$ rpki-client -vvf rpki.apnic.net/member_repository/A91BF27F/9C3256A2E98F11E5B2ADC567C4F9AE02/431D19069E8211EAAD86AC51C4F9AE02.roa File: 431D19069E8211EAAD86AC51C4F9AE02.roa (raw, json) Hash identifier: +kDsd0MsrUW9X5xLDAdvHx0LSDWy4PnbmaV19ILgdxk= Subject key identifier: 0C:76:AA:AC:C4:6A:4D:37:1B:B9:16:D2:8F:CD:86:C7:35:BE:38:6A Certificate issuer: /CN=A91BF27F/serialNumber=59A64728EE01D6AE34FE77B01E8859C82097E57F Certificate serial: 2203 Authority key identifier: 59:A6:47:28:EE:01:D6:AE:34:FE:77:B0:1E:88:59:C8:20:97:E5:7F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WaZHKO4B1q40_newHohZyCCX5X8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BF27F/9C3256A2E98F11E5B2ADC567C4F9AE02/431D19069E8211EAAD86AC51C4F9AE02.roa Signing time: Sat 28 Mar 2026 16:23:09 +0000 ROA not before: Sat 28 Mar 2026 16:23:09 +0000 ROA not after: Fri 28 May 2027 00:00:00 +0000 asID: 38719 IP address blocks: 43.243.116.0/22 maxlen: 22 43.243.116.0/24 maxlen: 24 43.243.117.0/24 maxlen: 24 43.243.118.0/24 maxlen: 24 43.243.119.0/24 maxlen: 24 103.226.220.0/22 maxlen: 22 103.226.220.0/24 maxlen: 24 103.226.221.0/24 maxlen: 24 103.226.222.0/24 maxlen: 24 103.226.223.0/24 maxlen: 24 2404:8280::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BF27F/9C3256A2E98F11E5B2ADC567C4F9AE02/WaZHKO4B1q40_newHohZyCCX5X8.crl rsync://rpki.apnic.net/member_repository/A91BF27F/9C3256A2E98F11E5B2ADC567C4F9AE02/WaZHKO4B1q40_newHohZyCCX5X8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WaZHKO4B1q40_newHohZyCCX5X8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Apr 2026 15:51:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8707 (0x2203) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BF27F, serialNumber=59A64728EE01D6AE34FE77B01E8859C82097E57F Validity Not Before: Mar 28 16:23:09 2026 GMT Not After : May 28 00:00:00 2027 GMT Subject: CN=69c8006d-f5ea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:f9:83:f8:1b:c7:fe:af:17:03:b9:2e:1c:e4: 45:36:48:a7:2d:de:9c:e1:10:cc:ff:d3:62:e1:06: a6:5e:65:2d:08:4f:44:9d:09:7b:c3:b9:83:41:08: 27:cc:bd:2c:f9:40:29:c7:ec:08:f5:90:69:c0:33: d0:68:48:94:7f:8e:fb:45:81:05:10:ea:ac:fd:03: e1:87:d7:a0:e6:0e:ee:18:dc:bb:22:0b:84:2e:24: e5:f8:6f:f2:40:72:db:f2:f5:f9:a7:94:7d:69:af: 64:b2:31:5b:35:fd:9a:2d:74:61:bb:5c:e6:6f:66: ff:97:91:de:56:9a:ef:c2:24:bc:b3:91:4d:00:b1: 23:f1:6e:05:e5:5b:ae:7f:d2:41:27:e3:82:ec:99: 21:89:12:5c:58:37:9b:c9:01:d4:84:7a:5a:16:0c: e4:bf:18:01:75:3a:bb:89:6f:01:b6:54:99:39:3b: 7e:a0:a3:61:92:d5:9e:62:cd:17:65:fa:de:82:b5: f7:6b:bc:79:1d:55:00:df:50:9d:89:da:f4:67:4f: 73:2e:85:d9:e9:f3:9d:a2:1c:c3:9f:b0:65:cc:c8: 99:bb:ec:5a:e8:d2:7f:0f:8f:65:37:bd:53:fe:56: 63:4a:f7:5b:9e:c8:9f:d1:01:2a:36:43:84:a9:6a: 7e:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:76:AA:AC:C4:6A:4D:37:1B:B9:16:D2:8F:CD:86:C7:35:BE:38:6A X509v3 Authority Key Identifier: keyid:59:A6:47:28:EE:01:D6:AE:34:FE:77:B0:1E:88:59:C8:20:97:E5:7F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BF27F/9C3256A2E98F11E5B2ADC567C4F9AE02/WaZHKO4B1q40_newHohZyCCX5X8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WaZHKO4B1q40_newHohZyCCX5X8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BF27F/9C3256A2E98F11E5B2ADC567C4F9AE02/431D19069E8211EAAD86AC51C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.243.116.0/22 103.226.220.0/22 IPv6: 2404:8280::/32 Signature Algorithm: sha256WithRSAEncryption 01:52:46:e4:77:de:77:c4:8b:1e:ce:05:3d:33:ce:66:15:b8: 4a:68:3c:69:be:16:50:18:fe:3e:df:f7:7c:6a:ba:5a:7c:e2: 39:ae:ad:3d:fc:25:b4:a3:2a:4b:e7:54:7a:04:58:3d:44:1e: 79:43:9e:a4:cb:1a:0a:61:9d:94:f5:53:7a:73:62:84:85:66: 3a:06:09:b5:4e:fd:6c:d8:8e:50:b2:57:ce:50:02:74:61:90: 13:53:85:31:30:59:87:1f:bd:d6:ec:65:44:29:7e:08:f2:29: 92:b8:4a:de:ed:7a:47:b5:78:35:83:d8:d1:d3:af:97:c0:ac: fe:c2:db:4f:8b:4e:33:f7:93:5e:80:b8:62:9e:61:95:00:a9: 5c:68:6f:60:ee:43:de:d8:99:f6:f3:d2:1d:22:3e:da:f6:4b: 1f:ca:06:59:cb:c9:64:88:f2:a9:67:ff:01:2c:8d:74:82:28: c3:19:0b:8f:72:61:09:bf:06:20:8e:70:c9:50:e4:c4:6f:08: f3:3c:33:56:77:8c:99:fd:21:40:1d:34:e0:e1:b0:5f:e2:3f: a6:c8:79:8d:a9:d3:d2:62:f7:d5:96:15:dd:a7:ad:22:4c:6d: 48:91:e9:5b:5e:ce:b4:aa:3c:b8:11:8c:c7:b9:b9:a2:4f:0e: 31:b3:aa:2f -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgICIgMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkYyN0YxMTAvBgNVBAUTKDU5QTY0NzI4RUUwMUQ2QUUzNEZFNzdCMDFFODg1OUM4 MjA5N0U1N0YwHhcNMjYwMzI4MTYyMzA5WhcNMjcwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02OWM4MDA2ZC1mNWVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsPmD+BvH/q8XA7kuHORFNkinLd6c4RDM/9Ni4QamXmUtCE9EnQl7w7mDQQgn zL0s+UApx+wI9ZBpwDPQaEiUf477RYEFEOqs/QPhh9eg5g7uGNy7IguELiTl+G/y QHLb8vX5p5R9aa9ksjFbNf2aLXRhu1zmb2b/l5HeVprvwiS8s5FNALEj8W4F5Vuu f9JBJ+OC7JkhiRJcWDebyQHUhHpaFgzkvxgBdTq7iW8BtlSZOTt+oKNhktWeYs0X ZfregrX3a7x5HVUA31Cdidr0Z09zLoXZ6fOdohzDn7BlzMiZu+xa6NJ/D49lN71T /lZjSvdbnsif0QEqNkOEqWp++QIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFAx2qqzE ak03G7kW0o/Nhsc1vjhqMB8GA1UdIwQYMBaAFFmmRyjuAdauNP53sB6IWcggl+V/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRjI3Ri85QzMyNTZBMkU5 OEYxMUU1QjJBREM1NjdDNEY5QUUwMi9XYVpIS080QjFxNDBfbmV3SG9oWnlDQ1g1 WDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1dhWkhLTzRCMXE0MF9uZXdIb2haeUNDWDVYOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkYyN0YvOUMzMjU2QTJFOThGMTFFNUIyQURDNTY3QzRGOUFFMDIvNDMxRDE5MDY5 RTgyMTFFQUFEODZBQzUxQzRGOUFFMDIucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS BAIAATAMAwQCK/N0AwQCZ+LcMA0EAgACMAcDBQAkBIKAMA0GCSqGSIb3DQEBCwUA A4IBAQABUkbkd953xIsezgU9M85mFbhKaDxpvhZQGP4+3/d8arpafOI5rq09/CW0 oypL51R6BFg9RB55Q56kyxoKYZ2U9VN6c2KEhWY6Bgm1Tv1s2I5QslfOUAJ0YZAT U4UxMFmHH73W7GVEKX4I8imSuEre7XpHtXg1g9jR06+XwKz+wttPi04z95NegLhi nmGVAKlcaG9g7kPe2Jn289IdIj7a9ksfygZZy8lkiPKpZ/8BLI10gijDGQuPcmEJ vwYgjnDJUOTEbwjzPDNWd4yZ/SFAHTTg4bBf4j+myHmNqdPSYvfVlhXdp60iTG1I kelbXs60qjy4EYzHubmiTw4xs6ov -----END CERTIFICATE-----Generated at Fri Apr 17 12:38:17 2026 by rpki-client