$ rpki-client -vvf rpki.apnic.net/member_repository/A91EDB37/5764737A78A011EB950D3175C4F9AE02/DFBF8CDC6AF911F08AB48F35C4F9AE02.roa File: DFBF8CDC6AF911F08AB48F35C4F9AE02.roa (raw, json) Hash identifier: h+tY0HLLCAJH2Q4epMFS/PBFyEAv5iPLwrbwL0sscs0= Subject key identifier: 05:2A:65:BC:4B:D0:65:4E:20:CF:DE:EF:39:E9:05:1A:D1:6C:C0:C4 Certificate issuer: /CN=A91EDB37/serialNumber=BB544176DDE68E3581C5C43F4FC7CC2CF68D6924 Certificate serial: 074F Authority key identifier: BB:54:41:76:DD:E6:8E:35:81:C5:C4:3F:4F:C7:CC:2C:F6:8D:69:24 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u1RBdt3mjjWBxcQ_T8fMLPaNaSQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EDB37/5764737A78A011EB950D3175C4F9AE02/DFBF8CDC6AF911F08AB48F35C4F9AE02.roa Signing time: Sun 01 Mar 2026 14:55:40 +0000 ROA not before: Thu 21 Aug 2025 09:16:42 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 135377 IP address blocks: 36.255.220.0/24 maxlen: 24 36.255.221.0/24 maxlen: 24 36.255.222.0/24 maxlen: 24 36.255.223.0/24 maxlen: 24 103.14.33.0/24 maxlen: 24 103.14.34.0/24 maxlen: 24 103.14.35.0/24 maxlen: 24 103.72.144.0/24 maxlen: 24 103.72.145.0/24 maxlen: 24 103.72.146.0/24 maxlen: 24 103.72.147.0/24 maxlen: 24 103.210.20.0/24 maxlen: 24 103.210.21.0/24 maxlen: 24 103.210.22.0/24 maxlen: 24 103.210.23.0/24 maxlen: 24 122.10.161.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EDB37/5764737A78A011EB950D3175C4F9AE02/u1RBdt3mjjWBxcQ_T8fMLPaNaSQ.crl rsync://rpki.apnic.net/member_repository/A91EDB37/5764737A78A011EB950D3175C4F9AE02/u1RBdt3mjjWBxcQ_T8fMLPaNaSQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u1RBdt3mjjWBxcQ_T8fMLPaNaSQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 01:47:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1871 (0x74f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EDB37, serialNumber=BB544176DDE68E3581C5C43F4FC7CC2CF68D6924 Validity Not Before: Aug 21 09:16:42 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=69a4536c-ce8f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:ed:0b:a3:fb:38:96:92:ab:78:2c:a2:0a:bf: 12:76:f9:f0:3b:eb:62:12:50:b3:cb:e5:1f:df:8d: b8:47:b3:11:f3:b5:b4:75:bb:b4:58:07:fc:59:e2: a7:13:bc:52:c1:81:44:df:fb:a8:ef:64:8c:85:90: 85:11:8b:0a:7e:ad:f5:c1:19:42:1e:0f:09:29:3a: 87:c2:82:72:11:45:17:33:ea:13:da:cb:f3:56:9c: 13:4b:e3:8b:30:78:19:14:f3:28:be:9e:f0:7b:3a: c0:99:7a:f9:69:29:63:53:e4:d1:b7:c2:be:c1:c8: d4:e5:b9:0a:4d:40:60:d0:10:68:7c:20:8a:20:6c: 96:80:08:3c:54:b0:ca:9f:d6:5e:55:13:84:26:bc: 60:fa:e1:47:ff:0c:b4:6d:52:2b:c5:cf:30:d1:07: eb:82:5b:16:df:00:ea:08:20:c2:86:bd:58:10:2a: a9:c4:58:73:41:8b:8c:47:c0:14:92:f0:14:87:5a: 51:3f:73:c6:74:ab:fd:86:43:d5:a7:73:0d:d1:1c: 91:76:b2:29:46:3e:26:5a:5b:99:41:1e:40:1b:e5: d7:b1:06:05:21:d0:3b:9a:c9:27:02:b4:e8:d5:40: 93:bc:21:46:3c:b3:76:e5:30:5f:2b:78:59:c8:e9: f5:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:2A:65:BC:4B:D0:65:4E:20:CF:DE:EF:39:E9:05:1A:D1:6C:C0:C4 X509v3 Authority Key Identifier: keyid:BB:54:41:76:DD:E6:8E:35:81:C5:C4:3F:4F:C7:CC:2C:F6:8D:69:24 