$ rpki-client -vvf rpki.apnic.net/member_repository/A91EFBA1/2AD51F4C990311E7A5E95C6FC4F9AE02/43E9842C185A11EF9D0C4338C4F9AE02.roa File: 43E9842C185A11EF9D0C4338C4F9AE02.roa (raw, json) Hash identifier: mnfTgIuPlsM7FOE7wG43XOpMDWMOBSC6RbV4JXFx0HM= Subject key identifier: AE:E7:81:9D:24:14:6A:0F:5D:32:08:08:95:1D:EE:E4:25:70:5C:6D Certificate issuer: /CN=A91EFBA1/serialNumber=415406ED80B4D927A479A8BA042116AE2D11A1A6 Certificate serial: 19A1 Authority key identifier: 41:54:06:ED:80:B4:D9:27:A4:79:A8:BA:04:21:16:AE:2D:11:A1:A6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QVQG7YC02Sekeai6BCEWri0RoaY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EFBA1/2AD51F4C990311E7A5E95C6FC4F9AE02/43E9842C185A11EF9D0C4338C4F9AE02.roa Signing time: Thu 02 Apr 2026 17:19:54 +0000 ROA not before: Thu 02 Apr 2026 17:19:54 +0000 ROA not after: Fri 28 May 2027 00:00:00 +0000 asID: 136435 IP address blocks: 103.87.248.0/23 maxlen: 23 103.87.248.0/24 maxlen: 24 103.87.249.0/24 maxlen: 24 203.96.225.0/24 maxlen: 24 203.96.226.0/23 maxlen: 23 203.96.226.0/24 maxlen: 24 203.96.227.0/24 maxlen: 24 2400:dac0::/48 maxlen: 48 2400:dac0:1::/48 maxlen: 48 2400:dac0:2::/48 maxlen: 48 2400:dac0:3::/48 maxlen: 48 2400:dac0:4::/48 maxlen: 48 2400:dac0:5::/48 maxlen: 48 2400:dac0:6::/48 maxlen: 48 2400:dac0:7::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EFBA1/2AD51F4C990311E7A5E95C6FC4F9AE02/QVQG7YC02Sekeai6BCEWri0RoaY.crl rsync://rpki.apnic.net/member_repository/A91EFBA1/2AD51F4C990311E7A5E95C6FC4F9AE02/QVQG7YC02Sekeai6BCEWri0RoaY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QVQG7YC02Sekeai6BCEWri0RoaY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Apr 2026 16:22:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6561 (0x19a1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EFBA1, serialNumber=415406ED80B4D927A479A8BA042116AE2D11A1A6 Validity Not Before: Apr 2 17:19:54 2026 GMT Not After : May 28 00:00:00 2027 GMT Subject: CN=69cea53a-7d3b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:9a:aa:e7:8b:a3:92:29:dd:05:1c:d2:fc:6f: 83:29:a8:45:4a:78:66:45:51:51:c6:e5:fd:98:ae: 75:f8:b3:1e:ca:84:4c:9b:af:92:62:03:ed:61:4c: 23:3c:28:73:63:55:c6:8a:76:48:f0:91:c0:11:86: 6c:17:2b:fb:c3:0f:df:0b:55:af:97:41:bc:00:a1: 11:a7:e5:89:29:e1:84:f8:85:32:7c:7a:bf:2c:61: 0b:a8:5d:c9:14:57:17:51:0e:d0:4c:dc:bb:76:15: e3:80:50:c5:3b:b0:38:36:5d:63:d1:23:81:24:f8: 67:70:8e:1e:f8:1b:ec:59:dd:e7:7c:cb:5a:21:cf: 94:a0:a1:95:4e:33:97:b6:5b:2a:3f:1f:73:f4:49: 08:2b:b5:03:9a:75:61:e8:5a:d3:c4:d9:1e:e7:a4: 9d:cd:3a:b7:ef:91:2b:49:4c:2f:a6:49:8c:09:80: 79:ec:7c:46:0b:b0:70:10:d7:f6:14:3a:c4:1d:d4: 27:37:fe:8e:49:18:c6:c5:30:c9:50:e0:71:70:f6: ca:3e:a5:f4:c4:b3:2f:98:0e:13:f5:92:ce:8a:d6: 60:5f:00:24:aa:6c:6d:96:da:13:77:72:19:bd:88: 2c:b8:04:cb:a4:04:0f:b9:32:ec:61:50:ed:bb:32: be:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:E7:81:9D:24:14:6A:0F:5D:32:08:08:95:1D:EE:E4:25:70:5C:6D X509v3 Authority Key Identifier: