$ rpki-client -vvf rpki.apnic.net/member_repository/A91CC711/C7D1B0541EE311EF90D21234C4F9AE02/A7FC5DEE8D0411EFBD7A0057C4F9AE02.roa File: A7FC5DEE8D0411EFBD7A0057C4F9AE02.roa (raw, json) Hash identifier: 1qP+GrX3zgK9BKEEg6Dkyc1WLFMQUS+ZMJmqVReMcJ4= Subject key identifier: 40:21:E3:B8:A3:4B:81:32:3C:07:79:81:28:1C:B4:8F:B6:41:07:85 Certificate issuer: /CN=A91CC711/serialNumber=E429D429E66B797B3D8A1CBE2491577ADC38A48E Certificate serial: 0199 Authority key identifier: E4:29:D4:29:E6:6B:79:7B:3D:8A:1C:BE:24:91:57:7A:DC:38:A4:8E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5CnUKeZreXs9ihy-JJFXetw4pI4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CC711/C7D1B0541EE311EF90D21234C4F9AE02/A7FC5DEE8D0411EFBD7A0057C4F9AE02.roa Signing time: Sun 01 Mar 2026 16:13:35 +0000 ROA not before: Wed 17 Dec 2025 04:23:22 +0000 ROA not after: Sun 31 Jan 2027 00:00:00 +0000 asID: 38456 IP address blocks: 103.11.160.0/24 maxlen: 24 103.11.161.0/24 maxlen: 24 103.11.162.0/24 maxlen: 24 103.11.163.0/24 maxlen: 24 182.236.116.0/24 maxlen: 24 182.236.117.0/24 maxlen: 24 202.5.162.0/24 maxlen: 24 202.5.163.0/24 maxlen: 24 202.5.164.0/24 maxlen: 24 202.5.168.0/24 maxlen: 24 202.5.169.0/24 maxlen: 24 202.5.177.0/24 maxlen: 24 202.5.190.0/24 maxlen: 24 203.86.208.0/24 maxlen: 24 203.86.209.0/24 maxlen: 24 203.86.210.0/24 maxlen: 24 203.86.211.0/24 maxlen: 24 203.86.212.0/24 maxlen: 24 203.86.213.0/24 maxlen: 24 203.86.214.0/24 maxlen: 24 203.86.215.0/24 maxlen: 24 203.86.219.0/24 maxlen: 24 203.86.220.0/24 maxlen: 24 203.86.221.0/24 maxlen: 24 203.86.222.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CC711/C7D1B0541EE311EF90D21234C4F9AE02/5CnUKeZreXs9ihy-JJFXetw4pI4.crl rsync://rpki.apnic.net/member_repository/A91CC711/C7D1B0541EE311EF90D21234C4F9AE02/5CnUKeZreXs9ihy-JJFXetw4pI4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5CnUKeZreXs9ihy-JJFXetw4pI4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 22:43:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 409 (0x199) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CC711, serialNumber=E429D429E66B797B3D8A1CBE2491577ADC38A48E Validity Not Before: Dec 17 04:23:22 2025 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=69a465af-4d24 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:e7:60:ab:8c:0f:db:6d:e1:b4:fa:09:8d:b8: 34:8f:8c:25:4a:93:1b:01:33:44:e5:4a:04:8a:3e: 98:86:74:3a:8d:bd:66:67:5f:ed:f3:1d:ac:8a:ac: c7:18:79:96:f9:6e:61:bc:b7:c9:9c:24:47:77:b8: 14:41:93:fe:9a:3a:e6:e4:01:87:04:bc:ae:c6:90: 94:5d:b4:f1:29:47:a5:76:6b:fd:7a:81:73:5d:08: 97:f8:d3:48:7f:fc:ef:26:fd:3c:8c:80:63:ad:9d: ba:54:f0:c0:a9:64:8f:37:29:68:1e:56:73:9d:21: 0f:ba:25:7e:5e:a2:f3:15:dd:33:14:eb:2f:e4:9e: a3:74:18:77:49:0e:46:da:76:1c:b3:44:ca:3e:e6: 90:47:7e:80:8f:bd:f9:0e:0c:ae:0c:80:5d:bd:5c: 37:e6:99:f5:8c:fe:4f:ee:86:5d:6a:f2:35:6c:58: 03:e0:0d:5d:ad:cf:8a:27:b2:12:33:fe:f3:db:61: 4c:f1:95:e3:15:a3:a4:8e:3e:60:7c:4d:ca:bf:d5: 22:ff:3f:bb:e1:d0:5f:bd:79:c3:1f:32:7e:1c:77: 3b:4e:26:19:79:39:91:25:09:46:34:3d:c1:08:28: 8c:53:8f:ed:4a:c4:d6:56:5d:ef:d7:b6:b9:8e:91: 4c:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:21:E3:B8:A3:4B:81:32:3C:07:79:81:28:1C:B4:8F:B6:41:07:85 