$ rpki-client -vvf rpki.apnic.net/member_repository/A91C2E87/A9F3C6EE129F11EAAB27202FC4F9AE02/504C179A3CDE11EAB553996BC4F9AE02.roa File: 504C179A3CDE11EAB553996BC4F9AE02.roa (raw, json) Hash identifier: tnKzNTdY3kOa3JgIyvO979Ve1nnZLeLTMwODS3F4o5I= Subject key identifier: B4:2B:83:74:0A:31:4A:00:78:EA:BA:03:36:3B:17:CC:03:85:79:67 Certificate issuer: /CN=A91C2E87/serialNumber=5A4A1A1F2D924DE85555C71D3DB66B9BB0E43643 Certificate serial: 0CB1 Authority key identifier: 5A:4A:1A:1F:2D:92:4D:E8:55:55:C7:1D:3D:B6:6B:9B:B0:E4:36:43 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WkoaHy2STehVVccdPbZrm7DkNkM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C2E87/A9F3C6EE129F11EAAB27202FC4F9AE02/504C179A3CDE11EAB553996BC4F9AE02.roa Signing time: Sun 01 Mar 2026 16:44:10 +0000 ROA not before: Wed 24 Dec 2025 18:16:12 +0000 ROA not after: Tue 02 Mar 2027 00:00:00 +0000 asID: 138412 IP address blocks: 103.124.248.0/23 maxlen: 23 103.124.248.0/24 maxlen: 24 103.124.249.0/24 maxlen: 24 103.124.250.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C2E87/A9F3C6EE129F11EAAB27202FC4F9AE02/WkoaHy2STehVVccdPbZrm7DkNkM.crl rsync://rpki.apnic.net/member_repository/A91C2E87/A9F3C6EE129F11EAAB27202FC4F9AE02/WkoaHy2STehVVccdPbZrm7DkNkM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WkoaHy2STehVVccdPbZrm7DkNkM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 03:03:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3249 (0xcb1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C2E87, serialNumber=5A4A1A1F2D924DE85555C71D3DB66B9BB0E43643 Validity Not Before: Dec 24 18:16:12 2025 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=69a46cd9-e048 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:6f:0f:6f:dd:bd:a7:69:01:cc:d9:a4:c6:70: 5b:fd:fa:cd:50:6e:ad:ae:e9:3e:94:96:f0:98:5c: 4f:87:e0:5c:b9:c8:05:82:59:54:79:3f:ad:43:11: 4a:28:ec:cc:29:70:88:99:e8:72:65:67:19:59:0f: 5f:61:7e:be:11:71:01:4e:d3:aa:b9:9f:9a:a6:21: ea:0c:bd:32:95:11:54:a6:cb:6d:6b:6e:48:26:14: 51:b9:c8:f9:83:1a:a1:7f:5d:26:86:32:d9:ca:af: 6b:8e:1a:63:a9:b8:52:2e:ff:4c:b4:08:46:d7:e5: 48:54:35:ca:06:8b:cc:ad:ec:e9:01:6d:0e:4a:cd: 86:7b:f9:d5:2f:d3:a4:6b:da:98:ab:c0:03:35:23: 7a:97:e9:d7:1a:ad:6b:bb:38:68:e0:52:bd:31:e5: cd:78:3d:af:87:56:8a:d0:08:b1:12:bb:b4:a3:b8: 13:8d:ea:a6:84:55:68:6d:aa:da:b2:ec:da:71:87: 1a:4a:39:58:e6:1d:6c:6b:ba:bc:f2:61:16:a2:19: c9:06:9f:26:ba:b2:5b:8c:a7:86:4e:35:ce:f9:aa: 75:8b:9c:d1:d4:e4:89:e6:45:78:2e:bd:ee:af:d1: 58:5e:70:c1:9b:b8:86:49:f5:5f:c8:d5:ff:c0:20: 63:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:2B:83:74:0A:31:4A:00:78:EA:BA:03:36:3B:17:CC:03:85:79:67 X509v3 Authority Key Identifier: keyid:5A:4A:1A:1F:2D:92:4D:E8:55:55:C7:1D:3D:B6:6B:9B:B0:E4:36:43 