$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3DDB/0E3BDAEC472411F095F91B23C4F9AE02/B24F568A4C7A11F09CF1A77BC4F9AE02.roa File: B24F568A4C7A11F09CF1A77BC4F9AE02.roa (raw, json) Hash identifier: FsNpTkM6+3f8KZot7Stoju/dwRXl0OyRylfjVSJP04M= Subject key identifier: 0E:21:02:18:91:33:FA:9A:EA:84:63:FF:9E:45:44:2D:E9:E6:A7:98 Certificate issuer: /CN=A91E3DDB/serialNumber=34CDA65B02F176BFC248784DAA9AC8A7BE1653DB Certificate serial: 91 Authority key identifier: 34:CD:A6:5B:02:F1:76:BF:C2:48:78:4D:AA:9A:C8:A7:BE:16:53:DB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NM2mWwLxdr_CSHhNqprIp74WU9s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3DDB/0E3BDAEC472411F095F91B23C4F9AE02/B24F568A4C7A11F09CF1A77BC4F9AE02.roa Signing time: Sun 01 Mar 2026 08:10:27 +0000 ROA not before: Wed 18 Jun 2025 19:31:31 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 55785 IP address blocks: 43.252.68.0/22 maxlen: 24 103.247.152.0/22 maxlen: 24 2403:4d00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3DDB/0E3BDAEC472411F095F91B23C4F9AE02/NM2mWwLxdr_CSHhNqprIp74WU9s.crl rsync://rpki.apnic.net/member_repository/A91E3DDB/0E3BDAEC472411F095F91B23C4F9AE02/NM2mWwLxdr_CSHhNqprIp74WU9s.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NM2mWwLxdr_CSHhNqprIp74WU9s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 08:54:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 145 (0x91) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3DDB, serialNumber=34CDA65B02F176BFC248784DAA9AC8A7BE1653DB Validity Not Before: Jun 18 19:31:31 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=69a3f473-9f18 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:88:fc:c1:ee:d9:d0:e5:d9:5f:93:1a:8e:0f:5f: 07:01:9a:ca:cb:ce:19:50:51:3d:9c:15:f9:c0:2b: 65:c2:e6:32:86:79:10:82:ab:92:cd:c6:bd:ba:0a: d5:ea:d9:c7:c9:59:3b:9e:7f:3e:99:2a:18:84:35: f9:a2:b9:9e:74:72:d0:44:2d:33:33:1c:4b:5f:7e: 0c:4c:c7:06:c1:77:e6:6a:90:3e:94:8d:88:51:0b: 0e:69:d0:4f:3f:ac:55:93:b5:ce:ad:3a:ab:19:8a: 92:b9:73:58:ce:6b:3f:23:44:8d:db:70:36:90:bc: b8:dc:0a:c3:d7:4b:85:f1:f4:1b:78:f5:d4:8b:ef: f4:79:34:b4:c3:56:e2:79:47:00:08:5c:55:5a:ab: 12:1d:31:b6:49:e9:d4:59:90:fc:e2:3f:51:a8:27: 1d:27:bc:c7:2f:b3:5c:90:1e:74:1d:a3:b6:03:0f: d2:a2:08:77:88:c3:13:32:61:40:eb:92:4c:b2:29: 14:9f:c9:f9:04:da:0e:cc:34:25:22:86:17:ab:a6: 24:74:70:e4:e5:51:da:55:df:43:01:ce:17:43:e6: 26:8e:5a:e3:d9:dc:ed:c1:82:e0:1a:61:37:93:28: 95:59:1b:d2:4f:43:1e:be:96:34:ed:83:4b:8f:2a: 10:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:21:02:18:91:33:FA:9A:EA:84:63:FF:9E:45:44:2D:E9:E6:A7:98 X509v3 Authority Key Identifier: keyid:34:CD:A6:5B:02:F1:76:BF:C2:48:78:4D:AA:9A:C8:A7:BE:16:53:DB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3DDB/0E3BDAEC472411F095F91B23C4F9AE02/NM2mWwLxdr_CSHhNqprIp74WU9s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NM2mWwLxdr_CSHhNqprIp74WU9s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3DDB/0E3BDAEC472411F095F91B23C4F9AE02/B24F568A4C7A11F09CF1A77BC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.252.68.0/22 