$ rpki-client -vvf rpki.apnic.net/member_repository/A91EFBA1/2AD51F4C990311E7A5E95C6FC4F9AE02/43E9842C185A11EF9D0C4338C4F9AE02.roa File: 43E9842C185A11EF9D0C4338C4F9AE02.roa (raw, json) Hash identifier: Hj5gQeW5IUFPOLfY8LY2eRNkjGnN/MCAhEJHARC/yqQ= Subject key identifier: 8C:25:45:B1:72:72:C0:2F:CA:57:37:05:4C:7B:BB:0C:8E:E5:06:62 Certificate issuer: /CN=A91EFBA1/serialNumber=415406ED80B4D927A479A8BA042116AE2D11A1A6 Certificate serial: 197D Authority key identifier: 41:54:06:ED:80:B4:D9:27:A4:79:A8:BA:04:21:16:AE:2D:11:A1:A6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QVQG7YC02Sekeai6BCEWri0RoaY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EFBA1/2AD51F4C990311E7A5E95C6FC4F9AE02/43E9842C185A11EF9D0C4338C4F9AE02.roa Signing time: Sun 01 Mar 2026 14:11:07 +0000 ROA not before: Fri 04 Apr 2025 16:45:35 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 136435 IP address blocks: 103.87.248.0/23 maxlen: 23 103.87.248.0/24 maxlen: 24 103.87.249.0/24 maxlen: 24 203.96.225.0/24 maxlen: 24 203.96.226.0/23 maxlen: 23 203.96.226.0/24 maxlen: 24 203.96.227.0/24 maxlen: 24 2400:dac0::/48 maxlen: 48 2400:dac0:1::/48 maxlen: 48 2400:dac0:2::/48 maxlen: 48 2400:dac0:3::/48 maxlen: 48 2400:dac0:4::/48 maxlen: 48 2400:dac0:5::/48 maxlen: 48 2400:dac0:6::/48 maxlen: 48 2400:dac0:7::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EFBA1/2AD51F4C990311E7A5E95C6FC4F9AE02/QVQG7YC02Sekeai6BCEWri0RoaY.crl rsync://rpki.apnic.net/member_repository/A91EFBA1/2AD51F4C990311E7A5E95C6FC4F9AE02/QVQG7YC02Sekeai6BCEWri0RoaY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QVQG7YC02Sekeai6BCEWri0RoaY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 23:58:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6525 (0x197d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EFBA1, serialNumber=415406ED80B4D927A479A8BA042116AE2D11A1A6 Validity Not Before: Apr 4 16:45:35 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=69a448fb-9546 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:e0:40:49:b8:ef:00:e0:03:74:14:1b:2c:d7: 53:37:28:30:5b:df:7d:34:94:d9:fb:40:14:ba:fe: 5d:be:34:d7:5d:37:8d:59:20:30:e5:e6:a0:8a:2f: 73:ad:cb:ca:7f:8b:1d:81:93:ce:25:03:b4:65:04: b1:45:11:f8:01:be:ff:f2:72:fe:9c:da:2b:e8:06: 9a:8d:8d:95:62:37:64:86:36:d8:2f:d2:82:af:de: 5f:06:07:27:00:80:07:64:48:fe:dc:c2:18:42:34: 6f:96:d2:e9:f1:27:4a:8e:30:26:87:b7:98:ee:37: c7:41:ad:01:54:cf:04:7f:f5:02:a0:29:d5:0b:d8: f0:84:4f:54:1a:60:a7:e7:ce:c2:48:72:93:5c:9a: 43:19:cb:c5:4c:23:1b:65:76:c1:ab:c6:cb:40:df: 0b:69:3d:72:8d:58:ff:f4:32:79:41:1c:fd:75:db: 5d:53:01:70:7a:db:b4:85:87:13:0c:b7:28:85:7b: 2d:9e:c9:1a:27:33:07:dd:81:7f:47:a2:71:e1:d3: b6:f6:0f:b3:64:6a:a6:ef:86:f7:08:2e:fb:bd:59: 6c:dd:40:cf:d3:c0:e4:a2:aa:cf:86:f1:be:89:04: 61:d8:ed:e0:e9:c1:0e:fb:dc:46:7a:22:02:73:81: bb:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:25:45:B1:72:72:C0:2F:CA:57:37:05:4C:7B:BB:0C:8E:E5:06:62 X509v3 Authority Key Identifier: keyid:41:54:06:ED:80:B4:D9:27:A4:79:A8:BA:04:21:16:AE:2D:11:A1:A6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EFBA1/2AD51F4C990311E7A5E95C6FC4F9AE02/QVQG7YC02Sekeai6BCEWri0RoaY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QVQG7YC02Sekeai6BCEWri0RoaY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EFBA1/2AD51F4C990311E7A5E95C6FC4F9AE02/43E9842C185A11EF9D0C4338C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.87.248.0/23 203.96.225.0-203.96.227.255 IPv6: 2400:dac0::/45 Signature Algorithm: sha256WithRSAEncryption 10:67:60:5d:d4:49:47:28:78:ee:e9:8e:68:f0:48:37:a2:47: 27:cc:eb:82:cb:3e:2d:24:57:28:bc:77:fe:fd:4a:18:a3:6a: 8f:e7:27:91:52:75:5c:18:2c:3e:d9:f2:f4:8b:32:84:15:4c: df:7d:2f:3d:e7:31:2f:44:87:2d:14:47:6d:eb:20:b1:f2:98: 61:8d:05:0b:97:6c:b7:3b:0a:62:0a:e5:03:57:6c:90:4d:26: a8:52:93:da:3f:a2:87:69:0d:d3:ea:83:eb:c8:4f:39:f0:d8: ac:eb:39:2c:82:5b:f2:7d:38:8a:ba:c3:a1:f0:14:16:94:6b: db:d3:37:e2:d3:51:51:3d:6e:38:4e:2c:c9:bf:19:f8:58:ac: 33:bf:21:68:94:b8:14:ff:7e:d0:68:90:c7:58:d2:e8:7e:46: d2:31:89:4f:df:0d:da:82:8a:25:d9:b8:ee:8d:a1:59:b2:1e: 25:36:f6:0d:b5:75:31:07:65:67:74:bd:44:ea:2e:19:ef:48: 71:1a:68:d2:5b:84:a6:bd:06:2d:e2:6d:cf:fa:67:70:20:ad: b1:3b:6d:e4:76:41:33:d6:65:46:35:0d:38:e9:16:2d:9d:e5: f8:af:90:61:56:c5:7c:86:0c:de:e7:88:57:b9:47:5f:dc:f1: 92:28:3b:8d -----BEGIN CERTIFICATE----- MIIFWzCCBEOgAwIBAgICGX0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUZCQTExMTAvBgNVBAUTKDQxNTQwNkVEODBCNEQ5MjdBNDc5QThCQTA0MjExNkFF MkQxMUExQTYwHhcNMjUwNDA0MTY0NTM1WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NDhmYi05NTQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqeBASbjvAOADdBQbLNdTNygwW999NJTZ+0AUuv5dvjTXXTeNWSAw5eagii9z rcvKf4sdgZPOJQO0ZQSxRRH4Ab7/8nL+nNor6AaajY2VYjdkhjbYL9KCr95fBgcn AIAHZEj+3MIYQjRvltLp8SdKjjAmh7eY7jfHQa0BVM8Ef/UCoCnVC9jwhE9UGmCn 587CSHKTXJpDGcvFTCMbZXbBq8bLQN8LaT1yjVj/9DJ5QRz9ddtdUwFwetu0hYcT DLcohXstnskaJzMH3YF/R6Jx4dO29g+zZGqm74b3CC77vVls3UDP08DkoqrPhvG+ iQRh2O3g6cEO+9xGeiICc4G7QQIDAQABo4ICfzCCAnswHQYDVR0OBBYEFIwlRbFy csAvylc3BUx7uwyO5QZiMB8GA1UdIwQYMBaAFEFUBu2AtNknpHmougQhFq4tEaGm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRkJBMS8yQUQ1MUY0Qzk5 MDMxMUU3QTVFOTVDNkZDNEY5QUUwMi9RVlFHN1lDMDJTZWtlYWk2QkNFV3JpMFJv YVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FWUUc3WUMwMlNla2VhaTZCQ0VXcmkwUm9hWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUZCQTEvMkFENTFGNEM5OTAzMTFFN0E1RTk1QzZGQzRGOUFFMDIvNDNFOTg0MkMx ODVBMTFFRjlEMEM0MzM4QzRGOUFFMDIucm9hMD4GCCsGAQUFBwEHAQH/BC8wLTAa BAIAATAUAwQBZ1f4MAwDBADLYOEDBALLYOAwDwQCAAIwCQMHAyQA2sAAADANBgkq hkiG9w0BAQsFAAOCAQEAEGdgXdRJRyh47umOaPBIN6JHJ8zrgss+LSRXKLx3/v1K GKNqj+cnkVJ1XBgsPtny9IsyhBVM330vPecxL0SHLRRHbesgsfKYYY0FC5dstzsK YgrlA1dskE0mqFKT2j+ih2kN0+qD68hPOfDYrOs5LIJb8n04irrDofAUFpRr29M3 4tNRUT1uOE4syb8Z+FisM78haJS4FP9+0GiQx1jS6H5G0jGJT98N2oKKJdm47o2h WbIeJTb2DbV1MQdlZ3S9ROouGe9IcRpo0luEpr0GLeJtz/pncCCtsTtt5HZBM9Zl RjUNOOkWLZ3l+K+QYVbFfIYM3ueIV7lHX9zxkig7jQ== -----END CERTIFICATE-----Generated at Mon Mar 2 06:01:48 2026 by rpki-client