$ rpki-client -vvf rpki.apnic.net/member_repository/A91E007B/09DE3482671311EAA4D26753C4F9AE02/BCFA6274C35C11F0BCE51340C4F9AE02.roa File: BCFA6274C35C11F0BCE51340C4F9AE02.roa (raw, json) Hash identifier: xE3/3MEwofV0kWri8MhE1BrfouBJnkKU5c1QnemDypU= Subject key identifier: 1A:00:D8:0F:CE:9B:CF:D5:0C:F9:36:9E:1A:52:2E:55:F5:75:BF:72 Certificate issuer: /CN=A91E007B/serialNumber=C2780CFD57A9986993DBF6C0D6BDEEF76B451972 Certificate serial: 0B03 Authority key identifier: C2:78:0C:FD:57:A9:98:69:93:DB:F6:C0:D6:BD:EE:F7:6B:45:19:72 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wngM_VepmGmT2_bA1r3u92tFGXI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E007B/09DE3482671311EAA4D26753C4F9AE02/BCFA6274C35C11F0BCE51340C4F9AE02.roa Signing time: Mon 02 Mar 2026 04:41:46 +0000 ROA not before: Mon 17 Nov 2025 02:25:52 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 4764 IP address blocks: 43.251.200.0/22 maxlen: 22 43.251.200.0/24 maxlen: 24 103.42.236.0/22 maxlen: 22 103.42.236.0/24 maxlen: 24 122.102.96.0/21 maxlen: 21 122.102.104.0/22 maxlen: 22 202.86.208.0/21 maxlen: 21 2405:e400::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E007B/09DE3482671311EAA4D26753C4F9AE02/wngM_VepmGmT2_bA1r3u92tFGXI.crl rsync://rpki.apnic.net/member_repository/A91E007B/09DE3482671311EAA4D26753C4F9AE02/wngM_VepmGmT2_bA1r3u92tFGXI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wngM_VepmGmT2_bA1r3u92tFGXI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 16:03:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2819 (0xb03) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E007B, serialNumber=C2780CFD57A9986993DBF6C0D6BDEEF76B451972 Validity Not Before: Nov 17 02:25:52 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=69a5150a-c4bb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:aa:0c:9f:1a:d0:af:7a:6a:b2:f9:a4:6b:22: 14:45:ba:2b:4f:0e:59:8d:1f:a3:24:9f:07:96:c2: bd:40:db:fd:e9:c3:84:cb:1b:f5:ef:26:6a:13:09: 38:3d:2b:fd:33:b2:18:87:3c:aa:37:5f:ab:40:88: 2a:8f:61:7f:ce:a2:d2:bb:03:09:ad:22:a5:7e:7f: 55:75:da:34:ed:e2:ab:78:0d:f8:e9:07:75:ad:18: 64:52:00:4b:31:ca:2d:f2:b6:d0:ad:4e:4a:93:4a: b9:e7:67:cc:a6:1e:dd:84:84:ff:42:24:85:da:64: 54:ca:2c:7d:3d:a9:98:ba:fb:2f:41:94:df:c5:c2: 0b:a3:bb:c7:92:8d:19:ae:a7:41:a7:a8:ed:11:62: fc:7e:df:a1:5a:98:95:cc:87:23:69:21:32:d4:e4: 40:2f:3c:41:87:38:61:7c:0c:2d:2b:14:84:65:d8: 5f:23:55:e6:0f:f9:c9:47:4b:70:6c:47:ad:b5:9a: 8f:8e:10:2a:94:17:d7:a3:29:09:e1:3e:6d:8e:ec: 7a:36:a7:8d:76:82:b1:73:ed:4b:77:5b:58:82:5a: d7:10:69:31:fc:e1:bb:0c:9b:fc:e1:76:4a:73:2e: 9f:49:d7:4d:3b:ac:86:04:26:82:33:d3:64:aa:66: 9a:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:00:D8:0F:CE:9B:CF:D5:0C:F9:36:9E:1A:52:2E:55:F5:75:BF:72 X509v3 Authority Key Identifier: keyid:C2:78:0C:FD:57:A9:98:69:93:DB:F6:C0:D6:BD:EE:F7:6B:45:19:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E007B/09DE3482671311EAA4D26753C4F9AE02/wngM_VepmGmT2_bA1r3u92tFGXI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wngM_VepmGmT2_bA1r3u92tFGXI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E007B/09DE3482671311EAA4D26753C4F9AE02/BCFA6274C35C11F0BCE51340C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.251.200.0/22 103.42.236.0/22 122.102.96.0-122.102.107.255 202.86.208.0/21 IPv6: 2405:e400::/32 Signature Algorithm: sha256WithRSAEncryption ac:fa:a1:e1:75:d3:06:eb:08:3f:3f:81:57:a4:87:6b:25:d1: 30:47:15:bb:9d:81:76:f6:d8:50:4b:5d:b1:5f:ab:3a:08:b5: 8b:34:7e:8f:de:9a:e2:7c:4a:88:1d:ba:56:47:f1:ab:da:44: 61:3d:7f:bc:5f:d8:bf:6c:fc:44:53:f7:60:c1:c5:76:e3:dd: 23:ce:27:3b:f1:70:89:32:26:0c:a1:f8:49:28:e1:8d:4d:6d: a9:4c:e9:63:34:5c:35:d7:b3:3a:0e:9c:e9:d2:c9:c0:bb:6a: 07:39:c0:d7:3e:89:8c:87:30:86:b2:db:0b:63:27:66:4d:0e: 93:43:51:34:08:49:e8:6b:4d:66:23:a0:66:b2:95:8a:fb:fb: 8d:19:73:00:ca:f9:f1:62:59:6e:ff:9e:66:c0:3a:50:34:da: f0:56:70:cf:80:bf:7e:15:73:60:c3:ed:92:a5:c3:95:59:ab: d7:42:18:e6:09:6e:bd:a2:2d:8e:72:09:53:44:a4:83:a7:f1: 8c:1b:f5:47:ca:dc:58:62:6d:ff:d6:29:e0:a0:58:66:68:9d: d1:31:09:fb:4b:0f:a5:12:9d:30:1a:e0:0c:2f:d6:e2:60:f7: 5c:9a:5c:c6:04:18:0f:fe:ee:ed:8e:b5:8b:ce:fb:05:6b:88: 3c:b6:91:95 -----BEGIN CERTIFICATE----- MIIFZTCCBE2gAwIBAgICCwMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTAwN0IxMTAvBgNVBAUTKEMyNzgwQ0ZENTdBOTk4Njk5M0RCRjZDMEQ2QkRFRUY3 NkI0NTE5NzIwHhcNMjUxMTE3MDIyNTUyWhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE1MTUwYS1jNGJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1KoMnxrQr3pqsvmkayIURborTw5ZjR+jJJ8HlsK9QNv96cOEyxv17yZqEwk4 PSv9M7IYhzyqN1+rQIgqj2F/zqLSuwMJrSKlfn9Vddo07eKreA346Qd1rRhkUgBL Mcot8rbQrU5Kk0q552fMph7dhIT/QiSF2mRUyix9PamYuvsvQZTfxcILo7vHko0Z rqdBp6jtEWL8ft+hWpiVzIcjaSEy1ORALzxBhzhhfAwtKxSEZdhfI1XmD/nJR0tw bEettZqPjhAqlBfXoykJ4T5tjux6NqeNdoKxc+1Ld1tYglrXEGkx/OG7DJv84XZK cy6fSddNO6yGBCaCM9NkqmaanQIDAQABo4ICiTCCAoUwHQYDVR0OBBYEFBoA2A/O m8/VDPk2nhpSLlX1db9yMB8GA1UdIwQYMBaAFMJ4DP1XqZhpk9v2wNa97vdrRRly MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMDA3Qi8wOURFMzQ4MjY3 MTMxMUVBQTREMjY3NTNDNEY5QUUwMi93bmdNX1ZlcG1HbVQyX2JBMXIzdTkydEZH WEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3duZ01fVmVwbUdtVDJfYkExcjN1OTJ0RkdYSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTAwN0IvMDlERTM0ODI2NzEzMTFFQUE0RDI2NzUzQzRGOUFFMDIvQkNGQTYyNzRD MzVDMTFGMEJDRTUxMzQwQzRGOUFFMDIucm9hMEgGCCsGAQUFBwEHAQH/BDkwNzAm BAIAATAgAwQCK/vIAwQCZyrsMAwDBAV6ZmADBAJ6ZmgDBAPKVtAwDQQCAAIwBwMF ACQF5AAwDQYJKoZIhvcNAQELBQADggEBAKz6oeF10wbrCD8/gVekh2sl0TBHFbud gXb22FBLXbFfqzoItYs0fo/emuJ8SogdulZH8avaRGE9f7xf2L9s/ERT92DBxXbj 3SPOJzvxcIkyJgyh+Eko4Y1NbalM6WM0XDXXszoOnOnSycC7agc5wNc+iYyHMIay 2wtjJ2ZNDpNDUTQISehrTWYjoGaylYr7+40ZcwDK+fFiWW7/nmbAOlA02vBWcM+A v34Vc2DD7ZKlw5VZq9dCGOYJbr2iLY5yCVNEpIOn8Ywb9UfK3Fhibf/WKeCgWGZo ndExCftLD6USnTAa4Awv1uJg91yaXMYEGA/+7u2OtYvO+wVriDy2kZU= -----END CERTIFICATE-----Generated at Mon Mar 2 23:25:07 2026 by rpki-client