$ rpki-client -vvf rpki.apnic.net/member_repository/A91BF27F/9C3256A2E98F11E5B2ADC567C4F9AE02/431D19069E8211EAAD86AC51C4F9AE02.roa File: 431D19069E8211EAAD86AC51C4F9AE02.roa (raw, json) Hash identifier: hA/fmykI3XeiZHCbiTTARBykOTtuxS/5r6lg/JS2YzU= Subject key identifier: 35:5B:65:D1:D4:6C:6F:EF:FA:D4:23:4F:C9:22:31:54:31:A9:86:64 Certificate issuer: /CN=A91BF27F/serialNumber=59A64728EE01D6AE34FE77B01E8859C82097E57F Certificate serial: 21EE Authority key identifier: 59:A6:47:28:EE:01:D6:AE:34:FE:77:B0:1E:88:59:C8:20:97:E5:7F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WaZHKO4B1q40_newHohZyCCX5X8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BF27F/9C3256A2E98F11E5B2ADC567C4F9AE02/431D19069E8211EAAD86AC51C4F9AE02.roa Signing time: Sun 01 Mar 2026 13:39:54 +0000 ROA not before: Fri 28 Mar 2025 16:24:44 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 38719 IP address blocks: 43.243.116.0/22 maxlen: 22 43.243.116.0/24 maxlen: 24 43.243.117.0/24 maxlen: 24 43.243.118.0/24 maxlen: 24 43.243.119.0/24 maxlen: 24 103.226.220.0/22 maxlen: 22 103.226.220.0/24 maxlen: 24 103.226.221.0/24 maxlen: 24 103.226.222.0/24 maxlen: 24 103.226.223.0/24 maxlen: 24 2404:8280::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BF27F/9C3256A2E98F11E5B2ADC567C4F9AE02/WaZHKO4B1q40_newHohZyCCX5X8.crl rsync://rpki.apnic.net/member_repository/A91BF27F/9C3256A2E98F11E5B2ADC567C4F9AE02/WaZHKO4B1q40_newHohZyCCX5X8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WaZHKO4B1q40_newHohZyCCX5X8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:14:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8686 (0x21ee) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BF27F, serialNumber=59A64728EE01D6AE34FE77B01E8859C82097E57F Validity Not Before: Mar 28 16:24:44 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=69a441aa-9bec Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:f3:92:db:6f:ca:6e:fd:68:dd:21:85:97:a5: 41:73:b7:b5:ed:f1:10:c9:ba:86:bc:72:dc:fb:d6: 51:e3:ec:57:13:24:56:15:e1:32:c0:ad:60:fa:70: 33:af:d9:34:60:42:fd:84:72:12:b3:22:e1:97:93: 79:9d:45:6f:a8:5a:d0:f7:d6:ad:36:67:4d:11:34: 4a:b0:fd:35:5b:38:b2:97:96:e5:47:38:7c:06:41: 24:6d:c6:7c:4a:d6:31:0d:53:fd:19:1f:74:3d:f0: 15:a5:d1:37:54:7f:c1:7d:b5:06:51:bf:bd:97:cf: 19:22:8f:a0:a5:0c:23:fb:c4:c7:d9:1f:5a:d8:c0: dc:57:f1:2e:9c:6f:65:0a:3f:6b:ae:57:a5:b8:24: f8:27:a6:02:86:25:86:31:d5:c7:7f:21:0b:c1:4a: ce:7e:b9:8d:1e:75:4b:22:b8:75:88:e7:9b:81:40: 6e:30:73:66:33:75:a9:bb:4b:9f:7f:80:96:3d:5c: b6:34:2d:96:3a:24:6c:3a:d2:90:c6:91:25:23:32: 0f:ef:bb:d1:1f:4e:e6:de:87:b9:88:5f:f2:e2:38: 63:1e:1a:6a:3a:86:13:ba:3e:70:5a:5a:82:89:b1: ff:cb:22:8e:8d:79:24:48:be:af:37:0b:2c:17:84: ce:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:5B:65:D1:D4:6C:6F:EF:FA:D4:23:4F:C9:22:31:54:31:A9:86:64 X509v3 Authority Key Identifier: keyid:59:A6:47:28:EE:01:D6:AE:34:FE:77:B0:1E:88:59:C8:20:97:E5:7F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BF27F/9C3256A2E98F11E5B2ADC567C4F9AE02/WaZHKO4B1q40_newHohZyCCX5X8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WaZHKO4B1q40_newHohZyCCX5X8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BF27F/9C3256A2E98F11E5B2ADC567C4F9AE02/431D19069E8211EAAD86AC51C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.243.116.0/22 103.226.220.0/22 IPv6: 2404:8280::/32 Signature Algorithm: sha256WithRSAEncryption b4:61:1f:bf:93:ee:6c:0a:08:8e:10:90:10:f5:aa:d3:3c:2f: 07:fa:e1:31:48:32:65:17:65:a7:9d:56:18:8d:b8:6e:4d:4b: 0d:eb:8a:60:8d:7a:69:68:ba:b5:ed:4a:f5:a9:d0:9d:0b:24: e3:91:8f:54:f5:e7:8e:8f:4d:59:49:93:a6:a5:9e:30:3a:96: bb:0d:ad:75:b2:0e:f5:b0:62:a8:16:ba:85:9a:e9:d8:78:fb: 6f:d9:86:f4:6a:3a:58:e5:75:4a:da:19:1e:53:f3:e4:88:c8: e3:92:aa:8b:44:41:4d:11:e5:fd:c8:2b:30:55:e3:cb:2d:b9: e8:13:b9:dc:4d:de:ea:00:d8:f6:d7:46:af:54:dc:69:5b:0a: 2c:76:6e:d4:fa:e3:32:e5:dd:57:3d:1b:12:63:ea:8a:84:8c: a0:72:16:3a:7b:54:c2:b9:bf:2d:9c:a7:e6:84:4a:f9:d9:19: e4:55:af:af:a5:bd:e7:4a:b2:c5:72:b6:6a:a7:37:23:73:30: 07:72:4b:60:99:49:c8:bd:24:5f:4b:5b:4b:54:b7:a1:47:d2: cd:65:87:2c:dc:4d:79:65:4d:4a:66:c1:23:d7:25:f3:5d:4b: 41:44:55:d1:aa:cf:af:a1:59:31:2c:f8:fd:b3:8a:7e:5b:03: 22:d0:e8:09 -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgICIe4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkYyN0YxMTAvBgNVBAUTKDU5QTY0NzI4RUUwMUQ2QUUzNEZFNzdCMDFFODg1OUM4 MjA5N0U1N0YwHhcNMjUwMzI4MTYyNDQ0WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NDFhYS05YmVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1vOS22/Kbv1o3SGFl6VBc7e17fEQybqGvHLc+9ZR4+xXEyRWFeEywK1g+nAz r9k0YEL9hHISsyLhl5N5nUVvqFrQ99atNmdNETRKsP01Wziyl5blRzh8BkEkbcZ8 StYxDVP9GR90PfAVpdE3VH/BfbUGUb+9l88ZIo+gpQwj+8TH2R9a2MDcV/EunG9l Cj9rrleluCT4J6YChiWGMdXHfyELwUrOfrmNHnVLIrh1iOebgUBuMHNmM3Wpu0uf f4CWPVy2NC2WOiRsOtKQxpElIzIP77vRH07m3oe5iF/y4jhjHhpqOoYTuj5wWlqC ibH/yyKOjXkkSL6vNwssF4TOSwIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFDVbZdHU bG/v+tQjT8kiMVQxqYZkMB8GA1UdIwQYMBaAFFmmRyjuAdauNP53sB6IWcggl+V/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRjI3Ri85QzMyNTZBMkU5 OEYxMUU1QjJBREM1NjdDNEY5QUUwMi9XYVpIS080QjFxNDBfbmV3SG9oWnlDQ1g1 WDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1dhWkhLTzRCMXE0MF9uZXdIb2haeUNDWDVYOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkYyN0YvOUMzMjU2QTJFOThGMTFFNUIyQURDNTY3QzRGOUFFMDIvNDMxRDE5MDY5 RTgyMTFFQUFEODZBQzUxQzRGOUFFMDIucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS BAIAATAMAwQCK/N0AwQCZ+LcMA0EAgACMAcDBQAkBIKAMA0GCSqGSIb3DQEBCwUA A4IBAQC0YR+/k+5sCgiOEJAQ9arTPC8H+uExSDJlF2WnnVYYjbhuTUsN64pgjXpp aLq17Ur1qdCdCyTjkY9U9eeOj01ZSZOmpZ4wOpa7Da11sg71sGKoFrqFmunYePtv 2Yb0ajpY5XVK2hkeU/PkiMjjkqqLREFNEeX9yCswVePLLbnoE7ncTd7qANj210av VNxpWwosdm7U+uMy5d1XPRsSY+qKhIygchY6e1TCub8tnKfmhEr52RnkVa+vpb3n SrLFcrZqpzcjczAHcktgmUnIvSRfS1tLVLehR9LNZYcs3E15ZU1KZsEj1yXzXUtB RFXRqs+voVkxLPj9s4p+WwMi0OgJ -----END CERTIFICATE-----Generated at Mon Mar 2 04:57:20 2026 by rpki-client