$ rpki-client -vvf rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/5353EA28781F11EEBA05B17FC4F9AE02.roa File: 5353EA28781F11EEBA05B17FC4F9AE02.roa (raw, json) Hash identifier: fci/hvXmKLLIr57hsH2EVZbFVv2YsBSJcHMJtovzSlo= Subject key identifier: EB:B6:E8:A6:29:D5:31:10:A4:29:65:F8:BE:EF:8E:39:60:33:9D:7D Certificate issuer: /CN=A91D83D0/serialNumber=C4E4F0DA010AF58637CC59628471E998B7243C52 Certificate serial: 099B Authority key identifier: C4:E4:F0:DA:01:0A:F5:86:37:CC:59:62:84:71:E9:98:B7:24:3C:52 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xOTw2gEK9YY3zFlihHHpmLckPFI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/5353EA28781F11EEBA05B17FC4F9AE02.roa Signing time: Sun 01 Mar 2026 17:23:01 +0000 ROA not before: Tue 13 Jan 2026 09:05:40 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 26496 IP address blocks: 43.255.152.0/22 maxlen: 24 103.1.172.0/22 maxlen: 24 103.44.220.0/24 maxlen: 24 103.87.189.0/24 maxlen: 24 103.87.190.0/23 maxlen: 23 118.139.160.0/19 maxlen: 24 182.50.128.0/19 maxlen: 24 203.124.96.0/19 maxlen: 24 2001:df1:9c00::/48 maxlen: 48 2403:bc80::/32 maxlen: 32 2407:1c00::/32 maxlen: 32 2407:1c00:6100::/40 maxlen: 48 2407:1c00:6400::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.crl rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xOTw2gEK9YY3zFlihHHpmLckPFI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 23:40:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2459 (0x99b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D83D0, serialNumber=C4E4F0DA010AF58637CC59628471E998B7243C52 Validity Not Before: Jan 13 09:05:40 2026 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=69a475f5-2d97 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:24:22:3e:93:af:c8:b9:ef:ff:22:fd:e2:c9: ae:9d:2f:50:c6:de:f3:d8:3f:2a:e0:75:fb:a0:22: b3:04:e0:3f:83:24:c6:bf:05:af:15:58:f7:5b:58: ae:a6:ee:99:9b:30:81:9e:a5:7c:09:e6:c7:a3:78: 1c:65:b5:a5:e5:9b:e9:f0:84:a6:94:7d:68:12:8b: b6:a2:f9:70:4f:4b:35:13:25:7f:fd:84:76:e1:93: cf:68:72:b6:47:35:fd:f9:d2:44:ae:27:a2:4a:07: d7:9f:ab:d3:4b:3c:bc:81:b4:8b:62:81:70:40:41: 08:bb:2d:b1:0e:0e:8b:22:f5:d0:cb:41:7c:0a:43: 96:64:14:ee:a4:e9:0a:93:0a:28:57:2c:36:31:38: 55:3f:fc:04:b6:92:ed:ae:2c:ce:bc:62:9c:39:f6: 2a:2a:6d:71:c5:2c:c9:d1:c2:98:cb:c3:cd:14:08: cd:5b:72:fa:50:c0:d5:19:58:b4:41:bb:73:ad:db: 6d:be:34:43:1c:0a:f4:3d:21:50:79:c5:76:4e:15: 76:b5:9f:85:c7:30:e5:03:c5:db:0d:37:1e:22:60: aa:19:e2:b7:c2:d2:4f:e9:91:43:d9:a8:72:36:55: 7e:f3:b8:24:43:e1:3e:35:ae:28:6e:7b:30:15:fc: c4:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:B6:E8:A6:29:D5:31:10:A4:29:65:F8:BE:EF:8E:39:60:33:9D:7D X509v3 Authority Key Identifier: keyid:C4:E4:F0:DA:01:0A:F5:86:37:CC:59:62:84:71:E9:98:B7:24:3C:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xOTw2gEK9YY3zFlihHHpmLckPFI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/5353EA28781F11EEBA05B17FC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.255.152.0/22 