$ rpki-client -vvf rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/3474AD64FAD311ED9CEE0E29C4F9AE02.roa File: 3474AD64FAD311ED9CEE0E29C4F9AE02.roa (raw, json) Hash identifier: FBiK3jMFORAxcsSdpQP7q8Wx8eDul+Eyz34pvhVQP2I= Subject key identifier: D7:8A:5E:BC:DD:70:72:8C:6D:C8:B1:A9:6A:A0:91:26:61:3F:3C:68 Certificate issuer: /CN=A91AF01C/serialNumber=5DD4685A2E96B1416F7CD335CDEB4AD1822F7DEB Certificate serial: 0217 Authority key identifier: 5D:D4:68:5A:2E:96:B1:41:6F:7C:D3:35:CD:EB:4A:D1:82:2F:7D:EB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XdRoWi6WsUFvfNM1zetK0YIvfes.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/3474AD64FAD311ED9CEE0E29C4F9AE02.roa Signing time: Sun 01 Mar 2026 07:31:18 +0000 ROA not before: Sun 01 Jun 2025 04:00:24 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 138611 IP address blocks: 103.206.16.0/23 maxlen: 23 103.206.16.0/24 maxlen: 24 103.206.17.0/24 maxlen: 24 2401:160::/32 maxlen: 32 2401:160::/46 maxlen: 46 2401:160::/48 maxlen: 48 2401:160:1::/48 maxlen: 48 2401:160:2::/48 maxlen: 48 2401:160:3::/48 maxlen: 48 2401:160:4::/46 maxlen: 46 2401:160:4::/48 maxlen: 48 2401:160:5::/48 maxlen: 48 2401:160:6::/48 maxlen: 48 2401:160:7::/48 maxlen: 48 2401:160:8::/48 maxlen: 48 2401:160:9::/48 maxlen: 48 2401:160:10::/48 maxlen: 48 2401:160:11::/48 maxlen: 48 2401:160:12::/48 maxlen: 48 2401:160:13::/48 maxlen: 48 2401:160:14::/48 maxlen: 48 2401:160:15::/48 maxlen: 48 2401:160:200::/42 maxlen: 42 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/XdRoWi6WsUFvfNM1zetK0YIvfes.crl rsync://rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/XdRoWi6WsUFvfNM1zetK0YIvfes.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XdRoWi6WsUFvfNM1zetK0YIvfes.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 01:15:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 535 (0x217) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AF01C, serialNumber=5DD4685A2E96B1416F7CD335CDEB4AD1822F7DEB Validity Not Before: Jun 1 04:00:24 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=69a3eb45-7c7c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:d7:05:ef:71:1d:21:32:88:8a:13:50:58:6b: 0d:d2:b7:f6:eb:4f:04:a6:64:94:a9:88:09:9b:55: 53:23:74:ad:98:65:ff:52:ad:40:8e:02:95:43:69: be:64:b1:2a:d9:a1:c6:f9:a4:47:9c:f8:e5:c8:ca: 2d:c0:74:b0:14:29:99:7f:2a:a9:9e:5c:70:4b:12: ef:89:72:97:60:19:ef:80:b2:11:47:88:78:f0:c5: 5a:d1:d8:de:13:1c:73:2c:6f:0b:22:26:1b:fe:0a: 3c:d6:1c:77:9d:8e:20:44:5a:d4:8a:e4:f5:3e:d7: dc:53:5f:05:23:91:0e:5c:f6:98:fa:af:95:73:a0: 46:42:6c:c2:60:bf:71:d8:28:d8:1b:64:36:a7:06: 7c:b9:5d:c9:b4:99:31:2b:bd:c6:bb:c1:e7:0f:33: c7:eb:f0:7d:02:15:17:ce:2b:f6:04:4a:33:dd:d1: 98:00:63:8b:2a:b6:b8:29:21:f0:47:56:fd:3c:38: 39:39:4b:dd:67:4f:7b:b6:7c:9b:9c:49:ae:ea:05: 39:2c:01:2f:16:a6:19:91:68:a7:b6:c7:6b:ce:f2: c7:67:a5:a5:0a:61:78:c8:fc:d5:ab:8c:7d:ed:f2: 5c:24:94:2d:43:c9:03:f7:93:3b:01:c8:1d:78:23: 08:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:8A:5E:BC:DD:70:72:8C:6D:C8:B1:A9:6A:A0:91:26:61:3F:3C:68 X509v3 Authority Key Identifier: keyid:5D:D4:68:5A:2E:96:B1:41:6F:7C:D3:35:CD:EB:4A:D1:82:2F:7D:EB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/XdRoWi6WsUFvfNM1zetK0YIvfes.