$ rpki-client -vvf rpki.apnic.net/member_repository/A91F731E/F5967E6C5EF111E6A7D1AF26C4F9AE02/3BBD8AE8620811F091BDA035C4F9AE02.roa File: 3BBD8AE8620811F091BDA035C4F9AE02.roa (raw, json) Hash identifier: j6Fn0yl9QruB/L8VIjM7Cvrv8dXDeLRII1Kg9BFfdqQ= Subject key identifier: 78:25:0C:EA:3D:A7:EB:E2:4B:95:A5:5B:13:D9:3F:F1:54:15:3A:C7 Certificate issuer: /CN=A91F731E/serialNumber=2585243D6805F2EA8BC3F63B82364BA991F330B9 Certificate serial: 201F Authority key identifier: 25:85:24:3D:68:05:F2:EA:8B:C3:F6:3B:82:36:4B:A9:91:F3:30:B9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JYUkPWgF8uqLw_Y7gjZLqZHzMLk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F731E/F5967E6C5EF111E6A7D1AF26C4F9AE02/3BBD8AE8620811F091BDA035C4F9AE02.roa Signing time: Sun 01 Mar 2026 14:33:37 +0000 ROA not before: Fri 08 Aug 2025 16:24:13 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 137187 IP address blocks: 103.211.150.0/23 maxlen: 24 124.41.244.0/22 maxlen: 22 124.41.244.0/24 maxlen: 24 124.41.245.0/24 maxlen: 24 124.41.246.0/24 maxlen: 24 124.41.247.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F731E/F5967E6C5EF111E6A7D1AF26C4F9AE02/JYUkPWgF8uqLw_Y7gjZLqZHzMLk.crl rsync://rpki.apnic.net/member_repository/A91F731E/F5967E6C5EF111E6A7D1AF26C4F9AE02/JYUkPWgF8uqLw_Y7gjZLqZHzMLk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JYUkPWgF8uqLw_Y7gjZLqZHzMLk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 16:03:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8223 (0x201f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F731E, serialNumber=2585243D6805F2EA8BC3F63B82364BA991F330B9 Validity Not Before: Aug 8 16:24:13 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=69a44e41-ac77 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:cb:24:ec:6f:db:d5:a5:b0:2e:59:d1:d0:7d: b5:86:ed:1f:60:d7:7d:62:6b:4e:13:b2:84:dc:b5: e3:8b:00:b7:c0:8e:ee:0e:c2:b1:76:17:80:df:fd: 8a:8d:49:a0:57:3f:2e:0f:7d:cd:9f:f7:a9:db:02: aa:31:8f:5a:7d:74:97:69:69:f2:d9:3c:13:49:d2: 35:2e:33:cf:4a:68:c4:82:f0:e1:55:61:b2:f2:21: a0:2c:37:30:9d:25:f1:b8:41:06:0d:a5:ea:d2:0b: a3:d7:2f:4d:6b:b5:90:1e:29:7e:44:d1:e5:dc:10: 42:df:25:de:bd:3e:d0:6a:fd:05:ce:63:84:43:2e: 40:44:6e:06:44:ae:8f:42:e3:e5:af:33:62:43:ce: 88:26:b1:cf:f2:90:38:5c:e3:ee:ee:e6:ad:f6:68: b0:42:a9:56:7e:94:69:f3:59:7c:5c:4c:f1:0b:95: db:ce:7d:a8:46:44:42:ac:b2:4e:5a:5e:62:e6:07: 41:bc:b2:d6:68:a8:47:c9:33:30:e1:48:21:48:35: aa:8d:4a:0a:66:e9:d9:2c:55:2b:85:26:84:8d:89: 0c:e1:a0:b8:07:a8:8a:97:d1:b8:8e:9e:db:76:51: f5:2c:8b:12:4f:b3:7f:a9:22:f5:7d:1d:59:1e:d6: 19:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:25:0C:EA:3D:A7:EB:E2:4B:95:A5:5B:13:D9:3F:F1:54:15:3A:C7 X509v3 Authority Key Identifier: