$ rpki-client -vvf rpki.apnic.net/member_repository/A91BCF31/AF7FED62AA4E11EA9D8EC782C4F9AE02/B757FF4EAB8311EA9983D717C4F9AE02.roa File: B757FF4EAB8311EA9983D717C4F9AE02.roa (raw, json) Hash identifier: +2jTblD+/4omeCEhDlwqOghx+nNjjgIJKr1/zmP67Lo= Subject key identifier: 9A:1C:41:01:2A:BC:6E:CF:DC:5F:C3:46:89:1C:97:82:A9:DD:1E:D8 Certificate issuer: /CN=A91BCF31/serialNumber=5F8E4FD4A6DD635E43782E5A055622CAB2654A37 Certificate serial: 0991 Authority key identifier: 5F:8E:4F:D4:A6:DD:63:5E:43:78:2E:5A:05:56:22:CA:B2:65:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X45P1KbdY15DeC5aBVYiyrJlSjc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BCF31/AF7FED62AA4E11EA9D8EC782C4F9AE02/B757FF4EAB8311EA9983D717C4F9AE02.roa Signing time: Sun 01 Mar 2026 14:49:21 +0000 ROA not before: Thu 22 Jan 2026 20:16:36 +0000 ROA not after: Wed 31 Mar 2027 00:00:00 +0000 asID: 10109 IP address blocks: 119.40.96.0/21 maxlen: 21 119.40.96.0/24 maxlen: 24 119.40.97.0/24 maxlen: 24 119.40.98.0/24 maxlen: 24 119.40.99.0/24 maxlen: 24 119.40.100.0/24 maxlen: 24 119.40.101.0/24 maxlen: 24 119.40.102.0/24 maxlen: 24 119.40.103.0/24 maxlen: 24 2400:d4e0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BCF31/AF7FED62AA4E11EA9D8EC782C4F9AE02/X45P1KbdY15DeC5aBVYiyrJlSjc.crl rsync://rpki.apnic.net/member_repository/A91BCF31/AF7FED62AA4E11EA9D8EC782C4F9AE02/X45P1KbdY15DeC5aBVYiyrJlSjc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X45P1KbdY15DeC5aBVYiyrJlSjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 03:08:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2449 (0x991) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BCF31, serialNumber=5F8E4FD4A6DD635E43782E5A055622CAB2654A37 Validity Not Before: Jan 22 20:16:36 2026 GMT Not After : Mar 31 00:00:00 2027 GMT Subject: CN=69a451f0-8593 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:85:0a:e6:01:1b:a0:70:4d:19:fb:15:b7:74:c8: fc:4d:f2:fc:f8:df:68:b5:5c:e1:22:6b:b2:43:06: 5d:67:f6:1e:1c:ac:c8:30:e6:f6:ce:02:8e:8c:ee: 0a:f5:1d:c5:49:74:6a:4a:4f:cb:86:a7:70:ca:5b: f0:ef:ed:8c:1e:c1:90:10:23:37:12:17:86:57:9e: 1f:2f:81:67:4e:e0:aa:7c:0c:19:29:35:48:b4:89: 23:43:56:40:56:b6:b9:3f:71:67:d5:f2:30:0a:23: 34:2a:02:94:99:84:8b:5e:b0:7b:b8:e7:a6:53:0e: d0:cd:4f:03:f5:09:a1:b8:d1:6c:b8:49:ed:5d:43: e0:d5:49:ea:b7:51:76:ed:56:88:cd:1b:4d:be:83: 67:69:24:34:90:35:42:5f:1a:cc:20:91:1c:16:9a: 1e:32:56:a6:cc:7e:fe:6b:64:27:11:4b:89:d5:df: 5a:a3:96:22:73:87:36:19:c5:fa:b4:b3:4a:47:96: 65:76:3d:9d:c6:fb:03:bd:4b:c9:8e:b0:9b:c4:05: 29:f9:52:ea:96:73:15:19:ba:68:15:82:2c:e7:2e: 6d:6e:aa:37:b4:6a:ef:8a:9f:b8:51:48:93:fd:01: 4b:33:c4:a6:ce:c9:28:8f:20:dc:2b:ec:51:24:ec: 2d:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:1C:41:01:2A:BC:6E:CF:DC:5F:C3:46:89:1C:97:82:A9:DD:1E:D8 X509v3 Authority Key Identifier: keyid:5F:8E:4F:D4:A6:DD:63:5E:43:78:2E:5A:05:56:22:CA:B2:65:4A:37 