$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/0DC2568E320511EA8CF6B72DC4F9AE02.roa File: 0DC2568E320511EA8CF6B72DC4F9AE02.roa (raw, json) Hash identifier: lrXJAG9pwB68/9ymul53XjFddHdzlUams6o2moAtAtg= Subject key identifier: DC:95:61:17:32:4A:55:99:0C:96:C2:10:BD:92:09:97:95:C3:8F:A9 Certificate issuer: /CN=A91D1003/serialNumber=A5201AEE6F4A5C1EB8A7E1C7853BFBB2BA75CBD2 Certificate serial: 0C11 Authority key identifier: A5:20:1A:EE:6F:4A:5C:1E:B8:A7:E1:C7:85:3B:FB:B2:BA:75:CB:D2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pSAa7m9KXB64p-HHhTv7srp1y9I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/0DC2568E320511EA8CF6B72DC4F9AE02.roa Signing time: Wed 08 Apr 2026 19:23:54 +0000 ROA not before: Wed 08 Apr 2026 19:23:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 55453 IP address blocks: 27.54.120.0/24 maxlen: 24 27.54.121.0/24 maxlen: 24 27.54.122.0/24 maxlen: 24 27.54.123.0/24 maxlen: 24 103.20.0.0/24 maxlen: 24 103.20.1.0/24 maxlen: 24 103.20.2.0/24 maxlen: 24 103.20.3.0/24 maxlen: 24 137.59.192.0/24 maxlen: 24 137.59.193.0/24 maxlen: 24 137.59.194.0/24 maxlen: 24 137.59.195.0/24 maxlen: 24 2407:1b00::/34 maxlen: 34 2407:1b00:4000::/34 maxlen: 34 2407:1b00:8000::/34 maxlen: 34 2407:1b00:c000::/34 maxlen: 34 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.crl rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pSAa7m9KXB64p-HHhTv7srp1y9I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Apr 2026 18:45:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3089 (0xc11) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D1003, serialNumber=A5201AEE6F4A5C1EB8A7E1C7853BFBB2BA75CBD2 Validity Not Before: Apr 8 19:23:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=69d6ab4a-90d1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:33:96:d0:ea:b4:8e:95:9f:c7:30:95:4e:f0: 54:7f:0d:13:b9:c8:cf:c3:04:3a:a5:2d:48:01:ae: 5a:e7:49:38:f6:20:af:d9:21:0d:51:7c:c0:8c:bd: 79:2a:61:9f:a1:e2:db:c1:7c:02:60:9d:cf:a5:1f: 87:45:7c:46:6c:d7:90:37:9e:57:ce:9d:19:d3:1b: 40:cc:cd:a4:39:62:73:d3:c1:af:0e:c6:8f:e9:10: 24:e3:62:84:b2:d7:2e:8a:80:89:20:a7:7d:53:05: 83:43:9f:17:23:c2:06:5e:86:fe:2c:9b:29:bb:37: 43:3e:c9:0c:93:b2:01:7c:39:d6:37:41:ad:67:cf: 05:e6:3f:d9:ff:78:65:7f:5b:6e:20:82:e2:99:13: f9:b6:28:24:73:e1:07:53:d3:27:1e:e8:7a:18:b6: 8e:7c:94:f6:94:c5:2a:2e:a9:57:98:14:23:0e:47: 97:0f:fe:96:fb:37:d5:41:53:28:0a:7d:e1:7c:89: d7:f2:2a:51:a6:94:b8:cd:28:55:ec:a0:d0:fc:f1: 0d:18:3d:45:39:8e:d6:69:25:3a:44:b8:63:f3:34: 93:79:69:fb:7c:79:21:68:76:52:e5:57:73:0b:c7: 02:dc:ee:87:28:42:f5:1f:96:20:0b:5a:87:65:ce: 7f:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:95:61:17:32:4A:55:99:0C:96:C2:10:BD:92:09:97:95:C3:8F:A9 X509v3 Authority Key Identifier: keyid:A5:20:1A:EE:6F:4A:5C:1E:B8:A7:E1:C7:85:3B:FB:B2:BA:75:CB:D2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pSAa7m9KXB64p-HHhTv7srp1y9I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/0DC2568E320511EA8CF6B72DC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 27.54.120.0/22 103.20.0.0/22 137.59.192.0/22 IPv6: 2407:1b00::/32 Signature Algorithm: sha256WithRSAEncryption a9:88:2e:1d:7e:40:16:6f:56:57:af:be:c9:14:75:35:ae:0d: 30:c9:0e:fb:70:d7:73:7a:1f:e3:6d:fa:8c:40:25:51:08:77: 84:0c:8d:9d:92:2d:13:f6:aa:96:1b:bc:8f:60:3b:66:16:cf: 1c:b3:54:67:3c:4e:bf:89:84:9a:cf:fc:70:1a:ae:66:58:8a: df:19:00:26:fa:f1:7b:e9:0a:4b:0e:18:00:8e:b7:44:45:47: d1:ce:eb:b4:91:2d:77:14:08:82:42:62:ec:34:c9:f6:f8:56: 9c:72:63:14:11:f1:b3:17:a6:3b:23:4d:ab:64:2a:04:0f:29: 96:58:8e:ab:2d:0b:bd:f6:08:d7:8c:cb:a2:ef:0d:63:0a:e1: 79:8f:9d:5a:6a:17:09:5b:3f:6d:7e:28:be:62:52:52:95:f8: fb:6e:6b:22:71:16:25:3d:d2:62:55:d0:aa:e3:4f:e4:e7:b7: 83:b8:45:78:27:87:e6:f0:3b:99:06:db:79:a0:08:85:1a:f3: 93:76:f6:cb:ed:79:1e:7b:fb:99:2b:a7:f7:36:31:29:61:32: 24:b6:80:c6:ab:6b:25:a3:00:3b:bd:d7:c1:46:be:d6:7d:55: 53:d9:f5:00:ff:00:f9:7d:6a:97:d8:a9:a5:ec:5e:1c:8b:00: 0d:25:e4:c6 -----BEGIN CERTIFICATE----- MIIFVzCCBD+gAwIBAgICDBEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDEwMDMxMTAvBgNVBAUTKEE1MjAxQUVFNkY0QTVDMUVCOEE3RTFDNzg1M0JGQkIy QkE3NUNCRDIwHhcNMjYwNDA4MTkyMzU0WhcNMjcwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWQ2YWI0YS05MGQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3DOW0Oq0jpWfxzCVTvBUfw0TucjPwwQ6pS1IAa5a50k49iCv2SENUXzAjL15 KmGfoeLbwXwCYJ3PpR+HRXxGbNeQN55Xzp0Z0xtAzM2kOWJz08GvDsaP6RAk42KE stcuioCJIKd9UwWDQ58XI8IGXob+LJspuzdDPskMk7IBfDnWN0GtZ88F5j/Z/3hl f1tuIILimRP5tigkc+EHU9MnHuh6GLaOfJT2lMUqLqlXmBQjDkeXD/6W+zfVQVMo Cn3hfInX8ipRppS4zShV7KDQ/PENGD1FOY7WaSU6RLhj8zSTeWn7fHkhaHZS5Vdz C8cC3O6HKEL1H5YgC1qHZc5/dwIDAQABo4ICezCCAncwHQYDVR0OBBYEFNyVYRcy SlWZDJbCEL2SCZeVw4+pMB8GA1UdIwQYMBaAFKUgGu5vSlweuKfhx4U7+7K6dcvS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTAwMy9BQTRFOTVDODMy MDMxMUVBOEQyQTFCMkJDNEY5QUUwMi9wU0FhN205S1hCNjRwLUhIaFR2N3NycDF5 OUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3BTQWE3bTlLWEI2NHAtSEhoVHY3c3JwMXk5SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDEwMDMvQUE0RTk1QzgzMjAzMTFFQThEMkExQjJCQzRGOUFFMDIvMERDMjU2OEUz MjA1MTFFQThDRjZCNzJEQzRGOUFFMDIucm9hMDoGCCsGAQUFBwEHAQH/BCswKTAY BAIAATASAwQCGzZ4AwQCZxQAAwQCiTvAMA0EAgACMAcDBQAkBxsAMA0GCSqGSIb3 DQEBCwUAA4IBAQCpiC4dfkAWb1ZXr77JFHU1rg0wyQ77cNdzeh/jbfqMQCVRCHeE DI2dki0T9qqWG7yPYDtmFs8cs1RnPE6/iYSaz/xwGq5mWIrfGQAm+vF76QpLDhgA jrdERUfRzuu0kS13FAiCQmLsNMn2+FaccmMUEfGzF6Y7I02rZCoEDymWWI6rLQu9 9gjXjMui7w1jCuF5j51aahcJWz9tfii+YlJSlfj7bmsicRYlPdJiVdCq40/k57eD uEV4J4fm8DuZBtt5oAiFGvOTdvbL7Xkee/uZK6f3NjEpYTIktoDGq2slowA7vdfB Rr7WfVVT2fUA/wD5fWqX2Kml7F4ciwANJeTG -----END CERTIFICATE-----Generated at Fri Apr 17 22:14:45 2026 by rpki-client