keyid:25:85:24:3D:68:05:F2:EA:8B:C3:F6:3B:82:36:4B:A9:91:F3:30:B9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F731E/F5967E6C5EF111E6A7D1AF26C4F9AE02/JYUkPWgF8uqLw_Y7gjZLqZHzMLk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JYUkPWgF8uqLw_Y7gjZLqZHzMLk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F731E/F5967E6C5EF111E6A7D1AF26C4F9AE02/3BBD8AE8620811F091BDA035C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.211.150.0/23 124.41.244.0/22 Signature Algorithm: sha256WithRSAEncryption 33:05:cf:e3:94:b8:0c:75:1d:b5:0b:0a:14:92:2a:aa:56:56: 9b:3b:d3:33:88:53:79:72:80:e3:d3:7f:ab:80:d8:a2:84:30: 6c:d6:9e:b0:66:67:7f:ae:54:04:da:ad:16:ff:a4:45:54:12: bf:93:f8:3b:f5:ed:60:36:1c:50:b3:00:6a:b0:05:61:b2:2c: 83:8b:1e:45:09:a9:77:c0:19:f2:23:bb:e8:28:e5:62:ad:79: c6:b6:64:fd:3d:69:dd:70:b1:4b:36:f6:22:90:07:fc:74:61: 58:2b:99:fe:e5:c9:5f:02:bd:e3:a7:ea:91:d6:c9:f5:97:92: d1:a8:4f:f5:58:d5:1e:67:77:e8:b2:69:b3:ac:c4:33:e4:74: bc:10:25:d4:df:db:0e:26:dc:ad:61:a6:61:12:0b:82:7b:61: 20:3b:3b:5a:f7:12:a2:e0:09:92:79:8d:e9:36:5c:7e:6f:de: b9:7c:a2:ae:89:73:29:17:e1:08:fe:0b:33:1b:43:3a:27:09: 27:87:e4:72:06:ec:56:83:b6:0a:87:b9:43:c8:31:fe:52:37: 56:c7:73:b5:b9:f1:2e:d5:94:c5:fa:a0:66:cb:89:a1:9c:3f: 6d:40:05:8c:fb:0e:7a:90:c5:d0:0d:bf:32:be:37:9c:bb:05: 4a:2b:86:8c -----BEGIN CERTIFICATE----- MIIFQjCCBCqgAwIBAgICIB8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjczMUUxMTAvBgNVBAUTKDI1ODUyNDNENjgwNUYyRUE4QkMzRjYzQjgyMzY0QkE5 OTFGMzMwQjkwHhcNMjUwODA4MTYyNDEzWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NGU0MS1hYzc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAjssk7G/b1aWwLlnR0H21hu0fYNd9YmtOE7KE3LXjiwC3wI7uDsKxdheA3/2K jUmgVz8uD33Nn/ep2wKqMY9afXSXaWny2TwTSdI1LjPPSmjEgvDhVWGy8iGgLDcw nSXxuEEGDaXq0guj1y9Na7WQHil+RNHl3BBC3yXevT7Qav0FzmOEQy5ARG4GRK6P QuPlrzNiQ86IJrHP8pA4XOPu7uat9miwQqlWfpRp81l8XEzxC5Xbzn2oRkRCrLJO Wl5i5gdBvLLWaKhHyTMw4UghSDWqjUoKZunZLFUrhSaEjYkM4aC4B6iKl9G4jp7b dlH1LIsST7N/qSL1fR1ZHtYZFwIDAQABo4ICZjCCAmIwHQYDVR0OBBYEFHglDOo9 p+viS5WlWxPZP/FUFTrHMB8GA1UdIwQYMBaAFCWFJD1oBfLqi8P2O4I2S6mR8zC5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNzMxRS9GNTk2N0U2QzVF RjExMUU2QTdEMUFGMjZDNEY5QUUwMi9KWVVrUFdnRjh1cUx3X1k3Z2paTHFaSHpN TGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0pZVWtQV2dGOHVxTHdfWTdnalpMcVpIek1May5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjczMUUvRjU5NjdFNkM1RUYxMTFFNkE3RDFBRjI2QzRGOUFFMDIvM0JCRDhBRTg2 MjA4MTFGMDkxQkRBMDM1QzRGOUFFMDIucm9hMCUGCCsGAQUFBwEHAQH/BBYwFDAS BAIAATAMAwQBZ9OWAwQCfCn0MA0GCSqGSIb3DQEBCwUAA4IBAQAzBc/jlLgMdR21 CwoUkiqqVlabO9MziFN5coDj03+rgNiihDBs1p6wZmd/rlQE2q0W/6RFVBK/k/g7 9e1gNhxQswBqsAVhsiyDix5FCal3wBnyI7voKOVirXnGtmT9PWndcLFLNvYikAf8 dGFYK5n+5clfAr3jp+qR1sn1l5LRqE/1WNUeZ3fosmmzrMQz5HS8ECXU39sOJtyt YaZhEguCe2EgOzta9xKi4AmSeY3pNlx+b965fKKuiXMpF+EI/gszG0M6Jwknh+Ry BuxWg7YKh7lDyDH+UjdWx3O1ufEu1ZTF+qBmy4mhnD9tQAWM+w56kMXQDb8yvjec uwVKK4aM -----END CERTIFICATE-----Generated at Mon Mar 2 23:39:32 2026 by rpki-client