$ rpki-client -vvf rpki.apnic.net/member_repository/A91AF2CD/4FCBAC00D44C11ED86271582C4F9AE02/CF85B73C74F011F0847A5D0DC4F9AE02.roa File: CF85B73C74F011F0847A5D0DC4F9AE02.roa (raw, json) Hash identifier: cUxWIw+2+FfPLU6N+/hsAHJj5YAVgVl5pfPZZohiSqE= Subject key identifier: 75:2B:E6:1F:2A:55:20:E7:AB:AF:8A:A5:7C:86:B6:65:3A:F6:4A:D5 Certificate issuer: /CN=A91AF2CD/serialNumber=5874520DA781F780DBD710D42C841C13A7AD1757 Certificate serial: 0287 Authority key identifier: 58:74:52:0D:A7:81:F7:80:DB:D7:10:D4:2C:84:1C:13:A7:AD:17:57 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WHRSDaeB94Db1xDULIQcE6etF1c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AF2CD/4FCBAC00D44C11ED86271582C4F9AE02/CF85B73C74F011F0847A5D0DC4F9AE02.roa Signing time: Wed 20 May 2026 06:56:47 +0000 ROA not before: Wed 20 May 2026 06:56:47 +0000 ROA not after: Tue 02 Mar 2027 00:00:00 +0000 asID: 18450 IP address blocks: 103.116.22.0/24 maxlen: 24 103.116.23.0/24 maxlen: 24 116.204.236.0/24 maxlen: 24 116.204.238.0/24 maxlen: 24 116.204.239.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AF2CD/4FCBAC00D44C11ED86271582C4F9AE02/WHRSDaeB94Db1xDULIQcE6etF1c.crl rsync://rpki.apnic.net/member_repository/A91AF2CD/4FCBAC00D44C11ED86271582C4F9AE02/WHRSDaeB94Db1xDULIQcE6etF1c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WHRSDaeB94Db1xDULIQcE6etF1c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 20 Jun 2026 02:18:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 647 (0x287) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AF2CD, serialNumber=5874520DA781F780DBD710D42C841C13A7AD1757 Validity Not Before: May 20 06:56:47 2026 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=6a0d5b2f-eff7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:2a:ac:ff:2b:21:81:8b:4e:e3:0a:39:26:12: 8c:51:9c:2f:2b:45:cb:29:42:99:f8:9e:75:ac:78: 5c:4e:e7:ba:01:f2:2d:4d:eb:0d:76:f5:3e:37:f4: 0d:33:68:61:31:9c:54:fa:fd:07:52:a9:4c:47:ec: 6f:01:8c:93:be:ce:dc:ac:c4:b4:25:ad:90:c4:5a: a9:e8:32:c3:fc:f4:b2:f3:ba:2f:ef:e6:43:c3:ec: a2:e4:fa:2e:ad:6f:df:b1:96:4a:2b:15:ff:ba:d8: 9e:72:23:b3:50:ac:a1:b2:f5:15:ab:a8:3c:fa:9f: 2a:a1:ce:63:c4:22:9d:02:3d:67:2e:b4:39:a3:97: 83:84:5f:9a:b0:2c:83:ec:8e:a8:f1:96:79:53:d6: 92:10:39:ce:31:85:92:13:11:8e:a1:8a:78:9b:f2: 7b:00:a4:db:40:90:be:a2:ba:6c:e3:fb:e7:aa:67: fb:0b:ea:f9:94:ca:6e:16:d7:8a:7c:80:a8:6e:16: 65:5e:69:14:c8:8d:00:24:e6:5b:71:dd:96:77:8f: 94:25:5c:98:34:a6:0d:2f:5b:c1:cf:80:d9:60:87: 56:b5:ae:ab:65:da:95:54:53:4b:0d:b4:35:78:e3: 9d:79:19:8f:a0:dd:fc:00:62:c9:59:3c:a2:b2:11: 85:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:2B:E6:1F:2A:55:20:E7:AB:AF:8A:A5:7C:86:B6:65:3A:F6:4A:D5 X509v3 Authority Key Identifier: keyid:58:74:52:0D:A7:81:F7:80:DB:D7:10:D4:2C:84:1C:13:A7:AD:17:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AF2CD/4FCBAC00D44C11ED86271582C4F9AE02/WHRSDaeB94Db1xDULIQcE6etF1c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WHRSDaeB94Db1xDULIQcE6etF1c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AF2CD/4FCBAC00D44C11ED86271582C4F9AE02/CF85B73C74F011F0847A5D0DC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.116.22.0/23 116.204.236.0/24 116.204.238.0/23 Signature Algorithm: sha256WithRSAEncryption 13:01:5d:5e:ec:5a:54:f5:c6:60:10:88:24:71:54:6a:38:49: 9e:11:d9:99:22:cf:d2:54:29:85:78:35:0a:66:e4:2f:65:fa: 0a:0a:86:df:f0:a2:71:cf:89:3f:e5:7f:d3:70:77:a5:3c:b7: 87:72:60:ee:f7:11:0c:58:26:e8:09:eb:87:da:fc:e4:7e:ed: 51:4a:ab:44:21:3c:0b:79:f6:c1:7b:5d:f8:eb:3d:6d:7b:72: ff:82:a9:96:61:0a:c7:d7:b1:6a:76:01:2e:96:e4:b1:bc:c5: 97:75:91:8a:b6:85:dc:97:24:c1:4e:d0:29:c7:3b:7d:72:e5: 19:6d:95:5d:a3:52:d6:09:96:de:bc:c0:61:77:bb:ba:3a:bd: a8:30:27:57:98:28:2c:6c:0a:56:84:1f:46:fd:c8:1d:be:7b: d6:45:48:9d:97:4a:f4:28:a5:24:7e:06:63:b5:a4:ed:9f:e4: e6:d4:4e:31:f0:e8:98:48:0b:39:91:00:72:b8:5b:f4:04:4f: a8:ed:e8:99:44:f7:9d:4f:76:ee:1a:10:45:04:46:b5:d3:9a: f4:6f:36:7c:3d:65:30:c9:04:31:1a:5a:c9:82:cd:ff:c3:6f: c2:a9:85:21:c7:36:a9:c3:6c:3e:41:f9:41:38:b4:e8:dd:06: cd:a9:59:77 -----BEGIN CERTIFICATE----- MIIFSDCCBDCgAwIBAgICAocwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUYyQ0QxMTAvBgNVBAUTKDU4NzQ1MjBEQTc4MUY3ODBEQkQ3MTBENDJDODQxQzEz QTdBRDE3NTcwHhcNMjYwNTIwMDY1NjQ3WhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02YTBkNWIyZi1lZmY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0yqs/yshgYtO4wo5JhKMUZwvK0XLKUKZ+J51rHhcTue6AfItTesNdvU+N/QN M2hhMZxU+v0HUqlMR+xvAYyTvs7crMS0Ja2QxFqp6DLD/PSy87ov7+ZDw+yi5Pou rW/fsZZKKxX/utieciOzUKyhsvUVq6g8+p8qoc5jxCKdAj1nLrQ5o5eDhF+asCyD 7I6o8ZZ5U9aSEDnOMYWSExGOoYp4m/J7AKTbQJC+orps4/vnqmf7C+r5lMpuFteK fICobhZlXmkUyI0AJOZbcd2Wd4+UJVyYNKYNL1vBz4DZYIdWta6rZdqVVFNLDbQ1 eOOdeRmPoN38AGLJWTyishGF3QIDAQABo4ICbDCCAmgwHQYDVR0OBBYEFHUr5h8q VSDnq6+KpXyGtmU69krVMB8GA1UdIwQYMBaAFFh0Ug2ngfeA29cQ1CyEHBOnrRdX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRjJDRC80RkNCQUMwMEQ0 NEMxMUVEODYyNzE1ODJDNEY5QUUwMi9XSFJTRGFlQjk0RGIxeERVTElRY0U2ZXRG MWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1dIUlNEYWVCOTREYjF4RFVMSVFjRTZldEYxYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUYyQ0QvNEZDQkFDMDBENDRDMTFFRDg2MjcxNTgyQzRGOUFFMDIvQ0Y4NUI3M0M3 NEYwMTFGMDg0N0E1RDBEQzRGOUFFMDIucm9hMCsGCCsGAQUFBwEHAQH/BBwwGjAY BAIAATASAwQBZ3QWAwQAdMzsAwQBdMzuMA0GCSqGSIb3DQEBCwUAA4IBAQATAV1e 7FpU9cZgEIgkcVRqOEmeEdmZIs/SVCmFeDUKZuQvZfoKCobf8KJxz4k/5X/TcHel PLeHcmDu9xEMWCboCeuH2vzkfu1RSqtEITwLefbBe1346z1te3L/gqmWYQrH17Fq dgEuluSxvMWXdZGKtoXclyTBTtApxzt9cuUZbZVdo1LWCZbevMBhd7u6Or2oMCdX mCgsbApWhB9G/cgdvnvWRUidl0r0KKUkfgZjtaTtn+Tm1E4x8OiYSAs5kQByuFv0 BE+o7eiZRPedT3buGhBFBEa105r0bzZ8PWUwyQQxGlrJgs3/w2/CqYUhxzapw2w+ QflBOLTo3QbNqVl3 -----END CERTIFICATE-----Generated at Sat Jun 13 10:46:32 2026 by rpki-client