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BCF31/AF7FED62AA4E11EA9D8EC782C4F9AE02/X45P1KbdY15DeC5aBVYiyrJlSjc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X45P1KbdY15DeC5aBVYiyrJlSjc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BCF31/AF7FED62AA4E11EA9D8EC782C4F9AE02/B757FF4EAB8311EA9983D717C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 119.40.96.0/21 IPv6: 2400:d4e0::/32 Signature Algorithm: sha256WithRSAEncryption c1:6e:21:c7:f9:4e:1e:35:5e:41:53:99:e6:49:eb:75:ed:11: b9:af:f8:8d:42:ee:4b:5c:ea:f1:f0:fa:a2:dc:e1:9e:d1:e0: 8d:a1:f7:2e:ab:da:42:30:cb:e1:89:4a:90:8c:28:89:22:1e: 90:a1:05:f7:da:7d:b6:d4:20:35:0b:e3:c5:58:e8:32:df:76: 44:22:cf:ff:42:2f:68:d8:59:c8:65:12:6d:35:b6:ac:e9:6c: e3:c8:50:2c:c0:0c:89:b6:10:63:14:c7:6f:b5:18:4d:e3:21: 54:df:15:02:14:d2:ef:66:62:32:c8:d6:ac:25:8f:f0:13:f5: f4:33:d8:c6:35:3d:4b:a5:68:10:65:34:65:98:f7:42:d7:40: e7:46:e4:0b:bf:02:31:b9:91:6a:aa:9e:5d:c0:51:d4:1b:d6: 71:c8:c4:7e:7d:21:7f:79:c2:b7:ba:02:09:a3:50:3e:63:a3: 4b:71:13:d3:50:b1:ca:08:4c:e7:be:9d:1c:42:f6:6a:40:aa: fb:f4:62:0c:aa:e6:05:c4:89:2a:c9:ec:74:2a:e2:42:b4:ed: c3:01:fb:52:e4:32:12:ab:c5:5a:0e:62:b3:59:d8:d4:94:04: b6:53:b8:9b:00:93:38:a0:fd:8e:73:28:4c:a7:9b:36:6c:94: 6a:e3:48:03 -----BEGIN CERTIFICATE----- MIIFSzCCBDOgAwIBAgICCZEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkNGMzExMTAvBgNVBAUTKDVGOEU0RkQ0QTZERDYzNUU0Mzc4MkU1QTA1NTYyMkNB QjI2NTRBMzcwHhcNMjYwMTIyMjAxNjM2WhcNMjcwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NTFmMC04NTkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAhQrmARugcE0Z+xW3dMj8TfL8+N9otVzhImuyQwZdZ/YeHKzIMOb2zgKOjO4K 9R3FSXRqSk/Lhqdwylvw7+2MHsGQECM3EheGV54fL4FnTuCqfAwZKTVItIkjQ1ZA Vra5P3Fn1fIwCiM0KgKUmYSLXrB7uOemUw7QzU8D9QmhuNFsuEntXUPg1Unqt1F2 7VaIzRtNvoNnaSQ0kDVCXxrMIJEcFpoeMlamzH7+a2QnEUuJ1d9ao5Yic4c2GcX6 tLNKR5Zldj2dxvsDvUvJjrCbxAUp+VLqlnMVGbpoFYIs5y5tbqo3tGrvip+4UUiT /QFLM8SmzskojyDcK+xRJOwtJwIDAQABo4ICbzCCAmswHQYDVR0OBBYEFJocQQEq vG7P3F/DRokcl4Kp3R7YMB8GA1UdIwQYMBaAFF+OT9Sm3WNeQ3guWgVWIsqyZUo3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQ0YzMS9BRjdGRUQ2MkFB NEUxMUVBOUQ4RUM3ODJDNEY5QUUwMi9YNDVQMUtiZFkxNURlQzVhQlZZaXlySmxT amMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1g0NVAxS2JkWTE1RGVDNWFCVllpeXJKbFNqYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkNGMzEvQUY3RkVENjJBQTRFMTFFQTlEOEVDNzgyQzRGOUFFMDIvQjc1N0ZGNEVB QjgzMTFFQTk5ODNENzE3QzRGOUFFMDIucm9hMC4GCCsGAQUFBwEHAQH/BB8wHTAM BAIAATAGAwQDdyhgMA0EAgACMAcDBQAkANTgMA0GCSqGSIb3DQEBCwUAA4IBAQDB biHH+U4eNV5BU5nmSet17RG5r/iNQu5LXOrx8Pqi3OGe0eCNofcuq9pCMMvhiUqQ jCiJIh6QoQX32n221CA1C+PFWOgy33ZEIs//Qi9o2FnIZRJtNbas6WzjyFAswAyJ thBjFMdvtRhN4yFU3xUCFNLvZmIyyNasJY/wE/X0M9jGNT1LpWgQZTRlmPdC10Dn RuQLvwIxuZFqqp5dwFHUG9ZxyMR+fSF/ecK3ugIJo1A+Y6NLcRPTULHKCEznvp0c QvZqQKr79GIMquYFxIkqyex0KuJCtO3DAftS5DISq8VaDmKzWdjUlAS2U7ibAJM4 oP2OcyhMp5s2bJRq40gD -----END CERTIFICATE-----Generated at Mon Mar 2 13:49:51 2026 by rpki-client