$ rpki-client -vvf rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/5353EA28781F11EEBA05B17FC4F9AE02.roa File: 5353EA28781F11EEBA05B17FC4F9AE02.roa (raw, json) Hash identifier: 95lSl7vVPRfDQ24xYlePTZRf3aCd1VmR4GdHAdsIHtU= Subject key identifier: C1:C8:7F:72:AE:9A:0F:BC:41:D2:58:11:5E:A8:80:E5:DC:60:87:D1 Certificate issuer: /CN=A91D83D0/serialNumber=C4E4F0DA010AF58637CC59628471E998B7243C52 Certificate serial: 09B8 Authority key identifier: C4:E4:F0:DA:01:0A:F5:86:37:CC:59:62:84:71:E9:98:B7:24:3C:52 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xOTw2gEK9YY3zFlihHHpmLckPFI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/5353EA28781F11EEBA05B17FC4F9AE02.roa Signing time: Wed 08 Apr 2026 20:25:23 +0000 ROA not before: Wed 08 Apr 2026 20:25:23 +0000 ROA not after: Fri 28 May 2027 00:00:00 +0000 asID: 26496 IP address blocks: 43.255.152.0/22 maxlen: 24 103.1.172.0/22 maxlen: 24 103.44.220.0/24 maxlen: 24 103.87.189.0/24 maxlen: 24 103.87.190.0/23 maxlen: 23 118.139.160.0/19 maxlen: 24 182.50.128.0/19 maxlen: 24 203.124.96.0/19 maxlen: 24 2001:df1:9c00::/48 maxlen: 48 2403:bc80::/32 maxlen: 32 2407:1c00::/32 maxlen: 32 2407:1c00:6100::/40 maxlen: 48 2407:1c00:6400::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.crl rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xOTw2gEK9YY3zFlihHHpmLckPFI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Apr 2026 19:57:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2488 (0x9b8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D83D0, serialNumber=C4E4F0DA010AF58637CC59628471E998B7243C52 Validity Not Before: Apr 8 20:25:23 2026 GMT Not After : May 28 00:00:00 2027 GMT Subject: CN=69d6b9b2-5d86 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:ba:ed:f1:5b:6b:00:c8:38:ba:bf:c9:99:d0: c5:2a:24:d6:e3:5e:18:1f:00:c1:af:36:24:a8:82: 06:f5:67:17:00:f9:7c:66:2d:79:3a:13:30:a5:78: d2:a3:af:a9:2a:de:08:87:6b:a5:f1:51:ca:35:98: b1:5c:7c:66:8c:72:e5:42:89:c9:9f:af:49:0a:5c: 62:cb:73:e9:4f:00:f0:fc:57:e9:66:80:25:7c:be: 76:6b:5a:8f:8f:4b:b0:13:19:39:3c:fe:35:d3:25: 0d:78:38:b0:ef:0d:d8:ee:44:4a:66:69:21:88:34: 51:f2:65:00:1c:20:25:5e:ae:59:6f:83:5f:5b:74: 4f:96:7e:ce:7f:bb:29:43:c9:b0:42:74:9c:e4:46: f9:2f:dc:f1:aa:3f:d1:91:10:7d:ee:8c:78:b4:85: 0f:e0:2d:69:81:41:fa:cd:41:e9:63:98:4f:7b:3f: 51:81:e7:45:81:18:10:56:46:8b:e3:dd:51:38:fc: 46:46:15:ff:ba:8b:9f:0e:c8:f6:56:9c:5b:26:e9: ad:b7:f8:45:c5:17:74:7e:cd:82:39:5f:6d:f5:ec: 07:cd:53:f2:d3:1b:55:16:8c:bc:55:b2:d7:be:9a: b4:9a:03:ba:3b:c3:6f:31:12:04:30:aa:f3:14:1b: 1b:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:C8:7F:72:AE:9A:0F:BC:41:D2:58:11:5E:A8:80:E5:DC:60:87:D1 X509v3 Authority Key Identifier: keyid:C4:E4:F0:DA:01:0A:F5:86:37:CC:59:62:84:71:E9:98:B7:24:3C:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xOTw2gEK9YY3zFlihHHpmLckPFI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/5353EA28781F11EEBA05B17FC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.255.152.0/22 