$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8A41/554140DE87BC11EBB3C08272C4F9AE02/B23B879EE89C11ECA30FD20EC4F9AE02.roa File: B23B879EE89C11ECA30FD20EC4F9AE02.roa (raw, json) Hash identifier: dqu+IGrDwQGnaCXjrPhpRpLVWhrg7vjaTG4OX0l2hO4= Subject key identifier: AB:DB:AE:A7:08:DA:5C:67:AF:B6:51:A8:3F:7A:80:B5:B4:8F:5D:3A Certificate issuer: /CN=A91F8A41/serialNumber=CDFEDF2D411C84C36DC3BB6A02FDF1AC50B5BA14 Certificate serial: 07AF Authority key identifier: CD:FE:DF:2D:41:1C:84:C3:6D:C3:BB:6A:02:FD:F1:AC:50:B5:BA:14 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zf7fLUEchMNtw7tqAv3xrFC1uhQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F8A41/554140DE87BC11EBB3C08272C4F9AE02/B23B879EE89C11ECA30FD20EC4F9AE02.roa Signing time: Sun 01 Mar 2026 14:56:21 +0000 ROA not before: Sat 10 May 2025 22:22:20 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 133788 IP address blocks: 103.42.208.0/22 maxlen: 22 103.42.208.0/23 maxlen: 23 103.42.209.0/24 maxlen: 24 103.42.211.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F8A41/554140DE87BC11EBB3C08272C4F9AE02/zf7fLUEchMNtw7tqAv3xrFC1uhQ.crl rsync://rpki.apnic.net/member_repository/A91F8A41/554140DE87BC11EBB3C08272C4F9AE02/zf7fLUEchMNtw7tqAv3xrFC1uhQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zf7fLUEchMNtw7tqAv3xrFC1uhQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:26:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1967 (0x7af) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F8A41, serialNumber=CDFEDF2D411C84C36DC3BB6A02FDF1AC50B5BA14 Validity Not Before: May 10 22:22:20 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=69a45395-43e6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:25:8b:eb:41:89:9e:22:2a:7b:34:73:88:ad: dc:5b:4c:58:04:a5:24:d1:19:3d:29:a4:f7:aa:b9: 61:f9:a6:a6:98:77:27:9d:02:94:c7:56:2f:cf:92: f4:e7:f8:99:4b:4a:d3:0a:ea:ac:b2:d1:c2:19:82: 38:80:93:2f:65:a0:f3:8a:02:84:01:e7:9c:07:99: 80:da:9e:53:43:f3:82:ac:18:25:c0:1d:15:0d:3b: a3:4f:f2:dd:f8:51:c9:62:dd:7b:7b:a1:92:11:ba: 62:28:f3:39:91:b9:38:27:e1:f7:a9:47:84:ac:5a: b2:6d:82:cb:6c:d7:18:2c:56:38:20:5f:31:7f:6c: 3e:9f:00:b5:22:73:41:a0:48:64:06:07:a9:fe:ad: 59:c1:63:b8:68:a1:eb:fe:c5:c7:3b:0a:c2:40:aa: 67:b7:67:c0:d4:e2:6a:94:d6:fd:2c:62:3f:b3:19: 8e:d2:80:b4:6c:45:34:c1:1c:26:f1:b5:74:0f:3f: 49:ae:0f:56:73:f7:ed:3c:74:65:31:99:78:94:75: c0:e6:08:20:b7:dc:c9:2c:57:52:04:fb:50:33:bf: 06:57:fe:7a:d8:b4:f3:47:56:ff:72:a8:ed:1f:f5: 4f:84:9a:30:08:a9:03:16:c9:ff:dd:18:95:a7:f2: ff:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:DB:AE:A7:08:DA:5C:67:AF:B6:51:A8:3F:7A:80:B5:B4:8F:5D:3A X509v3 Authority Key Identifier: keyid:CD:FE:DF:2D:41:1C:84:C3:6D:C3:BB:6A:02:FD:F1:AC:50:B5:BA:14 