$ rpki-client -vvf rpki.apnic.net/member_repository/A91B2EDE/55CB2E041AB411F085DD694AC4F9AE02/2A28A576FDA111F08BC1F4B75F6F56BC.roa File: 2A28A576FDA111F08BC1F4B75F6F56BC.roa (raw, json) Hash identifier: PGiX+wx067z9cwIv48GLAtfIhUtJveteXDe5HO2XbGw= Subject key identifier: 67:BF:57:12:84:0E:21:25:4F:35:24:08:20:CE:E7:19:1B:15:B4:5B Certificate issuer: /CN=A91B2EDE/serialNumber=9DB258C170B232294D863F60D2DC0123CDAAE789 Certificate serial: AD Authority key identifier: 9D:B2:58:C1:70:B2:32:29:4D:86:3F:60:D2:DC:01:23:CD:AA:E7:89 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nbJYwXCyMilNhj9g0twBI82q54k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B2EDE/55CB2E041AB411F085DD694AC4F9AE02/2A28A576FDA111F08BC1F4B75F6F56BC.roa Signing time: Sun 01 Mar 2026 13:32:20 +0000 ROA not before: Fri 30 Jan 2026 06:01:49 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 14576 IP address blocks: 103.152.136.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B2EDE/55CB2E041AB411F085DD694AC4F9AE02/nbJYwXCyMilNhj9g0twBI82q54k.crl rsync://rpki.apnic.net/member_repository/A91B2EDE/55CB2E041AB411F085DD694AC4F9AE02/nbJYwXCyMilNhj9g0twBI82q54k.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nbJYwXCyMilNhj9g0twBI82q54k.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:30:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 173 (0xad) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B2EDE, serialNumber=9DB258C170B232294D863F60D2DC0123CDAAE789 Validity Not Before: Jan 30 06:01:49 2026 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=69a43fe4-3624 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:97:61:a4:6b:b1:c6:05:ba:ca:bb:08:38:d1: ef:13:1d:48:73:5e:e6:1f:45:60:13:85:27:06:92: 9f:b8:73:ca:52:4c:6a:21:34:f7:35:fb:23:99:37: f0:4c:49:ea:d2:96:fb:77:47:ec:00:f3:c3:f8:5c: d6:30:5e:cc:85:ac:b6:27:ef:8f:c4:25:b2:f5:e7: 19:27:62:06:b2:cd:28:e7:74:51:c9:fc:f1:b1:1a: fd:f4:ab:db:33:43:55:d9:f2:b9:b8:b3:26:c1:46: de:ae:2b:70:80:22:a8:4e:12:ce:40:cf:a4:c9:33: b8:a8:68:14:9f:af:97:44:d9:a6:67:24:d6:b4:e7: 44:62:e9:0c:85:28:36:2b:da:f4:57:fd:79:f3:00: 36:93:68:cb:96:03:8e:43:ed:92:66:4c:7c:c6:2c: 92:6a:ea:3f:f5:32:c8:d9:b1:a9:59:ad:d5:b5:df: b3:87:95:f2:7f:74:9a:91:4e:dd:93:46:4b:46:6f: 53:d6:68:5e:7a:61:44:22:f1:be:ec:93:17:da:d8: 40:f7:26:f4:02:68:b7:5f:1a:07:07:3e:51:a3:96: 40:ba:54:ae:29:5d:6e:4f:3e:51:19:e9:8e:02:82: 6d:50:fb:7d:cc:35:2a:39:30:e5:55:92:99:f0:15: 71:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:BF:57:12:84:0E:21:25:4F:35:24:08:20:CE:E7:19:1B:15:B4:5B X509v3 Authority Key Identifier: keyid:9D:B2:58:C1:70:B2:32:29:4D:86:3F:60:D2:DC:01:23:CD:AA:E7:89 