103.1.172.0/22 103.44.220.0/24 103.87.189.0-103.87.191.255 118.139.160.0/19 182.50.128.0/19 203.124.96.0/19 IPv6: 2001:df1:9c00::/48 2403:bc80::/32 2407:1c00::/32 Signature Algorithm: sha256WithRSAEncryption 60:8e:5e:4f:3c:27:36:46:91:fb:bc:20:a2:ac:9b:3d:0b:43: fe:09:69:57:21:09:70:e3:4e:6e:1a:57:db:0c:82:85:c2:0f: bf:06:52:29:02:a3:34:fa:c5:2a:05:46:75:c9:db:a8:f0:9a: cb:7e:f6:cf:03:2c:c4:12:3a:d2:a1:67:27:b1:80:2b:0b:53: 43:da:7b:e1:29:14:b6:48:9f:a7:f3:f3:92:af:e5:c3:d5:d2: f5:1c:65:30:2c:53:c9:40:76:53:6b:10:f2:ff:ea:51:d0:93: ec:42:62:bb:ad:f3:48:3c:b9:87:f3:3f:f2:cc:2f:3d:37:5f: 0a:5b:e8:d3:e6:06:e2:4f:09:83:f8:f7:65:c7:8d:e2:57:08: b3:f4:ee:e1:80:94:bd:73:35:5c:5e:f7:eb:84:dc:76:7d:a8: 35:d6:a2:4b:1b:ec:02:65:62:44:7c:d0:aa:99:c8:7c:a0:77: 6c:87:69:0f:86:96:70:0a:4b:62:02:23:b0:57:80:ad:5a:01: 42:3b:72:dd:63:ff:fb:41:a7:f2:d1:14:3b:e4:32:c8:35:eb: 78:a8:56:e9:bb:f2:85:6e:b1:d0:3a:f8:8e:46:ee:e3:57:cb: 0e:f2:c2:45:f0:cc:dc:71:ce:1b:3a:93:5f:fb:12:a7:b1:65: f6:15:b1:ff -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgICCZswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDgzRDAxMTAvBgNVBAUTKEM0RTRGMERBMDEwQUY1ODYzN0NDNTk2Mjg0NzFFOTk4 QjcyNDNDNTIwHhcNMjYwMTEzMDkwNTQwWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NzVmNS0yZDk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtyQiPpOvyLnv/yL94smunS9Qxt7z2D8q4HX7oCKzBOA/gyTGvwWvFVj3W1iu pu6ZmzCBnqV8CebHo3gcZbWl5Zvp8ISmlH1oEou2ovlwT0s1EyV//YR24ZPPaHK2 RzX9+dJErieiSgfXn6vTSzy8gbSLYoFwQEEIuy2xDg6LIvXQy0F8CkOWZBTupOkK kwooVyw2MThVP/wEtpLtrizOvGKcOfYqKm1xxSzJ0cKYy8PNFAjNW3L6UMDVGVi0 QbtzrdttvjRDHAr0PSFQecV2ThV2tZ+FxzDlA8XbDTceImCqGeK3wtJP6ZFD2ahy NlV+87gkQ+E+Na4obnswFfzEkwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFOu26KYp 1TEQpCll+L7vjjlgM519MB8GA1UdIwQYMBaAFMTk8NoBCvWGN8xZYoRx6Zi3JDxS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEODNEMC8wQTE2MjA4QUFG QkMxMUVBQTk2MUNCODZDNEY5QUUwMi94T1R3MmdFSzlZWTN6RmxpaEhIcG1MY2tQ RkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hPVHcyZ0VLOVlZM3pGbGloSEhwbUxja1BGSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDgzRDAvMEExNjIwOEFBRkJDMTFFQUE5NjFDQjg2QzRGOUFFMDIvNTM1M0VBMjg3 ODFGMTFFRUJBMDVCMTdGQzRGOUFFMDIucm9hMGoGCCsGAQUFBwEHAQH/BFswWTA4 BAIAATAyAwQCK/+YAwQCZwGsAwQAZyzcMAwDBABnV70DBAZnV4ADBAV2i6ADBAW2 MoADBAXLfGAwHQQCAAIwFwMHACABDfGcAAMFACQDvIADBQAkBxwAMA0GCSqGSIb3 DQEBCwUAA4IBAQBgjl5PPCc2RpH7vCCirJs9C0P+CWlXIQlw405uGlfbDIKFwg+/ BlIpAqM0+sUqBUZ1yduo8JrLfvbPAyzEEjrSoWcnsYArC1ND2nvhKRS2SJ+n8/OS r+XD1dL1HGUwLFPJQHZTaxDy/+pR0JPsQmK7rfNIPLmH8z/yzC89N18KW+jT5gbi TwmD+Pdlx43iVwiz9O7hgJS9czVcXvfrhNx2fag11qJLG+wCZWJEfNCqmch8oHds h2kPhpZwCktiAiOwV4CtWgFCO3LdY//7Qafy0RQ75DLINet4qFbpu/KFbrHQOviO Ru7jV8sO8sJF8Mzccc4bOpNf+xKnsWX2FbH/ -----END CERTIFICATE-----Generated at Mon Mar 2 17:08:40 2026 by rpki-client