$ rpki-client -vvf rpki.apnic.net/member_repository/A91FA92A/45797C5C5A4D11E799F46B74C4F9AE02/3A1C441A5A4E11E7965D9A75C4F9AE02.roa File: 3A1C441A5A4E11E7965D9A75C4F9AE02.roa (raw, json) Hash identifier: 4w47H0Y1vnBN5i/M/jV7KCeDSn1xH7StGYdAvJdkOiQ= Subject key identifier: D5:57:D6:F7:D4:5B:96:D1:E1:FD:FF:FC:49:26:A5:F7:A3:E2:07:D3 Certificate issuer: /CN=A91FA92A/serialNumber=A7EC2258682F6FAE9F8438FA2627189E542F4DEF Certificate serial: 1A7E Authority key identifier: A7:EC:22:58:68:2F:6F:AE:9F:84:38:FA:26:27:18:9E:54:2F:4D:EF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p-wiWGgvb66fhDj6JicYnlQvTe8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FA92A/45797C5C5A4D11E799F46B74C4F9AE02/3A1C441A5A4E11E7965D9A75C4F9AE02.roa Signing time: Sun 01 Mar 2026 13:42:17 +0000 ROA not before: Thu 04 Dec 2025 16:15:11 +0000 ROA not after: Sun 31 Jan 2027 00:00:00 +0000 asID: 135666 IP address blocks: 43.230.208.0/24 maxlen: 24 103.78.111.0/24 maxlen: 24 103.78.116.0/23 maxlen: 24 103.252.84.0/24 maxlen: 24 2400:1440::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FA92A/45797C5C5A4D11E799F46B74C4F9AE02/p-wiWGgvb66fhDj6JicYnlQvTe8.crl rsync://rpki.apnic.net/member_repository/A91FA92A/45797C5C5A4D11E799F46B74C4F9AE02/p-wiWGgvb66fhDj6JicYnlQvTe8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p-wiWGgvb66fhDj6JicYnlQvTe8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 01:32:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6782 (0x1a7e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA92A, serialNumber=A7EC2258682F6FAE9F8438FA2627189E542F4DEF Validity Not Before: Dec 4 16:15:11 2025 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=69a44239-5d06 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:56:2f:88:d0:a5:ca:4a:d8:50:b7:47:96:26: 36:2e:ee:8c:df:23:3e:44:17:16:c1:92:31:4f:cc: c1:76:8c:18:10:f3:75:14:46:b9:3b:f5:56:52:92: 34:4d:b4:22:b9:e6:2b:b1:f9:0a:f7:f8:37:89:4f: 36:9d:90:ba:ba:a5:f1:f8:9f:fa:2e:a8:cb:b2:ab: b6:49:8b:60:a5:a0:2b:27:3d:1b:a1:99:82:a9:3c: 47:38:68:42:c9:3c:f1:2e:88:98:88:68:53:b3:68: 8d:14:1e:40:a2:8d:00:23:06:d2:77:96:f1:ed:86: ec:bc:c4:0e:e0:02:91:b2:22:3c:c0:a2:83:58:72: cb:5d:d0:de:ba:a6:d6:9b:41:c6:20:cc:09:0b:2a: 23:bf:1c:e5:fa:7e:b5:28:6d:66:04:03:51:ed:dc: 92:08:31:e4:e0:ab:f6:59:25:5d:cc:bf:12:f2:55: 9e:91:18:c3:6b:7e:00:00:10:74:fa:84:87:60:d0: e8:b1:6c:9c:c1:11:02:58:be:72:5e:34:c3:3a:a4: ac:50:7b:f7:0f:4b:25:c0:31:55:17:96:5b:5b:4a: ac:05:53:0b:44:6c:3f:04:bd:c2:d2:0d:1a:41:e4: d7:ce:7e:02:89:24:7e:34:77:54:2f:0a:a1:9d:c8: a6:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:57:D6:F7:D4:5B:96:D1:E1:FD:FF:FC:49:26:A5:F7:A3:E2:07:D3 X509v3 Authority Key Identifier: keyid:A7:EC:22:58:68:2F:6F:AE:9F:84:38:FA:26:27:18:9E:54:2F:4D:EF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FA92A/45797C5C5A4D11E799F46B74C4F9AE02/p-wiWGgvb66fhDj6JicYnlQvTe8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p-wiWGgvb66fhDj6JicYnlQvTe8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FA92A/45797C5C5A4D11E799F46B74C4F9AE02/3A1C441A5A4E11E7965D9A75C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.230.208.0/24 103.78.111.0/24 103.78.116.0/23 103.252.84.0/24 IPv6: 2400:1440::/32 Signature Algorithm: sha256WithRSAEncryption 5a:bd:fb:60:f5:72:d9:c1:c6:78:92:a2:e6:5f:24:3c:43:b9: c5:12:42:8b:49:ad:85:59:b5:77:22:a9:2f:5a:3a:47:41:54: 1c:c7:e2:f0:2c:cf:43:63:94:ec:9c:bc:4e:ed:d4:16:75:8d: 6e:8b:59:61:47:2c:45:d7:dd:d6:09:40:3c:f2:b9:6d:57:65: dc:36:de:94:63:a6:24:5d:78:30:e3:75:55:cc:3c:5f:85:bc: 53:7c:87:cb:ea:a9:83:eb:c5:01:f1:a5:af:ec:28:78:8f:49: 1f:bd:ba:da:b0:77:96:d2:4b:ce:44:b0:84:1a:7d:a9:eb:d7: 1a:25:6e:14:66:d1:51:5f:fa:83:26:11:5b:aa:a0:2c:b1:da: 47:c5:ff:4d:90:aa:87:e4:07:cd:8a:0b:47:93:53:63:33:a5: c0:92:8c:1d:79:8a:5a:04:c2:10:3f:75:e4:e3:3b:b7:e5:58: e3:cf:83:ad:3f:c5:3d:65:73:78:ba:64:7f:78:2e:d7:cf:1d: e6:1e:ad:f7:ec:fd:ed:9b:c8:10:5f:6c:c8:25:fa:5f:0e:14: 01:8b:b3:e7:b5:5b:3d:a6:a6:99:44:8d:e8:88:b2:12:66:d5: ae:c9:e1:a6:df:1a:6a:f8:77:d1:45:45:f3:08:39:36:a2:18: 75:44:10:98 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgICGn4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkE5MkExMTAvBgNVBAUTKEE3RUMyMjU4NjgyRjZGQUU5Rjg0MzhGQTI2MjcxODlF NTQyRjRERUYwHhcNMjUxMjA0MTYxNTExWhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NDIzOS01ZDA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoVYviNClykrYULdHliY2Lu6M3yM+RBcWwZIxT8zBdowYEPN1FEa5O/VWUpI0 TbQiueYrsfkK9/g3iU82nZC6uqXx+J/6LqjLsqu2SYtgpaArJz0boZmCqTxHOGhC yTzxLoiYiGhTs2iNFB5Aoo0AIwbSd5bx7YbsvMQO4AKRsiI8wKKDWHLLXdDeuqbW m0HGIMwJCyojvxzl+n61KG1mBANR7dySCDHk4Kv2WSVdzL8S8lWekRjDa34AABB0 +oSHYNDosWycwRECWL5yXjTDOqSsUHv3D0slwDFVF5ZbW0qsBVMLRGw/BL3C0g0a QeTXzn4CiSR+NHdULwqhncim/QIDAQABo4ICgTCCAn0wHQYDVR0OBBYEFNVX1vfU W5bR4f3//Ekmpfej4gfTMB8GA1UdIwQYMBaAFKfsIlhoL2+un4Q4+iYnGJ5UL03v MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQTkyQS80NTc5N0M1QzVB NEQxMUU3OTlGNDZCNzRDNEY5QUUwMi9wLXdpV0dndmI2NmZoRGo2SmljWW5sUXZU ZTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3Atd2lXR2d2YjY2ZmhEajZKaWNZbmxRdlRlOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RkE5MkEvNDU3OTdDNUM1QTREMTFFNzk5RjQ2Qjc0QzRGOUFFMDIvM0ExQzQ0MUE1 QTRFMTFFNzk2NUQ5QTc1QzRGOUFFMDIucm9hMEAGCCsGAQUFBwEHAQH/BDEwLzAe BAIAATAYAwQAK+bQAwQAZ05vAwQBZ050AwQAZ/xUMA0EAgACMAcDBQAkABRAMA0G CSqGSIb3DQEBCwUAA4IBAQBavftg9XLZwcZ4kqLmXyQ8Q7nFEkKLSa2FWbV3Iqkv WjpHQVQcx+LwLM9DY5TsnLxO7dQWdY1ui1lhRyxF193WCUA88rltV2XcNt6UY6Yk XXgw43VVzDxfhbxTfIfL6qmD68UB8aWv7Ch4j0kfvbrasHeW0kvORLCEGn2p69ca JW4UZtFRX/qDJhFbqqAssdpHxf9NkKqH5AfNigtHk1NjM6XAkowdeYpaBMIQP3Xk 4zu35Vjjz4OtP8U9ZXN4umR/eC7Xzx3mHq337P3tm8gQX2zIJfpfDhQBi7PntVs9 pqaZRI3oiLISZtWuyeGm3xpq+HfRRUXzCDk2ohh1RBCY -----END CERTIFICATE-----Generated at Mon Mar 2 17:08:17 2026 by rpki-client