$ rpki-client -vvf rpki.apnic.net/member_repository/A91DEBE3/80AE10C6045011EABA82C415C4F9AE02/AF0508E8B1EE11EF93E70F63C4F9AE02.roa File: AF0508E8B1EE11EF93E70F63C4F9AE02.roa (raw, json) Hash identifier: /T4LYRFjurWo+sXlwXITQRtGPqnCSql2DU5VkiOEfeM= Subject key identifier: 61:E1:94:7B:E2:FA:B4:97:4A:02:1A:7C:63:2F:8A:17:5E:50:10:9D Certificate issuer: /CN=A91DEBE3/serialNumber=DE50542BEA108201A772C00BC9F251AD17FA96CD Certificate serial: 0D61 Authority key identifier: DE:50:54:2B:EA:10:82:01:A7:72:C0:0B:C9:F2:51:AD:17:FA:96:CD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3lBUK-oQggGncsALyfJRrRf6ls0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DEBE3/80AE10C6045011EABA82C415C4F9AE02/AF0508E8B1EE11EF93E70F63C4F9AE02.roa Signing time: Wed 08 Apr 2026 18:23:07 +0000 ROA not before: Wed 08 Apr 2026 18:23:07 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 141452 IP address blocks: 103.214.80.0/24 maxlen: 24 103.214.81.0/24 maxlen: 24 103.214.83.0/24 maxlen: 24 144.48.85.0/24 maxlen: 24 144.48.86.0/24 maxlen: 24 144.48.87.0/24 maxlen: 24 2404:d580::/32 maxlen: 32 2404:d580::/48 maxlen: 48 2404:d580:1::/48 maxlen: 48 2404:d580:2::/48 maxlen: 48 2404:d580:3::/48 maxlen: 48 2404:d580:4::/48 maxlen: 48 2404:d580:5::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DEBE3/80AE10C6045011EABA82C415C4F9AE02/3lBUK-oQggGncsALyfJRrRf6ls0.crl rsync://rpki.apnic.net/member_repository/A91DEBE3/80AE10C6045011EABA82C415C4F9AE02/3lBUK-oQggGncsALyfJRrRf6ls0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3lBUK-oQggGncsALyfJRrRf6ls0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Apr 2026 18:07:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3425 (0xd61) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DEBE3, serialNumber=DE50542BEA108201A772C00BC9F251AD17FA96CD Validity Not Before: Apr 8 18:23:07 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=69d69d0b-0e9a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f8:6b:c0:6a:f4:07:d6:04:60:49:66:41:a9:79: a5:45:3a:23:92:49:f5:b7:fb:d1:5d:fc:2f:84:28: 2d:3a:ab:4d:2f:a6:af:50:22:89:29:b8:de:16:f2: f9:5a:fb:ad:72:28:9f:69:2d:b2:0a:8a:cd:44:02: ee:47:3a:3b:7b:d7:4c:c1:36:e4:20:91:e1:61:bf: cd:86:bf:66:4f:aa:66:f7:77:02:3b:eb:19:9c:4c: 20:11:44:22:10:70:ed:8b:42:83:4e:37:88:bd:15: a4:dc:94:2d:93:bb:94:7c:de:71:3d:37:75:dc:af: 0a:a0:32:5f:0f:20:67:5a:fe:66:9c:56:75:ef:0b: f0:8f:03:ac:81:47:2e:1a:a9:80:46:85:45:e9:6d: b2:28:db:e9:64:e2:a3:05:48:0b:cf:8b:30:bd:16: 4e:d9:f1:12:25:ed:65:04:8e:14:88:ab:59:93:c1: 28:35:34:4a:b6:3e:78:c0:31:b4:e1:94:00:dc:9f: 70:1d:48:89:36:f1:66:96:d3:2a:ca:ec:cd:33:b3: 10:ff:b7:9d:67:ae:67:00:df:36:d7:b6:7c:76:b2: 8b:8c:df:65:aa:0b:5c:56:63:d4:e4:95:17:c9:44: 7b:67:38:a0:7b:43:aa:16:b0:81:71:52:82:6d:54: 3d:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:E1:94:7B:E2:FA:B4:97:4A:02:1A:7C:63:2F:8A:17:5E:50:10:9D X509v3 Authority Key Identifier: keyid:DE:50:54:2B:EA:10:82:01:A7:72:C0:0B:C9:F2:51:AD:17:FA:96:CD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DEBE3/80AE10C6045011EABA82C415C4F9AE02/3lBUK-oQggGncsALyfJRrRf6ls0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3lBUK-oQggGncsALyfJRrRf6ls0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DEBE3/80AE10C6045011EABA82C415C4F9AE02/AF0508E8B1EE11EF93E70F63C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.214.80.0/23 103.214.83.0/24 144.48.85.0-144.48.87.255 IPv6: 2404:d580::/32 Signature Algorithm: sha256WithRSAEncryption 57:b4:f7:6d:ba:97:8e:b4:8c:4b:5f:00:11:7d:89:0e:fd:b6: 3f:96:6f:51:ac:c7:a9:31:91:ab:c5:60:32:de:74:5d:a8:49: 4f:2a:9d:09:c5:ae:ff:6e:0c:e8:6a:f9:e2:62:cf:5c:53:4f: 93:6e:a3:17:17:01:52:d8:64:94:85:e1:78:ce:e6:b0:8a:4a: bb:2b:9b:4e:a1:33:af:92:b5:6c:5b:76:5f:79:f2:12:de:7e: 99:8e:07:69:3f:99:fb:13:38:99:9c:01:d4:17:4f:26:20:25: fe:ec:fc:7c:81:ff:9d:fb:79:6d:a0:10:47:7b:b4:0b:c5:5d: 70:fa:ea:e7:d8:59:24:6e:db:74:d5:aa:4c:0c:76:b1:4b:ec: db:b8:90:5f:06:19:cb:02:48:73:f4:33:71:e1:9a:56:27:00: b1:e8:8f:d0:7e:fe:c3:67:0b:46:48:42:f3:63:9a:fc:be:f8: db:b9:df:90:d8:5e:b8:3d:47:94:eb:14:c6:66:51:7b:c7:ab: c8:1e:3e:77:07:34:9d:ca:9b:de:95:36:f7:f1:40:e8:71:50: e9:16:d1:b3:1e:37:94:ed:82:7b:17:30:db:96:a9:09:19:bf: ff:68:f8:0a:86:08:3e:0b:e9:d1:8e:74:df:ba:cb:e1:e1:16: 24:3a:20:67 -----BEGIN CERTIFICATE----- MIIFXzCCBEegAwIBAgICDWEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REVCRTMxMTAvBgNVBAUTKERFNTA1NDJCRUExMDgyMDFBNzcyQzAwQkM5RjI1MUFE MTdGQTk2Q0QwHhcNMjYwNDA4MTgyMzA3WhcNMjcwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWQ2OWQwYi0wZTlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA+GvAavQH1gRgSWZBqXmlRTojkkn1t/vRXfwvhCgtOqtNL6avUCKJKbjeFvL5 WvutciifaS2yCorNRALuRzo7e9dMwTbkIJHhYb/Nhr9mT6pm93cCO+sZnEwgEUQi EHDti0KDTjeIvRWk3JQtk7uUfN5xPTd13K8KoDJfDyBnWv5mnFZ17wvwjwOsgUcu GqmARoVF6W2yKNvpZOKjBUgLz4swvRZO2fESJe1lBI4UiKtZk8EoNTRKtj54wDG0 4ZQA3J9wHUiJNvFmltMqyuzNM7MQ/7edZ65nAN8217Z8drKLjN9lqgtcVmPU5JUX yUR7Zzige0OqFrCBcVKCbVQ9WwIDAQABo4ICgzCCAn8wHQYDVR0OBBYEFGHhlHvi +rSXSgIafGMvihdeUBCdMB8GA1UdIwQYMBaAFN5QVCvqEIIBp3LAC8nyUa0X+pbN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERUJFMy84MEFFMTBDNjA0 NTAxMUVBQkE4MkM0MTVDNEY5QUUwMi8zbEJVSy1vUWdnR25jc0FMeWZKUnJSZjZs czAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNsQlVLLW9RZ2dHbmNzQUx5ZkpSclJmNmxzMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx REVCRTMvODBBRTEwQzYwNDUwMTFFQUJBODJDNDE1QzRGOUFFMDIvQUYwNTA4RThC MUVFMTFFRjkzRTcwRjYzQzRGOUFFMDIucm9hMEIGCCsGAQUFBwEHAQH/BDMwMTAg BAIAATAaAwQBZ9ZQAwQAZ9ZTMAwDBACQMFUDBAOQMFAwDQQCAAIwBwMFACQE1YAw DQYJKoZIhvcNAQELBQADggEBAFe09226l460jEtfABF9iQ79tj+Wb1Gsx6kxkavF YDLedF2oSU8qnQnFrv9uDOhq+eJiz1xTT5NuoxcXAVLYZJSF4XjO5rCKSrsrm06h M6+StWxbdl958hLefpmOB2k/mfsTOJmcAdQXTyYgJf7s/HyB/537eW2gEEd7tAvF XXD66ufYWSRu23TVqkwMdrFL7Nu4kF8GGcsCSHP0M3HhmlYnALHoj9B+/sNnC0ZI QvNjmvy++Nu535DYXrg9R5TrFMZmUXvHq8gePncHNJ3Km96VNvfxQOhxUOkW0bMe N5TtgnsXMNuWqQkZv/9o+AqGCD4L6dGOdN+6y+HhFiQ6IGc= -----END CERTIFICATE-----Generated at Fri Apr 17 11:29:29 2026 by rpki-client