$ rpki-client -vvf rpki.apnic.net/member_repository/A91DBAA3/1C17913AD90D11F08680D5F17CD3641D/D0B6868A1D1B11F1ACF733B0103D8C67.roa File: D0B6868A1D1B11F1ACF733B0103D8C67.roa (raw, json) Hash identifier: jWdMxZZFTY4CsUZBn1lrTkWtYy/fDMYlI5r04PJk980= Subject key identifier: 0C:67:BC:A3:03:7F:F2:3C:5B:50:CC:77:E1:BE:A4:DC:A0:6C:B1:37 Certificate issuer: /CN=A91DBAA3/serialNumber=F9AE5E2A9DC80B51EAA7577278C3DE061A80AB63 Certificate serial: 46 Authority key identifier: F9:AE:5E:2A:9D:C8:0B:51:EA:A7:57:72:78:C3:DE:06:1A:80:AB:63 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-a5eKp3IC1Hqp1dyeMPeBhqAq2M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DBAA3/1C17913AD90D11F08680D5F17CD3641D/D0B6868A1D1B11F1ACF733B0103D8C67.roa Signing time: Fri 03 Apr 2026 08:43:57 +0000 ROA not before: Fri 03 Apr 2026 08:43:57 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 152194 IP address blocks: 43.240.36.0/22 maxlen: 24 103.19.188.0/22 maxlen: 24 2400:c680::/32 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DBAA3/1C17913AD90D11F08680D5F17CD3641D/-a5eKp3IC1Hqp1dyeMPeBhqAq2M.crl rsync://rpki.apnic.net/member_repository/A91DBAA3/1C17913AD90D11F08680D5F17CD3641D/-a5eKp3IC1Hqp1dyeMPeBhqAq2M.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-a5eKp3IC1Hqp1dyeMPeBhqAq2M.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Apr 2026 08:07:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70 (0x46) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DBAA3, serialNumber=F9AE5E2A9DC80B51EAA7577278C3DE061A80AB63 Validity Not Before: Apr 3 08:43:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=69cf7dcd-e35b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:15:b1:23:d2:c4:eb:35:a9:ff:22:55:f9:c1: 27:89:a2:42:e0:53:4e:a6:b6:d3:e5:79:45:69:8c: 5e:47:4a:57:4e:3d:10:f9:e0:45:d1:c7:08:a2:80: e7:f6:a2:b2:1c:77:d6:3d:41:9e:20:2f:35:c9:88: 53:c9:e6:84:66:eb:fa:9a:45:0a:fa:35:1e:5a:f7: d2:ff:94:b4:ac:f2:a0:23:05:a8:eb:c9:ce:01:24: ed:10:60:31:af:93:92:e6:e7:bf:a6:c9:43:d7:f4: e6:a7:ce:a3:be:40:1f:ea:6a:50:7d:0a:19:0e:4d: 26:86:0f:56:81:9c:63:5b:6f:1d:a0:01:94:8d:e5: 4d:da:23:cd:84:85:3d:ae:9f:ee:ab:ed:d8:0c:55: 97:49:23:4e:38:20:9a:92:64:3e:2c:3c:ce:9a:86: 31:33:b2:52:10:84:42:fe:69:8c:d9:3f:19:48:8a: 4e:ce:ed:8a:5d:75:c6:f7:04:2c:74:27:f6:f1:a0: 58:d8:53:22:2f:fc:b8:69:e0:ad:81:79:a6:a2:03: df:9c:7f:2f:b6:58:0b:79:8c:1e:04:a2:c5:4d:cc: 00:e5:a1:1a:29:fb:3b:32:e1:c4:4f:7b:fa:48:aa: 1e:bb:6c:80:b0:d6:96:e9:92:29:84:c6:2b:4d:58: f5:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:67:BC:A3:03:7F:F2:3C:5B:50:CC:77:E1:BE:A4:DC:A0:6C:B1:37 X509v3 Authority Key Identifier: keyid:F9:AE:5E:2A:9D:C8:0B:51:EA:A7:57:72:78:C3:DE:06:1A:80:AB:63 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DBAA3/1C17913AD90D11F08680D5F17CD3641D/-a5eKp3IC1Hqp1dyeMPeBhqAq2M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-a5eKp3IC1Hqp1dyeMPeBhqAq2M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DBAA3/1C17913AD90D11F08680D5F17CD3641D/D0B6868A1D1B11F1ACF733B0103D8C67.roa