$ rpki-client -vvf rpki.apnic.net/member_repository/A91B67D1/6CBC9B40611D11E9B012DB37C4F9AE02/5B3CBC209BEA11EFBCB36227C4F9AE02.roa File: 5B3CBC209BEA11EFBCB36227C4F9AE02.roa (raw, json) Hash identifier: URL1ReTticLSrWgLn6MiNA2clbnttkHn48DN8d9RREQ= Subject key identifier: B8:61:5E:69:35:AB:A5:84:3D:6E:D8:6F:A9:36:50:F2:B7:A9:C7:DC Certificate issuer: /CN=A91B67D1/serialNumber=767872BDD0EF826A6495D8126A139FC40493800F Certificate serial: 1045 Authority key identifier: 76:78:72:BD:D0:EF:82:6A:64:95:D8:12:6A:13:9F:C4:04:93:80:0F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dnhyvdDvgmpkldgSahOfxASTgA8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B67D1/6CBC9B40611D11E9B012DB37C4F9AE02/5B3CBC209BEA11EFBCB36227C4F9AE02.roa Signing time: Sun 01 Mar 2026 15:32:35 +0000 ROA not before: Tue 02 Sep 2025 18:07:32 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 132168 IP address blocks: 45.114.236.0/22 maxlen: 24 103.71.24.0/24 maxlen: 24 2401:d640::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B67D1/6CBC9B40611D11E9B012DB37C4F9AE02/dnhyvdDvgmpkldgSahOfxASTgA8.crl rsync://rpki.apnic.net/member_repository/A91B67D1/6CBC9B40611D11E9B012DB37C4F9AE02/dnhyvdDvgmpkldgSahOfxASTgA8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dnhyvdDvgmpkldgSahOfxASTgA8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 01:10:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4165 (0x1045) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B67D1, serialNumber=767872BDD0EF826A6495D8126A139FC40493800F Validity Not Before: Sep 2 18:07:32 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=69a45c13-86a1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:1e:7f:8d:ea:62:61:9a:59:3f:5a:19:69:c2: c8:08:2a:74:10:80:06:f4:55:4a:85:b6:f8:4a:91: 95:32:84:69:4d:f1:83:97:98:c6:e0:bf:f3:45:d2: 65:bf:80:76:6c:39:19:ba:c0:8e:19:0d:32:70:6f: 35:e0:e1:1b:76:d8:be:eb:0f:a5:b4:9b:5d:02:7c: 1b:5d:29:83:ad:77:04:93:90:61:ab:dd:1f:7e:d7: e9:f1:a0:21:22:df:ac:21:3b:f2:12:5d:34:d0:58: 2d:e7:af:30:d8:e4:21:55:5a:da:18:95:79:47:36: 5e:85:c2:b4:6f:f5:19:bb:ae:91:26:d4:56:ea:71: 74:35:25:30:26:eb:41:be:db:21:df:14:2b:ec:d2: 08:1c:d3:30:de:ee:4a:b1:9d:db:bd:19:e0:3b:0b: db:22:ba:9e:b9:4f:95:36:0c:fc:58:e5:f5:3a:19: 4c:4c:47:b3:02:0f:f1:65:72:a4:00:33:33:0e:bb: 0f:a0:9f:44:43:b2:da:47:b8:67:28:22:34:6f:14: 96:ac:50:a1:bd:85:5a:fc:81:4b:ed:53:fd:34:4a: 61:57:9a:ed:fc:7e:90:28:0e:b2:3c:9e:51:d2:c4: f2:d5:6b:15:0e:ce:2a:91:e8:21:f5:a7:18:d8:44: 07:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:61:5E:69:35:AB:A5:84:3D:6E:D8:6F:A9:36:50:F2:B7:A9:C7:DC X509v3 Authority Key Identifier: keyid:76:78:72:BD:D0:EF:82:6A:64:95:D8:12:6A:13:9F:C4:04:93:80:0F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B67D1/6CBC9B40611D11E9B012DB37C4F9AE02/dnhyvdDvgmpkldgSahOfxASTgA8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dnhyvdDvgmpkldgSahOfxASTgA8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B67D1/6CBC9B40611D11E9B012DB37C4F9AE02/5B3CBC209BEA11EFBCB36227C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 