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EDB37/5764737A78A011EB950D3175C4F9AE02/u1RBdt3mjjWBxcQ_T8fMLPaNaSQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u1RBdt3mjjWBxcQ_T8fMLPaNaSQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EDB37/5764737A78A011EB950D3175C4F9AE02/DFBF8CDC6AF911F08AB48F35C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 36.255.220.0/22 103.14.33.0-103.14.35.255 103.72.144.0/22 103.210.20.0/22 122.10.161.0/24 Signature Algorithm: sha256WithRSAEncryption 94:a2:81:a4:5c:41:cc:7b:bc:a6:e3:db:49:9f:2b:ef:d1:b2: c8:6c:e1:25:a8:72:a4:3e:10:e4:94:a2:03:cb:d4:f6:c1:d4: b1:af:2c:49:41:3a:fc:fe:f0:eb:de:1b:5c:1c:13:58:39:05: 44:df:84:c4:b3:50:72:77:78:51:2b:76:87:97:97:23:20:37: 45:7f:4b:b2:ca:24:da:46:1d:00:67:63:15:b1:6f:be:0e:06: c4:8b:95:11:20:60:3d:1b:9f:e9:8f:87:69:e5:ba:e3:ee:ce: 7e:40:45:97:7c:ee:93:65:86:4b:48:98:3f:c9:ce:d5:26:27: f5:2b:17:fa:1f:37:95:7b:0f:ef:46:6b:8e:ae:af:c2:9a:ae: e7:12:9a:61:bb:14:52:01:aa:6b:02:ee:37:e0:c7:36:ba:7d: 69:67:53:88:74:3f:de:c9:03:47:5d:31:61:5d:2d:b4:53:1a: f8:88:e8:6f:cb:69:7d:53:a0:8e:78:61:27:55:c9:2c:d0:7b: ef:01:b7:95:13:44:a6:73:c8:03:8b:9f:ef:cc:c8:89:df:c0: 90:b6:da:73:93:3f:ea:28:44:eb:76:a5:2b:77:ed:37:49:e5: f8:b4:0c:5e:cb:30:b5:ca:67:ec:d3:f6:3f:22:ed:63:03:fb: 3d:18:0f:e3 -----BEGIN CERTIFICATE----- MIIFXDCCBESgAwIBAgICB08wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RURCMzcxMTAvBgNVBAUTKEJCNTQ0MTc2RERFNjhFMzU4MUM1QzQzRjRGQzdDQzJD RjY4RDY5MjQwHhcNMjUwODIxMDkxNjQyWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NTM2Yy1jZThmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqO0Lo/s4lpKreCyiCr8SdvnwO+tiElCzy+Uf3424R7MR87W0dbu0WAf8WeKn E7xSwYFE3/uo72SMhZCFEYsKfq31wRlCHg8JKTqHwoJyEUUXM+oT2svzVpwTS+OL MHgZFPMovp7wezrAmXr5aSljU+TRt8K+wcjU5bkKTUBg0BBofCCKIGyWgAg8VLDK n9ZeVROEJrxg+uFH/wy0bVIrxc8w0QfrglsW3wDqCCDChr1YECqpxFhzQYuMR8AU kvAUh1pRP3PGdKv9hkPVp3MN0RyRdrIpRj4mWluZQR5AG+XXsQYFIdA7msknArTo 1UCTvCFGPLN25TBfK3hZyOn11QIDAQABo4ICgDCCAnwwHQYDVR0OBBYEFAUqZbxL 0GVOIM/e7znpBRrRbMDEMB8GA1UdIwQYMBaAFLtUQXbd5o41gcXEP0/HzCz2jWkk MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFREIzNy81NzY0NzM3QTc4 QTAxMUVCOTUwRDMxNzVDNEY5QUUwMi91MVJCZHQzbWpqV0J4Y1FfVDhmTUxQYU5h U1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3UxUkJkdDNtampXQnhjUV9UOGZNTFBhTmFTUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RURCMzcvNTc2NDczN0E3OEEwMTFFQjk1MEQzMTc1QzRGOUFFMDIvREZCRjhDREM2 QUY5MTFGMDhBQjQ4RjM1QzRGOUFFMDIucm9hMD8GCCsGAQUFBwEHAQH/BDAwLjAs BAIAATAmAwQCJP/cMAwDBABnDiEDBAJnDiADBAJnSJADBAJn0hQDBAB6CqEwDQYJ KoZIhvcNAQELBQADggEBAJSigaRcQcx7vKbj20mfK+/Rsshs4SWocqQ+EOSUogPL 1PbB1LGvLElBOvz+8OveG1wcE1g5BUTfhMSzUHJ3eFErdoeXlyMgN0V/S7LKJNpG HQBnYxWxb74OBsSLlREgYD0bn+mPh2nluuPuzn5ARZd87pNlhktImD/JztUmJ/Ur F/ofN5V7D+9Ga46ur8KarucSmmG7FFIBqmsC7jfgxza6fWlnU4h0P97JA0ddMWFd LbRTGviI6G/LaX1ToI54YSdVySzQe+8Bt5UTRKZzyAOLn+/MyInfwJC22nOTP+oo ROt2pSt37TdJ5fi0DF7LMLXKZ+zT9j8i7WMD+z0YD+M= -----END CERTIFICATE-----Generated at Mon Mar 2 04:30:12 2026 by rpki-client