$ rpki-client -vvf rpki.apnic.net/member_repository/A91D6444/DCC76F7490BB11EDB5B5FF57C4F9AE02/3423CAAA91A811ED97B3DB55C4F9AE02.roa File: 3423CAAA91A811ED97B3DB55C4F9AE02.roa (raw, json) Hash identifier: baW8TczqHgHWp8X3LbUuxQJDDpSfZv328YiovnGuH98= Subject key identifier: 94:76:A3:96:4E:68:04:2B:E5:A6:4E:D2:FA:37:9A:C9:1F:EC:7F:6F Certificate issuer: /CN=A91D6444/serialNumber=8D7D43B6FCB966E8E1A6583BDA07250157AC310F Certificate serial: 0257 Authority key identifier: 8D:7D:43:B6:FC:B9:66:E8:E1:A6:58:3B:DA:07:25:01:57:AC:31:0F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jX1Dtvy5Zujhplg72gclAVesMQ8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D6444/DCC76F7490BB11EDB5B5FF57C4F9AE02/3423CAAA91A811ED97B3DB55C4F9AE02.roa Signing time: Sun 01 Mar 2026 10:07:48 +0000 ROA not before: Wed 01 Oct 2025 03:00:22 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 17906 IP address blocks: 203.11.224.0/21 maxlen: 24 203.11.232.0/21 maxlen: 24 203.11.240.0/21 maxlen: 24 203.11.248.0/21 maxlen: 24 203.22.32.0/20 maxlen: 24 203.22.48.0/20 maxlen: 21 203.22.56.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D6444/DCC76F7490BB11EDB5B5FF57C4F9AE02/jX1Dtvy5Zujhplg72gclAVesMQ8.crl rsync://rpki.apnic.net/member_repository/A91D6444/DCC76F7490BB11EDB5B5FF57C4F9AE02/jX1Dtvy5Zujhplg72gclAVesMQ8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jX1Dtvy5Zujhplg72gclAVesMQ8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 23:21:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 599 (0x257) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D6444, serialNumber=8D7D43B6FCB966E8E1A6583BDA07250157AC310F Validity Not Before: Oct 1 03:00:22 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=69a40ff4-07c4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:8f:2f:31:33:76:74:d5:49:56:03:01:b6:f6: ca:f4:dc:58:34:ac:e6:ea:8d:5d:b4:c5:62:15:23: 31:5e:ec:6b:a5:53:44:4e:3f:cd:47:ae:57:2e:e1: 11:4e:46:15:af:5f:05:64:cf:db:4c:d1:c0:ee:16: 29:80:01:52:99:a4:55:80:73:b7:b0:94:52:dc:cc: 76:fb:38:a6:f9:d1:f4:36:1c:44:0b:37:bc:84:dc: f3:b8:44:72:4c:85:fe:ec:e9:66:b3:24:00:f0:12: 35:d2:ba:66:54:14:2b:68:b8:57:ad:47:67:b6:a9: 97:c3:52:de:f8:68:e4:0e:a6:c4:8e:d3:84:42:0a: 05:d2:ae:3f:f5:3e:5c:7e:82:3f:25:fe:e7:74:d0: 6f:0d:e8:12:20:95:e3:30:8b:f1:83:4a:da:57:c2: 7e:9a:8b:eb:67:a6:78:e8:43:8c:04:13:bf:99:a3: 53:04:a7:66:7d:ca:ee:87:62:06:25:a5:c1:e3:22: 72:3e:3d:22:ad:76:ac:0a:b4:d8:d8:47:eb:73:80: 21:c6:0b:8c:03:94:b6:9d:c6:9d:26:ea:e4:c5:f0: b5:f7:fc:62:2c:fb:74:2e:45:3a:b0:e3:b7:c2:06: 37:25:17:76:ee:58:e5:de:86:e7:64:16:82:68:f0: 65:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:76:A3:96:4E:68:04:2B:E5:A6:4E:D2:FA:37:9A:C9:1F:EC:7F:6F X509v3 Authority Key Identifier: keyid:8D:7D:43:B6:FC:B9:66:E8:E1:A6:58:3B:DA:07:25:01:57:AC:31:0F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D6444/DCC76F7490BB11EDB5B5FF57C4F9AE02/jX1Dtvy5Zujhplg72gclAVesMQ8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jX1Dtvy5Zujhplg72gclAVesMQ8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D6444/DCC76F7490BB11EDB5B5FF57C4F9AE02/3423CAAA91A811ED97B3DB55C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 203.11.224.0/19 203.22.32.0/19 Signature Algorithm: sha256WithRSAEncryption 16:b4:3b:e0:82:f2:d5:e9:3e:1e:fd:d4:41:c5:8d:4a:4f:bd: dc:29:f8:70:e3:d6:d7:3b:fa:ea:85:ed:f8:0a:5f:21:e4:3a: 6e:14:33:4e:e1:87:90:46:ec:2c:c9:25:d7:fa:5c:da:b8:86: a3:c4:fa:c9:7e:0e:02:96:82:ea:7a:85:db:74:71:af:f1:72: 83:cb:ef:b1:00:86:a4:87:c7:db:1e:4c:b1:57:a6:5d:a0:23: fd:5b:0f:60:3e:e8:5b:1f:54:82:9a:55:83:f5:40:10:ab:8d: bf:14:2c:1a:1d:8a:c1:13:3b:c6:c5:06:d1:99:65:ac:94:d8: 66:0a:26:f4:a9:c2:c1:70:1e:07:06:28:9a:32:3c:fe:44:3a: 6f:eb:6a:ce:0d:db:96:9f:b6:49:fd:a2:83:29:a2:b3:56:8a: 72:f9:b9:9c:aa:39:b6:f0:a4:46:39:48:00:e0:58:da:d8:b4: 4f:db:2c:61:7c:8e:1f:d6:b9:54:7d:c7:b8:51:fe:de:33:a8: cf:ac:19:2f:ed:5f:93:81:7a:5e:1c:69:67:fb:ff:e5:d2:ae: 7d:6c:ed:4a:47:e5:db:ce:84:c6:e0:95:95:49:77:64:83:1f: 98:66:c0:ef:4f:65:e4:55:49:5b:0f:bb:6b:7d:19:cd:f5:70: a6:75:8a:c8 -----BEGIN CERTIFICATE----- MIIFQjCCBCqgAwIBAgICAlcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDY0NDQxMTAvBgNVBAUTKDhEN0Q0M0I2RkNCOTY2RThFMUE2NTgzQkRBMDcyNTAx NTdBQzMxMEYwHhcNMjUxMDAxMDMwMDIyWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MGZmNC0wN2M0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApo8vMTN2dNVJVgMBtvbK9NxYNKzm6o1dtMViFSMxXuxrpVNETj/NR65XLuER TkYVr18FZM/bTNHA7hYpgAFSmaRVgHO3sJRS3Mx2+zim+dH0NhxECze8hNzzuERy TIX+7OlmsyQA8BI10rpmVBQraLhXrUdntqmXw1Le+GjkDqbEjtOEQgoF0q4/9T5c foI/Jf7ndNBvDegSIJXjMIvxg0raV8J+movrZ6Z46EOMBBO/maNTBKdmfcruh2IG JaXB4yJyPj0irXasCrTY2Efrc4AhxguMA5S2ncadJurkxfC19/xiLPt0LkU6sOO3 wgY3JRd27ljl3obnZBaCaPBlawIDAQABo4ICZjCCAmIwHQYDVR0OBBYEFJR2o5ZO aAQr5aZO0vo3mskf7H9vMB8GA1UdIwQYMBaAFI19Q7b8uWbo4aZYO9oHJQFXrDEP MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENjQ0NC9EQ0M3NkY3NDkw QkIxMUVEQjVCNUZGNTdDNEY5QUUwMi9qWDFEdHZ5NVp1amhwbGc3MmdjbEFWZXNN UTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2pYMUR0dnk1WnVqaHBsZzcyZ2NsQVZlc01ROC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDY0NDQvRENDNzZGNzQ5MEJCMTFFREI1QjVGRjU3QzRGOUFFMDIvMzQyM0NBQUE5 MUE4MTFFRDk3QjNEQjU1QzRGOUFFMDIucm9hMCUGCCsGAQUFBwEHAQH/BBYwFDAS BAIAATAMAwQFywvgAwQFyxYgMA0GCSqGSIb3DQEBCwUAA4IBAQAWtDvggvLV6T4e /dRBxY1KT73cKfhw49bXO/rqhe34Cl8h5DpuFDNO4YeQRuwsySXX+lzauIajxPrJ fg4CloLqeoXbdHGv8XKDy++xAIakh8fbHkyxV6ZdoCP9Ww9gPuhbH1SCmlWD9UAQ q42/FCwaHYrBEzvGxQbRmWWslNhmCib0qcLBcB4HBiiaMjz+RDpv62rODduWn7ZJ /aKDKaKzVopy+bmcqjm28KRGOUgA4Fja2LRP2yxhfI4f1rlUfce4Uf7eM6jPrBkv 7V+TgXpeHGln+//l0q59bO1KR+XbzoTG4JWVSXdkgx+YZsDvT2XkVUlbD7trfRnN 9XCmdYrI -----END CERTIFICATE-----Generated at Mon Mar 2 03:56:36 2026 by rpki-client