$ rpki-client -vvf rpki.apnic.net/member_repository/A91B1018/8836FA608D4C11EC988AE85DC4F9AE02/CB8AA43A4D9B11EFB201E984C4F9AE02.roa File: CB8AA43A4D9B11EFB201E984C4F9AE02.roa (raw, json) Hash identifier: cUenRyh3LsnCMH+orouodtGSeTE07G+8KCh7ABp0SpE= Subject key identifier: DF:74:50:D8:AD:E5:7C:2A:72:D8:DB:3D:FB:8B:2E:89:4A:AA:3E:CC Certificate issuer: /CN=A91B1018/serialNumber=AFD0955A7DD7F9B0EC2A44A11D937207C2754A63 Certificate serial: 0480 Authority key identifier: AF:D0:95:5A:7D:D7:F9:B0:EC:2A:44:A1:1D:93:72:07:C2:75:4A:63 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r9CVWn3X-bDsKkShHZNyB8J1SmM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B1018/8836FA608D4C11EC988AE85DC4F9AE02/CB8AA43A4D9B11EFB201E984C4F9AE02.roa Signing time: Sun 01 Mar 2026 10:01:18 +0000 ROA not before: Mon 23 Jun 2025 16:36:42 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 149513 IP address blocks: 103.181.164.0/23 maxlen: 23 103.181.164.0/24 maxlen: 24 103.181.165.0/24 maxlen: 24 2400:5a60::/48 maxlen: 48 2400:5a60:3::/48 maxlen: 48 2400:5a60:4::/48 maxlen: 48 2400:5a60:5::/48 maxlen: 48 2400:5a60:6::/48 maxlen: 48 2400:5a60:7::/48 maxlen: 48 2400:5a60:8::/48 maxlen: 48 2400:5a60:9::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B1018/8836FA608D4C11EC988AE85DC4F9AE02/r9CVWn3X-bDsKkShHZNyB8J1SmM.crl rsync://rpki.apnic.net/member_repository/A91B1018/8836FA608D4C11EC988AE85DC4F9AE02/r9CVWn3X-bDsKkShHZNyB8J1SmM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r9CVWn3X-bDsKkShHZNyB8J1SmM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 02:48:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1152 (0x480) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B1018, serialNumber=AFD0955A7DD7F9B0EC2A44A11D937207C2754A63 Validity Not Before: Jun 23 16:36:42 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=69a40e6e-5743 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:73:d3:ec:6f:bc:60:91:ca:8f:1a:23:e3:ad: 6b:6c:9f:cf:50:77:a2:2a:9d:6f:0c:74:cd:ef:32: da:2e:ba:62:5b:0f:06:0e:c8:46:d0:2d:30:cc:6b: 09:c3:56:df:0a:f2:b0:f0:4b:2b:9a:74:c8:0c:72: 4b:47:f5:fa:19:bf:0e:3d:df:82:53:bd:3c:bd:ec: 56:69:c2:06:f4:a0:68:a1:ea:70:f7:1e:da:73:16: 8c:2d:66:85:05:7d:b8:8f:73:55:b8:19:a5:a6:c2: 5b:c4:07:12:1c:e2:67:a9:13:cb:5d:6d:58:1f:af: 45:86:29:6b:9b:ef:ed:9e:fa:15:49:00:bb:c6:56: 5b:07:5c:ff:e1:65:71:c1:83:c7:79:e0:1f:21:48: 2e:0d:5c:2c:a9:9c:30:46:35:97:c1:54:bf:e0:06: d8:84:d2:04:a4:90:62:78:df:53:bb:a4:88:22:24: b7:36:32:6c:36:64:dc:c6:03:94:85:33:4a:4a:c0: 34:00:14:09:d6:02:47:b2:c1:8e:f3:fc:fb:f0:2f: 1b:a2:74:0b:9f:75:dd:bc:1c:a8:a0:ab:8d:31:3d: 8e:d1:9d:fe:9d:97:43:40:2b:95:8e:e8:69:7a:af: 4c:0f:a1:1b:1a:5e:b5:94:70:be:9d:56:25:99:50: dc:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:74:50:D8:AD:E5:7C:2A:72:D8:DB:3D:FB:8B:2E:89:4A:AA:3E:CC X509v3 Authority Key Identifier: keyid:AF:D0:95:5A:7D:D7:F9:B0:EC:2A:44:A1:1D:93:72:07:C2:75:4A:63 