$ rpki-client -vvf rpki.apnic.net/member_repository/A91D92FB/327FC6B21D8811E298F3A3E008B02CD2/F86E9DE46B9811ED9330AC4CC4F9AE02.roa File: F86E9DE46B9811ED9330AC4CC4F9AE02.roa (raw, json) Hash identifier: zH3hNiG3oNZT93Paosmg2thFHMW31DTiFkny+zicvU4= Subject key identifier: 88:87:37:BA:09:BA:1A:8C:AB:AF:05:3F:CD:1E:30:FD:8D:0F:E7:07 Certificate issuer: /CN=A91D92FB/serialNumber=4C36F812E76D827ECE6E59BD1560585C51ECD992 Certificate serial: 3561 Authority key identifier: 4C:36:F8:12:E7:6D:82:7E:CE:6E:59:BD:15:60:58:5C:51:EC:D9:92 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TDb4Eudtgn7Oblm9FWBYXFHs2ZI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D92FB/327FC6B21D8811E298F3A3E008B02CD2/F86E9DE46B9811ED9330AC4CC4F9AE02.roa Signing time: Sun 01 Mar 2026 15:52:06 +0000 ROA not before: Wed 28 Jan 2026 15:10:51 +0000 ROA not after: Wed 31 Mar 2027 00:00:00 +0000 asID: 17408 IP address blocks: 43.243.252.0/22 maxlen: 24 202.133.224.0/19 maxlen: 24 2405:7e00:17::/48 maxlen: 48 2405:7e00:1000::/36 maxlen: 36 2405:7e00:1000::/48 maxlen: 48 2405:7e00:1002::/64 maxlen: 64 2405:7e00:1003::/48 maxlen: 48 2405:7e00:100a::/48 maxlen: 48 2405:7e00:100b::/48 maxlen: 48 2405:7e00:100c::/48 maxlen: 48 2405:7e00:100d::/48 maxlen: 48 2405:7e00:100e::/48 maxlen: 48 2405:7e00:100f::/48 maxlen: 48 2405:7e00:1011::/48 maxlen: 48 2405:7e00:1012::/48 maxlen: 48 2405:7e00:1013::/48 maxlen: 48 2405:7e00:1014::/48 maxlen: 48 2405:7e00:1015::/48 maxlen: 48 2405:7e00:1016::/48 maxlen: 48 2405:7e00:101a::/48 maxlen: 48 2405:7e00:101b::/48 maxlen: 48 2405:7e00:4000::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D92FB/327FC6B21D8811E298F3A3E008B02CD2/TDb4Eudtgn7Oblm9FWBYXFHs2ZI.crl rsync://rpki.apnic.net/member_repository/A91D92FB/327FC6B21D8811E298F3A3E008B02CD2/TDb4Eudtgn7Oblm9FWBYXFHs2ZI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TDb4Eudtgn7Oblm9FWBYXFHs2ZI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:52:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13665 (0x3561) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D92FB, serialNumber=4C36F812E76D827ECE6E59BD1560585C51ECD992 Validity Not Before: Jan 28 15:10:51 2026 GMT Not After : Mar 31 00:00:00 2027 GMT Subject: CN=69a460a6-3b22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:88:2d:e9:f6:6e:05:83:d9:87:fa:f8:2d:c8:7b: 20:97:86:12:f5:67:8a:34:73:75:29:29:51:19:0d: c0:16:c8:09:a3:c8:6b:8f:d3:c3:77:53:c9:e5:e7: 9c:98:ae:76:1a:2a:2c:a3:a0:10:df:9a:98:43:d6: f5:c1:7d:c5:68:c3:25:45:26:a3:c6:ae:83:5e:d7: 7d:d8:74:2e:3f:54:03:72:49:32:32:95:4e:7b:97: aa:13:81:ab:cf:b6:20:47:0d:db:57:da:f6:72:37: 24:18:1d:1c:55:4d:fb:2b:8c:27:b1:ae:ad:2f:d6: 69:61:ce:fa:72:7b:39:b7:ed:ae:d1:be:46:7f:b0: a0:0a:67:4e:dd:63:19:ab:42:e4:cd:0b:09:90:78: a1:31:8e:85:83:38:eb:6d:9e:88:de:50:ff:95:a6: 86:8c:f8:c5:95:c7:17:4e:67:54:34:00:0b:c6:b2: 59:06:48:2f:7d:a9:c7:24:54:82:2a:3b:b1:7a:e2: b3:d4:6b:c1:aa:f4:4a:b9:98:83:26:23:39:2e:ff: b3:71:5f:23:f7:49:04:bd:68:8e:cb:df:b2:a2:4e: 68:52:13:8f:7c:f4:bf:d5:44:6b:6f:8f:4f:3c:43: 62:4d:d8:ce:9e:c4:66:8e:0d:f9:e3:dc:65:ca:8d: e4:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:87:37:BA:09:BA:1A:8C:AB:AF:05:3F:CD:1E:30:FD:8D:0F:E7:07 