45.114.236.0/22 103.71.24.0/24 IPv6: 2401:d640::/32 Signature Algorithm: sha256WithRSAEncryption 7c:49:e8:da:c3:ab:45:b0:94:d7:e4:da:6a:6c:2a:a4:62:45: f6:00:e4:14:81:82:87:f6:8d:4b:d6:c7:f3:b5:6a:17:7f:0b: ff:cc:77:48:19:bd:ea:f7:5a:52:b1:f9:94:61:59:d5:0a:aa: 1e:91:63:95:ca:2c:9f:2d:a8:03:c4:f3:c9:4c:a9:a6:46:9e: b8:ca:a7:c3:fe:3e:23:cc:79:15:57:19:fc:93:cf:c1:ed:80: b0:94:7a:34:04:ed:03:bb:2c:e2:9f:bc:9e:43:0d:25:68:1a: 85:90:b0:97:ff:fb:04:d0:0e:e2:41:66:11:36:01:d1:3c:1e: 83:8d:6a:4c:7b:ed:fc:aa:15:52:14:9a:d5:01:ad:58:ef:14: 21:d2:a2:bc:90:3e:73:7d:5e:40:9d:9c:88:0a:df:df:51:d7: ff:1c:53:d5:80:49:4c:d0:14:47:b3:c3:80:3e:25:a9:7b:89: 73:6e:d4:61:0b:b5:9c:1a:10:6a:3f:e5:bd:36:7a:6e:54:b1: b9:df:8b:c3:f0:1d:ef:00:07:f7:9c:aa:d6:ac:71:b5:cf:67: 50:f8:da:48:43:e8:48:7b:36:ca:5e:55:74:72:0d:15:2b:01: 4d:a6:2f:b0:60:2e:17:14:e3:46:69:d9:6c:70:80:17:4a:4d: 91:c4:9a:ea -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgICEEUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjY3RDExMTAvBgNVBAUTKDc2Nzg3MkJERDBFRjgyNkE2NDk1RDgxMjZBMTM5RkM0 MDQ5MzgwMEYwHhcNMjUwOTAyMTgwNzMyWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NWMxMy04NmExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5R5/jepiYZpZP1oZacLICCp0EIAG9FVKhbb4SpGVMoRpTfGDl5jG4L/zRdJl v4B2bDkZusCOGQ0ycG814OEbdti+6w+ltJtdAnwbXSmDrXcEk5Bhq90fftfp8aAh It+sITvyEl000Fgt568w2OQhVVraGJV5RzZehcK0b/UZu66RJtRW6nF0NSUwJutB vtsh3xQr7NIIHNMw3u5KsZ3bvRngOwvbIrqeuU+VNgz8WOX1OhlMTEezAg/xZXKk ADMzDrsPoJ9EQ7LaR7hnKCI0bxSWrFChvYVa/IFL7VP9NEphV5rt/H6QKA6yPJ5R 0sTy1WsVDs4qkegh9acY2EQHfQIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFLhhXmk1 q6WEPW7Yb6k2UPK3qcfcMB8GA1UdIwQYMBaAFHZ4cr3Q74JqZJXYEmoTn8QEk4AP MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjdEMS82Q0JDOUI0MDYx MUQxMUU5QjAxMkRCMzdDNEY5QUUwMi9kbmh5dmREdmdtcGtsZGdTYWhPZnhBU1Rn QTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2RuaHl2ZER2Z21wa2xkZ1NhaE9meEFTVGdBOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjY3RDEvNkNCQzlCNDA2MTFEMTFFOUIwMTJEQjM3QzRGOUFFMDIvNUIzQ0JDMjA5 QkVBMTFFRkJDQjM2MjI3QzRGOUFFMDIucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS BAIAATAMAwQCLXLsAwQAZ0cYMA0EAgACMAcDBQAkAdZAMA0GCSqGSIb3DQEBCwUA A4IBAQB8Sejaw6tFsJTX5NpqbCqkYkX2AOQUgYKH9o1L1sfztWoXfwv/zHdIGb3q 91pSsfmUYVnVCqoekWOVyiyfLagDxPPJTKmmRp64yqfD/j4jzHkVVxn8k8/B7YCw lHo0BO0Duyzin7yeQw0laBqFkLCX//sE0A7iQWYRNgHRPB6DjWpMe+38qhVSFJrV Aa1Y7xQh0qK8kD5zfV5AnZyICt/fUdf/HFPVgElM0BRHs8OAPiWpe4lzbtRhC7Wc GhBqP+W9NnpuVLG534vD8B3vAAf3nKrWrHG1z2dQ+NpIQ+hIezbKXlV0cg0VKwFN pi+wYC4XFONGadlscIAXSk2RxJrq -----END CERTIFICATE-----Generated at Mon Mar 2 12:38:12 2026 by rpki-client