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XdRoWi6WsUFvfNM1zetK0YIvfes.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/3474AD64FAD311ED9CEE0E29C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.206.16.0/23 IPv6: 2401:160::/32 Signature Algorithm: sha256WithRSAEncryption 8a:7c:ca:58:4c:00:c0:d3:47:62:13:7d:84:50:81:c3:a8:4c: 90:53:83:eb:0c:02:17:03:97:a9:6d:24:1f:98:f8:43:a2:b9: ee:04:3b:0a:7b:f0:06:2d:64:bb:4c:54:6e:be:22:1c:32:58: 23:57:8b:ba:4c:9f:60:db:f3:81:94:0d:8b:2a:f1:dc:5a:71: ab:23:0e:45:41:c1:1f:0d:46:47:e3:df:b6:14:04:d8:e5:ad: 7c:fe:8a:fd:c6:7e:d6:d0:b5:59:ea:91:3e:fa:ff:af:a4:e0: 74:69:92:28:80:8a:4a:51:a2:0d:a0:89:d5:e0:b2:de:cc:4b: 9d:7f:ee:32:41:6a:5b:b2:12:09:ae:00:08:5d:39:42:47:4c: ee:97:6b:64:cc:cb:40:dc:23:9d:c6:3b:4f:a7:6e:41:2f:40: e5:96:a8:6e:f3:82:d7:83:2e:e9:b5:ee:a6:e9:7a:54:9a:88: 5d:4f:f1:04:e9:c9:97:55:d4:ff:e7:16:98:a9:aa:6d:ec:49: 8e:cf:e8:c0:e6:5a:e8:66:4a:23:70:3e:14:24:3a:66:32:b7: d9:f6:f7:a4:9f:8b:35:50:65:a0:de:7b:4e:be:09:f5:3b:25: 9a:e5:3e:a0:c7:2a:df:ff:80:3e:97:6d:88:bf:54:41:fe:91: 53:eb:3a:b7 -----BEGIN CERTIFICATE----- MIIFSzCCBDOgAwIBAgICAhcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUYwMUMxMTAvBgNVBAUTKDVERDQ2ODVBMkU5NkIxNDE2RjdDRDMzNUNERUI0QUQx ODIyRjdERUIwHhcNMjUwNjAxMDQwMDI0WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWEzZWI0NS03YzdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAptcF73EdITKIihNQWGsN0rf2608EpmSUqYgJm1VTI3StmGX/Uq1AjgKVQ2m+ ZLEq2aHG+aRHnPjlyMotwHSwFCmZfyqpnlxwSxLviXKXYBnvgLIRR4h48MVa0dje ExxzLG8LIiYb/go81hx3nY4gRFrUiuT1PtfcU18FI5EOXPaY+q+Vc6BGQmzCYL9x 2CjYG2Q2pwZ8uV3JtJkxK73Gu8HnDzPH6/B9AhUXziv2BEoz3dGYAGOLKra4KSHw R1b9PDg5OUvdZ097tnybnEmu6gU5LAEvFqYZkWintsdrzvLHZ6WlCmF4yPzVq4x9 7fJcJJQtQ8kD95M7AcgdeCMI5QIDAQABo4ICbzCCAmswHQYDVR0OBBYEFNeKXrzd cHKMbcixqWqgkSZhPzxoMB8GA1UdIwQYMBaAFF3UaFoulrFBb3zTNc3rStGCL33r MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRjAxQy9FNUQ5RTczNEZB Q0IxMUVEQjhGOTdEODVDNEY5QUUwMi9YZFJvV2k2V3NVRnZmTk0xemV0SzBZSXZm ZXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hkUm9XaTZXc1VGdmZOTTF6ZXRLMFlJdmZlcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUYwMUMvRTVEOUU3MzRGQUNCMTFFREI4Rjk3RDg1QzRGOUFFMDIvMzQ3NEFENjRG QUQzMTFFRDlDRUUwRTI5QzRGOUFFMDIucm9hMC4GCCsGAQUFBwEHAQH/BB8wHTAM BAIAATAGAwQBZ84QMA0EAgACMAcDBQAkAQFgMA0GCSqGSIb3DQEBCwUAA4IBAQCK fMpYTADA00diE32EUIHDqEyQU4PrDAIXA5epbSQfmPhDornuBDsKe/AGLWS7TFRu viIcMlgjV4u6TJ9g2/OBlA2LKvHcWnGrIw5FQcEfDUZH49+2FATY5a18/or9xn7W 0LVZ6pE++v+vpOB0aZIogIpKUaINoInV4LLezEudf+4yQWpbshIJrgAIXTlCR0zu l2tkzMtA3COdxjtPp25BL0Dllqhu84LXgy7pte6m6XpUmohdT/EE6cmXVdT/5xaY qapt7EmOz+jA5lroZkojcD4UJDpmMrfZ9vekn4s1UGWg3ntOvgn1OyWa5T6gxyrf /4A+l22Iv1RB/pFT6zq3 -----END CERTIFICATE-----Generated at Mon Mar 2 03:49:47 2026 by rpki-client