X509v3 Authority Key Identifier: keyid:E4:29:D4:29:E6:6B:79:7B:3D:8A:1C:BE:24:91:57:7A:DC:38:A4:8E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CC711/C7D1B0541EE311EF90D21234C4F9AE02/5CnUKeZreXs9ihy-JJFXetw4pI4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5CnUKeZreXs9ihy-JJFXetw4pI4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CC711/C7D1B0541EE311EF90D21234C4F9AE02/A7FC5DEE8D0411EFBD7A0057C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.11.160.0/22 182.236.116.0/23 202.5.162.0-202.5.164.255 202.5.168.0/23 202.5.177.0/24 202.5.190.0/24 203.86.208.0/21 203.86.219.0-203.86.222.255 Signature Algorithm: sha256WithRSAEncryption 00:2d:c3:ba:9c:2e:de:33:60:54:90:c8:5e:3c:40:74:06:02: b3:34:8a:c9:69:a0:c3:df:ba:d0:a7:a6:6b:ee:4b:ab:ba:97: 0f:46:d4:f6:e0:09:af:92:a8:0a:87:c7:98:eb:4a:ae:1e:48: 88:b0:45:11:d5:3f:6a:78:c7:16:66:43:19:7c:ec:47:a6:5b: ae:43:54:29:b9:1a:4e:f6:38:22:61:98:ef:88:a8:53:0c:9c: 5c:a4:f1:21:88:d1:47:9f:e4:7b:f9:e6:b6:29:46:8a:47:20: 7e:ff:08:75:16:c3:0e:5c:a7:8f:05:56:92:c0:e5:11:fd:93: ce:51:db:04:db:64:3c:52:04:8e:68:32:02:be:37:27:71:f9: 67:97:74:83:8b:9c:f1:3f:9d:82:24:c8:4f:c9:69:c3:8b:0f: de:bc:c7:83:e1:10:6c:a9:15:10:e5:f3:24:85:62:7c:89:65: 76:83:e0:9e:22:7c:3c:79:60:c8:6b:7e:03:16:8b:d4:34:57: 5e:56:b9:7e:93:db:cc:11:e5:72:32:5a:e2:d7:c2:c2:de:9d: f4:c8:a3:dd:63:78:90:c9:ef:1e:7c:7b:52:36:89:0a:f9:92: 21:37:58:7d:06:b5:b4:c3:75:5d:b3:78:2d:8f:a8:37:68:6b: 1f:31:4f:e2 -----BEGIN CERTIFICATE----- MIIFdjCCBF6gAwIBAgICAZkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0M3MTExMTAvBgNVBAUTKEU0MjlENDI5RTY2Qjc5N0IzRDhBMUNCRTI0OTE1NzdB REMzOEE0OEUwHhcNMjUxMjE3MDQyMzIyWhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NjVhZi00ZDI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1Odgq4wP223htPoJjbg0j4wlSpMbATNE5UoEij6YhnQ6jb1mZ1/t8x2siqzH GHmW+W5hvLfJnCRHd7gUQZP+mjrm5AGHBLyuxpCUXbTxKUeldmv9eoFzXQiX+NNI f/zvJv08jIBjrZ26VPDAqWSPNyloHlZznSEPuiV+XqLzFd0zFOsv5J6jdBh3SQ5G 2nYcs0TKPuaQR36Aj735DgyuDIBdvVw35pn1jP5P7oZdavI1bFgD4A1drc+KJ7IS M/7z22FM8ZXjFaOkjj5gfE3Kv9Ui/z+74dBfvXnDHzJ+HHc7TiYZeTmRJQlGND3B CCiMU4/tSsTWVl3v17a5jpFMHwIDAQABo4ICmjCCApYwHQYDVR0OBBYEFEAh47ij S4EyPAd5gSgctI+2QQeFMB8GA1UdIwQYMBaAFOQp1Cnma3l7PYocviSRV3rcOKSO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQzcxMS9DN0QxQjA1NDFF RTMxMUVGOTBEMjEyMzRDNEY5QUUwMi81Q25VS2VacmVYczlpaHktSkpGWGV0dzRw STQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzVDblVLZVpyZVhzOWloeS1KSkZYZXR3NHBJNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0M3MTEvQzdEMUIwNTQxRUUzMTFFRjkwRDIxMjM0QzRGOUFFMDIvQTdGQzVERUU4 RDA0MTFFRkJEN0EwMDU3QzRGOUFFMDIucm9hMFkGCCsGAQUFBwEHAQH/BEowSDBG BAIAATBAAwQCZwugAwQBtux0MAwDBAHKBaIDBADKBaQDBAHKBagDBADKBbEDBADK Bb4DBAPLVtAwDAMEAMtW2wMEAMtW3jANBgkqhkiG9w0BAQsFAAOCAQEAAC3Dupwu 3jNgVJDIXjxAdAYCszSKyWmgw9+60Kema+5Lq7qXD0bU9uAJr5KoCofHmOtKrh5I iLBFEdU/anjHFmZDGXzsR6ZbrkNUKbkaTvY4ImGY74ioUwycXKTxIYjRR5/ke/nm tilGikcgfv8IdRbDDlynjwVWksDlEf2TzlHbBNtkPFIEjmgyAr43J3H5Z5d0g4uc 8T+dgiTIT8lpw4sP3rzHg+EQbKkVEOXzJIVifIlldoPgniJ8PHlgyGt+AxaL1DRX Xla5fpPbzBHlcjJa4tfCwt6d9Mij3WN4kMnvHnx7UjaJCvmSITdYfQa1tMN1XbN4 LY+oN2hrHzFP4g== -----END CERTIFICATE-----Generated at Mon Mar 2 17:05:41 2026 by rpki-client