$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8E3D/0AB4386A584E11EC9FCF1779C4F9AE02/23AF59F0EC5E11F0BAE87BA74C6F56BC.roa File: 23AF59F0EC5E11F0BAE87BA74C6F56BC.roa (raw, json) Hash identifier: nAW7sLq/u3ibmVv8IggrLJMCC/imIfpqlXLWRrpvrN8= Subject key identifier: 1A:AF:20:0E:F8:92:AB:19:36:A7:B8:F7:7A:A8:CE:78:EF:2D:57:2C Certificate issuer: /CN=A91F8E3D/serialNumber=3AAFFBB7EA4A60D77BB44284ACBF25C398BA9A6D Certificate serial: 050A Authority key identifier: 3A:AF:FB:B7:EA:4A:60:D7:7B:B4:42:84:AC:BF:25:C3:98:BA:9A:6D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oq_7t-pKYNd7tEKErL8lw5i6mm0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F8E3D/0AB4386A584E11EC9FCF1779C4F9AE02/23AF59F0EC5E11F0BAE87BA74C6F56BC.roa Signing time: Mon 02 Mar 2026 13:36:10 +0000 ROA not before: Thu 08 Jan 2026 06:49:12 +0000 ROA not after: Tue 02 Mar 2027 00:00:00 +0000 asID: 54197 IP address blocks: 103.177.136.0/24 maxlen: 24 103.177.137.0/24 maxlen: 24 2400:3f60::/32 maxlen: 32 2400:3f60:1::/48 maxlen: 48 2400:3f60:2::/48 maxlen: 48 2400:3f60:3::/48 maxlen: 48 2400:3f60:4::/48 maxlen: 48 2400:3f60:10::/44 maxlen: 44 2400:3f60:10::/48 maxlen: 48 2400:3f60:11::/48 maxlen: 48 2400:3f60:12::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F8E3D/0AB4386A584E11EC9FCF1779C4F9AE02/Oq_7t-pKYNd7tEKErL8lw5i6mm0.crl rsync://rpki.apnic.net/member_repository/A91F8E3D/0AB4386A584E11EC9FCF1779C4F9AE02/Oq_7t-pKYNd7tEKErL8lw5i6mm0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oq_7t-pKYNd7tEKErL8lw5i6mm0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 13:36:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1290 (0x50a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F8E3D, serialNumber=3AAFFBB7EA4A60D77BB44284ACBF25C398BA9A6D Validity Not Before: Jan 8 06:49:12 2026 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=69a5924a-b5f5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:8d:35:30:49:9c:a0:d5:31:00:1a:2e:6c:ca: d3:97:b0:b7:ae:3f:22:e1:af:eb:ed:36:67:eb:93: 25:d6:14:d0:27:5a:da:9a:f2:ad:41:65:b4:e3:64: 0d:60:5d:f1:93:24:d5:0b:f7:de:3c:d4:36:2a:e7: 5c:47:a6:9e:0f:62:89:e9:13:5a:52:76:fd:29:a6: 75:8c:4a:6e:2b:2d:6b:c7:4e:72:81:16:3e:90:06: 4d:13:68:ed:56:c4:4e:b6:d5:3d:d2:cf:89:71:a5: 74:5f:51:a5:87:35:dc:eb:ca:68:8f:2c:5b:49:1e: 1c:d0:c0:9f:8b:5e:a8:04:b2:68:6c:a5:65:d9:09: 80:0c:5b:29:56:7f:11:90:97:0f:9b:cc:3d:7e:70: 10:c3:b2:96:b3:0e:f8:99:78:cc:5f:7a:59:ec:bc: de:fa:e8:1e:a5:30:d5:b7:79:ca:46:28:ab:c2:1c: 8a:73:a9:37:d6:83:52:b3:a6:36:2f:65:bb:9d:f2: 03:dc:ec:ae:7f:2a:74:08:c9:8b:d9:02:49:8d:25: 6f:56:59:56:f3:70:c8:98:b8:9d:05:21:78:fe:3a: 75:c8:66:ec:8e:4d:65:d6:8d:ec:fc:5c:b9:02:45: c2:d9:9a:0c:35:6a:6a:7b:86:12:8d:2f:cb:45:60: 82:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:AF:20:0E:F8:92:AB:19:36:A7:B8:F7:7A:A8:CE:78:EF:2D:57:2C X509v3 Authority Key Identifier: keyid:3A:AF:FB:B7:EA:4A:60:D7:7B:B4:42:84:AC:BF:25:C3:98:BA:9A:6D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F8E3D/0AB4386A584E11EC9FCF1779C4F9AE02/Oq_7t-pKYNd7tEKErL8lw5i6mm0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oq_7t-pKYNd7tEKErL8lw5i6mm0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8E3D/0AB4386A584E11EC9FCF1779C4F9AE02/23AF59F0EC5E11F0BAE87BA74C6F56BC.roa sbgp-ipAddrBlock: critical IPv4: 103.177.136.0/23 IPv6: 2400:3f60::/32 Signature Algorithm: sha256WithRSAEncryption 32:94:fe:e5:ff:f4:23:41:09:7e:46:ca:c2:ab:33:00:8f:b2: cd:f7:b2:c4:cc:1d:c5:cf:c9:3d:2c:0a:ed:7a:67:6d:ce:08: 0f:ad:dd:a8:4e:db:3b:6e:0f:4c:16:4d:51:8c:14:3d:da:83: d5:6c:c9:5c:f4:54:90:18:0b:8a:0c:0e:0a:ac:e3:45:75:70: 6b:0c:f7:de:ff:2a:87:88:24:9d:17:bd:78:5d:d6:8d:3f:80: 20:33:6b:6c:5b:c7:0b:c6:9b:6a:f6:43:56:96:44:36:06:d2: 9f:d1:b2:5b:2d:57:88:31:3e:ab:70:b5:53:bc:a2:a9:10:91: ef:d9:91:d9:08:e9:77:ee:8d:bc:09:bc:6b:46:2b:76:8e:16: 39:0c:7a:86:68:3c:4c:43:91:38:5c:0c:b8:6d:d0:08:2e:6e: 46:88:14:c2:31:c2:a5:6b:01:4e:ed:00:ff:81:30:c0:cb:7f: 55:27:f8:85:7b:12:30:0b:a5:97:ce:3c:f0:46:fa:2e:0f:1a: ca:08:b8:ae:5c:3a:7c:41:7a:3d:8a:64:e2:74:b3:dd:23:14: d9:23:96:d5:1f:87:ac:39:04:22:f7:4c:3b:c9:85:d0:93:dd: 2d:56:45:3d:f4:d3:82:41:5a:d1:32:d3:39:28:d9:00:65:30: d0:07:bf:ca -----BEGIN CERTIFICATE----- MIIFSzCCBDOgAwIBAgICBQowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjhFM0QxMTAvBgNVBAUTKDNBQUZGQkI3RUE0QTYwRDc3QkI0NDI4NEFDQkYyNUMz OThCQTlBNkQwHhcNMjYwMTA4MDY0OTEyWhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE1OTI0YS1iNWY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmo01MEmcoNUxABoubMrTl7C3rj8i4a/r7TZn65Ml1hTQJ1ramvKtQWW042QN YF3xkyTVC/fePNQ2KudcR6aeD2KJ6RNaUnb9KaZ1jEpuKy1rx05ygRY+kAZNE2jt VsROttU90s+JcaV0X1GlhzXc68pojyxbSR4c0MCfi16oBLJobKVl2QmADFspVn8R kJcPm8w9fnAQw7KWsw74mXjMX3pZ7Lze+ugepTDVt3nKRiirwhyKc6k31oNSs6Y2 L2W7nfID3Oyufyp0CMmL2QJJjSVvVllW83DImLidBSF4/jp1yGbsjk1l1o3s/Fy5 AkXC2ZoMNWpqe4YSjS/LRWCCAQIDAQABo4ICbzCCAmswHQYDVR0OBBYEFBqvIA74 kqsZNqe493qoznjvLVcsMB8GA1UdIwQYMBaAFDqv+7fqSmDXe7RChKy/JcOYuppt MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOEUzRC8wQUI0Mzg2QTU4 NEUxMUVDOUZDRjE3NzlDNEY5QUUwMi9PcV83dC1wS1lOZDd0RUtFckw4bHc1aTZt bTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09xXzd0LXBLWU5kN3RFS0VyTDhsdzVpNm1tMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjhFM0QvMEFCNDM4NkE1ODRFMTFFQzlGQ0YxNzc5QzRGOUFFMDIvMjNBRjU5RjBF QzVFMTFGMEJBRTg3QkE3NEM2RjU2QkMucm9hMC4GCCsGAQUFBwEHAQH/BB8wHTAM BAIAATAGAwQBZ7GIMA0EAgACMAcDBQAkAD9gMA0GCSqGSIb3DQEBCwUAA4IBAQAy lP7l//QjQQl+RsrCqzMAj7LN97LEzB3Fz8k9LArtemdtzggPrd2oTts7bg9MFk1R jBQ92oPVbMlc9FSQGAuKDA4KrONFdXBrDPfe/yqHiCSdF714XdaNP4AgM2tsW8cL xptq9kNWlkQ2BtKf0bJbLVeIMT6rcLVTvKKpEJHv2ZHZCOl37o28CbxrRit2jhY5 DHqGaDxMQ5E4XAy4bdAILm5GiBTCMcKlawFO7QD/gTDAy39VJ/iFexIwC6WXzjzw RvouDxrKCLiuXDp8QXo9imTidLPdIxTZI5bVH4esOQQi90w7yYXQk90tVkU99NOC QVrRMtM5KNkAZTDQB7/K -----END CERTIFICATE-----Generated at Mon Mar 2 18:03:06 2026 by rpki-client