0:fe:2e:ee:12:40:77:d4:8f: 62:c0:33:b4:88:66:2f:4b:bd:ee:95:f5:eb:68:91: 81:16:1d:ab:86:74:1b:13:0e:03:d0:3e:6d:78:c1: 4c:89:d8:0f:20:6b:e5:2a:fe:7f:e8:ba:3a:3e:c1: f4:7a:5f:f1:b9:7a:01:6e:35:59:0e:4e:19:67:fb: cf:00:65:9a:57:07:dd:6d:1e:aa:89:13:2b:21:e0: 08:7b:2d:67:33:cb:a6:35:71:72:65:fe:53:fd:8b: 6d:a4:52:64:0e:77:69:a0:ee:0e:21:f4:42:97:e8: 01:7b:cb:dc:dd:37:23:1a:38:9c:3f:40:86:ae:81: c6:81:a9:92:15:09:2f:b8:c5:53:5a:b2:0f:73:c2: e8:6c:f0:ae:7c:2a:4f:64:8e:fd:be:a9:63:8d:65: 10:6f:1b:51:f8:d6:c2:77:a3:2d:c4:dc:18:69:b1: 3a:e4:e8:43:7b:82:b1:9b:bb:2a:b7:d4:f2:b4:87: 72:db:f9:a8:1d:be:e7:62:4a:fa:7c:22:f6:fe:aa: a0:70:8c:f7:cd:9e:ce:92:e3:10:01:ff:56:f5:a3: dd:7a:a4:22:f1:80:0a:67:dc:d7:92:53:a1:04:31: 5d:5c:45:65:28:45:3b:49:c7:2d:f7:60:1f:41:66: 70:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:01:F6:8A:5C:BB:FB:08:9C:1E:B9:FD:D9:24:14:3C:0D:AE:63:22 X509v3 Authority Key Identifier: keyid:D3:26:7A:F9:FB:96:90:89:C3:C1:2A:FE:BF:D0:FD:E9:BD:86:75:81 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ACF30/3B912F12F18211EAA537970AC4F9AE02/0yZ6-fuWkInDwSr-v9D96b2GdYE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0yZ6-fuWkInDwSr-v9D96b2GdYE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACF30/3B912F12F18211EAA537970AC4F9AE02/40965650EA4311EEA09F786BC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 45.114.28.0/22 103.115.220.0/22 103.248.108.0/22 103.251.0.0/22 111.221.48.0/21 202.169.24.0/21 IPv6: 2402:eec0::/32 Signature Algorithm: sha256WithRSAEncryption 0c:a4:3d:6d:65:a2:4e:f6:38:e9:5e:6d:a5:fa:55:72:37:b0: 2b:82:f8:57:64:93:37:77:15:07:42:f2:bc:15:2f:13:e1:51: 60:26:61:9d:ab:02:e9:0d:20:5c:74:44:5e:cf:05:23:4e:f7: c6:c4:4f:af:a3:0c:e5:42:9b:68:84:96:ca:e5:c9:3d:84:06: 67:b4:c4:df:cc:4b:1a:dd:bf:d5:44:32:e1:d8:c8:fa:86:d6: 30:2f:5d:a4:c4:78:6c:20:5c:56:b0:6f:8e:c3:b0:49:d3:60: a1:f9:08:44:0d:09:be:df:20:73:95:95:fb:1d:1d:43:a3:fb: 24:eb:d0:60:52:7b:fa:77:e1:d4:c9:7d:06:f0:77:f3:dd:54: ca:c8:bf:8b:00:63:69:71:63:43:cb:6e:b3:85:73:d6:4a:fd: 7b:fe:e3:da:6d:7e:24:30:97:af:f7:c7:8a:35:05:85:e5:e9: 96:2e:f6:a1:42:ba:3d:6a:f7:6e:8d:d3:f5:e7:36:4f:43:ba: 2c:b8:0c:43:31:00:10:e9:49:30:e9:49:df:1a:1e:75:ef:57: e2:02:f2:5d:4d:b2:d2:ae:ab:3c:8b:71:84:f3:11:e5:c6:d6: cc:48:0f:c0:1a:20:a7:1c:29:71:7b:8b:59:82:74:2f:8b:b8: 48:ca:6a:d9 -----BEGIN CERTIFICATE----- MIIFaTCCBFGgAwIBAgICCIwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUNGMzAxMTAvBgNVBAUTKEQzMjY3QUY5RkI5NjkwODlDM0MxMkFGRUJGRDBGREU5 QkQ4Njc1ODEwHhcNMjUwNzA4MjEzMjExWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MmY3NC1mYThkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtw3fcJLQ/i7uEkB31I9iwDO0iGYvS73ulfXraJGBFh2rhnQbEw4D0D5teMFM idgPIGvlKv5/6Lo6PsH0el/xuXoBbjVZDk4ZZ/vPAGWaVwfdbR6qiRMrIeAIey1n M8umNXFyZf5T/YttpFJkDndpoO4OIfRCl+gBe8vc3TcjGjicP0CGroHGgamSFQkv uMVTWrIPc8LobPCufCpPZI79vqljjWUQbxtR+NbCd6MtxNwYabE65OhDe4Kxm7sq t9TytIdy2/moHb7nYkr6fCL2/qqgcIz3zZ7OkuMQAf9W9aPdeqQi8YAKZ9zXklOh BDFdXEVlKEU7Scct92AfQWZwbwIDAQABo4ICjTCCAokwHQYDVR0OBBYEFD8B9opc u/sInB65/dkkFDwNrmMiMB8GA1UdIwQYMBaAFNMmevn7lpCJw8Eq/r/Q/em9hnWB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0YzMC8zQjkxMkYxMkYx ODIxMUVBQTUzNzk3MEFDNEY5QUUwMi8weVo2LWZ1V2tJbkR3U3ItdjlEOTZiMkdk WUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzB5WjYtZnVXa0luRHdTci12OUQ5NmIyR2RZRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUNGMzAvM0I5MTJGMTJGMTgyMTFFQUE1Mzc5NzBBQzRGOUFFMDIvNDA5NjU2NTBF QTQzMTFFRUEwOUY3ODZCQzRGOUFFMDIucm9hMEwGCCsGAQUFBwEHAQH/BD0wOzAq BAIAATAkAwQCLXIcAwQCZ3PcAwQCZ/hsAwQCZ/sAAwQDb90wAwQDyqkYMA0EAgAC MAcDBQAkAu7AMA0GCSqGSIb3DQEBCwUAA4IBAQAMpD1tZaJO9jjpXm2l+lVyN7Ar gvhXZJM3dxUHQvK8FS8T4VFgJmGdqwLpDSBcdERezwUjTvfGxE+vowzlQptohJbK 5ck9hAZntMTfzEsa3b/VRDLh2Mj6htYwL12kxHhsIFxWsG+Ow7BJ02Ch+QhEDQm+ 3yBzlZX7HR1Do/sk69BgUnv6d+HUyX0G8Hfz3VTKyL+LAGNpcWNDy26zhXPWSv17 /uPabX4kMJev98eKNQWF5emWLvahQro9avdujdP15zZPQ7osuAxDMQAQ6Ukw6Unf Gh5171fiAvJdTbLSrqs8i3GE8xHlxtbMSA/AGiCnHClxe4tZgnQvi7hIymrZ -----END CERTIFICATE-----Generated at Mon Mar 2 10:02:16 2026 by rpki-client