$ rpki-client -vvf rpki.apnic.net/member_repository/A91EF8D6/4D42F56CF1A311EAB5FD9824C4F9AE02/3DA25C7A036811F0A14CC938C4F9AE02.roa File: 3DA25C7A036811F0A14CC938C4F9AE02.roa (raw, json) Hash identifier: y7Iz2rPJdAOlGQ4MtuTgFktbk+yS4xEJ9nZlCdDX5sY= Subject key identifier: 63:B7:83:AF:55:B4:44:B4:60:55:9A:02:A9:F4:74:57:A6:46:2C:8B Certificate issuer: /CN=A91EF8D6/serialNumber=4B978415E167DB263EF2649A1C3B8BB2D43F61B7 Certificate serial: 0871 Authority key identifier: 4B:97:84:15:E1:67:DB:26:3E:F2:64:9A:1C:3B:8B:B2:D4:3F:61:B7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S5eEFeFn2yY-8mSaHDuLstQ_Ybc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EF8D6/4D42F56CF1A311EAB5FD9824C4F9AE02/3DA25C7A036811F0A14CC938C4F9AE02.roa Signing time: Sun 01 Mar 2026 15:43:27 +0000 ROA not before: Sat 24 Jan 2026 20:17:15 +0000 ROA not after: Wed 31 Mar 2027 00:00:00 +0000 asID: 151648 IP address blocks: 103.147.87.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EF8D6/4D42F56CF1A311EAB5FD9824C4F9AE02/S5eEFeFn2yY-8mSaHDuLstQ_Ybc.crl rsync://rpki.apnic.net/member_repository/A91EF8D6/4D42F56CF1A311EAB5FD9824C4F9AE02/S5eEFeFn2yY-8mSaHDuLstQ_Ybc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S5eEFeFn2yY-8mSaHDuLstQ_Ybc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:44:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2161 (0x871) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EF8D6, serialNumber=4B978415E167DB263EF2649A1C3B8BB2D43F61B7 Validity Not Before: Jan 24 20:17:15 2026 GMT Not After : Mar 31 00:00:00 2027 GMT Subject: CN=69a45e9f-c7bf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:f3:fb:83:5d:8e:91:ed:49:4d:d9:22:95:39: e4:7a:71:f3:75:5f:88:56:4d:c5:f9:4d:80:f8:dc: 8a:8b:97:d2:f5:4c:d0:2d:66:1e:07:bf:fa:0a:2a: 10:7d:86:94:fe:d8:83:87:30:28:2e:45:57:ba:9e: 49:bc:e5:c3:68:61:2c:0e:8d:19:44:a4:7a:ff:99: 97:9a:14:c5:f6:20:c6:70:91:9a:ab:66:2a:e9:ad: 70:aa:66:7b:94:6c:4f:87:0d:5e:23:0b:3d:d2:b0: 19:2f:30:4d:d3:34:61:70:a3:e4:6a:62:b2:aa:66: c7:17:77:e1:22:1d:98:cd:36:be:b2:44:8c:0b:ca: f9:30:97:ad:b2:bf:ef:65:9f:16:e0:c9:02:ae:e8: 30:40:07:20:32:51:25:24:b8:71:91:fe:d6:0b:52: 5d:c9:21:1b:ff:0e:7e:ab:78:2c:36:8b:c4:cd:85: 40:aa:d5:f9:b8:36:78:d7:43:12:b1:13:7e:20:02: a7:c5:51:51:5f:44:2f:e8:da:8a:45:d0:79:60:91: 53:21:3c:cc:fd:9f:d8:2f:ba:4a:12:e1:8c:53:84: 06:93:ac:ad:e3:33:6b:a3:8c:f0:9b:04:2e:42:78: c4:b2:dc:21:00:7a:bf:68:22:7b:4f:47:dc:d2:53: a8:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:B7:83:AF:55:B4:44:B4:60:55:9A:02:A9:F4:74:57:A6:46:2C:8B X509v3 Authority Key Identifier: keyid:4B:97:84:15:E1:67:DB:26:3E:F2:64:9A:1C:3B:8B:B2:D4:3F:61:B7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EF8D6/4D42F56CF1A311EAB5FD9824C4F9AE02/S5eEFeFn2yY-8mSaHDuLstQ_Ybc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S5eEFeFn2yY-8mSaHDuLstQ_Ybc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EF8D6/4D42F56CF1A311EAB5FD9824C4F9AE02/3DA25C7A036811F0A14CC938C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.147.87.0/24 Signature Algorithm: sha256WithRSAEncryption 47:45:fc:78:72:96:bc:32:b1:7d:65:a5:a4:7e:45:ea:b6:a1: 20:1c:9f:d8:46:b0:f1:87:97:6e:36:0f:b2:0f:1b:2f:f2:17: aa:fb:e5:4e:c2:1f:ba:78:79:f0:c4:48:79:25:90:54:ab:77: a6:e4:19:a7:7b:0e:db:03:8b:9d:7d:f4:72:50:14:91:74:31: 74:75:1a:be:a7:bc:eb:d6:82:25:34:bd:ad:59:36:cb:67:a6: f0:aa:57:c5:10:30:b6:1b:13:cc:0f:2f:87:ab:8a:25:6a:d4: e8:fb:4e:9a:a8:ef:c9:28:85:18:0a:97:41:48:f8:92:c5:14: e8:eb:cf:82:e3:d1:a2:8f:fb:22:f3:a4:05:38:b4:36:95:8c: 1b:28:75:07:9d:a5:4c:e4:34:3f:9f:8a:f0:2f:93:d3:5d:c7: f2:36:c2:95:22:3f:04:a3:ef:20:8f:61:72:a0:c0:70:e5:2a: 88:e7:bd:a1:0f:6d:25:5c:d5:e6:93:43:42:eb:09:f3:63:99: f1:4c:67:9f:2a:23:79:95:1a:69:29:ee:48:92:bf:26:7d:b8: 9c:bc:6d:71:9a:c2:a9:d3:ef:11:5f:cd:6e:d6:23:9c:4b:53: 73:18:da:30:c6:bd:b6:7e:d9:da:93:bf:17:9d:1c:5a:37:a6: 68:c8:92:0b -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgICCHEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUY4RDYxMTAvBgNVBAUTKDRCOTc4NDE1RTE2N0RCMjYzRUYyNjQ5QTFDM0I4QkIy RDQzRjYxQjcwHhcNMjYwMTI0MjAxNzE1WhcNMjcwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NWU5Zi1jN2JmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3PP7g12Oke1JTdkilTnkenHzdV+IVk3F+U2A+NyKi5fS9UzQLWYeB7/6CioQ fYaU/tiDhzAoLkVXup5JvOXDaGEsDo0ZRKR6/5mXmhTF9iDGcJGaq2Yq6a1wqmZ7 lGxPhw1eIws90rAZLzBN0zRhcKPkamKyqmbHF3fhIh2YzTa+skSMC8r5MJetsr/v ZZ8W4MkCrugwQAcgMlElJLhxkf7WC1JdySEb/w5+q3gsNovEzYVAqtX5uDZ410MS sRN+IAKnxVFRX0Qv6NqKRdB5YJFTITzM/Z/YL7pKEuGMU4QGk6yt4zNro4zwmwQu QnjEstwhAHq/aCJ7T0fc0lOo8QIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFGO3g69V tES0YFWaAqn0dFemRiyLMB8GA1UdIwQYMBaAFEuXhBXhZ9smPvJkmhw7i7LUP2G3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRjhENi80RDQyRjU2Q0Yx QTMxMUVBQjVGRDk4MjRDNEY5QUUwMi9TNWVFRmVGbjJ5WS04bVNhSER1THN0UV9Z YmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1M1ZUVGZUZuMnlZLThtU2FIRHVMc3RRX1liYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUY4RDYvNEQ0MkY1NkNGMUEzMTFFQUI1RkQ5ODI0QzRGOUFFMDIvM0RBMjVDN0Ew MzY4MTFGMEExNENDOTM4QzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAZ5NXMA0GCSqGSIb3DQEBCwUAA4IBAQBHRfx4cpa8MrF9ZaWkfkXq tqEgHJ/YRrDxh5duNg+yDxsv8heq++VOwh+6eHnwxEh5JZBUq3em5Bmnew7bA4ud ffRyUBSRdDF0dRq+p7zr1oIlNL2tWTbLZ6bwqlfFEDC2GxPMDy+Hq4olatTo+06a qO/JKIUYCpdBSPiSxRTo68+C49Gij/si86QFOLQ2lYwbKHUHnaVM5DQ/n4rwL5PT XcfyNsKVIj8Eo+8gj2FyoMBw5SqI572hD20lXNXmk0NC6wnzY5nxTGefKiN5lRpp Ke5Ikr8mfbicvG1xmsKp0+8RX81u1iOcS1NzGNowxr22ftnak78XnRxaN6ZoyJIL -----END CERTIFICATE-----Generated at Mon Mar 2 12:38:33 2026 by rpki-client