$ rpki-client -vvf rpki.apnic.net/member_repository/A91E80FB/628D520C8FB611EC92BD2510C4F9AE02/9FBFD358C0F911EFA63F3E64C4F9AE02.roa File: 9FBFD358C0F911EFA63F3E64C4F9AE02.roa (raw, json) Hash identifier: rGGje0FS4AvgaHfWy61oWrz45FxmRS+DVJtlEpZvXeQ= Subject key identifier: 36:D3:DE:E0:F5:9D:12:C6:53:E9:7B:D0:C8:0D:4C:9E:3E:CC:80:45 Certificate issuer: /CN=A91E80FB/serialNumber=4085AE134B6338A127657283EBBC16C12F20B862 Certificate serial: 0478 Authority key identifier: 40:85:AE:13:4B:63:38:A1:27:65:72:83:EB:BC:16:C1:2F:20:B8:62 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QIWuE0tjOKEnZXKD67wWwS8guGI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E80FB/628D520C8FB611EC92BD2510C4F9AE02/9FBFD358C0F911EFA63F3E64C4F9AE02.roa Signing time: Mon 13 Apr 2026 06:45:22 +0000 ROA not before: Mon 13 Apr 2026 06:45:22 +0000 ROA not after: Wed 31 Mar 2027 00:00:00 +0000 asID: 141688 IP address blocks: 103.162.4.0/23 maxlen: 23 103.162.4.0/24 maxlen: 24 103.162.5.0/24 maxlen: 24 118.91.190.0/24 maxlen: 24 202.89.73.0/24 maxlen: 24 2407:bc0::/32 maxlen: 32 2407:bc0:1000::/48 maxlen: 48 2407:bc0:1001::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E80FB/628D520C8FB611EC92BD2510C4F9AE02/QIWuE0tjOKEnZXKD67wWwS8guGI.crl rsync://rpki.apnic.net/member_repository/A91E80FB/628D520C8FB611EC92BD2510C4F9AE02/QIWuE0tjOKEnZXKD67wWwS8guGI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QIWuE0tjOKEnZXKD67wWwS8guGI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Apr 2026 00:03:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1144 (0x478) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E80FB, serialNumber=4085AE134B6338A127657283EBBC16C12F20B862 Validity Not Before: Apr 13 06:45:22 2026 GMT Not After : Mar 31 00:00:00 2027 GMT Subject: CN=69dc9102-34e8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:74:07:0a:14:f0:6d:30:c8:fe:08:e5:de:f8: 38:e7:d5:c2:b9:f1:72:c8:38:ee:df:09:c2:c7:c4: b2:6e:6c:9a:10:45:1c:ad:e3:ed:34:f3:ef:c2:83: 20:89:a8:fd:c7:98:81:69:8d:8f:a7:ad:05:91:fc: 8b:e0:df:6e:9d:f3:0d:90:77:bc:11:81:4a:68:15: e0:e8:0e:e5:ab:a9:90:41:56:1c:6b:25:9b:bc:96: 5b:c9:54:25:62:a1:1b:15:f6:bb:91:b1:e7:75:89: 22:bf:c5:58:3c:3e:ea:c2:da:29:86:b0:3e:49:b4: 72:15:38:e1:3c:a1:7b:72:14:75:81:8f:1e:ab:f4: 15:ee:ce:bb:ca:2c:81:51:92:96:c9:05:a8:2c:e5: c7:38:72:0f:3c:0f:b0:80:72:7d:a1:23:24:be:e4: 75:3a:79:6b:35:90:5f:b8:af:73:e9:86:8f:09:93: 39:f5:e2:d3:79:32:98:ba:71:d7:8c:fe:4c:81:65: 23:71:7e:93:f2:a5:96:e4:7d:07:cb:e2:07:67:b7: 23:d1:b9:cc:14:06:f4:e5:b4:34:55:e3:7a:1a:29: bd:37:9c:ba:69:46:61:4c:0e:81:5b:66:6e:1b:2a: c1:8f:27:f6:39:b3:a7:96:d1:eb:11:67:d9:b0:d2: 4b:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:D3:DE:E0:F5:9D:12:C6:53:E9:7B:D0:C8:0D:4C:9E:3E:CC:80:45 X509v3 Authority Key Identifier: keyid:40:85:AE:13:4B:63:38:A1:27:65:72:83:EB:BC:16:C1:2F:20:B8:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E80FB/628D520C8FB611EC92BD2510C4F9AE02/QIWuE0tjOKEnZXKD67wWwS8guGI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QIWuE0tjOKEnZXKD67wWwS8guGI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E80FB/628D520C8FB611EC92BD2510C4F9AE02/9FBFD358C0F911EFA63F3E64C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.162.4.0/23 118.91.190.0/24 202.89.73.0/24 IPv6: 2407:bc0::/32 Signature Algorithm: sha256WithRSAEncryption 56:84:bb:f1:54:b3:10:b8:46:84:58:7c:a8:bc:c1:d8:82:7b: a9:39:63:a2:3b:82:7c:80:d3:18:4e:b9:22:e5:9e:3d:ec:62: 2e:54:a4:66:a9:d6:35:57:77:52:21:c4:d6:4b:09:5b:c4:7a: a2:3d:78:6f:7d:b7:a8:45:76:66:ba:02:ba:b4:3f:ed:46:2b: 8c:ba:25:6e:90:b2:03:c1:7f:ff:84:ef:92:e9:00:ae:4f:f5: 64:0f:da:cf:e8:b8:07:f7:dc:09:25:17:94:f5:3f:56:a5:87: 1e:99:1d:b4:d0:70:ff:3b:79:fb:28:a2:a2:46:6b:fc:c0:86: f0:03:d4:49:fb:5e:10:aa:de:1f:69:36:a5:32:40:da:d4:9e: fd:b3:1a:cb:9d:db:8c:bf:69:9c:4d:10:df:ab:d6:ca:25:40: 6d:f0:59:ed:20:cd:b7:e2:cb:57:a7:b7:13:cc:88:87:19:7a: 15:7f:59:e6:9d:7e:a1:12:06:d1:d1:60:20:19:73:3a:99:f5: aa:a9:bb:e9:91:db:90:1e:af:68:25:74:0a:65:a4:84:e2:52: 37:56:cb:af:3a:bf:f5:31:0d:1b:9b:7d:e3:0a:6a:05:71:9c: 89:2c:25:6b:00:e2:65:8d:03:d7:e1:df:46:79:53:c2:14:a7: ff:bf:28:6f -----BEGIN CERTIFICATE----- MIIFVzCCBD+gAwIBAgICBHgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTgwRkIxMTAvBgNVBAUTKDQwODVBRTEzNEI2MzM4QTEyNzY1NzI4M0VCQkMxNkMx MkYyMEI4NjIwHhcNMjYwNDEzMDY0NTIyWhcNMjcwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWRjOTEwMi0zNGU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1XQHChTwbTDI/gjl3vg459XCufFyyDju3wnCx8SybmyaEEUcrePtNPPvwoMg iaj9x5iBaY2Pp60FkfyL4N9unfMNkHe8EYFKaBXg6A7lq6mQQVYcayWbvJZbyVQl YqEbFfa7kbHndYkiv8VYPD7qwtophrA+SbRyFTjhPKF7chR1gY8eq/QV7s67yiyB UZKWyQWoLOXHOHIPPA+wgHJ9oSMkvuR1OnlrNZBfuK9z6YaPCZM59eLTeTKYunHX jP5MgWUjcX6T8qWW5H0Hy+IHZ7cj0bnMFAb05bQ0VeN6Gim9N5y6aUZhTA6BW2Zu GyrBjyf2ObOnltHrEWfZsNJL5QIDAQABo4ICezCCAncwHQYDVR0OBBYEFDbT3uD1 nRLGU+l70MgNTJ4+zIBFMB8GA1UdIwQYMBaAFECFrhNLYzihJ2Vyg+u8FsEvILhi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFODBGQi82MjhENTIwQzhG QjYxMUVDOTJCRDI1MTBDNEY5QUUwMi9RSVd1RTB0ak9LRW5aWEtENjd3V3dTOGd1 R0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FJV3VFMHRqT0tFblpYS0Q2N3dXd1M4Z3VHSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTgwRkIvNjI4RDUyMEM4RkI2MTFFQzkyQkQyNTEwQzRGOUFFMDIvOUZCRkQzNThD MEY5MTFFRkE2M0YzRTY0QzRGOUFFMDIucm9hMDoGCCsGAQUFBwEHAQH/BCswKTAY BAIAATASAwQBZ6IEAwQAdlu+AwQAyllJMA0EAgACMAcDBQAkBwvAMA0GCSqGSIb3 DQEBCwUAA4IBAQBWhLvxVLMQuEaEWHyovMHYgnupOWOiO4J8gNMYTrki5Z497GIu VKRmqdY1V3dSIcTWSwlbxHqiPXhvfbeoRXZmugK6tD/tRiuMuiVukLIDwX//hO+S 6QCuT/VkD9rP6LgH99wJJReU9T9WpYcemR200HD/O3n7KKKiRmv8wIbwA9RJ+14Q qt4faTalMkDa1J79sxrLnduMv2mcTRDfq9bKJUBt8FntIM234stXp7cTzIiHGXoV f1nmnX6hEgbR0WAgGXM6mfWqqbvpkduQHq9oJXQKZaSE4lI3VsuvOr/1MQ0bm33j CmoFcZyJLCVrAOJljQPX4d9GeVPCFKf/vyhv -----END CERTIFICATE-----Generated at Fri Apr 17 20:46:54 2026 by rpki-client