$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7ED9/F8E0B3B2DBA211EAA88F2066C4F9AE02/DE349762DBA311EA8DE35866C4F9AE02.roa File: DE349762DBA311EA8DE35866C4F9AE02.roa (raw, json) Hash identifier: KQwurNSjF2Dr/1pCQQSsw5Vf4RQwakQkeZGUhZdWqsk= Subject key identifier: 86:76:3C:87:FF:9A:25:0D:BB:65:A2:E8:D2:E1:1D:CF:1E:B3:D2:20 Certificate issuer: /CN=A91E7ED9/serialNumber=CF668374EC75AB5CACD2EA730515F7B7764DD921 Certificate serial: 089F Authority key identifier: CF:66:83:74:EC:75:AB:5C:AC:D2:EA:73:05:15:F7:B7:76:4D:D9:21 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z2aDdOx1q1ys0upzBRX3t3ZN2SE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E7ED9/F8E0B3B2DBA211EAA88F2066C4F9AE02/DE349762DBA311EA8DE35866C4F9AE02.roa Signing time: Sun 01 Mar 2026 09:34:24 +0000 ROA not before: Wed 12 Mar 2025 20:50:46 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 45572 IP address blocks: 103.107.152.0/24 maxlen: 24 103.107.153.0/24 maxlen: 24 103.107.154.0/24 maxlen: 24 103.107.155.0/24 maxlen: 24 2402:58c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E7ED9/F8E0B3B2DBA211EAA88F2066C4F9AE02/z2aDdOx1q1ys0upzBRX3t3ZN2SE.crl rsync://rpki.apnic.net/member_repository/A91E7ED9/F8E0B3B2DBA211EAA88F2066C4F9AE02/z2aDdOx1q1ys0upzBRX3t3ZN2SE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z2aDdOx1q1ys0upzBRX3t3ZN2SE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:54:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2207 (0x89f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E7ED9, serialNumber=CF668374EC75AB5CACD2EA730515F7B7764DD921 Validity Not Before: Mar 12 20:50:46 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=69a40820-280f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:57:d9:f3:8d:ce:68:dd:40:29:85:ed:18:b5: 44:95:4f:21:08:5e:67:98:06:f3:9e:0e:4b:f0:19: 68:bd:e9:79:64:9b:ce:56:ab:cb:11:a8:40:07:22: 42:41:fc:2f:d1:96:56:05:76:56:1f:71:c7:ea:5a: bb:d3:94:29:9d:7c:ef:ee:4e:35:fa:33:7a:ac:e9: f6:31:7c:34:cf:0e:c9:16:64:81:99:5d:bb:3f:d9: 75:b9:e1:1a:ec:a2:ef:85:8c:a3:d8:b1:93:28:07: 26:3d:25:32:b9:31:84:24:e0:42:61:a5:e0:b3:0c: 7c:d1:26:e0:e4:fd:bf:04:d3:3c:d1:e3:04:2b:11: 81:d7:b7:c4:5f:47:a8:db:0d:15:70:f6:fe:4e:47: bf:a2:f6:bb:6d:72:e1:87:fe:c3:08:60:a1:e0:8c: b0:11:a7:42:79:2f:b0:5c:f6:aa:27:44:49:42:ac: 7d:f1:f5:4d:6d:33:96:4a:63:c3:c8:51:be:80:5e: 8a:8a:fd:72:1e:c5:cc:38:42:78:38:12:3a:f9:fa: 7f:64:1e:a2:f1:b5:3d:32:da:95:7d:f4:bc:27:49: c2:95:09:ce:dc:78:80:48:09:c7:30:32:23:94:80: 9f:10:a8:6d:9c:2b:1b:d9:ac:21:46:45:e5:18:23: 67:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:76:3C:87:FF:9A:25:0D:BB:65:A2:E8:D2:E1:1D:CF:1E:B3:D2:20 X509v3 Authority Key Identifier: keyid:CF:66:83:74:EC:75:AB:5C:AC:D2:EA:73:05:15:F7:B7:76:4D:D9:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E7ED9/F8E0B3B2DBA211EAA88F2066C4F9AE02/z2aDdOx1q1ys0upzBRX3t3ZN2SE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z2aDdOx1q1ys0upzBRX3t3ZN2SE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7ED9/F8E0B3B2DBA211EAA88F2066C4F9AE02/DE349762DBA311EA8DE35866C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.107.152.0/22 IPv6: 2402:58c0::/32 Signature Algorithm: sha256WithRSAEncryption 05:40:c7:f0:5b:fc:77:39:05:d6:cf:21:03:55:0c:74:88:26: 68:aa:42:a6:20:51:c2:83:59:f8:39:3d:da:51:ce:68:7d:e8: 16:d5:fa:4d:de:01:0b:f2:be:8c:8f:ae:e2:80:99:cd:c4:f2: 4b:4f:5e:2c:04:f7:56:bf:50:e2:40:53:82:7d:f2:37:d6:07: ec:7e:1c:12:93:f8:75:8b:01:21:5f:43:31:7d:98:69:fe:cc: 21:08:c9:0b:df:45:9d:9d:7c:f0:aa:f6:bd:9d:3b:1f:48:81: ef:67:03:66:f5:cc:4d:57:59:4a:32:ed:dd:4a:f1:df:7c:bc: 6e:33:3d:e2:98:89:2c:e8:94:c8:de:ef:cd:59:52:d5:24:1a: 8f:25:b7:72:07:00:b3:6d:d8:bd:5c:8d:7a:02:f9:53:b5:00: 05:e0:28:24:cd:57:1e:47:e3:35:38:d4:cc:61:ab:4b:73:6a: d6:dc:40:56:8f:73:77:ab:3b:30:29:be:85:e4:20:42:a0:f7: 83:55:d6:89:24:1d:83:0e:f3:4d:61:bb:04:65:01:d4:6c:82: 0d:d9:8a:75:57:b3:78:bb:c5:17:55:bb:b4:b7:9a:fd:bf:10: dc:b4:99:85:f9:6b:c8:47:29:29:5c:99:20:51:bc:0c:dc:e2: 6c:76:89:8e -----BEGIN CERTIFICATE----- MIIFSzCCBDOgAwIBAgICCJ8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTdFRDkxMTAvBgNVBAUTKENGNjY4Mzc0RUM3NUFCNUNBQ0QyRUE3MzA1MTVGN0I3 NzY0REQ5MjEwHhcNMjUwMzEyMjA1MDQ2WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MDgyMC0yODBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAl1fZ843OaN1AKYXtGLVElU8hCF5nmAbzng5L8Blovel5ZJvOVqvLEahAByJC Qfwv0ZZWBXZWH3HH6lq705QpnXzv7k41+jN6rOn2MXw0zw7JFmSBmV27P9l1ueEa 7KLvhYyj2LGTKAcmPSUyuTGEJOBCYaXgswx80Sbg5P2/BNM80eMEKxGB17fEX0eo 2w0VcPb+Tke/ova7bXLhh/7DCGCh4IywEadCeS+wXPaqJ0RJQqx98fVNbTOWSmPD yFG+gF6Kiv1yHsXMOEJ4OBI6+fp/ZB6i8bU9MtqVffS8J0nClQnO3HiASAnHMDIj lICfEKhtnCsb2awhRkXlGCNnjwIDAQABo4ICbzCCAmswHQYDVR0OBBYEFIZ2PIf/ miUNu2Wi6NLhHc8es9IgMB8GA1UdIwQYMBaAFM9mg3TsdatcrNLqcwUV97d2Tdkh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFN0VEOS9GOEUwQjNCMkRC QTIxMUVBQTg4RjIwNjZDNEY5QUUwMi96MmFEZE94MXExeXMwdXB6QlJYM3QzWk4y U0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3oyYURkT3gxcTF5czB1cHpCUlgzdDNaTjJTRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTdFRDkvRjhFMEIzQjJEQkEyMTFFQUE4OEYyMDY2QzRGOUFFMDIvREUzNDk3NjJE QkEzMTFFQThERTM1ODY2QzRGOUFFMDIucm9hMC4GCCsGAQUFBwEHAQH/BB8wHTAM BAIAATAGAwQCZ2uYMA0EAgACMAcDBQAkAljAMA0GCSqGSIb3DQEBCwUAA4IBAQAF QMfwW/x3OQXWzyEDVQx0iCZoqkKmIFHCg1n4OT3aUc5ofegW1fpN3gEL8r6Mj67i gJnNxPJLT14sBPdWv1DiQFOCffI31gfsfhwSk/h1iwEhX0MxfZhp/swhCMkL30Wd nXzwqva9nTsfSIHvZwNm9cxNV1lKMu3dSvHffLxuMz3imIks6JTI3u/NWVLVJBqP JbdyBwCzbdi9XI16AvlTtQAF4CgkzVceR+M1ONTMYatLc2rW3EBWj3N3qzswKb6F 5CBCoPeDVdaJJB2DDvNNYbsEZQHUbIIN2Yp1V7N4u8UXVbu0t5r9vxDctJmF+WvI RykpXJkgUbwM3OJsdomO -----END CERTIFICATE-----Generated at Mon Mar 2 11:40:58 2026 by rpki-client