$ rpki-client -vvf rpki.apnic.net/member_repository/A91D2646/D2037D127BEC11EAA9A6C725C4F9AE02/EE675FC27BED11EABD4A3A27C4F9AE02.roa File: EE675FC27BED11EABD4A3A27C4F9AE02.roa (raw, json) Hash identifier: Pa7iN+/Nc2RiTHjZ4lG8tJKuf6SwOlhtLxE/cKb22d0= Subject key identifier: 0E:5D:9C:5D:F5:11:01:44:53:17:A7:84:65:4A:D3:2C:18:BB:82:90 Certificate issuer: /CN=A91D2646/serialNumber=AF90029BE101C922CFCF4BD145D7AF1DC640E5E0 Certificate serial: 0A80 Authority key identifier: AF:90:02:9B:E1:01:C9:22:CF:CF:4B:D1:45:D7:AF:1D:C6:40:E5:E0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r5ACm-EBySLPz0vRRdevHcZA5eA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D2646/D2037D127BEC11EAA9A6C725C4F9AE02/EE675FC27BED11EABD4A3A27C4F9AE02.roa Signing time: Sun 01 Mar 2026 11:48:24 +0000 ROA not before: Sat 30 Aug 2025 20:11:48 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 137964 IP address blocks: 103.118.152.0/23 maxlen: 23 103.118.152.0/24 maxlen: 24 103.118.153.0/24 maxlen: 24 2001:df5:cf00::/48 maxlen: 48 2001:df5:cf00::/52 maxlen: 52 2001:df5:cf00:1000::/52 maxlen: 52 2001:df5:cf00:2000::/52 maxlen: 52 2001:df5:cf00:3000::/52 maxlen: 52 2001:df5:cf00:4000::/52 maxlen: 52 2001:df5:cf00:5000::/52 maxlen: 52 2001:df5:cf00:6000::/52 maxlen: 52 2001:df5:cf00:7000::/52 maxlen: 52 2001:df5:cf00:8000::/52 maxlen: 52 2001:df5:cf00:9000::/52 maxlen: 52 2001:df5:cf00:a000::/52 maxlen: 52 2001:df5:cf00:b000::/52 maxlen: 52 2001:df5:cf00:c000::/52 maxlen: 52 2001:df5:cf00:d000::/52 maxlen: 52 2001:df5:cf00:e000::/52 maxlen: 52 2001:df5:cf00:f000::/52 maxlen: 52 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D2646/D2037D127BEC11EAA9A6C725C4F9AE02/r5ACm-EBySLPz0vRRdevHcZA5eA.crl rsync://rpki.apnic.net/member_repository/A91D2646/D2037D127BEC11EAA9A6C725C4F9AE02/r5ACm-EBySLPz0vRRdevHcZA5eA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r5ACm-EBySLPz0vRRdevHcZA5eA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 01:14:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2688 (0xa80) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D2646, serialNumber=AF90029BE101C922CFCF4BD145D7AF1DC640E5E0 Validity Not Before: Aug 30 20:11:48 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=69a42788-dac5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:a6:15:9c:64:19:81:d5:58:cf:c0:94:bc:0a: 29:5c:95:78:8f:51:67:e8:17:c3:f4:ee:ce:df:3a: e5:88:48:0e:bd:f5:96:6c:7b:ff:61:c4:72:f3:75: eb:b0:62:3a:35:3f:5d:e5:d9:3f:75:4c:65:c7:6b: e7:3c:ff:a3:56:8e:9e:08:58:5c:4b:c3:ad:b4:e0: c1:16:0e:57:b1:f2:6a:72:81:3d:7b:4a:86:f9:c4: 70:95:48:88:86:bb:21:4f:5d:bc:09:32:63:ef:57: 0c:42:ac:a4:ed:fe:84:c8:e5:c2:ec:72:34:d3:5e: a2:b3:cc:14:64:6d:d2:9a:7b:18:13:ae:7a:93:be: bd:df:4e:8b:e7:ec:dc:56:1b:6c:90:1e:b5:60:32: 4a:08:2a:97:84:93:74:e6:b5:bf:2f:7b:2a:cb:cd: 95:a5:99:2c:4e:7b:7d:1a:23:90:33:ec:e2:76:18: 94:70:0e:43:97:c4:8e:16:e0:1f:1e:79:8d:cd:32: e2:07:8c:14:67:12:55:5c:69:21:ca:07:78:a8:70: ab:a1:84:09:39:00:7e:b5:0e:9b:ee:77:cd:fe:86: eb:ee:36:2c:87:5f:02:23:b7:86:d9:0c:fb:cf:9a: b4:aa:68:86:8f:a7:9c:83:16:d1:52:02:e9:ac:0f: 88:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:5D:9C:5D:F5:11:01:44:53:17:A7:84:65:4A:D3:2C:18:BB:82:90 X509v3 Authority Key Identifier: keyid:AF:90:02:9B:E1:01:C9:22:CF:CF:4B:D1:45:D7:AF:1D:C6:40:E5:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D2646/D2037D127BEC11EAA9A6C725C4F9AE02/r5ACm-EBySLPz0vRRdevHcZA5eA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r5ACm-EBySLPz0vRRdevHcZA5eA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D2646/D2037D127BEC11EAA9A6C725C4F9AE02/EE675FC27BED11EABD4A3A27C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.118.152.0/23 IPv6: 2001:df5:cf00::/48 Signature Algorithm: sha256WithRSAEncryption 34:a9:07:b3:17:7f:ab:5b:c2:21:c6:ac:89:35:50:4f:4a:a7: a2:f7:98:43:be:ec:fe:6e:81:92:f9:a1:76:d4:53:57:b9:ff: 2b:06:58:fd:37:c1:e0:8b:dc:fb:a7:e0:e4:cc:f1:20:4b:a3: 13:c7:03:34:16:7c:e8:a2:bd:10:af:b9:50:d1:9d:01:71:0f: 7f:71:db:ac:2b:02:d7:b0:b1:be:38:c5:16:1f:ff:6f:83:a1: b2:63:21:05:4a:69:d4:39:df:c8:0c:c3:4c:54:b7:61:ee:eb: 4d:32:12:e2:2e:45:99:c2:e8:b3:83:2a:c6:e1:48:30:55:4b: b7:c1:68:7b:4d:20:37:6e:bc:c2:3d:0b:f2:11:d3:e0:8d:69: 85:5e:2c:4c:64:9e:b8:50:17:8a:2b:a6:23:3c:c3:2d:55:43: de:97:16:42:35:9e:17:3f:4f:45:73:a8:8a:f6:48:33:c8:f2: 68:ba:49:74:fd:b1:ce:54:c3:7c:48:10:c5:2b:89:6f:21:d3: 74:c5:9b:87:34:18:ab:a7:b9:4c:02:3e:c2:a3:eb:4f:ca:36: 88:16:64:4e:28:39:2e:e8:05:bc:98:35:de:dd:41:99:01:b8: a1:37:92:60:6d:b1:e2:90:55:94:47:2b:63:97:d3:82:81:2e: dd:8f:8c:84 -----BEGIN CERTIFICATE----- MIIFTTCCBDWgAwIBAgICCoAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDI2NDYxMTAvBgNVBAUTKEFGOTAwMjlCRTEwMUM5MjJDRkNGNEJEMTQ1RDdBRjFE QzY0MEU1RTAwHhcNMjUwODMwMjAxMTQ4WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0Mjc4OC1kYWM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsKYVnGQZgdVYz8CUvAopXJV4j1Fn6BfD9O7O3zrliEgOvfWWbHv/YcRy83Xr sGI6NT9d5dk/dUxlx2vnPP+jVo6eCFhcS8OttODBFg5XsfJqcoE9e0qG+cRwlUiI hrshT128CTJj71cMQqyk7f6EyOXC7HI0016is8wUZG3SmnsYE656k769306L5+zc VhtskB61YDJKCCqXhJN05rW/L3sqy82VpZksTnt9GiOQM+zidhiUcA5Dl8SOFuAf HnmNzTLiB4wUZxJVXGkhygd4qHCroYQJOQB+tQ6b7nfN/obr7jYsh18CI7eG2Qz7 z5q0qmiGj6ecgxbRUgLprA+IiwIDAQABo4ICcTCCAm0wHQYDVR0OBBYEFA5dnF31 EQFEUxenhGVK0ywYu4KQMB8GA1UdIwQYMBaAFK+QApvhAckiz89L0UXXrx3GQOXg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMjY0Ni9EMjAzN0QxMjdC RUMxMUVBQTlBNkM3MjVDNEY5QUUwMi9yNUFDbS1FQnlTTFB6MHZSUmRldkhjWkE1 ZUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3I1QUNtLUVCeVNMUHowdlJSZGV2SGNaQTVlQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDI2NDYvRDIwMzdEMTI3QkVDMTFFQUE5QTZDNzI1QzRGOUFFMDIvRUU2NzVGQzI3 QkVEMTFFQUJENEEzQTI3QzRGOUFFMDIucm9hMDAGCCsGAQUFBwEHAQH/BCEwHzAM BAIAATAGAwQBZ3aYMA8EAgACMAkDBwAgAQ31zwAwDQYJKoZIhvcNAQELBQADggEB ADSpB7MXf6tbwiHGrIk1UE9Kp6L3mEO+7P5ugZL5oXbUU1e5/ysGWP03weCL3Pun 4OTM8SBLoxPHAzQWfOiivRCvuVDRnQFxD39x26wrAtewsb44xRYf/2+DobJjIQVK adQ538gMw0xUt2Hu600yEuIuRZnC6LODKsbhSDBVS7fBaHtNIDduvMI9C/IR0+CN aYVeLExknrhQF4orpiM8wy1VQ96XFkI1nhc/T0VzqIr2SDPI8mi6SXT9sc5Uw3xI EMUriW8h03TFm4c0GKunuUwCPsKj60/KNogWZE4oOS7oBbyYNd7dQZkBuKE3kmBt seKQVZRHK2OX04KBLt2PjIQ= -----END CERTIFICATE-----Generated at Mon Mar 2 04:21:13 2026 by rpki-client