$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9A77/D3AD07E208D911EDBE92C954C4F9AE02/CD9B103E08DD11ED830BEB5CC4F9AE02.roa File: CD9B103E08DD11ED830BEB5CC4F9AE02.roa (raw, json) Hash identifier: LAY/2oYEWNptyjPMrgoY8aWftbMtB6LPjdcoOOw1Kqc= Subject key identifier: FB:7D:DE:F7:BD:82:A9:43:9F:8E:6A:A6:92:E1:8D:17:A7:C1:FC:33 Certificate issuer: /CN=A91B9A77/serialNumber=25293B0A7036C813A9CD02006DFC290AAF253274 Certificate serial: 031F Authority key identifier: 25:29:3B:0A:70:36:C8:13:A9:CD:02:00:6D:FC:29:0A:AF:25:32:74 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JSk7CnA2yBOpzQIAbfwpCq8lMnQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B9A77/D3AD07E208D911EDBE92C954C4F9AE02/CD9B103E08DD11ED830BEB5CC4F9AE02.roa Signing time: Sun 01 Mar 2026 12:05:33 +0000 ROA not before: Sat 07 Jun 2025 02:00:24 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 149984 IP address blocks: 103.189.2.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B9A77/D3AD07E208D911EDBE92C954C4F9AE02/JSk7CnA2yBOpzQIAbfwpCq8lMnQ.crl rsync://rpki.apnic.net/member_repository/A91B9A77/D3AD07E208D911EDBE92C954C4F9AE02/JSk7CnA2yBOpzQIAbfwpCq8lMnQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JSk7CnA2yBOpzQIAbfwpCq8lMnQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 22:27:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 799 (0x31f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B9A77, serialNumber=25293B0A7036C813A9CD02006DFC290AAF253274 Validity Not Before: Jun 7 02:00:24 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=69a42b8d-9b47 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:a8:f6:23:61:63:f4:e0:7a:b7:62:a2:32:60: 04:f4:38:19:71:06:74:39:81:0e:19:1e:c6:36:01: b1:28:f6:ee:89:d9:fc:01:5e:38:8a:18:32:cf:a5: fe:da:a4:4d:02:59:e5:5e:3f:18:8e:c7:c0:02:89: 40:e4:46:4f:95:8a:3e:73:cc:8b:56:cc:23:b9:39: 4b:ae:e4:58:3a:07:35:a3:1c:3a:56:df:53:0a:5c: f4:95:d6:7e:4a:e4:92:76:e3:42:28:04:fc:2a:f4: b1:8c:b4:62:6a:21:dd:36:d4:ef:a8:c2:ec:5f:6b: bd:cc:4b:3e:ac:c7:5e:a0:48:fb:eb:fc:e6:80:46: 65:dc:ea:c0:34:b6:a1:8a:91:c5:53:15:92:d4:c1: f1:d3:9c:ec:9e:6c:e7:ea:ec:c5:2c:f5:65:5c:6a: 7e:7d:ee:6c:6b:36:d1:b6:4b:6a:64:53:ca:80:b9: f3:9d:91:da:6e:ea:94:26:3c:d0:f7:56:c4:82:7b: 00:a4:3e:d5:4b:cb:55:8b:aa:87:a5:1c:bf:91:d3: be:95:ff:fa:39:53:be:f1:63:ae:09:e3:bf:e4:71: 8e:8c:17:f3:55:71:6d:7f:61:ed:72:b0:b1:da:14: 0a:c5:55:f9:66:6a:68:7c:f4:fe:fa:b6:c1:87:62: d7:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:7D:DE:F7:BD:82:A9:43:9F:8E:6A:A6:92:E1:8D:17:A7:C1:FC:33 X509v3 Authority Key Identifier: keyid:25:29:3B:0A:70:36:C8:13:A9:CD:02:00:6D:FC:29:0A:AF:25:32:74 