$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5732/8A7E9E422F2311EA903C1439C4F9AE02/707BA10E9DB211EAB3A85A19C4F9AE02.roa File: 707BA10E9DB211EAB3A85A19C4F9AE02.roa (raw, json) Hash identifier: 8POaocpMFP4OKfeekt39NHI2suyTClKvLejF+mBZsSc= Subject key identifier: 76:24:A8:E3:DD:1C:2B:56:BA:49:19:A1:F5:A7:C4:F6:F2:43:B9:E6 Certificate issuer: /CN=A91B5732/serialNumber=0CEAF28FEE812F1CC97F1C96BCA6452EF72E6D4C Certificate serial: 0C0A Authority key identifier: 0C:EA:F2:8F:EE:81:2F:1C:C9:7F:1C:96:BC:A6:45:2E:F7:2E:6D:4C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DOryj-6BLxzJfxyWvKZFLvcubUw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B5732/8A7E9E422F2311EA903C1439C4F9AE02/707BA10E9DB211EAB3A85A19C4F9AE02.roa Signing time: Sun 01 Mar 2026 14:43:59 +0000 ROA not before: Sat 24 Jan 2026 19:15:45 +0000 ROA not after: Wed 31 Mar 2027 00:00:00 +0000 asID: 133187 IP address blocks: 103.203.238.0/23 maxlen: 23 103.243.96.0/22 maxlen: 24 2403:d140::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B5732/8A7E9E422F2311EA903C1439C4F9AE02/DOryj-6BLxzJfxyWvKZFLvcubUw.crl rsync://rpki.apnic.net/member_repository/A91B5732/8A7E9E422F2311EA903C1439C4F9AE02/DOryj-6BLxzJfxyWvKZFLvcubUw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DOryj-6BLxzJfxyWvKZFLvcubUw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 18:45:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3082 (0xc0a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B5732, serialNumber=0CEAF28FEE812F1CC97F1C96BCA6452EF72E6D4C Validity Not Before: Jan 24 19:15:45 2026 GMT Not After : Mar 31 00:00:00 2027 GMT Subject: CN=69a450af-d221 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:1f:66:1f:1c:0c:4e:ba:f4:89:38:bc:b7:80: 80:68:c6:c8:59:1a:b1:87:49:e6:07:03:02:70:7b: 2d:96:cc:6d:87:bc:12:cd:1b:27:34:41:e6:ce:9f: fa:c4:f0:4d:9a:74:94:3b:86:89:fa:2f:d4:22:8b: 42:b9:17:f1:97:dc:2b:56:41:c5:1d:8e:34:95:19: 41:10:7c:70:af:1f:66:c0:0b:15:56:04:4a:a5:71: 21:57:9d:79:25:60:a4:5d:e6:63:80:00:4b:28:2f: 1f:36:83:50:32:13:51:fc:44:85:73:13:0d:53:dc: 77:99:17:3b:11:7c:36:41:a4:70:b1:2f:b9:9c:18: 57:03:c6:fb:bc:c8:f2:11:71:d5:5a:bf:6d:de:23: 37:99:84:0d:66:2b:46:b2:fb:9b:e8:20:00:c5:a9: 05:66:59:82:41:27:6f:a9:6f:a7:21:60:55:f4:d2: 3e:fc:66:3e:ec:24:b1:7e:c4:94:f9:8c:b1:c1:01: 7c:84:97:91:2c:e0:1c:01:55:f4:88:51:35:a6:65: 34:b8:ab:c6:bd:79:04:c6:46:2c:75:2e:4c:b5:99: 09:5a:d6:53:fd:da:88:f5:d4:23:ce:1c:48:6c:68: 6e:3b:4a:a3:50:0e:71:17:4c:3e:29:6c:3c:db:c4: 9c:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:24:A8:E3:DD:1C:2B:56:BA:49:19:A1:F5:A7:C4:F6:F2:43:B9:E6 X509v3 Authority Key Identifier: keyid:0C:EA:F2:8F:EE:81:2F:1C:C9:7F:1C:96:BC:A6:45:2E:F7:2E:6D:4C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B5732/8A7E9E422F2311EA903C1439C4F9AE02/DOryj-6BLxzJfxyWvKZFLvcubUw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DOryj-6BLxzJfxyWvKZFLvcubUw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5732/8A7E9E422F2311EA903C1439C4F9AE02/707BA10E9DB211EAB3A85A19C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.203.238.0/23 103.243.96.0/22 IPv6: 2403:d140::/32 Signature Algorithm: sha256WithRSAEncryption 3a:c3:1a:f0:8a:1e:22:fe:c8:2f:85:68:30:70:5e:5d:fe:6c: cc:06:36:5e:ff:b2:2b:f3:b0:14:11:47:d3:1d:c1:8c:60:5b: ca:c0:a5:0f:8b:41:b1:fc:99:6d:72:e1:69:f0:dd:ba:a2:29: 13:22:37:cd:77:30:4a:b7:c5:89:41:a4:7d:38:a0:c9:91:c7: 0d:c9:87:a0:51:c8:9c:66:37:fa:40:20:d7:50:cd:4b:e1:00: 75:70:a5:3e:d7:76:dd:73:38:da:1a:f9:fc:18:9d:45:54:cb: 59:65:36:f4:cc:ff:73:d8:70:4e:9f:48:37:7c:9b:ae:85:d6: e6:f8:6f:de:d2:1f:02:3b:a6:d2:9a:b7:0d:58:b3:bd:3b:77: cf:cf:f3:ee:cb:bf:a1:03:4f:93:a6:04:65:9c:69:65:76:2e: d1:19:58:3b:bc:33:49:0a:35:e1:e1:54:61:d7:ae:87:ea:8d: ae:a5:e7:76:32:98:c8:1a:72:bc:23:6e:ca:6f:41:5a:38:66: b1:1f:bd:d1:e6:13:c6:cf:a0:17:3e:ca:11:c5:75:77:20:fe: aa:97:cf:af:e7:a0:2e:40:84:2d:e0:28:ce:59:5c:ee:74:86: dd:03:72:79:62:ab:76:59:1c:84:26:d6:43:56:a2:22:89:20: 74:09:15:a3 -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgICDAowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjU3MzIxMTAvBgNVBAUTKDBDRUFGMjhGRUU4MTJGMUNDOTdGMUM5NkJDQTY0NTJF RjcyRTZENEMwHhcNMjYwMTI0MTkxNTQ1WhcNMjcwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NTBhZi1kMjIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoB9mHxwMTrr0iTi8t4CAaMbIWRqxh0nmBwMCcHstlsxth7wSzRsnNEHmzp/6 xPBNmnSUO4aJ+i/UIotCuRfxl9wrVkHFHY40lRlBEHxwrx9mwAsVVgRKpXEhV515 JWCkXeZjgABLKC8fNoNQMhNR/ESFcxMNU9x3mRc7EXw2QaRwsS+5nBhXA8b7vMjy EXHVWr9t3iM3mYQNZitGsvub6CAAxakFZlmCQSdvqW+nIWBV9NI+/GY+7CSxfsSU +YyxwQF8hJeRLOAcAVX0iFE1pmU0uKvGvXkExkYsdS5MtZkJWtZT/dqI9dQjzhxI bGhuO0qjUA5xF0w+KWw828SccwIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFHYkqOPd HCtWukkZofWnxPbyQ7nmMB8GA1UdIwQYMBaAFAzq8o/ugS8cyX8clrymRS73Lm1M MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNTczMi84QTdFOUU0MjJG MjMxMUVBOTAzQzE0MzlDNEY5QUUwMi9ET3J5ai02Qkx4ekpmeHlXdktaRkx2Y3Vi VXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0RPcnlqLTZCTHh6SmZ4eVd2S1pGTHZjdWJVdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjU3MzIvOEE3RTlFNDIyRjIzMTFFQTkwM0MxNDM5QzRGOUFFMDIvNzA3QkExMEU5 REIyMTFFQUIzQTg1QTE5QzRGOUFFMDIucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS BAIAATAMAwQBZ8vuAwQCZ/NgMA0EAgACMAcDBQAkA9FAMA0GCSqGSIb3DQEBCwUA A4IBAQA6wxrwih4i/sgvhWgwcF5d/mzMBjZe/7Ir87AUEUfTHcGMYFvKwKUPi0Gx /JltcuFp8N26oikTIjfNdzBKt8WJQaR9OKDJkccNyYegUcicZjf6QCDXUM1L4QB1 cKU+13bdczjaGvn8GJ1FVMtZZTb0zP9z2HBOn0g3fJuuhdbm+G/e0h8CO6bSmrcN WLO9O3fPz/Puy7+hA0+TpgRlnGlldi7RGVg7vDNJCjXh4VRh166H6o2uped2MpjI GnK8I27Kb0FaOGaxH73R5hPGz6AXPsoRxXV3IP6ql8+v56AuQIQt4CjOWVzudIbd A3J5Yqt2WRyEJtZDVqIiiSB0CRWj -----END CERTIFICATE-----Generated at Tue Mar 3 00:30:22 2026 by rpki-client