$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFE07/962C4B7ED2BF11E9A84D6622C4F9AE02/A95EC0B2C9FA11EBB7F2E749C4F9AE02.roa File: A95EC0B2C9FA11EBB7F2E749C4F9AE02.roa (raw, json) Hash identifier: tcWwtdWeFntp7WyE0rgHwY9okLQ7TF8dGNiywkpavhw= Subject key identifier: 8D:5E:3A:97:1A:AA:E9:A3:FC:6E:F6:91:CD:86:5A:4A:24:6E:70:72 Certificate issuer: /CN=A91CFE07/serialNumber=C8EBA334BD7DA6E92E67C408BD03787BAEAE0CAD Certificate serial: 0DF3 Authority key identifier: C8:EB:A3:34:BD:7D:A6:E9:2E:67:C4:08:BD:03:78:7B:AE:AE:0C:AD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yOujNL19pukuZ8QIvQN4e66uDK0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFE07/962C4B7ED2BF11E9A84D6622C4F9AE02/A95EC0B2C9FA11EBB7F2E749C4F9AE02.roa Signing time: Sun 01 Mar 2026 12:17:49 +0000 ROA not before: Thu 20 Feb 2025 18:56:36 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 132602 IP address blocks: 103.16.152.0/22 maxlen: 22 103.16.152.0/24 maxlen: 24 103.16.153.0/24 maxlen: 24 103.16.154.0/23 maxlen: 24 163.47.80.0/22 maxlen: 24 2406:4b00::/32 maxlen: 32 2406:4b00:a::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFE07/962C4B7ED2BF11E9A84D6622C4F9AE02/yOujNL19pukuZ8QIvQN4e66uDK0.crl rsync://rpki.apnic.net/member_repository/A91CFE07/962C4B7ED2BF11E9A84D6622C4F9AE02/yOujNL19pukuZ8QIvQN4e66uDK0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yOujNL19pukuZ8QIvQN4e66uDK0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 02:17:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3571 (0xdf3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFE07, serialNumber=C8EBA334BD7DA6E92E67C408BD03787BAEAE0CAD Validity Not Before: Feb 20 18:56:36 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=69a42e6c-85dc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:bf:12:51:df:1e:46:83:56:05:3b:91:d0:17: 77:8f:ec:1c:98:93:64:91:f6:81:30:14:06:be:4b: 79:aa:f8:79:3f:e2:c2:cb:c6:ce:e4:d3:e2:45:11: 9e:91:71:fa:ad:4d:77:05:6d:8d:05:f9:5d:0a:34: 9a:7b:cd:29:e6:a5:46:0e:7a:9a:53:ee:e3:d3:a8: e9:d8:a2:bf:dd:1d:5e:85:92:cb:4a:ef:6e:2c:15: b5:51:88:0b:cb:8d:31:fd:fc:b2:57:5d:95:51:f8: 97:2f:d4:65:50:7a:22:81:88:57:bb:8a:6e:de:05: fc:d2:d2:da:f5:a5:81:43:54:d5:bd:55:5f:1b:18: 2e:37:e0:1e:08:33:66:ca:c2:11:7f:49:ec:74:fc: 40:ab:6b:fa:d3:e4:e0:49:43:30:73:cb:47:b7:51: 09:c0:08:6d:ce:9d:51:ac:e1:93:7b:c9:26:62:86: 99:0b:7b:46:eb:33:c2:ca:4f:4c:fc:0a:d6:db:ee: ee:3f:2a:0c:4d:18:36:3d:7d:ec:07:e2:a0:35:30: bc:0c:cc:7f:0d:ec:4d:d3:0d:5d:0e:17:fb:79:f0: dd:3d:38:7b:ea:e7:5c:0c:68:60:23:03:28:08:28: 76:17:3c:0a:6b:4f:62:29:75:9e:8b:9a:ea:f3:bd: a4:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:5E:3A:97:1A:AA:E9:A3:FC:6E:F6:91:CD:86:5A:4A:24:6E:70:72 X509v3 Authority Key Identifier: keyid:C8:EB:A3:34:BD:7D:A6:E9:2E:67:C4:08:BD:03:78:7B:AE:AE:0C:AD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFE07/962C4B7ED2BF11E9A84D6622C4F9AE02/yOujNL19pukuZ8QIvQN4e66uDK0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yOujNL19pukuZ8QIvQN4e66uDK0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFE07/962C4B7ED2BF11E9A84D6622C4F9AE02/A95EC0B2C9FA11EBB7F2E749C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.16.152.0/22 163.47.80.0/22 IPv6: 2406:4b00::/32 Signature Algorithm: sha256WithRSAEncryption 2f:f6:c9:61:51:1a:3e:af:fb:fe:1f:a2:da:d0:58:7d:e8:9a: 33:7f:f5:d0:5d:86:75:2f:aa:e5:71:96:6b:06:67:1f:4a:73: 65:f0:0e:7f:a7:18:ef:db:67:c7:8f:91:c1:6f:44:d5:0a:c6: eb:a0:72:13:87:d8:6d:72:3a:39:b7:73:f1:4a:ee:1e:fd:13: 8d:ae:4d:10:ec:98:5e:c2:b7:b6:f0:c6:4f:73:aa:7a:da:a4: db:e5:e1:71:93:53:d8:44:54:85:64:80:bd:0c:6c:14:a5:55: 54:21:77:9a:2b:33:5d:2e:65:99:30:6f:58:fb:f0:3d:f9:e8: 6b:10:39:98:e7:54:60:52:76:cd:59:98:68:dd:75:38:88:30: 65:3b:45:38:1e:86:1e:83:40:35:ab:5c:00:6e:f2:64:6a:a9: 91:ee:85:01:4b:24:53:f2:53:75:4c:1d:75:d6:aa:ba:ef:6d: d2:bb:1a:d1:5a:3b:34:79:a9:c9:3a:2a:82:dc:5b:cf:c8:11: 59:dc:a5:ad:fa:dd:c5:5c:50:4c:85:64:d4:6d:72:00:4b:d2: 04:e6:d8:99:c6:a0:15:ea:84:c2:d2:d4:d2:47:bf:8a:ef:47: 36:3a:c7:be:c7:45:79:df:67:f1:e5:64:f3:cf:21:2f:e7:b3: 90:b8:f7:8b -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgICDfMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0ZFMDcxMTAvBgNVBAUTKEM4RUJBMzM0QkQ3REE2RTkyRTY3QzQwOEJEMDM3ODdC QUVBRTBDQUQwHhcNMjUwMjIwMTg1NjM2WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MmU2Yy04NWRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv78SUd8eRoNWBTuR0Bd3j+wcmJNkkfaBMBQGvkt5qvh5P+LCy8bO5NPiRRGe kXH6rU13BW2NBfldCjSae80p5qVGDnqaU+7j06jp2KK/3R1ehZLLSu9uLBW1UYgL y40x/fyyV12VUfiXL9RlUHoigYhXu4pu3gX80tLa9aWBQ1TVvVVfGxguN+AeCDNm ysIRf0nsdPxAq2v60+TgSUMwc8tHt1EJwAhtzp1RrOGTe8kmYoaZC3tG6zPCyk9M /ArW2+7uPyoMTRg2PX3sB+KgNTC8DMx/DexN0w1dDhf7efDdPTh76udcDGhgIwMo CCh2FzwKa09iKXWei5rq872kYwIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFI1eOpca qumj/G72kc2GWkokbnByMB8GA1UdIwQYMBaAFMjrozS9fabpLmfECL0DeHuurgyt MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkUwNy85NjJDNEI3RUQy QkYxMUU5QTg0RDY2MjJDNEY5QUUwMi95T3VqTkwxOXB1a3VaOFFJdlFONGU2NnVE SzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lPdWpOTDE5cHVrdVo4UUl2UU40ZTY2dURLMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0ZFMDcvOTYyQzRCN0VEMkJGMTFFOUE4NEQ2NjIyQzRGOUFFMDIvQTk1RUMwQjJD OUZBMTFFQkI3RjJFNzQ5QzRGOUFFMDIucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS BAIAATAMAwQCZxCYAwQCoy9QMA0EAgACMAcDBQAkBksAMA0GCSqGSIb3DQEBCwUA A4IBAQAv9slhURo+r/v+H6La0Fh96Jozf/XQXYZ1L6rlcZZrBmcfSnNl8A5/pxjv 22fHj5HBb0TVCsbroHITh9htcjo5t3PxSu4e/RONrk0Q7Jhewre28MZPc6p62qTb 5eFxk1PYRFSFZIC9DGwUpVVUIXeaKzNdLmWZMG9Y+/A9+ehrEDmY51RgUnbNWZho 3XU4iDBlO0U4HoYeg0A1q1wAbvJkaqmR7oUBSyRT8lN1TB111qq6723SuxrRWjs0 eanJOiqC3FvPyBFZ3KWt+t3FXFBMhWTUbXIAS9IE5tiZxqAV6oTC0tTSR7+K70c2 Ose+x0V532fx5WTzzyEv57OQuPeL -----END CERTIFICATE-----Generated at Mon Mar 2 13:02:32 2026 by rpki-client