103.1.172.0/22 103.44.220.0/24 103.87.189.0-103.87.191.255 118.139.160.0/19 182.50.128.0/19 203.124.96.0/19 IPv6: 2001:df1:9c00::/48 2403:bc80::/32 2407:1c00::/32 Signature Algorithm: sha256WithRSAEncryption 39:06:fe:81:73:12:1e:10:98:26:d3:25:cd:e6:35:52:1a:09: fe:0e:7d:41:88:19:5f:a9:00:b4:19:5f:03:22:b7:ae:df:76: 95:7f:ab:22:59:4f:6b:df:98:4c:ed:98:d3:63:79:8c:c0:a9: f0:62:57:02:b4:20:10:ec:37:7a:4e:df:8c:26:e2:43:56:77: 4d:73:9e:94:94:07:e4:17:c9:40:47:4a:7f:ee:bc:14:18:96: f8:53:40:c9:ce:ec:6a:cd:a9:82:81:cf:a4:45:b3:9f:3d:5c: a6:6b:ea:60:83:e4:8f:2b:c9:04:98:74:1d:f2:42:96:f4:1d: 55:bb:e9:ed:71:b5:37:8b:61:fe:c0:28:23:61:5d:96:91:64: ac:42:b0:7d:16:50:f0:fa:3c:be:dd:22:5e:b8:74:b5:a7:19: af:fc:89:d9:60:a6:63:10:1d:e6:93:e7:ff:6c:02:99:31:c1: 7f:f9:5c:e9:bf:84:54:80:ef:bb:e6:11:fe:d2:e4:85:b2:b1: f2:b0:d7:93:93:c5:18:36:7a:53:02:1b:d8:7a:c7:34:4b:d6: f3:e6:66:0f:dc:bb:5a:7a:1d:96:7b:f0:85:ff:56:77:7d:51: e8:62:97:76:97:13:7a:c1:8b:e2:2a:09:38:11:30:33:d1:77: e7:3c:51:b8 -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgICCbgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDgzRDAxMTAvBgNVBAUTKEM0RTRGMERBMDEwQUY1ODYzN0NDNTk2Mjg0NzFFOTk4 QjcyNDNDNTIwHhcNMjYwNDA4MjAyNTIzWhcNMjcwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02OWQ2YjliMi01ZDg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu7rt8VtrAMg4ur/JmdDFKiTW414YHwDBrzYkqIIG9WcXAPl8Zi15OhMwpXjS o6+pKt4Ih2ul8VHKNZixXHxmjHLlQonJn69JClxiy3PpTwDw/FfpZoAlfL52a1qP j0uwExk5PP410yUNeDiw7w3Y7kRKZmkhiDRR8mUAHCAlXq5Zb4NfW3RPln7Of7sp Q8mwQnSc5Eb5L9zxqj/RkRB97ox4tIUP4C1pgUH6zUHpY5hPez9RgedFgRgQVkaL 491ROPxGRhX/uoufDsj2VpxbJumtt/hFxRd0fs2COV9t9ewHzVPy0xtVFoy8VbLX vpq0mgO6O8NvMRIEMKrzFBsbcQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFMHIf3Ku mg+8QdJYEV6ogOXcYIfRMB8GA1UdIwQYMBaAFMTk8NoBCvWGN8xZYoRx6Zi3JDxS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEODNEMC8wQTE2MjA4QUFG QkMxMUVBQTk2MUNCODZDNEY5QUUwMi94T1R3MmdFSzlZWTN6RmxpaEhIcG1MY2tQ RkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hPVHcyZ0VLOVlZM3pGbGloSEhwbUxja1BGSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDgzRDAvMEExNjIwOEFBRkJDMTFFQUE5NjFDQjg2QzRGOUFFMDIvNTM1M0VBMjg3 ODFGMTFFRUJBMDVCMTdGQzRGOUFFMDIucm9hMGoGCCsGAQUFBwEHAQH/BFswWTA4 BAIAATAyAwQCK/+YAwQCZwGsAwQAZyzcMAwDBABnV70DBAZnV4ADBAV2i6ADBAW2 MoADBAXLfGAwHQQCAAIwFwMHACABDfGcAAMFACQDvIADBQAkBxwAMA0GCSqGSIb3 DQEBCwUAA4IBAQA5Bv6BcxIeEJgm0yXN5jVSGgn+Dn1BiBlfqQC0GV8DIreu33aV f6siWU9r35hM7ZjTY3mMwKnwYlcCtCAQ7Dd6Tt+MJuJDVndNc56UlAfkF8lAR0p/ 7rwUGJb4U0DJzuxqzamCgc+kRbOfPVyma+pgg+SPK8kEmHQd8kKW9B1Vu+ntcbU3 i2H+wCgjYV2WkWSsQrB9FlDw+jy+3SJeuHS1pxmv/InZYKZjEB3mk+f/bAKZMcF/ +Vzpv4RUgO+75hH+0uSFsrHysNeTk8UYNnpTAhvYesc0S9bz5mYP3Ltaeh2We/CF /1Z3fVHoYpd2lxN6wYviKgk4ETAz0XfnPFG4 -----END CERTIFICATE-----Generated at Fri Apr 17 19:22:49 2026 by rpki-client