$ rpki-client -vvf rpki.apnic.net/member_repository/A91C4D8E/589B933C06A411EAB3C66B38C4F9AE02/C9FF2A7E06A511EAA1FFDB3DC4F9AE02.roa File: C9FF2A7E06A511EAA1FFDB3DC4F9AE02.roa (raw, json) Hash identifier: 0Bzx3cTQetOlK87DOybR5kJ5yU0elH44slx+HVrYHM0= Subject key identifier: CE:BF:77:63:F9:20:67:39:58:42:8F:EB:A4:BF:58:CE:6B:03:46:0B Certificate issuer: /CN=A91C4D8E/serialNumber=3F7D9BBAED7C5BFDBBA3A349ABE96B21AD27DA67 Certificate serial: 0CDE Authority key identifier: 3F:7D:9B:BA:ED:7C:5B:FD:BB:A3:A3:49:AB:E9:6B:21:AD:27:DA:67 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P32buu18W_27o6NJq-lrIa0n2mc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C4D8E/589B933C06A411EAB3C66B38C4F9AE02/C9FF2A7E06A511EAA1FFDB3DC4F9AE02.roa Signing time: Sun 01 Mar 2026 14:41:27 +0000 ROA not before: Mon 26 Jan 2026 18:15:26 +0000 ROA not after: Wed 31 Mar 2027 00:00:00 +0000 asID: 138534 IP address blocks: 103.132.88.0/22 maxlen: 22 103.132.88.0/23 maxlen: 23 103.132.88.0/24 maxlen: 24 103.132.89.0/24 maxlen: 24 103.132.90.0/23 maxlen: 23 103.132.90.0/24 maxlen: 24 103.132.91.0/24 maxlen: 24 2404:3440::/32 maxlen: 32 2404:3440::/36 maxlen: 36 2404:3440:1000::/36 maxlen: 36 2404:3440:2000::/36 maxlen: 36 2404:3440:3000::/36 maxlen: 36 2404:3440:4000::/36 maxlen: 36 2404:3440:5000::/36 maxlen: 36 2404:3440:6000::/36 maxlen: 36 2404:3440:6000::/48 maxlen: 48 2404:3440:6001::/48 maxlen: 48 2404:3440:7000::/36 maxlen: 36 2404:3440:8000::/36 maxlen: 36 2404:3440:9000::/36 maxlen: 36 2404:3440:a000::/36 maxlen: 36 2404:3440:b000::/36 maxlen: 36 2404:3440:c000::/36 maxlen: 36 2404:3440:d000::/36 maxlen: 36 2404:3440:e000::/36 maxlen: 36 2404:3440:f000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C4D8E/589B933C06A411EAB3C66B38C4F9AE02/P32buu18W_27o6NJq-lrIa0n2mc.crl rsync://rpki.apnic.net/member_repository/A91C4D8E/589B933C06A411EAB3C66B38C4F9AE02/P32buu18W_27o6NJq-lrIa0n2mc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P32buu18W_27o6NJq-lrIa0n2mc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 01:38:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3294 (0xcde) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C4D8E, serialNumber=3F7D9BBAED7C5BFDBBA3A349ABE96B21AD27DA67 Validity Not Before: Jan 26 18:15:26 2026 GMT Not After : Mar 31 00:00:00 2027 GMT Subject: CN=69a45017-0616 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:e3:68:3c:ba:9c:55:d5:46:18:3f:74:c6:fc: 4a:84:d4:d5:78:d4:66:68:c0:33:17:1e:6c:3c:12: 6c:b7:26:f5:e9:35:06:0b:5c:8d:c4:93:78:2d:cf: 60:de:3e:1f:af:8a:6a:b0:46:d9:73:be:22:9c:3a: 27:fa:ef:52:1d:24:99:46:af:99:1d:20:15:04:81: 6f:6d:f0:e6:8d:74:99:cc:7b:04:7e:e7:4a:ae:1e: 0b:00:ff:12:41:78:8b:a6:8a:8e:6e:42:67:73:a0: 8d:f9:a0:36:66:32:a8:5d:91:ff:6a:81:a3:51:c3: a2:5b:5d:55:15:f6:c8:14:49:da:3c:16:6c:72:26: 13:00:02:7b:ba:4d:2a:47:6b:e2:04:2e:3d:e4:ce: c8:ea:87:4d:e5:25:7e:a2:ac:c8:a4:f8:f6:eb:cf: 49:88:7e:3c:76:2e:85:49:a5:7e:34:db:b8:24:86: 57:9c:3c:3e:30:c0:63:74:7b:bd:89:db:d6:02:e5: 17:c5:64:43:24:f8:05:bf:16:9b:e8:df:82:7e:a9: 12:64:bb:32:3b:40:a1:89:67:8d:cc:9a:0d:b7:94: 0b:28:6e:95:32:e8:5e:6c:02:aa:b7:67:81:b7:c4: 69:1e:50:35:98:3d:79:af:9e:58:ad:04:a0:49:5d: d3:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:BF:77:63:F9:20:67:39:58:42:8F:EB:A4:BF:58:CE:6B:03:46:0B X509v3 Authority Key Identifier: keyid:3F:7D:9B:BA:ED:7C:5B:FD:BB:A3:A3:49:AB:E9:6B:21:AD:27:DA:67 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C4D8E/589B933C06A411EAB3C66B38C4F9AE02/P32buu18W_27o6NJq-lrIa0n2mc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P32buu18W_27o6NJq-lrIa0n2mc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C4D8E/589B933C06A411EAB3C66B38C4F9AE02/C9FF2A7E06A511EAA1FFDB3DC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.132.88.0/22 IPv6: 2404:3440::/32 Signature Algorithm: sha256WithRSAEncryption b7:3b:39:59:ae:5e:62:ac:c5:74:d0:44:de:52:cf:04:30:82: ae:dc:e4:3a:05:bb:35:cb:4b:44:41:25:6e:3a:5e:93:72:db: da:d6:37:c7:b6:22:bc:21:e8:72:d6:45:2d:44:fc:7f:96:9a: 61:33:82:6f:e8:70:f2:5d:50:02:41:a8:5d:af:06:15:2e:e8: 4c:a8:3b:e2:76:ad:84:07:e3:b4:52:5c:b3:a1:14:41:12:0f: 62:d2:c3:df:f3:4f:8d:8e:19:02:ac:88:27:6f:af:81:ee:2a: 42:6d:29:7b:af:49:1f:e5:6f:fc:bb:7b:a4:66:fb:ba:da:29: 46:83:be:66:0a:0a:a3:c1:28:42:e0:46:3e:67:9f:b7:c8:ed: 93:57:e9:15:0b:c4:94:7b:52:b6:e9:a6:5c:8c:5a:49:bf:bc: 55:13:dd:73:63:35:0a:08:f8:03:94:bb:ea:4f:da:4a:42:3c: 87:ca:fc:3e:41:24:76:8b:a6:77:a4:91:47:f0:50:fa:88:10: 1f:48:4c:3d:df:5d:79:7d:ce:d0:b7:60:14:13:31:fd:a1:4c: 35:e3:9a:d6:42:d2:ce:03:37:bb:14:6d:49:fd:f0:11:b0:bc: 19:f9:4e:69:ce:d8:19:53:9a:26:35:bd:88:9c:7f:ba:d2:a2: 59:b5:d2:8f -----BEGIN CERTIFICATE----- MIIFSzCCBDOgAwIBAgICDN4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzREOEUxMTAvBgNVBAUTKDNGN0Q5QkJBRUQ3QzVCRkRCQkEzQTM0OUFCRTk2QjIx QUQyN0RBNjcwHhcNMjYwMTI2MTgxNTI2WhcNMjcwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NTAxNy0wNjE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAweNoPLqcVdVGGD90xvxKhNTVeNRmaMAzFx5sPBJstyb16TUGC1yNxJN4Lc9g 3j4fr4pqsEbZc74inDon+u9SHSSZRq+ZHSAVBIFvbfDmjXSZzHsEfudKrh4LAP8S QXiLpoqObkJnc6CN+aA2ZjKoXZH/aoGjUcOiW11VFfbIFEnaPBZsciYTAAJ7uk0q R2viBC495M7I6odN5SV+oqzIpPj2689JiH48di6FSaV+NNu4JIZXnDw+MMBjdHu9 idvWAuUXxWRDJPgFvxab6N+CfqkSZLsyO0ChiWeNzJoNt5QLKG6VMuhebAKqt2eB t8RpHlA1mD15r55YrQSgSV3TYwIDAQABo4ICbzCCAmswHQYDVR0OBBYEFM6/d2P5 IGc5WEKP66S/WM5rA0YLMB8GA1UdIwQYMBaAFD99m7rtfFv9u6OjSavpayGtJ9pn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNEQ4RS81ODlCOTMzQzA2 QTQxMUVBQjNDNjZCMzhDNEY5QUUwMi9QMzJidXUxOFdfMjdvNk5KcS1scklhMG4y bWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1AzMmJ1dTE4V18yN282TkpxLWxySWEwbjJtYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzREOEUvNTg5QjkzM0MwNkE0MTFFQUIzQzY2QjM4QzRGOUFFMDIvQzlGRjJBN0Uw NkE1MTFFQUExRkZEQjNEQzRGOUFFMDIucm9hMC4GCCsGAQUFBwEHAQH/BB8wHTAM BAIAATAGAwQCZ4RYMA0EAgACMAcDBQAkBDRAMA0GCSqGSIb3DQEBCwUAA4IBAQC3 OzlZrl5irMV00ETeUs8EMIKu3OQ6Bbs1y0tEQSVuOl6Tctva1jfHtiK8Iehy1kUt RPx/lpphM4Jv6HDyXVACQahdrwYVLuhMqDvidq2EB+O0UlyzoRRBEg9i0sPf80+N jhkCrIgnb6+B7ipCbSl7r0kf5W/8u3ukZvu62ilGg75mCgqjwShC4EY+Z5+3yO2T V+kVC8SUe1K26aZcjFpJv7xVE91zYzUKCPgDlLvqT9pKQjyHyvw+QSR2i6Z3pJFH 8FD6iBAfSEw93115fc7Qt2AUEzH9oUw145rWQtLOAze7FG1J/fARsLwZ+U5pztgZ U5omNb2InH+60qJZtdKP -----END CERTIFICATE-----Generated at Mon Mar 2 10:37:48 2026 by rpki-client