$ rpki-client -vvf rpki.apnic.net/member_repository/A91CC0C9/C5DABEEA5FB411F08203447DC4F9AE02/35AFBD5AE0D011F09634A562536F56BC.roa File: 35AFBD5AE0D011F09634A562536F56BC.roa (raw, json) Hash identifier: pxyEkBwPYXvAD+2QjsKqnPjRJ2vw6CaCkMBO2KcYyvE= Subject key identifier: 1A:10:DF:83:FC:3A:56:74:4E:D2:5B:6F:45:06:D2:3C:0B:6C:4B:AB Certificate issuer: /CN=A91CC0C9/serialNumber=47B577B9C8ABE2C3600C5B4E793FF4D47B650620 Certificate serial: B5 Authority key identifier: 47:B5:77:B9:C8:AB:E2:C3:60:0C:5B:4E:79:3F:F4:D4:7B:65:06:20 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R7V3ucir4sNgDFtOeT_01HtlBiA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CC0C9/C5DABEEA5FB411F08203447DC4F9AE02/35AFBD5AE0D011F09634A562536F56BC.roa Signing time: Sun 01 Mar 2026 18:10:15 +0000 ROA not before: Sun 11 Jan 2026 06:24:45 +0000 ROA not after: Wed 31 Mar 2027 00:00:00 +0000 asID: 137933 IP address blocks: 43.224.30.0/24 maxlen: 24 43.224.31.0/24 maxlen: 24 45.117.144.0/24 maxlen: 24 45.119.252.0/24 maxlen: 24 45.119.253.0/24 maxlen: 24 45.120.77.0/24 maxlen: 24 103.43.68.0/24 maxlen: 24 103.46.226.0/24 maxlen: 24 103.46.227.0/24 maxlen: 24 103.50.89.0/24 maxlen: 24 103.54.46.0/24 maxlen: 32 103.82.140.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CC0C9/C5DABEEA5FB411F08203447DC4F9AE02/R7V3ucir4sNgDFtOeT_01HtlBiA.crl rsync://rpki.apnic.net/member_repository/A91CC0C9/C5DABEEA5FB411F08203447DC4F9AE02/R7V3ucir4sNgDFtOeT_01HtlBiA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R7V3ucir4sNgDFtOeT_01HtlBiA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 22:26:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 181 (0xb5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CC0C9, serialNumber=47B577B9C8ABE2C3600C5B4E793FF4D47B650620 Validity Not Before: Jan 11 06:24:45 2026 GMT Not After : Mar 31 00:00:00 2027 GMT Subject: CN=69a48106-c3c0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:61:ec:35:76:9c:e4:eb:c5:b3:b5:69:b8:e8: 76:2a:f5:11:e5:0f:b8:f6:3d:e0:e6:67:7c:00:df: 76:46:ef:2b:9e:22:f1:89:18:2e:36:c7:93:e1:91: 1e:b4:39:4d:75:aa:43:04:1a:67:86:24:55:ab:73: 36:67:e3:0f:6d:b7:29:3c:b9:f8:de:30:e1:60:ee: d0:8f:82:5e:db:45:6c:93:28:9e:0e:c0:19:61:9b: e0:3b:1e:04:fd:0d:05:3a:73:51:0c:4e:09:ec:d1: 48:78:85:01:af:82:fd:e3:e5:80:f6:d4:63:ac:89: da:5c:d4:71:6e:cc:35:42:72:95:da:0e:c7:b4:55: 26:39:89:4c:1f:56:ff:19:cf:93:d8:f6:e0:78:3f: 66:d8:da:20:87:9f:12:4e:9c:49:c6:03:29:9f:c2: 56:08:c7:7c:36:4f:fa:61:7d:93:c4:58:78:d4:db: 8f:13:fd:af:2a:98:fd:71:2b:93:69:9d:38:a8:46: 2f:7a:40:c3:46:61:ff:da:97:69:1b:08:ce:96:44: 2b:48:06:6b:a4:be:cf:8c:22:d1:ad:df:9f:2d:38: 62:e6:23:72:a0:19:e7:70:f8:d5:33:cc:4b:62:9f: 8d:94:87:f7:ee:83:b8:21:58:90:4a:82:14:b9:40: 7d:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:10:DF:83:FC:3A:56:74:4E:D2:5B:6F:45:06:D2:3C:0B:6C:4B:AB X509v3 Authority Key Identifier: keyid:47:B5:77:B9:C8:AB:E2:C3:60:0C:5B:4E:79:3F:F4:D4:7B:65:06:20 