$ rpki-client -vvf rpki.apnic.net/member_repository/A91AEA8C/F27B9CDEBB8611E68FF50C57C4F9AE02/F959A9A0F11011EB8E63FC73C4F9AE02.roa File: F959A9A0F11011EB8E63FC73C4F9AE02.roa (raw, json) Hash identifier: aM1BSZ3PF2IzE+AJHUzu7Yk2PU3p6ogZh2Ox+iMNzws= Subject key identifier: 9C:C7:F5:DB:55:F0:B4:E3:19:19:B0:3E:27:00:D6:AA:1A:7D:DB:B1 Certificate issuer: /CN=A91AEA8C/serialNumber=870B9CD2E41DAB05BD5527C9150E948959716696 Certificate serial: 1DDE Authority key identifier: 87:0B:9C:D2:E4:1D:AB:05:BD:55:27:C9:15:0E:94:89:59:71:66:96 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hwuc0uQdqwW9VSfJFQ6UiVlxZpY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AEA8C/F27B9CDEBB8611E68FF50C57C4F9AE02/F959A9A0F11011EB8E63FC73C4F9AE02.roa Signing time: Mon 02 Mar 2026 04:50:17 +0000 ROA not before: Thu 31 Jul 2025 16:24:27 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 133384 IP address blocks: 45.125.4.0/22 maxlen: 22 45.125.4.0/24 maxlen: 24 45.125.5.0/24 maxlen: 24 45.125.6.0/24 maxlen: 24 45.125.7.0/24 maxlen: 24 103.25.240.0/22 maxlen: 22 103.25.240.0/24 maxlen: 24 103.25.241.0/24 maxlen: 24 103.25.242.0/24 maxlen: 24 103.25.243.0/24 maxlen: 24 103.231.92.0/22 maxlen: 22 103.231.92.0/24 maxlen: 24 103.231.93.0/24 maxlen: 24 103.231.94.0/24 maxlen: 24 103.231.95.0/24 maxlen: 24 2001:df0:9200::/48 maxlen: 48 2407:6ec0::/32 maxlen: 32 2407:6ec0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AEA8C/F27B9CDEBB8611E68FF50C57C4F9AE02/hwuc0uQdqwW9VSfJFQ6UiVlxZpY.crl rsync://rpki.apnic.net/member_repository/A91AEA8C/F27B9CDEBB8611E68FF50C57C4F9AE02/hwuc0uQdqwW9VSfJFQ6UiVlxZpY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hwuc0uQdqwW9VSfJFQ6UiVlxZpY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 16:03:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7646 (0x1dde) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AEA8C, serialNumber=870B9CD2E41DAB05BD5527C9150E948959716696 Validity Not Before: Jul 31 16:24:27 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=69a51708-7ef4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:02:e7:30:f0:f6:b4:82:aa:26:9c:b2:2f:6c: 58:f2:7f:35:31:1e:30:7f:8d:1e:b6:8e:55:43:88: 4a:15:c0:14:60:da:65:40:38:b0:58:c8:77:29:d6: e3:59:40:c8:ee:d4:4f:66:7c:3e:1b:62:e4:cb:ed: bb:88:4a:74:05:75:26:18:88:19:65:31:2c:a2:f8: 70:ab:8f:53:24:46:cc:db:ec:56:41:a9:d8:82:26: 88:54:cb:b0:04:be:8a:a7:b8:67:3a:f3:6c:36:a9: 02:9c:c3:18:1a:97:2f:4e:6e:8f:29:f9:8b:50:32: 29:a6:ef:b1:43:e0:11:fc:26:a6:54:fb:ce:ae:91: 2d:1c:e6:e4:be:3a:d6:00:02:e0:49:48:f2:b9:97: f4:85:52:3e:8c:58:6c:a9:52:5d:e6:32:df:60:0f: 44:05:fb:fd:20:fc:a7:18:fe:d8:e5:57:fd:ab:3e: f4:a6:0d:35:55:67:9a:52:38:bb:5b:b9:33:4b:ea: 23:2c:7b:a1:46:14:22:84:dc:b4:a6:a2:c2:24:2f: cc:f7:60:18:9a:c5:89:08:7e:27:96:77:01:5c:ac: d8:e7:03:fa:15:e4:34:7f:ee:59:47:eb:ca:0a:69: d4:22:2a:46:33:e2:f8:d4:2d:f6:de:d0:f9:31:64: 14:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:C7:F5:DB:55:F0:B4:E3:19:19:B0:3E:27:00:D6:AA:1A:7D:DB:B1 X509v3 Authority Key Identifier: keyid:87:0B:9C:D2:E4:1D:AB:05:BD:55:27:C9:15:0E:94:89:59:71:66:96 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AEA8C/F27B9CDEBB8611E68FF50C57C4F9AE02/hwuc0uQdqwW9VSfJFQ6UiVlxZpY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hwuc0uQdqwW9VSfJFQ6UiVlxZpY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AEA8C/F27B9CDEBB8611E68FF50C57C4F9AE02/F959A9A0F11011EB8E63FC73C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 45.125.4.0/22 103.25.240.0/22 103.231.92.0/22 IPv6: 2001:df0:9200::/48 2407:6ec0::/32 Signature Algorithm: sha256WithRSAEncryption 10:ae:33:3d:bf:8e:ad:8a:9f:16:60:a6:e8:60:a6:c8:ed:6f: a0:83:31:d2:74:82:a4:82:fd:ef:28:91:c3:08:1d:f7:fe:64: 55:c1:df:5a:9b:f8:14:7b:8f:bd:22:c7:06:a8:e7:10:ba:4a: 62:96:f3:ae:2a:fa:12:3c:f8:d5:e1:6d:a3:13:10:d4:94:0f: c2:1a:14:3b:09:5a:bf:e2:60:98:11:ea:49:21:49:88:73:28: 1f:af:4c:db:94:c8:29:a9:11:21:13:c8:d2:47:5d:3e:87:23: d2:35:71:82:b7:eb:cb:a7:6c:13:11:ac:7e:db:8f:53:6e:22: 2b:f2:45:e0:3a:de:79:ef:a6:49:69:99:7d:6e:4e:ef:4f:ca: a3:05:03:32:17:21:e1:48:10:e0:af:1c:4c:23:04:4d:74:db: f3:6c:52:0c:42:fb:f3:91:a1:aa:bc:21:8b:06:d8:40:1e:12: 29:d3:83:0e:5d:17:92:cc:e0:3f:57:aa:21:ff:bb:af:78:30: 0e:5b:60:0e:b0:dd:1b:0d:b3:e3:5d:5b:6e:e6:94:e9:84:d8: 87:e2:50:2d:22:eb:b0:9b:54:e2:17:6e:60:41:92:38:88:dc: 8e:b8:d1:c9:8c:b8:cb:7e:9d:36:51:1b:13:31:32:ea:a1:ac: 91:83:88:0a -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgICHd4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUVBOEMxMTAvBgNVBAUTKDg3MEI5Q0QyRTQxREFCMDVCRDU1MjdDOTE1MEU5NDg5 NTk3MTY2OTYwHhcNMjUwNzMxMTYyNDI3WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE1MTcwOC03ZWY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3wLnMPD2tIKqJpyyL2xY8n81MR4wf40eto5VQ4hKFcAUYNplQDiwWMh3Kdbj WUDI7tRPZnw+G2Lky+27iEp0BXUmGIgZZTEsovhwq49TJEbM2+xWQanYgiaIVMuw BL6Kp7hnOvNsNqkCnMMYGpcvTm6PKfmLUDIppu+xQ+AR/CamVPvOrpEtHObkvjrW AALgSUjyuZf0hVI+jFhsqVJd5jLfYA9EBfv9IPynGP7Y5Vf9qz70pg01VWeaUji7 W7kzS+ojLHuhRhQihNy0pqLCJC/M92AYmsWJCH4nlncBXKzY5wP6FeQ0f+5ZR+vK CmnUIipGM+L41C323tD5MWQURwIDAQABo4IChDCCAoAwHQYDVR0OBBYEFJzH9dtV 8LTjGRmwPicA1qoafduxMB8GA1UdIwQYMBaAFIcLnNLkHasFvVUnyRUOlIlZcWaW MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRUE4Qy9GMjdCOUNERUJC ODYxMUU2OEZGNTBDNTdDNEY5QUUwMi9od3VjMHVRZHF3VzlWU2ZKRlE2VWlWbHha cFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2h3dWMwdVFkcXdXOVZTZkpGUTZVaVZseFpwWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUVBOEMvRjI3QjlDREVCQjg2MTFFNjhGRjUwQzU3QzRGOUFFMDIvRjk1OUE5QTBG MTEwMTFFQjhFNjNGQzczQzRGOUFFMDIucm9hMEMGCCsGAQUFBwEHAQH/BDQwMjAY BAIAATASAwQCLX0EAwQCZxnwAwQCZ+dcMBYEAgACMBADBwAgAQ3wkgADBQAkB27A MA0GCSqGSIb3DQEBCwUAA4IBAQAQrjM9v46tip8WYKboYKbI7W+ggzHSdIKkgv3v KJHDCB33/mRVwd9am/gUe4+9IscGqOcQukpilvOuKvoSPPjV4W2jExDUlA/CGhQ7 CVq/4mCYEepJIUmIcygfr0zblMgpqREhE8jSR10+hyPSNXGCt+vLp2wTEax+249T biIr8kXgOt5576ZJaZl9bk7vT8qjBQMyFyHhSBDgrxxMIwRNdNvzbFIMQvvzkaGq vCGLBthAHhIp04MOXReSzOA/V6oh/7uveDAOW2AOsN0bDbPjXVtu5pTphNiH4lAt Iuuwm1TiF25gQZI4iNyOuNHJjLjLfp02URsTMTLqoayRg4gK -----END CERTIFICATE-----Generated at Mon Mar 2 21:55:37 2026 by rpki-client