$ rpki-client -vvf rpki.apnic.net/member_repository/A91C956C/FB305A5E0C8A11ECA3191B0CC4F9AE02/2F3F56C42BB411EF8D887F3AC4F9AE02.roa File: 2F3F56C42BB411EF8D887F3AC4F9AE02.roa (raw, json) Hash identifier: u3v0nvDMzptv0Bv0++6upWHNRBc+BH3ns60gSH838+o= Subject key identifier: 5E:F7:B9:5D:EB:B3:7B:50:8F:AF:B9:38:6D:9E:F8:CD:E8:70:FA:0D Certificate issuer: /CN=A91C956C/serialNumber=512D9BDE813CB7BC77190A84F9B18DB8EB4E225F Certificate serial: 05AE Authority key identifier: 51:2D:9B:DE:81:3C:B7:BC:77:19:0A:84:F9:B1:8D:B8:EB:4E:22:5F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/US2b3oE8t7x3GQqE-bGNuOtOIl8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C956C/FB305A5E0C8A11ECA3191B0CC4F9AE02/2F3F56C42BB411EF8D887F3AC4F9AE02.roa Signing time: Sun 01 Mar 2026 16:37:07 +0000 ROA not before: Thu 02 Oct 2025 23:54:49 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 151952 IP address blocks: 103.172.142.0/23 maxlen: 23 103.172.142.0/24 maxlen: 24 103.172.143.0/24 maxlen: 24 2001:df0:6a40::/48 maxlen: 48 2001:df0:6a40::/49 maxlen: 49 2001:df0:6a40:8000::/49 maxlen: 49 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C956C/FB305A5E0C8A11ECA3191B0CC4F9AE02/US2b3oE8t7x3GQqE-bGNuOtOIl8.crl rsync://rpki.apnic.net/member_repository/A91C956C/FB305A5E0C8A11ECA3191B0CC4F9AE02/US2b3oE8t7x3GQqE-bGNuOtOIl8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/US2b3oE8t7x3GQqE-bGNuOtOIl8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 23:31:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1454 (0x5ae) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C956C, serialNumber=512D9BDE813CB7BC77190A84F9B18DB8EB4E225F Validity Not Before: Oct 2 23:54:49 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=69a46b33-ec08 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:8d:c3:30:49:90:6e:b1:ca:40:96:a8:2f:db: 67:ee:e0:06:67:47:20:1f:66:f8:88:22:3e:d6:9b: 85:1f:55:8a:73:42:6e:d5:42:e8:f5:4e:05:7f:0e: c9:eb:83:87:f0:29:61:59:31:b7:85:54:f1:ec:f5: 35:fa:90:1d:20:f8:cb:48:7f:a4:81:85:2b:d4:d4: 46:94:5c:2f:20:55:9d:90:39:65:72:5b:a5:93:68: 6c:da:a9:d3:39:21:75:69:5c:2e:69:14:65:ed:db: eb:42:ba:5b:96:23:f5:df:8e:75:02:e7:e8:eb:04: 24:af:c8:b4:71:2f:54:88:24:16:d3:b2:12:21:3e: 51:51:98:cf:c1:b6:05:8c:4d:78:e1:f7:55:22:90: 1f:32:27:03:47:2b:f5:50:ff:bb:73:d4:f3:9a:0a: e9:f4:2a:1b:17:f8:93:39:31:1b:e5:6b:98:51:01: cd:bb:6b:b3:f0:9f:0e:bc:01:93:59:27:8b:58:f5: 22:1d:37:68:ae:e2:52:79:b3:7d:f6:e0:28:36:ce: 9e:b7:e7:8d:d0:3e:37:ef:81:30:ab:b3:a7:a7:17: b6:67:17:0e:3e:3e:80:fd:85:a8:18:b1:1c:02:c7: 2e:0b:31:e2:49:76:c2:02:03:4b:0a:e3:fe:c3:50: 46:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:F7:B9:5D:EB:B3:7B:50:8F:AF:B9:38:6D:9E:F8:CD:E8:70:FA:0D X509v3 Authority Key Identifier: keyid:51:2D:9B:DE:81:3C:B7:BC:77:19:0A:84:F9:B1:8D:B8:EB:4E:22:5F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C956C/FB305A5E0C8A11ECA3191B0CC4F9AE02/US2b3oE8t7x3GQqE-bGNuOtOIl8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/US2b3oE8t7x3GQqE-bGNuOtOIl8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C956C/FB305A5E0C8A11ECA3191B0CC4F9AE02/2F3F56C42BB411EF8D887F3AC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.172.142.0/23 IPv6: 2001:df0:6a40::/48 Signature Algorithm: sha256WithRSAEncryption 94:84:0b:b9:f6:6d:00:10:55:20:e1:ac:82:14:5b:48:d6:be: 45:7e:56:e2:41:af:0a:cb:ff:f7:cc:41:85:4c:8d:8d:37:65: 0c:00:94:d5:91:68:c2:ac:58:f0:16:51:9b:ef:bb:b1:4d:b6: 2b:e7:31:bf:37:5a:36:f6:43:d1:44:8e:5b:dd:73:3c:1e:5d: 65:ed:9b:a3:cf:47:6a:9a:42:6a:4e:a7:82:d8:8e:dd:c2:f6: 4a:78:71:2a:16:c2:3f:df:51:e2:cc:75:a7:fa:47:12:93:41: 55:da:5d:93:0f:7d:aa:6a:ec:a6:31:52:04:bb:ed:1a:95:c3: 4e:47:1d:2f:76:9a:5e:e5:d8:fe:1b:35:61:36:43:44:79:20: 27:7e:32:9b:72:89:78:b9:4c:b3:7f:a5:2b:31:6c:4f:be:fd: 3b:82:de:c8:c1:9c:b7:1f:67:82:05:d9:1a:08:7b:1e:37:a4: 7c:59:c6:81:d9:7b:c6:22:62:f3:35:a3:ec:09:20:ce:5c:a9: 73:c4:20:e7:6b:24:ef:33:6a:43:c2:24:66:15:1b:8a:5f:d7: e4:e1:50:fd:0c:d7:bb:33:c7:0c:2b:7a:bd:f0:eb:e7:16:1f: e1:b1:1a:2a:03:bd:39:0c:02:88:92:e1:12:14:35:fc:05:dc: d5:9f:25:4e -----BEGIN CERTIFICATE----- MIIFTTCCBDWgAwIBAgICBa4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qzk1NkMxMTAvBgNVBAUTKDUxMkQ5QkRFODEzQ0I3QkM3NzE5MEE4NEY5QjE4REI4 RUI0RTIyNUYwHhcNMjUxMDAyMjM1NDQ5WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NmIzMy1lYzA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAso3DMEmQbrHKQJaoL9tn7uAGZ0cgH2b4iCI+1puFH1WKc0Ju1ULo9U4Ffw7J 64OH8ClhWTG3hVTx7PU1+pAdIPjLSH+kgYUr1NRGlFwvIFWdkDllclulk2hs2qnT OSF1aVwuaRRl7dvrQrpbliP13451Aufo6wQkr8i0cS9UiCQW07ISIT5RUZjPwbYF jE144fdVIpAfMicDRyv1UP+7c9Tzmgrp9CobF/iTOTEb5WuYUQHNu2uz8J8OvAGT WSeLWPUiHTdoruJSebN99uAoNs6et+eN0D4374Ewq7Onpxe2ZxcOPj6A/YWoGLEc AscuCzHiSXbCAgNLCuP+w1BG0wIDAQABo4ICcTCCAm0wHQYDVR0OBBYEFF73uV3r s3tQj6+5OG2e+M3ocPoNMB8GA1UdIwQYMBaAFFEtm96BPLe8dxkKhPmxjbjrTiJf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOTU2Qy9GQjMwNUE1RTBD OEExMUVDQTMxOTFCMENDNEY5QUUwMi9VUzJiM29FOHQ3eDNHUXFFLWJHTnVPdE9J bDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1VTMmIzb0U4dDd4M0dRcUUtYkdOdU90T0lsOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Qzk1NkMvRkIzMDVBNUUwQzhBMTFFQ0EzMTkxQjBDQzRGOUFFMDIvMkYzRjU2QzQy QkI0MTFFRjhEODg3RjNBQzRGOUFFMDIucm9hMDAGCCsGAQUFBwEHAQH/BCEwHzAM BAIAATAGAwQBZ6yOMA8EAgACMAkDBwAgAQ3wakAwDQYJKoZIhvcNAQELBQADggEB AJSEC7n2bQAQVSDhrIIUW0jWvkV+VuJBrwrL//fMQYVMjY03ZQwAlNWRaMKsWPAW UZvvu7FNtivnMb83Wjb2Q9FEjlvdczweXWXtm6PPR2qaQmpOp4LYjt3C9kp4cSoW wj/fUeLMdaf6RxKTQVXaXZMPfapq7KYxUgS77RqVw05HHS92ml7l2P4bNWE2Q0R5 ICd+MptyiXi5TLN/pSsxbE++/TuC3sjBnLcfZ4IF2RoIex43pHxZxoHZe8YiYvM1 o+wJIM5cqXPEIOdrJO8zakPCJGYVG4pf1+ThUP0M17szxwwrer3w6+cWH+GxGioD vTkMAoiS4RIUNfwF3NWfJU4= -----END CERTIFICATE-----Generated at Mon Mar 2 08:01:13 2026 by rpki-client