$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/14ED07C27B8D11EDB395B621C4F9AE02.roa File: 14ED07C27B8D11EDB395B621C4F9AE02.roa (raw, json) Hash identifier: XQHNZu9WrDOHXcrOnwFedWqMNY7Ym61M7N8j6VKuPNo= Subject key identifier: 3D:7A:8B:76:1F:6A:49:74:B4:A1:F8:FA:C3:B8:CE:B2:56:53:CB:44 Certificate issuer: /CN=A91EA7B2/serialNumber=1156205EC7380A00F10F3410114D040357F00FF1 Certificate serial: 0EA8 Authority key identifier: 11:56:20:5E:C7:38:0A:00:F1:0F:34:10:11:4D:04:03:57:F0:0F:F1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EVYgXsc4CgDxDzQQEU0EA1fwD_E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/14ED07C27B8D11EDB395B621C4F9AE02.roa Signing time: Sun 01 Mar 2026 15:33:22 +0000 ROA not before: Wed 06 Aug 2025 18:27:40 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 134190 IP address blocks: 103.117.128.0/24 maxlen: 24 103.117.129.0/24 maxlen: 24 103.117.129.0/25 maxlen: 32 103.117.129.128/25 maxlen: 32 103.117.131.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/EVYgXsc4CgDxDzQQEU0EA1fwD_E.crl rsync://rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/EVYgXsc4CgDxDzQQEU0EA1fwD_E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EVYgXsc4CgDxDzQQEU0EA1fwD_E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 02:13:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3752 (0xea8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA7B2, serialNumber=1156205EC7380A00F10F3410114D040357F00FF1 Validity Not Before: Aug 6 18:27:40 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=69a45c42-44fd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:aa:ba:15:3b:87:51:a1:65:ea:16:b6:0d:2e: 70:f4:33:ce:a8:05:01:e1:0b:78:7c:a3:3e:f5:82: c2:17:f9:7a:28:0b:6e:c8:03:a3:10:2c:6a:bf:3a: ee:40:fe:94:5b:b3:58:ae:28:30:cb:17:6f:66:41: b8:3e:2f:7c:60:1e:c5:77:65:d9:e5:e0:d1:ca:e1: 67:2d:4c:7c:fb:d6:01:c4:5e:77:3b:3e:fc:cc:c4: be:6b:44:7a:ee:6b:78:20:9d:75:53:d9:45:9b:dd: f7:fa:7f:45:50:eb:6f:15:32:f3:e8:d3:e5:8a:8b: 3e:f6:f0:8f:29:df:9c:4f:08:4a:29:8d:a6:40:5c: 8d:07:4a:65:51:c4:84:9c:2e:bb:e9:26:fc:a4:eb: 33:1f:54:85:a6:a6:f7:96:0e:74:bd:c3:5e:d1:f5: 50:e8:d3:49:3c:04:77:06:78:d5:f7:e7:6d:4b:77: c9:4c:32:1e:4e:b2:cf:d9:d2:1e:36:25:88:e0:cb: 13:db:db:8f:1c:79:f3:b7:75:a7:10:2d:b5:e4:03: c2:0c:6a:14:6a:fc:41:68:b9:ad:e9:2e:14:8e:c0: a0:4a:76:a2:32:e3:8c:02:4b:05:86:27:a8:66:f5: f9:89:f2:aa:b0:29:f6:d4:b9:ef:83:e3:4b:0e:93: ab:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:7A:8B:76:1F:6A:49:74:B4:A1:F8:FA:C3:B8:CE:B2:56:53:CB:44 X509v3 Authority Key Identifier: keyid:11:56:20:5E:C7:38:0A:00:F1:0F:34:10:11:4D:04:03:57:F0:0F:F1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/EVYgXsc4CgDxDzQQEU0EA1fwD_E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EVYgXsc4CgDxDzQQEU0EA1fwD_E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/14ED07C27B8D11EDB395B621C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.117.128.0/23 103.117.131.0/24 Signature Algorithm: sha256WithRSAEncryption 49:f3:ed:15:e2:98:8d:5e:b4:6d:24:61:c1:b4:01:79:0c:9f: 24:60:2e:aa:81:eb:5c:eb:b5:0c:90:3b:8d:78:cb:d8:eb:6d: fb:eb:f9:7e:87:ef:f4:3b:d3:ec:63:1f:2d:00:44:65:2d:17: 56:1d:9d:92:2e:ff:35:f6:a9:dc:7f:87:60:c7:8b:49:2f:ec: 74:78:56:6b:9b:f2:0a:35:e4:9d:96:17:be:62:fb:c7:37:fb: cc:bf:13:ae:61:49:b0:7e:df:ac:87:14:b3:66:69:e1:c8:22: 32:97:db:9b:ec:ac:c7:0c:56:1b:19:28:52:56:eb:ae:6c:5e: eb:78:b9:47:c2:b8:2f:ff:d5:fc:dd:b3:c3:5a:d7:47:0f:19: 62:15:7b:ef:7b:d2:9b:5f:e4:e0:ff:8b:fc:78:9d:cf:bc:f5: 98:58:3a:0b:fc:e9:c7:15:82:f0:b0:fd:0f:06:86:7a:b4:ad: de:26:01:25:e4:91:17:a9:20:b8:42:29:69:30:be:0f:27:3e: ef:41:9a:f5:d0:d7:1e:30:a3:12:6e:ce:af:75:ea:db:9f:94: c8:2f:00:f9:0f:23:e1:1d:b7:e9:01:79:f2:57:93:5e:3c:e1: e7:6a:54:df:2e:8d:2e:24:03:bc:d6:0b:45:4d:9b:d7:73:43: e0:a3:b5:6f -----BEGIN CERTIFICATE----- MIIFQjCCBCqgAwIBAgICDqgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUE3QjIxMTAvBgNVBAUTKDExNTYyMDVFQzczODBBMDBGMTBGMzQxMDExNEQwNDAz NTdGMDBGRjEwHhcNMjUwODA2MTgyNzQwWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NWM0Mi00NGZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvKq6FTuHUaFl6ha2DS5w9DPOqAUB4Qt4fKM+9YLCF/l6KAtuyAOjECxqvzru QP6UW7NYrigwyxdvZkG4Pi98YB7Fd2XZ5eDRyuFnLUx8+9YBxF53Oz78zMS+a0R6 7mt4IJ11U9lFm933+n9FUOtvFTLz6NPlios+9vCPKd+cTwhKKY2mQFyNB0plUcSE nC676Sb8pOszH1SFpqb3lg50vcNe0fVQ6NNJPAR3BnjV9+dtS3fJTDIeTrLP2dIe NiWI4MsT29uPHHnzt3WnEC215APCDGoUavxBaLmt6S4UjsCgSnaiMuOMAksFhieo ZvX5ifKqsCn21Lnvg+NLDpOr0wIDAQABo4ICZjCCAmIwHQYDVR0OBBYEFD16i3Yf akl0tKH4+sO4zrJWU8tEMB8GA1UdIwQYMBaAFBFWIF7HOAoA8Q80EBFNBANX8A/x MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTdCMi8zRUUzMjM1QUFF OTkxMUU5QUM1MEUxN0JDNEY5QUUwMi9FVllnWHNjNENnRHhEelFRRVUwRUExZndE X0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0VWWWdYc2M0Q2dEeER6UVFFVTBFQTFmd0RfRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUE3QjIvM0VFMzIzNUFBRTk5MTFFOUFDNTBFMTdCQzRGOUFFMDIvMTRFRDA3QzI3 QjhEMTFFREIzOTVCNjIxQzRGOUFFMDIucm9hMCUGCCsGAQUFBwEHAQH/BBYwFDAS BAIAATAMAwQBZ3WAAwQAZ3WDMA0GCSqGSIb3DQEBCwUAA4IBAQBJ8+0V4piNXrRt JGHBtAF5DJ8kYC6qgetc67UMkDuNeMvY62376/l+h+/0O9PsYx8tAERlLRdWHZ2S Lv819qncf4dgx4tJL+x0eFZrm/IKNeSdlhe+YvvHN/vMvxOuYUmwft+shxSzZmnh yCIyl9ub7KzHDFYbGShSVuuubF7reLlHwrgv/9X83bPDWtdHDxliFXvve9KbX+Tg /4v8eJ3PvPWYWDoL/OnHFYLwsP0PBoZ6tK3eJgEl5JEXqSC4QilpML4PJz7vQZr1 0NceMKMSbs6vderbn5TILwD5DyPhHbfpAXnyV5NePOHnalTfLo0uJAO81gtFTZvX c0Pgo7Vv -----END CERTIFICATE-----Generated at Mon Mar 2 08:21:34 2026 by rpki-client