$ rpki-client -vvf rpki.apnic.net/member_repository/A91D28BC/92092390EAD811EBBD2CC758C4F9AE02/2B07FA82EADC11EBBE430B5EC4F9AE02.roa File: 2B07FA82EADC11EBBE430B5EC4F9AE02.roa (raw, json) Hash identifier: IP/QJfV6mDMkAmZvNNAznS9XZlWRM/mkzo7SsyQDQEc= Subject key identifier: 5F:7B:43:AF:A4:69:95:56:AF:DF:5A:28:CA:C3:5F:86:61:67:78:B1 Certificate issuer: /CN=A91D28BC/serialNumber=C48A0E40FB7FE3975B12C23E030AC54C52057163 Certificate serial: 05E9 Authority key identifier: C4:8A:0E:40:FB:7F:E3:97:5B:12:C2:3E:03:0A:C5:4C:52:05:71:63 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xIoOQPt_45dbEsI-AwrFTFIFcWM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D28BC/92092390EAD811EBBD2CC758C4F9AE02/2B07FA82EADC11EBBE430B5EC4F9AE02.roa Signing time: Sun 01 Mar 2026 08:49:59 +0000 ROA not before: Mon 12 May 2025 23:54:05 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 133613 IP address blocks: 43.247.24.0/22 maxlen: 22 43.247.24.0/24 maxlen: 24 43.247.25.0/24 maxlen: 24 43.247.26.0/24 maxlen: 24 43.247.27.0/24 maxlen: 24 103.237.124.0/24 maxlen: 24 103.237.125.0/24 maxlen: 24 103.237.126.0/24 maxlen: 24 103.237.127.0/24 maxlen: 24 2401:3280:1000::/36 maxlen: 36 2401:3280:2000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D28BC/92092390EAD811EBBD2CC758C4F9AE02/xIoOQPt_45dbEsI-AwrFTFIFcWM.crl rsync://rpki.apnic.net/member_repository/A91D28BC/92092390EAD811EBBD2CC758C4F9AE02/xIoOQPt_45dbEsI-AwrFTFIFcWM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xIoOQPt_45dbEsI-AwrFTFIFcWM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 23:23:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1513 (0x5e9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D28BC, serialNumber=C48A0E40FB7FE3975B12C23E030AC54C52057163 Validity Not Before: May 12 23:54:05 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=69a3fdb7-32e0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:5b:32:a0:3f:ab:99:32:49:cf:99:fc:77:1f: 79:e9:f1:00:2d:18:41:df:0b:8c:82:41:5c:f5:d6: 5b:84:85:a6:59:9f:ee:15:bd:49:65:56:eb:19:8b: 41:ae:94:42:15:0b:af:8e:17:3f:e7:ac:c9:f2:d8: 59:d0:a9:07:de:18:e4:89:be:e0:57:cf:39:cc:b6: 3f:37:77:c8:a5:5e:b2:2a:cc:8c:5c:c0:b4:73:88: 55:ff:b6:f4:a6:c3:95:72:06:0d:aa:56:b1:a4:39: 20:b1:b9:1b:2b:22:5b:1d:6e:47:07:d6:56:26:4a: 01:b7:87:12:ad:b6:5d:5c:77:7c:bd:e3:f2:0a:4f: 95:bd:7e:3c:b9:01:64:41:27:42:4a:ae:16:9e:13: d6:e0:bc:2b:a5:93:d7:a4:92:5d:9b:5d:7a:b5:06: b4:8d:de:b8:b2:a9:ea:3c:08:d5:56:b8:6d:07:39: 87:2b:75:f8:93:f8:c1:70:10:7c:d4:a8:7a:ce:43: 6d:73:6b:3e:2e:33:7b:5f:c2:e1:80:62:09:46:3a: 33:a7:33:69:ff:e6:29:f6:46:3a:23:32:3a:99:8d: ae:29:e7:5e:c1:06:b5:8e:bd:30:b2:fb:65:9c:cd: e1:cf:54:99:23:b9:9e:36:e0:78:c6:6d:ad:0d:ab: 8d:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:7B:43:AF:A4:69:95:56:AF:DF:5A:28:CA:C3:5F:86:61:67:78:B1 X509v3 Authority Key Identifier: keyid:C4:8A:0E:40:FB:7F:E3:97:5B:12:C2:3E:03:0A:C5:4C:52:05:71:63 