$ rpki-client -vvf rpki.apnic.net/member_repository/A91D087E/B019F1CA04FC11EA8CAED415C4F9AE02/8A7C342604FE11EAB778E81CC4F9AE02.roa File: 8A7C342604FE11EAB778E81CC4F9AE02.roa (raw, json) Hash identifier: h96ygBqP1HseQXwwUH62n5eNi2bKC3tu8QpUrxfOlvo= Subject key identifier: B3:F1:CE:7C:E2:85:C4:62:AC:E6:AA:EB:D3:DA:60:98:18:E8:E3:2C Certificate issuer: /CN=A91D087E/serialNumber=F07FB13EF91E2211B0FEBC855ADDAF301B0671A4 Certificate serial: 0CFC Authority key identifier: F0:7F:B1:3E:F9:1E:22:11:B0:FE:BC:85:5A:DD:AF:30:1B:06:71:A4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8H-xPvkeIhGw_ryFWt2vMBsGcaQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D087E/B019F1CA04FC11EA8CAED415C4F9AE02/8A7C342604FE11EAB778E81CC4F9AE02.roa Signing time: Wed 08 Apr 2026 18:23:15 +0000 ROA not before: Wed 08 Apr 2026 18:23:15 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 24516 IP address blocks: 43.247.124.0/22 maxlen: 24 43.247.128.0/22 maxlen: 24 103.227.200.0/22 maxlen: 24 103.230.172.0/22 maxlen: 24 103.245.216.0/22 maxlen: 24 125.254.48.0/23 maxlen: 24 203.23.139.0/24 maxlen: 24 2402:fa80::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D087E/B019F1CA04FC11EA8CAED415C4F9AE02/8H-xPvkeIhGw_ryFWt2vMBsGcaQ.crl rsync://rpki.apnic.net/member_repository/A91D087E/B019F1CA04FC11EA8CAED415C4F9AE02/8H-xPvkeIhGw_ryFWt2vMBsGcaQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8H-xPvkeIhGw_ryFWt2vMBsGcaQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Apr 2026 18:08:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3324 (0xcfc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D087E, serialNumber=F07FB13EF91E2211B0FEBC855ADDAF301B0671A4 Validity Not Before: Apr 8 18:23:15 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=69d69d12-de32 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:16:68:89:09:11:a8:19:65:74:b1:56:33:48: 18:b4:c1:1f:e7:8e:c7:61:a8:48:ac:ae:1b:ff:be: e6:28:31:f7:77:b6:0b:42:31:6b:6c:7f:47:ce:61: b9:7c:d3:17:61:fe:09:f1:7d:f8:f9:e5:77:16:fb: e7:fe:22:79:0c:31:27:f8:31:3f:fb:d3:14:1e:34: d0:9f:b7:50:fd:57:2e:7c:72:e3:8e:f5:17:28:be: 7a:a2:7f:0f:8c:51:d8:2b:79:6c:af:43:cf:a1:21: 1f:83:e6:f4:3c:82:f5:44:e9:63:1a:02:06:8d:ed: be:5f:4e:b2:cf:eb:ff:e3:d2:0d:26:b7:a7:92:ee: b2:18:40:15:67:a2:7d:59:4f:16:16:9f:1e:a0:56: a0:b9:ea:e2:29:9f:09:3a:14:00:72:b8:47:fa:20: f4:3d:79:ef:c4:01:de:10:9e:cf:b6:ee:b3:a0:88: b0:c8:85:6c:40:7f:80:55:fd:9a:4e:2c:34:15:af: 11:ed:32:2a:ce:c3:80:4e:a0:f5:cd:46:2d:55:c3: 6d:e2:6d:58:f7:c6:12:1a:96:fd:c3:84:b6:bc:28: 3b:ba:6d:f8:25:65:f6:17:ca:58:7d:c9:49:46:3c: ec:ab:60:46:4b:55:ef:fd:21:cd:7e:01:9a:dc:e5: 95:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:F1:CE:7C:E2:85:C4:62:AC:E6:AA:EB:D3:DA:60:98:18:E8:E3:2C X509v3 Authority Key Identifier: keyid:F0:7F:B1:3E:F9:1E:22:11:B0:FE:BC:85:5A:DD:AF:30:1B:06:71:A4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D087E/B019F1CA04FC11EA8CAED415C4F9AE02/8H-xPvkeIhGw_ryFWt2vMBsGcaQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8H-xPvkeIhGw_ryFWt2vMBsGcaQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D087E/B019F1CA04FC11EA8CAED415C4F9AE02/8A7C342604FE11EAB778E81CC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.247.124.0-43.247.131.255 103.227.200.0/22 103.230.172.0/22 103.245.216.0/22 125.254.48.0/23 203.23.139.0/24 IPv6: 2402:fa80::/32 Signature Algorithm: sha256WithRSAEncryption 4d:4b:ec:36:60:e7:b2:53:8e:33:62:82:f7:e6:00:be:9e:cc: 03:6b:98:dc:3f:82:12:32:d0:cd:42:e6:c2:a4:85:0b:23:39: a4:71:29:b6:76:7b:98:62:9f:eb:5d:8e:aa:e6:5b:df:84:ed: fc:9f:b4:4a:10:c2:fe:ad:c6:4d:1f:a2:81:e7:e3:9c:5b:00: a2:8e:21:35:f7:8e:75:7f:7f:d5:a7:ed:bd:f6:97:c2:2f:f9: 97:36:91:30:31:60:87:d7:d2:84:61:bd:af:28:e6:ff:b8:d6: 96:58:84:6c:c3:c2:ea:66:ed:9d:23:1a:66:a4:be:82:1f:1b: 19:5b:68:62:88:fa:d8:7d:0b:8d:ff:99:ed:46:85:8c:d2:ca: be:64:d5:99:3b:40:38:24:13:f9:cb:87:00:4b:86:f5:fc:d1: d6:c6:26:56:c1:81:95:b3:09:24:bb:d8:eb:8e:c8:ec:6e:fa: 4b:5b:1d:24:75:3d:8e:c4:fc:29:83:c2:10:21:ad:f5:af:9b: 02:ec:41:95:70:84:1e:31:0b:46:86:a7:67:5a:13:c2:c4:34: 57:13:e7:82:d6:6f:48:34:5b:f8:48:6e:7d:56:43:7f:65:44: a5:d6:81:d9:b5:64:c3:0e:83:e4:d9:1e:ad:73:7d:bc:1a:84: 05:2d:27:4b -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICDPwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDA4N0UxMTAvBgNVBAUTKEYwN0ZCMTNFRjkxRTIyMTFCMEZFQkM4NTVBRERBRjMw MUIwNjcxQTQwHhcNMjYwNDA4MTgyMzE1WhcNMjcwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWQ2OWQxMi1kZTMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArhZoiQkRqBlldLFWM0gYtMEf547HYahIrK4b/77mKDH3d7YLQjFrbH9HzmG5 fNMXYf4J8X34+eV3Fvvn/iJ5DDEn+DE/+9MUHjTQn7dQ/VcufHLjjvUXKL56on8P jFHYK3lsr0PPoSEfg+b0PIL1ROljGgIGje2+X06yz+v/49INJrenku6yGEAVZ6J9 WU8WFp8eoFagueriKZ8JOhQAcrhH+iD0PXnvxAHeEJ7Ptu6zoIiwyIVsQH+AVf2a Tiw0Fa8R7TIqzsOATqD1zUYtVcNt4m1Y98YSGpb9w4S2vCg7um34JWX2F8pYfclJ Rjzsq2BGS1Xv/SHNfgGa3OWVGwIDAQABo4IClTCCApEwHQYDVR0OBBYEFLPxznzi hcRirOaq69PaYJgY6OMsMB8GA1UdIwQYMBaAFPB/sT75HiIRsP68hVrdrzAbBnGk MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMDg3RS9CMDE5RjFDQTA0 RkMxMUVBOENBRUQ0MTVDNEY5QUUwMi84SC14UHZrZUloR3dfcnlGV3Qydk1Cc0dj YVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzhILXhQdmtlSWhHd19yeUZXdDJ2TUJzR2NhUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDA4N0UvQjAxOUYxQ0EwNEZDMTFFQThDQUVENDE1QzRGOUFFMDIvOEE3QzM0MjYw NEZFMTFFQUI3NzhFODFDQzRGOUFFMDIucm9hMFQGCCsGAQUFBwEHAQH/BEUwQzAy BAIAATAsMAwDBAIr93wDBAIr94ADBAJn48gDBAJn5qwDBAJn9dgDBAF9/jADBADL F4swDQQCAAIwBwMFACQC+oAwDQYJKoZIhvcNAQELBQADggEBAE1L7DZg57JTjjNi gvfmAL6ezANrmNw/ghIy0M1C5sKkhQsjOaRxKbZ2e5hin+tdjqrmW9+E7fyftEoQ wv6txk0fooHn45xbAKKOITX3jnV/f9Wn7b32l8Iv+Zc2kTAxYIfX0oRhva8o5v+4 1pZYhGzDwupm7Z0jGmakvoIfGxlbaGKI+th9C43/me1GhYzSyr5k1Zk7QDgkE/nL hwBLhvX80dbGJlbBgZWzCSS72OuOyOxu+ktbHSR1PY7E/CmDwhAhrfWvmwLsQZVw hB4xC0aGp2daE8LENFcT54LWb0g0W/hIbn1WQ39lRKXWgdm1ZMMOg+TZHq1zfbwa hAUtJ0s= -----END CERTIFICATE-----Generated at Fri Apr 17 16:39:21 2026 by rpki-client