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B9A77/D3AD07E208D911EDBE92C954C4F9AE02/JSk7CnA2yBOpzQIAbfwpCq8lMnQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JSk7CnA2yBOpzQIAbfwpCq8lMnQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9A77/D3AD07E208D911EDBE92C954C4F9AE02/CD9B103E08DD11ED830BEB5CC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.189.2.0/24 Signature Algorithm: sha256WithRSAEncryption be:09:16:d9:1b:2d:37:2f:7f:ca:3a:04:31:a7:d6:90:e0:2c: 28:b9:55:16:18:4f:7f:ff:3e:02:ad:93:13:9d:46:63:02:e4: 50:84:76:8a:e2:3e:e0:bf:93:6b:a4:8b:58:5f:0b:46:83:c0: 59:96:a1:3d:e4:14:ea:29:a9:95:18:f0:df:9c:5e:db:62:3a: 9b:93:3d:e4:ab:10:57:63:e3:9f:71:ab:2c:c7:d6:d3:dc:ee: 35:d8:6f:98:d5:c4:22:0a:02:e4:56:06:c2:65:c2:ce:0c:fb: 43:89:6a:2c:7f:22:5e:f2:55:b9:8b:e6:ec:01:3c:76:42:27: 37:f0:63:8a:8a:df:d9:5b:e4:45:3b:bf:9a:ca:41:2f:1a:ce: 39:90:4a:83:6d:65:0d:dd:60:48:1e:32:a5:0a:be:d3:4a:63: 96:31:d8:18:16:12:6f:2a:7b:74:d9:15:ba:04:04:a1:7e:d7: bb:73:2e:46:59:be:83:6b:c7:9c:1a:9d:46:ea:45:5c:45:f4: e7:54:d1:73:59:31:8f:98:20:50:3e:fe:71:a6:27:6e:93:73: 0e:fd:0e:31:89:a7:cb:52:cd:8b:58:09:9f:32:7f:d6:25:84: e4:a3:ea:f5:61:9f:8c:80:95:d5:22:61:01:77:c4:3d:95:12: 25:0e:1c:07 -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgICAx8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjlBNzcxMTAvBgNVBAUTKDI1MjkzQjBBNzAzNkM4MTNBOUNEMDIwMDZERkMyOTBB QUYyNTMyNzQwHhcNMjUwNjA3MDIwMDI0WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MmI4ZC05YjQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnKj2I2Fj9OB6t2KiMmAE9DgZcQZ0OYEOGR7GNgGxKPbuidn8AV44ihgyz6X+ 2qRNAlnlXj8YjsfAAolA5EZPlYo+c8yLVswjuTlLruRYOgc1oxw6Vt9TClz0ldZ+ SuSSduNCKAT8KvSxjLRiaiHdNtTvqMLsX2u9zEs+rMdeoEj76/zmgEZl3OrANLah ipHFUxWS1MHx05zsnmzn6uzFLPVlXGp+fe5sazbRtktqZFPKgLnznZHabuqUJjzQ 91bEgnsApD7VS8tVi6qHpRy/kdO+lf/6OVO+8WOuCeO/5HGOjBfzVXFtf2HtcrCx 2hQKxVX5ZmpofPT++rbBh2LX6QIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFPt93ve9 gqlDn45qppLhjRenwfwzMB8GA1UdIwQYMBaAFCUpOwpwNsgTqc0CAG38KQqvJTJ0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOUE3Ny9EM0FEMDdFMjA4 RDkxMUVEQkU5MkM5NTRDNEY5QUUwMi9KU2s3Q25BMnlCT3B6UUlBYmZ3cENxOGxN blEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0pTazdDbkEyeUJPcHpRSUFiZndwQ3E4bE1uUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjlBNzcvRDNBRDA3RTIwOEQ5MTFFREJFOTJDOTU0QzRGOUFFMDIvQ0Q5QjEwM0Uw OEREMTFFRDgzMEJFQjVDQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAZ70CMA0GCSqGSIb3DQEBCwUAA4IBAQC+CRbZGy03L3/KOgQxp9aQ 4CwouVUWGE9//z4CrZMTnUZjAuRQhHaK4j7gv5NrpItYXwtGg8BZlqE95BTqKamV GPDfnF7bYjqbkz3kqxBXY+Ofcassx9bT3O412G+Y1cQiCgLkVgbCZcLODPtDiWos fyJe8lW5i+bsATx2Qic38GOKit/ZW+RFO7+aykEvGs45kEqDbWUN3WBIHjKlCr7T SmOWMdgYFhJvKnt02RW6BAShfte7cy5GWb6Da8ecGp1G6kVcRfTnVNFzWTGPmCBQ Pv5xpiduk3MO/Q4xiafLUs2LWAmfMn/WJYTko+r1YZ+MgJXVImEBd8Q9lRIlDhwH -----END CERTIFICATE-----Generated at Mon Mar 2 04:09:13 2026 by rpki-client