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B2EDE/55CB2E041AB411F085DD694AC4F9AE02/nbJYwXCyMilNhj9g0twBI82q54k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nbJYwXCyMilNhj9g0twBI82q54k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B2EDE/55CB2E041AB411F085DD694AC4F9AE02/2A28A576FDA111F08BC1F4B75F6F56BC.roa sbgp-ipAddrBlock: critical IPv4: 103.152.136.0/24 Signature Algorithm: sha256WithRSAEncryption 72:64:b4:ac:57:be:d3:88:90:11:58:ce:d7:97:e9:3d:61:6b: fa:a4:20:58:6f:da:ff:90:e9:8a:3c:85:91:a7:84:88:72:6f: 61:2e:4a:4e:80:4b:de:e4:d1:99:b6:a0:93:d0:c6:cc:ff:4e: d0:cb:b6:a5:05:37:62:db:3e:86:98:2c:45:12:fb:5e:1a:7c: 48:e3:f1:19:11:a3:18:21:4e:31:24:07:e5:5b:2d:b2:38:ab: 0b:a4:94:6b:37:65:f6:e6:68:21:b0:d8:42:34:df:d5:9c:a6: 75:ba:cc:80:4f:7f:f8:61:7b:a3:a3:69:2e:0e:b3:22:b3:95: 67:aa:a9:e6:2c:6d:4d:64:ed:5c:0d:8d:b1:ba:4b:1e:62:c1: d3:80:95:f6:ec:18:8a:3a:15:79:6a:9f:e2:ce:59:64:46:33: 56:67:18:e3:af:a4:68:1c:db:6b:7b:d3:91:02:db:f4:61:ae: 38:36:90:cc:08:a8:a3:0d:bc:87:c2:11:23:bd:d9:07:95:18: 6c:69:b6:7d:ac:27:9b:31:ba:bd:99:79:61:3e:1d:1d:0a:4c: 0c:47:29:8b:ae:6d:1d:35:9b:e5:08:14:91:58:ac:ca:54:9a: b7:03:df:3e:1a:2e:2d:0c:03:ee:b6:9d:81:7e:7b:a8:41:7d: 0f:21:34:02 -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgICAK0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjJFREUxMTAvBgNVBAUTKDlEQjI1OEMxNzBCMjMyMjk0RDg2M0Y2MEQyREMwMTIz Q0RBQUU3ODkwHhcNMjYwMTMwMDYwMTQ5WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0M2ZlNC0zNjI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0JdhpGuxxgW6yrsIONHvEx1Ic17mH0VgE4UnBpKfuHPKUkxqITT3NfsjmTfw TEnq0pb7d0fsAPPD+FzWMF7Mhay2J++PxCWy9ecZJ2IGss0o53RRyfzxsRr99Kvb M0NV2fK5uLMmwUberitwgCKoThLOQM+kyTO4qGgUn6+XRNmmZyTWtOdEYukMhSg2 K9r0V/158wA2k2jLlgOOQ+2SZkx8xiySauo/9TLI2bGpWa3Vtd+zh5Xyf3SakU7d k0ZLRm9T1mheemFEIvG+7JMX2thA9yb0Ami3XxoHBz5Ro5ZAulSuKV1uTz5RGemO AoJtUPt9zDUqOTDlVZKZ8BVx0QIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFGe/VxKE DiElTzUkCCDO5xkbFbRbMB8GA1UdIwQYMBaAFJ2yWMFwsjIpTYY/YNLcASPNqueJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMkVERS81NUNCMkUwNDFB QjQxMUYwODVERDY5NEFDNEY5QUUwMi9uYkpZd1hDeU1pbE5oajlnMHR3Qkk4MnE1 NGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL25iSll3WEN5TWlsTmhqOWcwdHdCSTgycTU0ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjJFREUvNTVDQjJFMDQxQUI0MTFGMDg1REQ2OTRBQzRGOUFFMDIvMkEyOEE1NzZG REExMTFGMDhCQzFGNEI3NUY2RjU2QkMucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAZ5iIMA0GCSqGSIb3DQEBCwUAA4IBAQByZLSsV77TiJARWM7Xl+k9 YWv6pCBYb9r/kOmKPIWRp4SIcm9hLkpOgEve5NGZtqCT0MbM/07Qy7alBTdi2z6G mCxFEvteGnxI4/EZEaMYIU4xJAflWy2yOKsLpJRrN2X25mghsNhCNN/VnKZ1usyA T3/4YXujo2kuDrMis5VnqqnmLG1NZO1cDY2xukseYsHTgJX27BiKOhV5ap/izllk RjNWZxjjr6RoHNtre9ORAtv0Ya44NpDMCKijDbyHwhEjvdkHlRhsabZ9rCebMbq9 mXlhPh0dCkwMRymLrm0dNZvlCBSRWKzKVJq3A98+Gi4tDAPutp2BfnuoQX0PITQC -----END CERTIFICATE-----Generated at Mon Mar 2 09:59:48 2026 by rpki-client