keyid:41:54:06:ED:80:B4:D9:27:A4:79:A8:BA:04:21:16:AE:2D:11:A1:A6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EFBA1/2AD51F4C990311E7A5E95C6FC4F9AE02/QVQG7YC02Sekeai6BCEWri0RoaY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QVQG7YC02Sekeai6BCEWri0RoaY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EFBA1/2AD51F4C990311E7A5E95C6FC4F9AE02/43E9842C185A11EF9D0C4338C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.87.248.0/23 203.96.225.0-203.96.227.255 IPv6: 2400:dac0::/45 Signature Algorithm: sha256WithRSAEncryption 65:ee:fe:cb:78:4e:a5:18:d1:fd:e1:8b:8f:c3:89:00:87:7c: 08:0b:86:63:9c:5b:60:a9:de:69:64:f6:4f:8d:ad:3e:dc:e3: b5:21:a2:38:50:c2:1d:16:d0:20:a2:62:cf:f6:4c:f4:e0:fb: 50:39:84:69:ae:ed:67:1c:47:07:90:ac:5d:18:ff:82:d1:78: ac:aa:b2:b7:7c:4c:91:5e:86:05:16:97:34:e7:ce:1e:ff:ea: c6:29:8d:c4:d5:03:8a:0b:58:d3:5c:26:aa:9e:16:01:11:77: 5f:7f:ca:c2:e0:7a:3a:bb:d6:c6:d5:d4:f7:97:78:1b:85:d6: 26:9b:58:79:0b:d5:7a:dc:2d:1e:d0:42:36:f9:42:73:40:b8: a1:b0:ce:57:ad:31:6c:bc:30:4b:1b:80:c8:57:1e:0d:bd:36: 11:96:57:02:fd:43:62:df:d5:c4:b3:c7:26:c0:4a:49:07:73: 6d:16:d6:52:69:ce:26:84:a7:94:87:ea:0b:ef:11:c5:6a:51: 20:c6:95:70:22:ff:e1:c8:7c:5a:72:8c:13:a4:26:3a:45:ba: 78:1b:ab:fc:d0:48:6b:37:d0:74:09:ad:fd:a9:c6:b7:f6:3b: a1:a5:1d:8a:b6:67:81:48:ea:0e:d0:8e:1d:92:f5:52:25:a3: c3:f8:95:14 -----BEGIN CERTIFICATE----- MIIFWzCCBEOgAwIBAgICGaEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUZCQTExMTAvBgNVBAUTKDQxNTQwNkVEODBCNEQ5MjdBNDc5QThCQTA0MjExNkFF MkQxMUExQTYwHhcNMjYwNDAyMTcxOTU0WhcNMjcwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02OWNlYTUzYS03ZDNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzZqq54ujkindBRzS/G+DKahFSnhmRVFRxuX9mK51+LMeyoRMm6+SYgPtYUwj PChzY1XGinZI8JHAEYZsFyv7ww/fC1Wvl0G8AKERp+WJKeGE+IUyfHq/LGELqF3J FFcXUQ7QTNy7dhXjgFDFO7A4Nl1j0SOBJPhncI4e+BvsWd3nfMtaIc+UoKGVTjOX tlsqPx9z9EkIK7UDmnVh6FrTxNke56SdzTq375ErSUwvpkmMCYB57HxGC7BwENf2 FDrEHdQnN/6OSRjGxTDJUOBxcPbKPqX0xLMvmA4T9ZLOitZgXwAkqmxtltoTd3IZ vYgsuATLpAQPuTLsYVDtuzK+cwIDAQABo4ICfzCCAnswHQYDVR0OBBYEFK7ngZ0k FGoPXTIICJUd7uQlcFxtMB8GA1UdIwQYMBaAFEFUBu2AtNknpHmougQhFq4tEaGm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRkJBMS8yQUQ1MUY0Qzk5 MDMxMUU3QTVFOTVDNkZDNEY5QUUwMi9RVlFHN1lDMDJTZWtlYWk2QkNFV3JpMFJv YVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FWUUc3WUMwMlNla2VhaTZCQ0VXcmkwUm9hWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUZCQTEvMkFENTFGNEM5OTAzMTFFN0E1RTk1QzZGQzRGOUFFMDIvNDNFOTg0MkMx ODVBMTFFRjlEMEM0MzM4QzRGOUFFMDIucm9hMD4GCCsGAQUFBwEHAQH/BC8wLTAa BAIAATAUAwQBZ1f4MAwDBADLYOEDBALLYOAwDwQCAAIwCQMHAyQA2sAAADANBgkq hkiG9w0BAQsFAAOCAQEAZe7+y3hOpRjR/eGLj8OJAId8CAuGY5xbYKneaWT2T42t PtzjtSGiOFDCHRbQIKJiz/ZM9OD7UDmEaa7tZxxHB5CsXRj/gtF4rKqyt3xMkV6G BRaXNOfOHv/qximNxNUDigtY01wmqp4WARF3X3/KwuB6OrvWxtXU95d4G4XWJptY eQvVetwtHtBCNvlCc0C4obDOV60xbLwwSxuAyFceDb02EZZXAv1DYt/VxLPHJsBK SQdzbRbWUmnOJoSnlIfqC+8RxWpRIMaVcCL/4ch8WnKME6QmOkW6eBur/NBIazfQ dAmt/anGt/Y7oaUdirZngUjqDtCOHZL1UiWjw/iVFA== -----END CERTIFICATE-----Generated at Fri Apr 17 19:35:43 2026 by rpki-client