X509v3 Authority Key Identifier: keyid:4C:36:F8:12:E7:6D:82:7E:CE:6E:59:BD:15:60:58:5C:51:EC:D9:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D92FB/327FC6B21D8811E298F3A3E008B02CD2/TDb4Eudtgn7Oblm9FWBYXFHs2ZI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TDb4Eudtgn7Oblm9FWBYXFHs2ZI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D92FB/327FC6B21D8811E298F3A3E008B02CD2/F86E9DE46B9811ED9330AC4CC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.243.252.0/22 202.133.224.0/19 IPv6: 2405:7e00:17::/48 2405:7e00:1000::/36 2405:7e00:4000::/36 Signature Algorithm: sha256WithRSAEncryption 93:37:33:ad:28:5b:8e:15:a3:5b:f7:bb:67:d3:34:8c:61:d0: 18:70:79:b0:03:be:4f:62:b1:49:a5:97:ea:13:b6:07:63:37: 85:d9:95:6f:d0:d2:e1:76:5f:d2:82:d1:41:b3:42:18:21:27: 49:61:a9:e8:5a:92:bb:76:f8:14:96:a3:99:2d:ac:f7:42:ed: dc:fc:3c:27:a8:24:42:af:6b:31:33:43:46:1b:4a:ec:59:0f: 70:59:a9:1e:00:20:68:b6:da:63:dc:08:26:82:30:ba:b1:5f: 09:9e:51:2d:73:7c:f5:05:16:21:d6:f3:eb:38:d3:8e:f4:33: 97:54:96:f6:6e:36:84:45:09:be:1c:44:46:4a:f0:ec:9d:8e: a7:01:27:f9:b5:5a:2d:a0:3f:3f:16:6b:6a:6d:11:9b:c7:9f: f3:8c:93:15:4a:98:7e:08:6a:e9:60:e7:d8:f6:cf:db:3c:d0: 68:ea:f4:41:50:c0:15:6f:b5:0c:8c:ee:95:87:de:e3:71:d9: 08:ce:8f:60:6f:39:69:39:d2:cf:07:d0:e8:cd:ba:b7:48:0d: 5b:b4:ba:0d:df:18:7a:ff:bc:4c:05:91:e5:ca:d8:42:cf:82: 60:11:28:ed:71:99:64:16:f3:b7:8e:03:a3:4f:fd:3a:1d:b4: d2:b3:f1:f1 -----BEGIN CERTIFICATE----- MIIFYzCCBEugAwIBAgICNWEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDkyRkIxMTAvBgNVBAUTKDRDMzZGODEyRTc2RDgyN0VDRTZFNTlCRDE1NjA1ODVD NTFFQ0Q5OTIwHhcNMjYwMTI4MTUxMDUxWhcNMjcwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NjBhNi0zYjIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAiC3p9m4Fg9mH+vgtyHsgl4YS9WeKNHN1KSlRGQ3AFsgJo8hrj9PDd1PJ5eec mK52Gioso6AQ35qYQ9b1wX3FaMMlRSajxq6DXtd92HQuP1QDckkyMpVOe5eqE4Gr z7YgRw3bV9r2cjckGB0cVU37K4wnsa6tL9ZpYc76cns5t+2u0b5Gf7CgCmdO3WMZ q0LkzQsJkHihMY6FgzjrbZ6I3lD/laaGjPjFlccXTmdUNAALxrJZBkgvfanHJFSC KjuxeuKz1GvBqvRKuZiDJiM5Lv+zcV8j90kEvWiOy9+yok5oUhOPfPS/1URrb49P PENiTdjOnsRmjg3549xlyo3kNQIDAQABo4IChzCCAoMwHQYDVR0OBBYEFIiHN7oJ uhqMq68FP80eMP2ND+cHMB8GA1UdIwQYMBaAFEw2+BLnbYJ+zm5ZvRVgWFxR7NmS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOTJGQi8zMjdGQzZCMjFE ODgxMUUyOThGM0EzRTAwOEIwMkNEMi9URGI0RXVkdGduN09ibG05RldCWVhGSHMy WkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1REYjRFdWR0Z243T2JsbTlGV0JZWEZIczJaSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDkyRkIvMzI3RkM2QjIxRDg4MTFFMjk4RjNBM0UwMDhCMDJDRDIvRjg2RTlERTQ2 Qjk4MTFFRDkzMzBBQzRDQzRGOUFFMDIucm9hMEYGCCsGAQUFBwEHAQH/BDcwNTAS BAIAATAMAwQCK/P8AwQFyoXgMB8EAgACMBkDBwAkBX4AABcDBgQkBX4AEAMGBCQF fgBAMA0GCSqGSIb3DQEBCwUAA4IBAQCTNzOtKFuOFaNb97tn0zSMYdAYcHmwA75P YrFJpZfqE7YHYzeF2ZVv0NLhdl/SgtFBs0IYISdJYanoWpK7dvgUlqOZLaz3Qu3c /DwnqCRCr2sxM0NGG0rsWQ9wWakeACBottpj3AgmgjC6sV8JnlEtc3z1BRYh1vPr ONOO9DOXVJb2bjaERQm+HERGSvDsnY6nASf5tVotoD8/FmtqbRGbx5/zjJMVSph+ CGrpYOfY9s/bPNBo6vRBUMAVb7UMjO6Vh97jcdkIzo9gbzlpOdLPB9Dozbq3SA1b tLoN3xh6/7xMBZHlythCz4JgESjtcZlkFvO3jgOjT/06HbTSs/Hx -----END CERTIFICATE-----Generated at Mon Mar 2 11:00:14 2026 by rpki-client