$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/CDE36D52DB9511E99F3F673EC4F9AE02.roa File: CDE36D52DB9511E99F3F673EC4F9AE02.roa (raw, json) Hash identifier: 1OACpcIMwxDFvy670DP/4OuuubrWAy3MQQBov3eDpOM= Subject key identifier: 19:62:6E:EA:B5:5D:E2:2B:0D:35:C4:41:E2:48:28:69:0F:E4:22:E2 Certificate issuer: /CN=A91C1621/serialNumber=FA4179627F5B26594E5630353A0B7785E0D692C5 Certificate serial: 354F Authority key identifier: FA:41:79:62:7F:5B:26:59:4E:56:30:35:3A:0B:77:85:E0:D6:92:C5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-kF5Yn9bJllOVjA1Ogt3heDWksU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/CDE36D52DB9511E99F3F673EC4F9AE02.roa Signing time: Sun 01 Mar 2026 15:25:25 +0000 ROA not before: Tue 28 Oct 2025 14:30:06 +0000 ROA not after: Sun 31 Jan 2027 00:00:00 +0000 asID: 55805 IP address blocks: 27.123.212.0/22 maxlen: 22 27.123.212.0/24 maxlen: 24 27.123.213.0/24 maxlen: 24 27.123.214.0/24 maxlen: 24 27.123.215.0/24 maxlen: 24 103.29.144.0/22 maxlen: 22 103.29.144.0/24 maxlen: 24 103.29.145.0/24 maxlen: 24 103.29.146.0/24 maxlen: 24 103.29.147.0/24 maxlen: 24 103.98.68.0/22 maxlen: 22 103.98.68.0/24 maxlen: 24 103.98.69.0/24 maxlen: 24 103.98.70.0/24 maxlen: 24 103.98.71.0/24 maxlen: 24 202.126.88.0/22 maxlen: 22 202.126.88.0/24 maxlen: 24 202.126.89.0/24 maxlen: 24 202.126.90.0/24 maxlen: 24 202.126.91.0/24 maxlen: 24 2401:90c0::/32 maxlen: 48 2405:600::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/-kF5Yn9bJllOVjA1Ogt3heDWksU.crl rsync://rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/-kF5Yn9bJllOVjA1Ogt3heDWksU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-kF5Yn9bJllOVjA1Ogt3heDWksU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 01:35:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13647 (0x354f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C1621, serialNumber=FA4179627F5B26594E5630353A0B7785E0D692C5 Validity Not Before: Oct 28 14:30:06 2025 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=69a45a65-37f7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:4e:84:e1:32:96:1e:62:0a:c0:53:4a:0a:1a: e0:75:d0:71:ed:cb:a1:23:79:fc:8f:c6:7c:67:b0: f8:6f:ad:89:d8:43:82:26:b4:91:7a:8f:62:d4:30: 42:f5:02:96:15:fc:b8:05:c4:bc:99:c1:56:db:79: 6c:c6:ab:10:9c:46:89:aa:0a:cd:02:ba:0f:42:c8: 6c:4e:3e:4a:1c:1a:4e:bf:df:fb:84:f7:5f:21:5e: 05:d5:a4:21:1b:9e:90:39:bd:39:2e:d1:61:f8:4d: 0e:e6:d6:a1:ac:87:89:1f:85:8f:bf:d9:be:39:df: 92:bf:3f:0b:64:9a:d3:1e:4a:e9:e3:98:4b:0b:bd: 0e:2d:bc:98:de:fd:d3:77:45:a9:c9:2a:d2:83:bb: 93:6d:4e:73:4e:11:7c:30:ee:29:6b:b3:51:0d:4e: c3:6d:16:aa:f4:9b:94:7f:1a:8a:3f:96:a9:76:20: 17:a9:d6:b5:49:ea:94:58:b6:70:8f:7e:01:41:62: f7:8a:21:ac:ee:5b:7c:23:84:e3:73:5a:31:4d:c3: a8:2d:6b:e5:85:60:2e:47:f8:c0:18:7b:d1:df:e3: b4:9e:30:1a:3f:36:f4:c4:ba:38:5b:94:37:93:1e: 17:90:42:b8:c3:1a:84:5a:da:b2:8a:c2:3f:85:3d: 36:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:62:6E:EA:B5:5D:E2:2B:0D:35:C4:41:E2:48:28:69:0F:E4:22:E2 X509v3 Authority Key Identifier: keyid:FA:41:79:62:7F:5B:26:59:4E:56:30:35:3A:0B:77:85:E0:D6:92:C5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/-kF5Yn9bJllOVjA1Ogt3heDWksU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-kF5Yn9bJllOVjA1Ogt3heDWksU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/CDE36D52DB9511E99F3F673EC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 27.123.212.0/22 103.29.144.0/22 103.98.68.0/22 202.126.88.0/22 IPv6: 2401:90c0::/32 2405:600::/32 Signature Algorithm: sha256WithRSAEncryption 45:15:ce:96:cf:5f:25:6e:d3:dc:e9:89:c7:46:b9:a1:6d:72: 6f:61:c3:92:0f:04:d5:65:fd:73:8c:a0:f6:41:a0:3c:ae:36: ae:a6:1b:45:39:72:b9:1f:20:a6:9e:d4:54:b8:2a:db:e5:15: ff:e6:b6:f1:df:38:53:8e:0d:b0:e0:ab:6c:93:8d:1e:10:e1: c6:d8:9a:6d:ee:84:92:a9:b4:1c:83:7f:c9:e9:83:fc:f0:11: e1:28:94:7c:7d:0f:7c:34:ca:a8:7a:90:95:d2:a4:81:ca:29: aa:3a:fe:07:e9:e1:5f:f6:51:98:13:20:66:63:34:7b:93:82: be:29:32:8d:64:a1:0a:3d:53:f7:b4:2d:7f:8c:c3:68:2f:ca: 1e:5d:dc:6c:e7:40:22:69:f8:27:21:d4:c4:ce:cf:b2:f4:f5: e0:8f:c6:00:2d:dd:65:2a:e5:21:59:eb:e0:2b:ec:e3:04:0c: 4e:90:8b:35:bd:58:cf:c8:cc:2a:f0:b0:67:54:a3:66:66:b7: 07:6a:88:eb:86:f6:b1:2e:89:9d:15:46:6e:a3:3f:19:16:74: 14:a4:9b:bd:f0:f0:c0:3f:05:da:86:26:fd:f1:4c:c3:90:2f: d0:0c:73:29:5c:e4:08:6a:eb:1b:d7:fb:35:02:2c:07:35:6f: 6b:41:d2:73 -----BEGIN CERTIFICATE----- MIIFZDCCBEygAwIBAgICNU8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzE2MjExMTAvBgNVBAUTKEZBNDE3OTYyN0Y1QjI2NTk0RTU2MzAzNTNBMEI3Nzg1 RTBENjkyQzUwHhcNMjUxMDI4MTQzMDA2WhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NWE2NS0zN2Y3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0k6E4TKWHmIKwFNKChrgddBx7cuhI3n8j8Z8Z7D4b62J2EOCJrSReo9i1DBC 9QKWFfy4BcS8mcFW23lsxqsQnEaJqgrNAroPQshsTj5KHBpOv9/7hPdfIV4F1aQh G56QOb05LtFh+E0O5tahrIeJH4WPv9m+Od+Svz8LZJrTHkrp45hLC70OLbyY3v3T d0WpySrSg7uTbU5zThF8MO4pa7NRDU7DbRaq9JuUfxqKP5apdiAXqda1SeqUWLZw j34BQWL3iiGs7lt8I4Tjc1oxTcOoLWvlhWAuR/jAGHvR3+O0njAaPzb0xLo4W5Q3 kx4XkEK4wxqEWtqyisI/hT02yQIDAQABo4ICiDCCAoQwHQYDVR0OBBYEFBlibuq1 XeIrDTXEQeJIKGkP5CLiMB8GA1UdIwQYMBaAFPpBeWJ/WyZZTlYwNToLd4Xg1pLF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMTYyMS85OUQ2OERDRTFE NjkxMUUyQTQ2NDBEQTcwOEIwMkNEMi8ta0Y1WW45YkpsbE9WakExT2d0M2hlRFdr c1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1rRjVZbjliSmxsT1ZqQTFPZ3QzaGVEV2tzVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzE2MjEvOTlENjhEQ0UxRDY5MTFFMkE0NjQwREE3MDhCMDJDRDIvQ0RFMzZENTJE Qjk1MTFFOTlGM0Y2NzNFQzRGOUFFMDIucm9hMEcGCCsGAQUFBwEHAQH/BDgwNjAe BAIAATAYAwQCG3vUAwQCZx2QAwQCZ2JEAwQCyn5YMBQEAgACMA4DBQAkAZDAAwUA JAUGADANBgkqhkiG9w0BAQsFAAOCAQEARRXOls9fJW7T3OmJx0a5oW1yb2HDkg8E 1WX9c4yg9kGgPK42rqYbRTlyuR8gpp7UVLgq2+UV/+a28d84U44NsOCrbJONHhDh xtiabe6Ekqm0HIN/yemD/PAR4SiUfH0PfDTKqHqQldKkgcopqjr+B+nhX/ZRmBMg ZmM0e5OCvikyjWShCj1T97Qtf4zDaC/KHl3cbOdAImn4JyHUxM7PsvT14I/GAC3d ZSrlIVnr4Cvs4wQMTpCLNb1Yz8jMKvCwZ1SjZma3B2qI64b2sS6JnRVGbqM/GRZ0 FKSbvfDwwD8F2oYm/fFMw5Av0AxzKVzkCGrrG9f7NQIsBzVva0HScw== -----END CERTIFICATE-----Generated at Mon Mar 2 05:33:48 2026 by rpki-client