$ rpki-client -vvf rpki.apnic.net/member_repository/A91E2AE5/8D3E54EAED5911E3B09011925911EA32/2815E7D4BF4211E9A93A3957C4F9AE02.roa File: 2815E7D4BF4211E9A93A3957C4F9AE02.roa (raw, json) Hash identifier: uipKT1Jp/DMN4bzHM/v/VQW3NmoiBvgfgpPCrWFueSQ= Subject key identifier: 0D:DF:5F:B4:30:B7:0D:FA:20:A8:FE:A9:D4:5D:A9:4C:03:83:F9:5D Certificate issuer: /CN=A91E2AE5/serialNumber=B43A5A60D46806A69FFEF7C676219EC4BA8BA36D Certificate serial: 2C1F Authority key identifier: B4:3A:5A:60:D4:68:06:A6:9F:FE:F7:C6:76:21:9E:C4:BA:8B:A3:6D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tDpaYNRoBqaf_vfGdiGexLqLo20.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E2AE5/8D3E54EAED5911E3B09011925911EA32/2815E7D4BF4211E9A93A3957C4F9AE02.roa Signing time: Sun 01 Mar 2026 11:26:10 +0000 ROA not before: Fri 28 Feb 2025 15:52:35 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 9988 IP address blocks: 43.224.40.0/22 maxlen: 24 103.25.12.0/22 maxlen: 22 203.81.64.0/19 maxlen: 19 203.81.64.0/21 maxlen: 22 203.81.72.0/21 maxlen: 22 203.81.76.0/24 maxlen: 24 203.81.80.0/21 maxlen: 22 203.81.84.0/24 maxlen: 24 203.81.85.0/24 maxlen: 24 203.81.88.0/21 maxlen: 22 203.81.92.0/24 maxlen: 24 203.81.93.0/24 maxlen: 24 203.81.95.0/24 maxlen: 24 2401:f200::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E2AE5/8D3E54EAED5911E3B09011925911EA32/tDpaYNRoBqaf_vfGdiGexLqLo20.crl rsync://rpki.apnic.net/member_repository/A91E2AE5/8D3E54EAED5911E3B09011925911EA32/tDpaYNRoBqaf_vfGdiGexLqLo20.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tDpaYNRoBqaf_vfGdiGexLqLo20.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 15:37:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11295 (0x2c1f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E2AE5, serialNumber=B43A5A60D46806A69FFEF7C676219EC4BA8BA36D Validity Not Before: Feb 28 15:52:35 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=69a42251-4780 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:59:53:b4:07:ac:40:ba:13:d8:8b:83:4f:b5: 4d:06:7f:66:ad:74:52:9b:28:fe:19:25:19:3b:e9: cf:62:74:d3:6d:1f:d2:e3:94:8e:b7:ca:34:2b:f6: 59:25:a7:4e:76:38:97:13:ae:44:7c:13:0b:88:4d: 38:35:f2:d2:2c:f8:31:4b:d0:f2:ba:00:63:44:c3: f1:5a:8a:67:86:d6:8f:96:f2:a0:38:fc:5c:68:cd: 11:58:1f:75:10:ae:3c:48:10:d1:25:a5:07:75:70: be:c4:6a:f1:bb:5e:21:b5:38:b3:37:de:1b:be:14: f9:15:0b:25:47:b5:a6:a1:ce:61:6f:af:28:72:ce: 57:4e:fa:e5:56:1d:c7:0b:ad:1b:a1:44:00:56:ff: d9:ba:83:77:50:c4:9a:25:ca:a8:56:b9:22:6e:b7: e8:6f:db:3f:c1:78:03:7b:4a:f6:6d:f2:d6:31:24: b2:e9:6e:25:a8:e1:12:b4:ad:7d:d0:24:56:49:9a: 60:e5:50:94:92:1e:f3:65:56:22:8b:2b:b0:68:02: d0:85:a8:a7:c5:a4:00:a5:ce:04:33:a3:8e:80:2b: 50:a1:7b:36:1e:d2:51:c0:35:ce:80:1f:c5:8b:43: fb:f7:15:0c:db:30:75:1b:6a:2e:15:c9:82:3f:7b: 4e:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:DF:5F:B4:30:B7:0D:FA:20:A8:FE:A9:D4:5D:A9:4C:03:83:F9:5D X509v3 Authority Key Identifier: keyid:B4:3A:5A:60:D4:68:06:A6:9F:FE:F7:C6:76:21:9E:C4:BA:8B:A3:6D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E2AE5/8D3E54EAED5911E3B09011925911EA32/tDpaYNRoBqaf_vfGdiGexLqLo20.