$ rpki-client -vvf rpki.apnic.net/member_repository/A91B915D/7109EFC47DC911ECBBFB6F24C4F9AE02/8CA3BAEC7DCB11EC99806E25C4F9AE02.roa File: 8CA3BAEC7DCB11EC99806E25C4F9AE02.roa (raw, json) Hash identifier: 3dvCT2gOB8rQbKwOX6TGGzUBoVEiCpk9IxITGxHj+Hs= Subject key identifier: A7:4A:4A:E1:E7:4A:5B:54:D8:D5:A8:24:A8:12:19:35:81:1E:8C:6A Certificate issuer: /CN=A91B915D/serialNumber=A398DFD4D3975EAB96FD38033968246E475E28B3 Certificate serial: 047A Authority key identifier: A3:98:DF:D4:D3:97:5E:AB:96:FD:38:03:39:68:24:6E:47:5E:28:B3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o5jf1NOXXquW_TgDOWgkbkdeKLM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B915D/7109EFC47DC911ECBBFB6F24C4F9AE02/8CA3BAEC7DCB11EC99806E25C4F9AE02.roa Signing time: Sun 01 Mar 2026 08:53:56 +0000 ROA not before: Sun 13 Apr 2025 00:34:34 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 58885 IP address blocks: 45.116.136.0/22 maxlen: 22 45.116.136.0/24 maxlen: 24 45.116.137.0/24 maxlen: 24 45.116.138.0/24 maxlen: 24 45.116.139.0/24 maxlen: 24 103.19.20.0/22 maxlen: 22 103.19.20.0/24 maxlen: 24 103.19.21.0/24 maxlen: 24 103.19.22.0/24 maxlen: 24 103.19.23.0/24 maxlen: 24 2001:df5:8000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B915D/7109EFC47DC911ECBBFB6F24C4F9AE02/o5jf1NOXXquW_TgDOWgkbkdeKLM.crl rsync://rpki.apnic.net/member_repository/A91B915D/7109EFC47DC911ECBBFB6F24C4F9AE02/o5jf1NOXXquW_TgDOWgkbkdeKLM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o5jf1NOXXquW_TgDOWgkbkdeKLM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 18:27:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1146 (0x47a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B915D, serialNumber=A398DFD4D3975EAB96FD38033968246E475E28B3 Validity Not Before: Apr 13 00:34:34 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=69a3fea4-2f03 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:6a:5e:06:75:6f:4a:5b:72:01:06:fb:85:f5: a9:21:81:15:67:42:06:00:cd:4b:3c:4c:32:1b:f5: 74:9d:2f:d7:7b:78:61:8b:1b:ba:b3:d8:dd:80:bd: 44:21:17:23:2a:f8:0f:43:15:4d:3a:41:07:f7:03: f8:52:28:d4:34:83:69:fc:18:2f:97:05:1b:1d:3c: e8:f6:40:8b:52:04:39:7c:d3:fb:4a:65:a0:e1:18: 3f:48:4d:a5:95:9f:bf:eb:d4:e2:ae:1d:9a:45:f3: 8a:0c:11:27:92:b1:c8:e1:64:8e:18:ea:d9:67:dc: 40:06:9b:45:93:07:21:00:3b:8d:fa:50:e7:20:46: 13:74:a3:6f:58:51:68:c4:4f:98:bc:b0:6a:48:a0: b9:f0:48:be:5d:4d:66:a8:f4:37:dd:4b:fc:d3:83: 97:a9:48:a5:3e:bf:35:ca:87:3c:54:3b:88:0f:52: 9f:e6:c1:22:e8:33:9d:4a:e9:29:ad:21:94:3e:78: 56:42:52:18:70:c1:a7:c5:ab:27:17:39:24:88:e8: 89:d0:b0:7e:56:e0:72:00:34:43:2c:9b:8f:42:09: cb:37:17:c8:87:34:cf:50:0e:2e:fb:c9:00:f7:60: ca:d9:3e:79:db:cd:98:d0:42:e2:a3:9e:7d:f3:42: 68:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:4A:4A:E1:E7:4A:5B:54:D8:D5:A8:24:A8:12:19:35:81:1E:8C:6A X509v3 Authority Key Identifier: keyid:A3:98:DF:D4:D3:97:5E:AB:96:FD:38:03:39:68:24:6E:47:5E:28:B3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B915D/7109EFC47DC911ECBBFB6F24C4F9AE02/o5jf1NOXXquW_TgDOWgkbkdeKLM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o5jf1NOXXquW_TgDOWgkbkdeKLM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B915D/7109EFC47DC911ECBBFB6F24C4F9AE02/8CA3BAEC7DCB11EC99806E25C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 45.116.136.0/22 103.19.20.0/22 IPv6: 2001:df5:8000::/48 Signature Algorithm: sha256WithRSAEncryption 63:4f:4e:90:ee:11:95:b8:74:49:0f:9f:d9:20:76:47:1a:f7: 86:4f:b4:0e:fc:90:ab:1b:f1:35:48:a4:8e:e1:8c:48:67:b9: bc:72:a3:cb:9a:d3:17:f4:35:f3:bc:74:fb:7b:3b:09:a3:eb: 5a:55:81:bd:12:31:d7:a6:3e:6e:56:83:26:31:ec:4f:b1:9d: 08:15:56:02:36:1f:ce:1b:63:f5:92:91:a2:26:9b:09:57:e9: 72:32:76:93:39:11:a8:8c:09:f6:28:10:88:18:eb:75:56:8a: 93:e6:e5:04:19:32:a4:ce:58:96:37:d5:de:4e:9c:0f:8d:2e: 2e:c5:e9:f7:e2:af:0f:4b:5b:ba:c4:ab:84:f8:84:1b:00:c2: e2:c3:bb:f8:b1:f5:b7:28:41:86:7b:99:15:2a:45:38:6a:03: 9d:ec:e4:89:16:8c:7a:f0:60:3f:02:67:b0:f2:1b:1a:c7:da: 50:48:24:3d:16:9c:c0:09:d0:4e:41:b4:8c:40:91:38:13:94: a1:25:41:43:01:c5:ab:56:64:76:a2:cf:88:79:1d:ac:98:43: 15:30:05:e6:f1:a2:a7:0b:7d:a7:77:84:5b:a8:2d:28:47:29: 12:a8:d8:8d:04:2a:55:70:e0:a9:80:cc:f5:19:26:cb:a7:12: 61:0e:f1:e6 -----BEGIN CERTIFICATE----- MIIFUzCCBDugAwIBAgICBHowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjkxNUQxMTAvBgNVBAUTKEEzOThERkQ0RDM5NzVFQUI5NkZEMzgwMzM5NjgyNDZF NDc1RTI4QjMwHhcNMjUwNDEzMDAzNDM0WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWEzZmVhNC0yZjAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAk2peBnVvSltyAQb7hfWpIYEVZ0IGAM1LPEwyG/V0nS/Xe3hhixu6s9jdgL1E IRcjKvgPQxVNOkEH9wP4UijUNINp/BgvlwUbHTzo9kCLUgQ5fNP7SmWg4Rg/SE2l lZ+/69Tirh2aRfOKDBEnkrHI4WSOGOrZZ9xABptFkwchADuN+lDnIEYTdKNvWFFo xE+YvLBqSKC58Ei+XU1mqPQ33Uv804OXqUilPr81yoc8VDuID1Kf5sEi6DOdSukp rSGUPnhWQlIYcMGnxasnFzkkiOiJ0LB+VuByADRDLJuPQgnLNxfIhzTPUA4u+8kA 92DK2T55282Y0ELio55980JoYwIDAQABo4ICdzCCAnMwHQYDVR0OBBYEFKdKSuHn SltU2NWoJKgSGTWBHoxqMB8GA1UdIwQYMBaAFKOY39TTl16rlv04AzloJG5HXiiz MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOTE1RC83MTA5RUZDNDdE QzkxMUVDQkJGQjZGMjRDNEY5QUUwMi9vNWpmMU5PWFhxdVdfVGdET1dna2JrZGVL TE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL281amYxTk9YWHF1V19UZ0RPV2drYmtkZUtMTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjkxNUQvNzEwOUVGQzQ3REM5MTFFQ0JCRkI2RjI0QzRGOUFFMDIvOENBM0JBRUM3 RENCMTFFQzk5ODA2RTI1QzRGOUFFMDIucm9hMDYGCCsGAQUFBwEHAQH/BCcwJTAS BAIAATAMAwQCLXSIAwQCZxMUMA8EAgACMAkDBwAgAQ31gAAwDQYJKoZIhvcNAQEL BQADggEBAGNPTpDuEZW4dEkPn9kgdkca94ZPtA78kKsb8TVIpI7hjEhnubxyo8ua 0xf0NfO8dPt7Owmj61pVgb0SMdemPm5WgyYx7E+xnQgVVgI2H84bY/WSkaImmwlX 6XIydpM5EaiMCfYoEIgY63VWipPm5QQZMqTOWJY31d5OnA+NLi7F6ffirw9LW7rE q4T4hBsAwuLDu/ix9bcoQYZ7mRUqRThqA53s5IkWjHrwYD8CZ7DyGxrH2lBIJD0W nMAJ0E5BtIxAkTgTlKElQUMBxatWZHaiz4h5HayYQxUwBebxoqcLfad3hFuoLShH KRKo2I0EKlVw4KmAzPUZJsunEmEO8eY= -----END CERTIFICATE-----Generated at Mon Mar 2 02:12:45 2026 by rpki-client