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CC0C9/C5DABEEA5FB411F08203447DC4F9AE02/R7V3ucir4sNgDFtOeT_01HtlBiA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R7V3ucir4sNgDFtOeT_01HtlBiA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CC0C9/C5DABEEA5FB411F08203447DC4F9AE02/35AFBD5AE0D011F09634A562536F56BC.roa sbgp-ipAddrBlock: critical IPv4: 43.224.30.0/23 45.117.144.0/24 45.119.252.0/23 45.120.77.0/24 103.43.68.0/24 103.46.226.0/23 103.50.89.0/24 103.54.46.0/24 103.82.140.0/24 Signature Algorithm: sha256WithRSAEncryption 9c:34:74:51:80:7c:2d:9d:3d:19:b1:a3:58:67:c4:41:96:19: a0:94:42:06:1e:71:35:02:09:c1:f0:8d:1f:74:eb:a5:85:be: fe:9f:d0:a9:83:39:cf:7c:a7:fa:39:35:7d:e6:ae:b0:0e:eb: 3e:56:30:93:a6:c3:b4:b3:3c:61:6b:d8:64:d1:8d:85:74:4d: f9:a7:09:a6:17:df:b4:e5:46:cf:07:b9:c3:ac:1e:78:5d:cf: 44:53:eb:0f:5b:93:07:62:4e:f9:e5:2f:8d:06:52:28:5c:2a: 12:8a:dd:1d:26:64:74:86:37:d5:ce:a5:b8:4e:0e:ee:0a:65: a6:04:06:38:01:49:eb:50:41:ef:89:9f:bc:9a:7e:e8:ba:84: 5f:93:70:d9:22:96:db:cf:33:91:2d:c4:a3:6e:ad:48:58:84: 06:54:08:fe:8c:cf:6c:ef:f2:ed:8c:55:de:88:d8:a6:14:a3: 9e:8f:61:4a:94:e6:fa:f6:f3:31:9c:51:09:0b:d4:31:92:d4: ad:4b:af:4a:f7:69:c2:52:f7:d9:41:a0:5e:4c:06:9d:45:df: 28:86:c7:7c:72:2e:ef:df:4a:45:03:64:85:b3:38:84:41:a5: d2:7b:ff:12:fd:16:56:50:5d:b4:65:4e:63:23:ee:a4:58:f8: 26:19:54:da -----BEGIN CERTIFICATE----- MIIFbDCCBFSgAwIBAgICALUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0MwQzkxMTAvBgNVBAUTKDQ3QjU3N0I5QzhBQkUyQzM2MDBDNUI0RTc5M0ZGNEQ0 N0I2NTA2MjAwHhcNMjYwMTExMDYyNDQ1WhcNMjcwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0ODEwNi1jM2MwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAkmHsNXac5OvFs7VpuOh2KvUR5Q+49j3g5md8AN92Ru8rniLxiRguNseT4ZEe tDlNdapDBBpnhiRVq3M2Z+MPbbcpPLn43jDhYO7Qj4Je20VskyieDsAZYZvgOx4E /Q0FOnNRDE4J7NFIeIUBr4L94+WA9tRjrInaXNRxbsw1QnKV2g7HtFUmOYlMH1b/ Gc+T2PbgeD9m2Nogh58STpxJxgMpn8JWCMd8Nk/6YX2TxFh41NuPE/2vKpj9cSuT aZ04qEYvekDDRmH/2pdpGwjOlkQrSAZrpL7PjCLRrd+fLThi5iNyoBnncPjVM8xL Yp+NlIf37oO4IViQSoIUuUB9gwIDAQABo4ICkDCCAowwHQYDVR0OBBYEFBoQ34P8 OlZ0TtJbb0UG0jwLbEurMB8GA1UdIwQYMBaAFEe1d7nIq+LDYAxbTnk/9NR7ZQYg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQzBDOS9DNURBQkVFQTVG QjQxMUYwODIwMzQ0N0RDNEY5QUUwMi9SN1YzdWNpcjRzTmdERnRPZVRfMDFIdGxC aUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1I3VjN1Y2lyNHNOZ0RGdE9lVF8wMUh0bEJpQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0MwQzkvQzVEQUJFRUE1RkI0MTFGMDgyMDM0NDdEQzRGOUFFMDIvMzVBRkJENUFF MEQwMTFGMDk2MzRBNTYyNTM2RjU2QkMucm9hME8GCCsGAQUFBwEHAQH/BEAwPjA8 BAIAATA2AwQBK+AeAwQALXWQAwQBLXf8AwQALXhNAwQAZytEAwQBZy7iAwQAZzJZ AwQAZzYuAwQAZ1KMMA0GCSqGSIb3DQEBCwUAA4IBAQCcNHRRgHwtnT0ZsaNYZ8RB lhmglEIGHnE1AgnB8I0fdOulhb7+n9CpgznPfKf6OTV95q6wDus+VjCTpsO0szxh a9hk0Y2FdE35pwmmF9+05UbPB7nDrB54Xc9EU+sPW5MHYk755S+NBlIoXCoSit0d JmR0hjfVzqW4Tg7uCmWmBAY4AUnrUEHviZ+8mn7ouoRfk3DZIpbbzzORLcSjbq1I WIQGVAj+jM9s7/LtjFXeiNimFKOej2FKlOb69vMxnFEJC9QxktStS69K92nCUvfZ QaBeTAadRd8ohsd8ci7v30pFA2SFsziEQaXSe/8S/RZWUF20ZU5jI+6kWPgmGVTa -----END CERTIFICATE-----Generated at Mon Mar 2 13:12:21 2026 by rpki-client