$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5CEA/28A77B6864EE11EDA4A34513C4F9AE02/B42198DC64F211ED9AEC046FC4F9AE02.roa File: B42198DC64F211ED9AEC046FC4F9AE02.roa (raw, json) Hash identifier: 6p0pjNtVEroCxcCiJ9TKvunyY9agNZgPLvDOjYiy6VA= Subject key identifier: D4:C5:8D:52:ED:F9:A5:D7:01:AC:FC:B1:80:D1:DB:13:C5:E9:F0:BC Certificate issuer: /CN=A91B5CEA/serialNumber=FD4E5CFBBE51340160396D596E1B3248CFC81CC4 Certificate serial: 028D Authority key identifier: FD:4E:5C:FB:BE:51:34:01:60:39:6D:59:6E:1B:32:48:CF:C8:1C:C4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_U5c-75RNAFgOW1ZbhsySM_IHMQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B5CEA/28A77B6864EE11EDA4A34513C4F9AE02/B42198DC64F211ED9AEC046FC4F9AE02.roa Signing time: Thu 02 Apr 2026 06:19:59 +0000 ROA not before: Thu 02 Apr 2026 06:19:59 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 133606 IP address blocks: 43.243.120.0/22 maxlen: 24 43.243.176.0/22 maxlen: 24 43.254.56.0/22 maxlen: 24 103.94.180.0/22 maxlen: 24 103.238.116.0/22 maxlen: 24 116.199.172.0/22 maxlen: 24 223.29.230.0/23 maxlen: 24 223.29.236.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B5CEA/28A77B6864EE11EDA4A34513C4F9AE02/_U5c-75RNAFgOW1ZbhsySM_IHMQ.crl rsync://rpki.apnic.net/member_repository/A91B5CEA/28A77B6864EE11EDA4A34513C4F9AE02/_U5c-75RNAFgOW1ZbhsySM_IHMQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_U5c-75RNAFgOW1ZbhsySM_IHMQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Apr 2026 01:36:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 653 (0x28d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B5CEA, serialNumber=FD4E5CFBBE51340160396D596E1B3248CFC81CC4 Validity Not Before: Apr 2 06:19:59 2026 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=69ce0a8f-9206 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:5d:04:56:c3:b4:8b:f6:60:d4:6a:bb:ec:a0: b1:f2:7e:05:aa:9a:2e:23:13:d1:8c:e3:1b:87:46: ff:2d:41:bb:f5:1e:3d:c1:64:82:3c:15:c4:8d:10: 12:6c:2e:df:11:07:0b:c9:42:53:f3:14:c7:34:f7: 54:d8:10:cc:ef:c2:a1:3f:2e:69:6e:0a:58:cf:98: a0:be:49:aa:44:d1:5b:8f:cc:03:a0:f9:44:6e:dc: bf:02:9c:70:9f:53:61:2f:a8:02:40:2d:1f:00:ae: 14:5a:b6:2f:ff:2a:61:51:eb:f0:cc:36:70:cf:ed: 1a:f9:29:24:9f:0d:86:e8:aa:ec:15:8d:97:72:11: c0:1d:b6:40:12:ad:91:c7:2c:c5:49:85:d0:bd:4e: 30:da:0f:78:29:0e:82:92:cb:48:51:2a:6e:af:92: 63:df:4e:81:ae:aa:23:72:cc:2b:63:38:2f:54:cc: da:77:45:ca:ff:6a:8d:ec:2e:66:83:c4:75:b8:cd: 30:69:90:41:72:d1:13:e6:c1:f3:91:41:b1:fd:83: d3:8c:af:b9:63:30:ee:f0:ef:d5:02:6b:b3:9a:5f: 5c:13:e3:20:7b:76:6f:1a:1d:ed:31:7a:83:f1:22: 0c:73:cf:50:be:a2:47:fc:49:a1:de:0a:de:16:32: ee:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:C5:8D:52:ED:F9:A5:D7:01:AC:FC:B1:80:D1:DB:13:C5:E9:F0:BC X509v3 Authority Key Identifier: keyid:FD:4E:5C:FB:BE:51:34:01:60:39:6D:59:6E:1B:32:48:CF:C8:1C:C4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B5CEA/28A77B6864EE11EDA4A34513C4F9AE02/_U5c-75RNAFgOW1ZbhsySM_IHMQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_U5c-75RNAFgOW1ZbhsySM_IHMQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5CEA/28A77B6864EE11EDA4A34513C4F9AE02/B42198DC64F211ED9AEC046FC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.243.120.0/22 43.243.176.0/22 43.254.56.0/22 103.94.180.0/22 103.238.116.0/22 116.199.172.0/22 223.29.230.0/23 223.29.236.0/22 Signature Algorithm: sha256WithRSAEncryption 1f:7b:82:fe:32:de:b0:12:01:83:10:20:b7:9f:47:3b:f3:23: 57:5d:ee:b6:37:a6:fa:ef:3f:18:c8:f5:f1:ca:75:12:3a:5c: 66:80:39:3d:e8:f1:29:7f:b4:d9:59:09:06:45:ef:0a:41:17: 08:d3:94:19:9d:fd:10:81:75:28:ee:49:20:6d:cf:7c:16:43: cb:41:7c:6e:e4:80:c9:61:b9:4c:29:84:c2:88:7a:61:fe:e3: 5b:ec:a1:49:0c:b5:b1:e5:33:50:d8:17:65:59:fe:7d:64:74: 98:86:30:f5:a3:67:f2:ab:74:c2:1e:f7:22:64:ec:e4:9c:8a: ec:7a:a8:14:57:cf:dd:f5:6b:5f:cf:a5:14:2f:1f:13:cc:0b: 81:24:3b:ff:fe:39:2b:d5:29:17:65:ff:ea:09:3d:67:c0:65: 0b:25:41:40:e6:03:85:9c:80:63:56:be:f9:85:6b:8f:97:6e: 97:40:fc:57:ae:a1:95:e5:25:82:be:0e:6a:2e:fc:e4:79:fa: ab:24:b5:12:fd:b5:93:94:d1:29:85:9e:c0:00:ff:1e:92:fd: 6d:24:f0:ad:28:b4:27:4c:55:29:8f:1f:3c:9d:f1:0f:40:9a: 57:81:8d:55:cd:eb:4c:3b:45:92:10:48:b2:6b:01:f8:3e:1a: 9f:21:d6:fa -----BEGIN CERTIFICATE----- MIIFZjCCBE6gAwIBAgICAo0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjVDRUExMTAvBgNVBAUTKEZENEU1Q0ZCQkU1MTM0MDE2MDM5NkQ1OTZFMUIzMjQ4 Q0ZDODFDQzQwHhcNMjYwNDAyMDYxOTU5WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWNlMGE4Zi05MjA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnl0EVsO0i/Zg1Gq77KCx8n4FqpouIxPRjOMbh0b/LUG79R49wWSCPBXEjRAS bC7fEQcLyUJT8xTHNPdU2BDM78KhPy5pbgpYz5igvkmqRNFbj8wDoPlEbty/Apxw n1NhL6gCQC0fAK4UWrYv/yphUevwzDZwz+0a+Skknw2G6KrsFY2XchHAHbZAEq2R xyzFSYXQvU4w2g94KQ6CkstIUSpur5Jj306BrqojcswrYzgvVMzad0XK/2qN7C5m g8R1uM0waZBBctET5sHzkUGx/YPTjK+5YzDu8O/VAmuzml9cE+Mge3ZvGh3tMXqD 8SIMc89QvqJH/Emh3greFjLuNwIDAQABo4ICijCCAoYwHQYDVR0OBBYEFNTFjVLt +aXXAaz8sYDR2xPF6fC8MB8GA1UdIwQYMBaAFP1OXPu+UTQBYDltWW4bMkjPyBzE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUNFQS8yOEE3N0I2ODY0 RUUxMUVEQTRBMzQ1MTNDNEY5QUUwMi9fVTVjLTc1Uk5BRmdPVzFaYmhzeVNNX0lI TVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL19VNWMtNzVSTkFGZ09XMVpiaHN5U01fSUhNUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjVDRUEvMjhBNzdCNjg2NEVFMTFFREE0QTM0NTEzQzRGOUFFMDIvQjQyMTk4REM2 NEYyMTFFRDlBRUMwNDZGQzRGOUFFMDIucm9hMEkGCCsGAQUFBwEHAQH/BDowODA2 BAIAATAwAwQCK/N4AwQCK/OwAwQCK/44AwQCZ160AwQCZ+50AwQCdMesAwQB3x3m AwQC3x3sMA0GCSqGSIb3DQEBCwUAA4IBAQAfe4L+Mt6wEgGDECC3n0c78yNXXe62 N6b67z8YyPXxynUSOlxmgDk96PEpf7TZWQkGRe8KQRcI05QZnf0QgXUo7kkgbc98 FkPLQXxu5IDJYblMKYTCiHph/uNb7KFJDLWx5TNQ2BdlWf59ZHSYhjD1o2fyq3TC HvciZOzknIrseqgUV8/d9Wtfz6UULx8TzAuBJDv//jkr1SkXZf/qCT1nwGULJUFA 5gOFnIBjVr75hWuPl26XQPxXrqGV5SWCvg5qLvzkefqrJLUS/bWTlNEphZ7AAP8e kv1tJPCtKLQnTFUpjx88nfEPQJpXgY1VzetMO0WSEEiyawH4PhqfIdb6 -----END CERTIFICATE-----Generated at Fri Apr 17 14:57:56 2026 by rpki-client