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C2E87/A9F3C6EE129F11EAAB27202FC4F9AE02/WkoaHy2STehVVccdPbZrm7DkNkM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WkoaHy2STehVVccdPbZrm7DkNkM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C2E87/A9F3C6EE129F11EAAB27202FC4F9AE02/504C179A3CDE11EAB553996BC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.124.248.0/22 Signature Algorithm: sha256WithRSAEncryption 45:c6:b2:bb:00:e4:b9:41:56:ab:0a:51:40:fe:a7:00:85:50: 79:32:77:57:73:8f:99:47:15:93:08:b6:a8:ae:b5:5c:38:59: ee:83:ab:43:14:f3:f9:94:6f:c7:aa:62:6d:fb:87:68:d6:39: 17:42:83:08:0a:04:60:71:65:06:b9:87:a0:c7:af:3e:b3:02: 2c:a9:66:d8:b0:7b:3d:2f:c9:25:98:de:aa:1f:76:80:c1:7d: 11:f8:c9:d9:26:26:0d:ff:50:63:0c:f3:3d:22:93:03:4c:11: 72:ba:56:b1:3e:96:14:74:8b:cb:23:49:ef:78:37:af:ef:89: 99:f4:e8:b9:c6:3d:17:12:dc:98:0f:d8:33:43:ec:e8:9f:30: 07:02:3f:ca:95:95:ca:a2:95:b7:8e:cc:8c:04:a1:33:2d:59: fc:56:63:7c:f1:fd:ce:1b:44:1a:2b:17:0d:40:80:43:89:49: 5b:bc:22:a6:77:5b:9b:3c:3f:7b:bc:de:7e:a7:c1:0a:ca:bd: 7e:a8:69:95:e6:5d:99:e2:bd:18:e0:4c:63:af:f4:b9:71:56: b6:2f:a3:31:3f:8b:44:47:51:13:5f:66:39:7c:47:70:76:b6: 72:05:c2:5e:9c:a0:7d:29:46:69:60:30:fc:28:dd:33:62:42: 46:3d:13:30 -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgICDLEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzJFODcxMTAvBgNVBAUTKDVBNEExQTFGMkQ5MjRERTg1NTU1QzcxRDNEQjY2QjlC QjBFNDM2NDMwHhcNMjUxMjI0MTgxNjEyWhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NmNkOS1lMDQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2G8Pb929p2kBzNmkxnBb/frNUG6truk+lJbwmFxPh+BcucgFgllUeT+tQxFK KOzMKXCImehyZWcZWQ9fYX6+EXEBTtOquZ+apiHqDL0ylRFUpstta25IJhRRucj5 gxqhf10mhjLZyq9rjhpjqbhSLv9MtAhG1+VIVDXKBovMrezpAW0OSs2Ge/nVL9Ok a9qYq8ADNSN6l+nXGq1ruzho4FK9MeXNeD2vh1aK0AixEru0o7gTjeqmhFVobara suzacYcaSjlY5h1sa7q88mEWohnJBp8murJbjKeGTjXO+ap1i5zR1OSJ5kV4Lr3u r9FYXnDBm7iGSfVfyNX/wCBjWwIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFLQrg3QK MUoAeOq6AzY7F8wDhXlnMB8GA1UdIwQYMBaAFFpKGh8tkk3oVVXHHT22a5uw5DZD MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMkU4Ny9BOUYzQzZFRTEy OUYxMUVBQUIyNzIwMkZDNEY5QUUwMi9Xa29hSHkyU1RlaFZWY2NkUGJacm03RGtO a00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1drb2FIeTJTVGVoVlZjY2RQYlpybTdEa05rTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzJFODcvQTlGM0M2RUUxMjlGMTFFQUFCMjcyMDJGQzRGOUFFMDIvNTA0QzE3OUEz Q0RFMTFFQUI1NTM5OTZCQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCZ3z4MA0GCSqGSIb3DQEBCwUAA4IBAQBFxrK7AOS5QVarClFA/qcA hVB5MndXc4+ZRxWTCLaorrVcOFnug6tDFPP5lG/HqmJt+4do1jkXQoMICgRgcWUG uYegx68+swIsqWbYsHs9L8klmN6qH3aAwX0R+MnZJiYN/1BjDPM9IpMDTBFyulax PpYUdIvLI0nveDev74mZ9Oi5xj0XEtyYD9gzQ+zonzAHAj/KlZXKopW3jsyMBKEz LVn8VmN88f3OG0QaKxcNQIBDiUlbvCKmd1ubPD97vN5+p8EKyr1+qGmV5l2Z4r0Y 4Exjr/S5cVa2L6MxP4tER1ETX2Y5fEdwdrZyBcJenKB9KUZpYDD8KN0zYkJGPRMw -----END CERTIFICATE-----Generated at Mon Mar 2 08:04:39 2026 by rpki-client