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D28BC/92092390EAD811EBBD2CC758C4F9AE02/xIoOQPt_45dbEsI-AwrFTFIFcWM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xIoOQPt_45dbEsI-AwrFTFIFcWM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D28BC/92092390EAD811EBBD2CC758C4F9AE02/2B07FA82EADC11EBBE430B5EC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.247.24.0/22 103.237.124.0/22 IPv6: 2401:3280:1000::-2401:3280:2fff:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 1e:4a:22:6e:4a:e2:aa:a0:62:0c:79:b2:51:a0:1e:55:4b:b1: 97:7c:f3:36:80:02:4c:93:6f:c1:d0:4e:8f:25:aa:f0:83:5f: 20:3c:9e:56:c9:ae:68:33:ff:d1:b8:43:82:15:30:ce:32:0a: 48:74:44:72:81:eb:ff:d6:8e:b5:68:9f:80:b6:48:9b:d4:44: 66:e8:eb:46:94:95:70:5a:ef:a9:76:5e:0f:09:18:42:c9:92: f9:bf:e3:48:16:ce:a2:e8:11:9d:92:33:9a:1e:e4:3c:eb:fc: 4f:c8:01:bc:b1:2a:03:a8:5a:a6:01:73:15:03:a0:9b:c8:f7: 77:5a:14:8d:8c:9a:5f:9e:ed:a0:63:0e:24:0f:37:df:c0:b4: 66:8e:f3:1d:b8:1f:f7:4b:a9:32:2d:a4:3b:1c:dd:05:34:b3: 80:f7:71:af:4d:d5:f6:69:c4:7a:a9:1e:e3:59:8a:4d:ce:5d: 1a:44:54:74:a5:01:f4:21:aa:c9:6c:8a:3f:3d:99:d6:20:6f: ef:20:d4:94:ed:3f:ae:57:b9:58:c7:aa:b5:a4:4f:5c:b3:63: 29:15:03:f9:30:ec:1d:2f:14:dc:57:ba:a0:01:ed:f8:dd:2d: 8c:cb:49:c4:8c:c5:e8:49:ea:79:5b:f8:de:c5:ba:2c:88:f9: 12:a6:86:46 -----BEGIN CERTIFICATE----- MIIFXDCCBESgAwIBAgICBekwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDI4QkMxMTAvBgNVBAUTKEM0OEEwRTQwRkI3RkUzOTc1QjEyQzIzRTAzMEFDNTRD NTIwNTcxNjMwHhcNMjUwNTEyMjM1NDA1WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWEzZmRiNy0zMmUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtVsyoD+rmTJJz5n8dx956fEALRhB3wuMgkFc9dZbhIWmWZ/uFb1JZVbrGYtB rpRCFQuvjhc/56zJ8thZ0KkH3hjkib7gV885zLY/N3fIpV6yKsyMXMC0c4hV/7b0 psOVcgYNqlaxpDkgsbkbKyJbHW5HB9ZWJkoBt4cSrbZdXHd8vePyCk+VvX48uQFk QSdCSq4WnhPW4LwrpZPXpJJdm116tQa0jd64sqnqPAjVVrhtBzmHK3X4k/jBcBB8 1Kh6zkNtc2s+LjN7X8LhgGIJRjozpzNp/+Yp9kY6IzI6mY2uKedewQa1jr0wsvtl nM3hz1SZI7meNuB4xm2tDauNuwIDAQABo4ICgDCCAnwwHQYDVR0OBBYEFF97Q6+k aZVWr99aKMrDX4ZhZ3ixMB8GA1UdIwQYMBaAFMSKDkD7f+OXWxLCPgMKxUxSBXFj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMjhCQy85MjA5MjM5MEVB RDgxMUVCQkQyQ0M3NThDNEY5QUUwMi94SW9PUVB0XzQ1ZGJFc0ktQXdyRlRGSUZj V00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hJb09RUHRfNDVkYkVzSS1Bd3JGVEZJRmNXTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDI4QkMvOTIwOTIzOTBFQUQ4MTFFQkJEMkNDNzU4QzRGOUFFMDIvMkIwN0ZBODJF QURDMTFFQkJFNDMwQjVFQzRGOUFFMDIucm9hMD8GCCsGAQUFBwEHAQH/BDAwLjAS BAIAATAMAwQCK/cYAwQCZ+18MBgEAgACMBIwEAMGBCQBMoAQAwYEJAEygCAwDQYJ KoZIhvcNAQELBQADggEBAB5KIm5K4qqgYgx5slGgHlVLsZd88zaAAkyTb8HQTo8l qvCDXyA8nlbJrmgz/9G4Q4IVMM4yCkh0RHKB6//WjrVon4C2SJvURGbo60aUlXBa 76l2Xg8JGELJkvm/40gWzqLoEZ2SM5oe5Dzr/E/IAbyxKgOoWqYBcxUDoJvI93da FI2Mml+e7aBjDiQPN9/AtGaO8x24H/dLqTItpDsc3QU0s4D3ca9N1fZpxHqpHuNZ ik3OXRpEVHSlAfQhqslsij89mdYgb+8g1JTtP65XuVjHqrWkT1yzYykVA/kw7B0v FNxXuqAB7fjdLYzLScSMxehJ6nlb+N7FuiyI+RKmhkY= -----END CERTIFICATE-----Generated at Mon Mar 2 05:45:11 2026 by rpki-client