103.247.152.0/22 IPv6: 2403:4d00::/32 Signature Algorithm: sha256WithRSAEncryption 82:f2:24:8c:0b:a3:77:bc:f7:4a:af:bb:d7:1b:e0:ef:2c:ef: ec:60:01:bd:0e:8f:77:08:34:d1:3d:51:a8:f2:b0:4c:89:19: e5:31:3f:e3:0d:71:51:56:a3:f5:b5:cd:d4:ad:f8:f3:ad:f5: 98:31:3f:68:48:2d:e0:9d:7a:34:c3:7c:48:ac:af:cf:1c:bd: f2:1e:f1:b8:90:25:2c:e7:b0:9e:3c:fe:9c:41:6c:4f:ab:6b: 3d:e1:ba:f1:c8:c8:48:c3:2a:4b:d3:e8:a7:b0:bb:95:2d:ce: ca:41:2e:af:b0:85:56:d4:6a:d1:58:80:7f:01:fc:11:4d:e4: 62:d9:25:b1:5f:cf:df:a3:41:a3:4a:94:4b:d3:ea:30:52:9f: 6a:f1:48:65:a5:bc:e8:9e:42:dd:51:24:be:86:0f:c2:49:4c: a7:80:76:51:df:98:53:ca:d7:7f:3d:7f:6a:3e:be:7a:89:26: 1a:76:ba:1b:21:57:b1:18:9c:81:0f:04:57:45:f7:97:e3:28: 6a:05:e5:68:6b:fe:e3:07:f4:c7:2b:64:4f:d0:b7:f1:ba:04: 41:f9:a0:69:97:4a:d4:08:81:88:db:02:25:1b:69:7e:0d:26: 3d:c7:cf:22:ff:8e:95:1b:c9:1b:67:4f:47:9d:e8:72:db:59: 1e:45:54:02 -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgICAJEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNEREIxMTAvBgNVBAUTKDM0Q0RBNjVCMDJGMTc2QkZDMjQ4Nzg0REFBOUFDOEE3 QkUxNjUzREIwHhcNMjUwNjE4MTkzMTMxWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWEzZjQ3My05ZjE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAiPzB7tnQ5dlfkxqOD18HAZrKy84ZUFE9nBX5wCtlwuYyhnkQgquSzca9ugrV 6tnHyVk7nn8+mSoYhDX5ormedHLQRC0zMxxLX34MTMcGwXfmapA+lI2IUQsOadBP P6xVk7XOrTqrGYqSuXNYzms/I0SN23A2kLy43ArD10uF8fQbePXUi+/0eTS0w1bi eUcACFxVWqsSHTG2SenUWZD84j9RqCcdJ7zHL7NckB50HaO2Aw/Sogh3iMMTMmFA 65JMsikUn8n5BNoOzDQlIoYXq6YkdHDk5VHaVd9DAc4XQ+Ymjlrj2dztwYLgGmE3 kyiVWRvST0MevpY07YNLjyoQ0QIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFA4hAhiR M/qa6oRj/55FRC3p5qeYMB8GA1UdIwQYMBaAFDTNplsC8Xa/wkh4TaqayKe+FlPb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0REQi8wRTNCREFFQzQ3 MjQxMUYwOTVGOTFCMjNDNEY5QUUwMi9OTTJtV3dMeGRyX0NTSGhOcXBySXA3NFdV OXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05NMm1Xd0x4ZHJfQ1NIaE5xcHJJcDc0V1U5cy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTNEREIvMEUzQkRBRUM0NzI0MTFGMDk1RjkxQjIzQzRGOUFFMDIvQjI0RjU2OEE0 QzdBMTFGMDlDRjFBNzdCQzRGOUFFMDIucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS BAIAATAMAwQCK/xEAwQCZ/eYMA0EAgACMAcDBQAkA00AMA0GCSqGSIb3DQEBCwUA A4IBAQCC8iSMC6N3vPdKr7vXG+DvLO/sYAG9Do93CDTRPVGo8rBMiRnlMT/jDXFR VqP1tc3UrfjzrfWYMT9oSC3gnXo0w3xIrK/PHL3yHvG4kCUs57CePP6cQWxPq2s9 4brxyMhIwypL0+insLuVLc7KQS6vsIVW1GrRWIB/AfwRTeRi2SWxX8/fo0GjSpRL 0+owUp9q8UhlpbzonkLdUSS+hg/CSUyngHZR35hTytd/PX9qPr56iSYadrobIVex GJyBDwRXRfeX4yhqBeVoa/7jB/THK2RP0LfxugRB+aBpl0rUCIGI2wIlG2l+DSY9 x88i/46VG8kbZ09Hnehy21keRVQC -----END CERTIFICATE-----Generated at Mon Mar 2 14:01:32 2026 by rpki-client