sbgp-ipAddrBlock: critical IPv4: 43.240.36.0/22 103.19.188.0/22 IPv6: 2400:c680::/32 Signature Algorithm: sha256WithRSAEncryption 2f:3e:6f:8d:d4:96:5e:22:fd:2b:43:cf:89:dd:d7:5d:4d:8d: 28:ba:ac:af:eb:26:b3:f5:35:bb:63:88:6c:72:12:c7:b0:43: ab:39:d1:23:35:00:9b:68:52:0d:99:96:e2:0b:f6:dd:bd:f3: c1:86:35:46:a5:a7:1a:e6:3c:37:34:2c:e1:e7:ac:02:fe:b8: 2e:60:cf:81:e9:f3:60:41:f4:35:de:a7:3d:96:3d:60:ee:d9: 10:69:17:92:3d:69:e6:7e:bd:ea:18:a3:33:f7:d8:84:16:90: 56:bd:43:e0:8c:3b:7b:8e:a5:73:04:06:2f:52:00:81:6d:26: 95:1a:3c:67:8f:10:96:22:e0:2b:01:de:5c:cf:f0:a7:76:8c: 64:4e:f3:50:a2:58:26:ba:29:96:34:5e:0d:4b:07:71:5d:a9: bb:1b:bc:27:df:19:35:a9:31:77:5b:04:a3:27:ea:de:7f:50: aa:a8:17:be:11:6a:09:ca:45:37:4b:31:3e:c7:8d:ae:9a:af: 7e:5f:a0:31:a2:d6:31:61:e0:ad:49:77:d9:93:3f:76:25:b4: 14:b3:23:fc:5c:91:12:a8:e0:5f:4c:d6:ce:4e:19:99:ca:0e: 1c:cf:f4:ec:81:a9:33:dd:d6:e8:3a:ea:e1:99:b0:9b:73:7b: a0:a9:4e:ec -----BEGIN CERTIFICATE----- MIIFUDCCBDigAwIBAgIBRjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE QkFBMzExMC8GA1UEBRMoRjlBRTVFMkE5REM4MEI1MUVBQTc1NzcyNzhDM0RFMDYx QTgwQUI2MzAeFw0yNjA0MDMwODQzNTdaFw0yNzA3MDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY5Y2Y3ZGNkLWUzNWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCzFbEj0sTrNan/IlX5wSeJokLgU06mttPleUVpjF5HSldOPRD54EXRxwiigOf2 orIcd9Y9QZ4gLzXJiFPJ5oRm6/qaRQr6NR5a99L/lLSs8qAjBajryc4BJO0QYDGv k5Lm57+myUPX9OanzqO+QB/qalB9ChkOTSaGD1aBnGNbbx2gAZSN5U3aI82EhT2u n+6r7dgMVZdJI044IJqSZD4sPM6ahjEzslIQhEL+aYzZPxlIik7O7Ypddcb3BCx0 J/bxoFjYUyIv/Lhp4K2BeaaiA9+cfy+2WAt5jB4EosVNzADloRop+zsy4cRPe/pI qh67bICw1pbpkimExitNWPUVAgMBAAGjggJ1MIICcTAdBgNVHQ4EFgQUDGe8owN/ 8jxbUMx34b6k3KBssTcwHwYDVR0jBBgwFoAU+a5eKp3IC1Hqp1dyeMPeBhqAq2Mw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURCQUEzLzFDMTc5MTNBRDkw RDExRjA4NjgwRDVGMTdDRDM2NDFELy1hNWVLcDNJQzFIcXAxZHllTVBlQmhxQXEy TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvLWE1ZUtwM0lDMUhxcDFkeWVNUGVCaHFBcTJNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgZYGCCsGAQUFBwELBIGJMIGGMIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QkFBMy8xQzE3OTEzQUQ5MEQxMUYwODY4MEQ1RjE3Q0QzNjQxRC9EMEI2ODY4QTFE MUIxMUYxQUNGNzMzQjAxMDNEOEM2Ny5yb2EwNAYIKwYBBQUHAQcBAf8EJTAjMBIE AgABMAwDBAIr8CQDBAJnE7wwDQQCAAIwBwMFACQAxoAwDQYJKoZIhvcNAQELBQAD ggEBAC8+b43Ull4i/StDz4nd111NjSi6rK/rJrP1NbtjiGxyEsewQ6s50SM1AJto Ug2ZluIL9t2988GGNUalpxrmPDc0LOHnrAL+uC5gz4Hp82BB9DXepz2WPWDu2RBp F5I9aeZ+veoYozP32IQWkFa9Q+CMO3uOpXMEBi9SAIFtJpUaPGePEJYi4CsB3lzP 8Kd2jGRO81CiWCa6KZY0Xg1LB3FdqbsbvCffGTWpMXdbBKMn6t5/UKqoF74RagnK RTdLMT7Hja6ar35foDGi1jFh4K1Jd9mTP3YltBSzI/xckRKo4F9M1s5OGZnKDhzP 9OyBqTPd1ug66uGZsJtze6CpTuw= -----END CERTIFICATE-----Generated at Fri Apr 17 17:29:01 2026 by rpki-client