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tDpaYNRoBqaf_vfGdiGexLqLo20.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E2AE5/8D3E54EAED5911E3B09011925911EA32/2815E7D4BF4211E9A93A3957C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.224.40.0/22 103.25.12.0/22 203.81.64.0/19 IPv6: 2401:f200::/32 Signature Algorithm: sha256WithRSAEncryption 1c:d5:c6:e0:68:f8:8d:4a:d6:21:25:97:fc:09:52:4e:da:a5: 14:5d:46:9e:d6:2e:6b:8b:6d:14:1f:3e:d2:5b:0e:1c:bb:22: d5:85:21:c4:27:76:90:12:ee:e8:01:39:52:d9:0b:b5:c4:a8: 46:6c:da:dd:e5:c1:83:b4:6e:fe:af:03:0a:b2:ec:5f:b5:2d: 0c:b7:fb:1f:1c:e5:ae:7d:66:f8:d2:b5:78:d8:76:0a:90:8c: 8a:98:9c:34:4b:28:d9:d0:10:af:24:67:bb:c7:57:e9:0d:38: 65:21:62:eb:89:84:6a:cc:47:59:f0:26:d4:73:fc:f9:73:a1: 7d:d5:5b:23:00:01:03:61:6f:a9:2f:75:94:f2:6a:db:38:93: 81:2f:88:e5:fa:01:3b:91:c0:74:5b:6e:08:36:db:7e:9b:c7: a5:fa:5f:e0:51:e1:0b:41:9c:eb:02:4a:a1:da:88:bc:3c:2a: c6:7b:d3:0e:33:3d:d3:b6:4e:46:b5:87:fc:7a:14:18:1f:3c: 4e:e3:43:6e:26:12:b5:d3:12:a9:df:fd:9f:1f:81:bc:a5:74: 0e:88:3c:a8:1b:d8:9a:53:1a:2c:96:55:42:2b:44:85:cc:d2: 3b:c2:69:88:12:4d:80:c2:a7:ea:ea:b1:47:b7:52:d4:0c:3b: b9:d7:1c:2e -----BEGIN CERTIFICATE----- MIIFVzCCBD+gAwIBAgICLB8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTJBRTUxMTAvBgNVBAUTKEI0M0E1QTYwRDQ2ODA2QTY5RkZFRjdDNjc2MjE5RUM0 QkE4QkEzNkQwHhcNMjUwMjI4MTU1MjM1WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MjI1MS00NzgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsFlTtAesQLoT2IuDT7VNBn9mrXRSmyj+GSUZO+nPYnTTbR/S45SOt8o0K/ZZ JadOdjiXE65EfBMLiE04NfLSLPgxS9DyugBjRMPxWopnhtaPlvKgOPxcaM0RWB91 EK48SBDRJaUHdXC+xGrxu14htTizN94bvhT5FQslR7Wmoc5hb68ocs5XTvrlVh3H C60boUQAVv/ZuoN3UMSaJcqoVrkibrfob9s/wXgDe0r2bfLWMSSy6W4lqOEStK19 0CRWSZpg5VCUkh7zZVYiiyuwaALQhainxaQApc4EM6OOgCtQoXs2HtJRwDXOgB/F i0P79xUM2zB1G2ouFcmCP3tO4wIDAQABo4ICezCCAncwHQYDVR0OBBYEFA3fX7Qw tw36IKj+qdRdqUwDg/ldMB8GA1UdIwQYMBaAFLQ6WmDUaAamn/73xnYhnsS6i6Nt MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMkFFNS84RDNFNTRFQUVE NTkxMUUzQjA5MDExOTI1OTExRUEzMi90RHBhWU5Sb0JxYWZfdmZHZGlHZXhMcUxv MjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3REcGFZTlJvQnFhZl92ZkdkaUdleExxTG8yMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTJBRTUvOEQzRTU0RUFFRDU5MTFFM0IwOTAxMTkyNTkxMUVBMzIvMjgxNUU3RDRC RjQyMTFFOUE5M0EzOTU3QzRGOUFFMDIucm9hMDoGCCsGAQUFBwEHAQH/BCswKTAY BAIAATASAwQCK+AoAwQCZxkMAwQFy1FAMA0EAgACMAcDBQAkAfIAMA0GCSqGSIb3 DQEBCwUAA4IBAQAc1cbgaPiNStYhJZf8CVJO2qUUXUae1i5ri20UHz7SWw4cuyLV hSHEJ3aQEu7oATlS2Qu1xKhGbNrd5cGDtG7+rwMKsuxftS0Mt/sfHOWufWb40rV4 2HYKkIyKmJw0SyjZ0BCvJGe7x1fpDThlIWLriYRqzEdZ8CbUc/z5c6F91VsjAAED YW+pL3WU8mrbOJOBL4jl+gE7kcB0W24INtt+m8el+l/gUeELQZzrAkqh2oi8PCrG e9MOMz3Ttk5GtYf8ehQYHzxO40NuJhK10xKp3/2fH4G8pXQOiDyoG9iaUxosllVC K0SFzNI7wmmIEk2Awqfq6rFHt1LUDDu51xwu -----END CERTIFICATE-----Generated at Mon Mar 2 20:17:44 2026 by rpki-client