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B1018/8836FA608D4C11EC988AE85DC4F9AE02/r9CVWn3X-bDsKkShHZNyB8J1SmM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r9CVWn3X-bDsKkShHZNyB8J1SmM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B1018/8836FA608D4C11EC988AE85DC4F9AE02/CB8AA43A4D9B11EFB201E984C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.181.164.0/23 IPv6: 2400:5a60::/48 2400:5a60:3::-2400:5a60:9:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 70:22:5d:d5:16:68:48:54:fc:bc:d5:84:22:ff:85:e7:83:86: 48:93:33:62:93:23:d6:dd:86:24:5c:af:f6:79:54:80:bc:a8: 6e:e2:f5:c4:1e:7d:8f:15:63:a3:67:52:3e:cf:49:f1:f6:8f: bf:4d:ba:0c:ed:41:41:8e:a5:6b:70:ef:e5:ef:46:5d:63:75: 34:cb:ba:38:1c:c3:e7:1e:d7:aa:30:12:52:f4:07:b2:92:61: b4:ab:36:fa:db:11:72:f5:a5:5d:5b:e9:5b:7f:a0:ff:c6:89: 8a:3b:0d:93:80:6a:8b:42:6c:30:5a:77:71:99:97:c1:c9:b0: ca:01:87:85:95:62:1d:0e:cb:1e:cf:ca:3e:6e:67:ef:54:94: 7c:72:2e:ae:82:d9:fd:f1:b8:79:58:60:4e:17:f1:3c:2f:6d: 70:85:e3:38:60:49:fd:ed:35:54:1b:5a:a8:34:4e:a9:1e:e7: f3:14:31:22:dc:09:3c:21:97:93:ec:56:37:f9:9d:aa:ef:4c: 97:81:e9:74:af:fe:86:d7:ad:36:76:e4:2b:24:e6:cf:e9:73: f8:18:91:07:86:f0:ba:32:e0:28:5b:88:9b:09:5b:81:7e:a9: 7d:59:43:f4:81:08:d9:f8:25:ad:b9:e6:8a:f9:55:8a:a8:45: a4:1a:0a:c6 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgICBIAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjEwMTgxMTAvBgNVBAUTKEFGRDA5NTVBN0REN0Y5QjBFQzJBNDRBMTFEOTM3MjA3 QzI3NTRBNjMwHhcNMjUwNjIzMTYzNjQyWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MGU2ZS01NzQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2XPT7G+8YJHKjxoj461rbJ/PUHeiKp1vDHTN7zLaLrpiWw8GDshG0C0wzGsJ w1bfCvKw8EsrmnTIDHJLR/X6Gb8OPd+CU708vexWacIG9KBooepw9x7acxaMLWaF BX24j3NVuBmlpsJbxAcSHOJnqRPLXW1YH69Fhilrm+/tnvoVSQC7xlZbB1z/4WVx wYPHeeAfIUguDVwsqZwwRjWXwVS/4AbYhNIEpJBieN9Tu6SIIiS3NjJsNmTcxgOU hTNKSsA0ABQJ1gJHssGO8/z78C8bonQLn3XdvByooKuNMT2O0Z3+nZdDQCuVjuhp eq9MD6EbGl61lHC+nVYlmVDcPwIDAQABo4IChTCCAoEwHQYDVR0OBBYEFN90UNit 5XwqctjbPfuLLolKqj7MMB8GA1UdIwQYMBaAFK/QlVp91/mw7CpEoR2TcgfCdUpj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMTAxOC84ODM2RkE2MDhE NEMxMUVDOTg4QUU4NURDNEY5QUUwMi9yOUNWV24zWC1iRHNLa1NoSFpOeUI4SjFT bU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3I5Q1ZXbjNYLWJEc0trU2hIWk55QjhKMVNtTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjEwMTgvODgzNkZBNjA4RDRDMTFFQzk4OEFFODVEQzRGOUFFMDIvQ0I4QUE0M0E0 RDlCMTFFRkIyMDFFOTg0QzRGOUFFMDIucm9hMEQGCCsGAQUFBwEHAQH/BDUwMzAM BAIAATAGAwQBZ7WkMCMEAgACMB0DBwAkAFpgAAAwEgMHACQAWmAAAwMHASQAWmAA CDANBgkqhkiG9w0BAQsFAAOCAQEAcCJd1RZoSFT8vNWEIv+F54OGSJMzYpMj1t2G JFyv9nlUgLyobuL1xB59jxVjo2dSPs9J8faPv026DO1BQY6la3Dv5e9GXWN1NMu6 OBzD5x7XqjASUvQHspJhtKs2+tsRcvWlXVvpW3+g/8aJijsNk4Bqi0JsMFp3cZmX wcmwygGHhZViHQ7LHs/KPm5n71SUfHIuroLZ/fG4eVhgThfxPC9tcIXjOGBJ/e01 VBtaqDROqR7n8xQxItwJPCGXk+xWN/mdqu9Ml4HpdK/+htetNnbkKyTmz+lz+BiR B4bwujLgKFuImwlbgX6pfVlD9IEI2fglrbnmivlViqhFpBoKxg== -----END CERTIFICATE-----Generated at Mon Mar 2 11:58:49 2026 by rpki-client