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F8A41/554140DE87BC11EBB3C08272C4F9AE02/zf7fLUEchMNtw7tqAv3xrFC1uhQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zf7fLUEchMNtw7tqAv3xrFC1uhQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8A41/554140DE87BC11EBB3C08272C4F9AE02/B23B879EE89C11ECA30FD20EC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.42.208.0/22 Signature Algorithm: sha256WithRSAEncryption 66:bc:e7:ba:5b:92:53:d5:c0:f5:45:de:09:55:f8:97:42:12: d5:5f:ec:b8:a9:c0:b3:c8:e2:c5:f2:4c:15:3c:90:d7:42:a2: b1:0b:65:de:b6:29:d4:34:3c:74:97:9d:0d:f5:77:9d:ed:31: 97:91:a5:e0:3b:b5:02:d6:76:a6:b2:e7:5a:0f:cc:a8:13:ec: 32:29:8a:5f:4c:e5:da:23:54:9d:cc:78:dd:26:9a:5d:e6:11: ee:51:6f:8c:c5:a8:1d:96:7b:c0:38:88:41:e3:7c:31:42:90: e2:35:71:ed:6c:6f:8b:a9:27:ec:3f:b0:f1:40:45:05:b4:8f: 19:f7:63:66:3f:a1:38:73:e0:47:36:bd:e2:dd:c6:c4:3c:c1: 5f:3e:d6:d6:c0:45:40:51:4d:85:38:42:19:18:62:6a:b8:a0: f2:29:11:18:6c:0d:60:4d:80:bf:3d:af:1e:3c:37:b2:e8:54: 2e:f7:50:4d:84:d4:08:b1:ae:c1:ba:b5:9d:48:b5:b0:c0:a1: 5a:2b:a4:4e:cc:5a:76:58:a3:ce:b9:28:3d:50:cd:3d:ba:be: 61:99:3c:1c:f1:83:01:11:2d:fc:35:9d:f7:7b:bb:28:c1:50: 69:fb:72:a8:88:72:6e:62:91:a9:ab:09:ea:d5:19:8f:e8:1e: 81:79:54:44 -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgICB68wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjhBNDExMTAvBgNVBAUTKENERkVERjJENDExQzg0QzM2REMzQkI2QTAyRkRGMUFD NTBCNUJBMTQwHhcNMjUwNTEwMjIyMjIwWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NTM5NS00M2U2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAliWL60GJniIqezRziK3cW0xYBKUk0Rk9KaT3qrlh+aammHcnnQKUx1Yvz5L0 5/iZS0rTCuqsstHCGYI4gJMvZaDzigKEAeecB5mA2p5TQ/OCrBglwB0VDTujT/Ld +FHJYt17e6GSEbpiKPM5kbk4J+H3qUeErFqybYLLbNcYLFY4IF8xf2w+nwC1InNB oEhkBgep/q1ZwWO4aKHr/sXHOwrCQKpnt2fA1OJqlNb9LGI/sxmO0oC0bEU0wRwm 8bV0Dz9Jrg9Wc/ftPHRlMZl4lHXA5gggt9zJLFdSBPtQM78GV/562LTzR1b/cqjt H/VPhJowCKkDFsn/3RiVp/L/wQIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFKvbrqcI 2lxnr7ZRqD96gLW0j106MB8GA1UdIwQYMBaAFM3+3y1BHITDbcO7agL98axQtboU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOEE0MS81NTQxNDBERTg3 QkMxMUVCQjNDMDgyNzJDNEY5QUUwMi96ZjdmTFVFY2hNTnR3N3RxQXYzeHJGQzF1 aFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3pmN2ZMVUVjaE1OdHc3dHFBdjN4ckZDMXVoUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjhBNDEvNTU0MTQwREU4N0JDMTFFQkIzQzA4MjcyQzRGOUFFMDIvQjIzQjg3OUVF ODlDMTFFQ0EzMEZEMjBFQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCZyrQMA0GCSqGSIb3DQEBCwUAA4IBAQBmvOe6W5JT1cD1Rd4JVfiX QhLVX+y4qcCzyOLF8kwVPJDXQqKxC2XetinUNDx0l50N9Xed7TGXkaXgO7UC1nam sudaD8yoE+wyKYpfTOXaI1SdzHjdJppd5hHuUW+MxagdlnvAOIhB43wxQpDiNXHt bG+LqSfsP7DxQEUFtI8Z92NmP6E4c+BHNr3i3cbEPMFfPtbWwEVAUU2FOEIZGGJq uKDyKREYbA1gTYC/Pa8ePDey6FQu91BNhNQIsa7BurWdSLWwwKFaK6ROzFp2WKPO uSg9UM09ur5hmTwc8YMBES38NZ33e7sowVBp+3KoiHJuYpGpqwnq1RmP6B6BeVRE -----END CERTIFICATE-----Generated at Mon Mar 2 11:17:04 2026 by rpki-client