$ rpki-client -vvf rpki.apnic.net/member_repository/A91FC25F/FC1FBE92A27611F0AF63281BC4F9AE02/4AF261A4A27811F0898CD81DC4F9AE02.roa File: 4AF261A4A27811F0898CD81DC4F9AE02.roa (raw, json) Hash identifier: Vs4txb4DJFXLwizfk18zd1bm+3el525ckpu5LIU2/Ug= Subject key identifier: 54:A0:D7:91:0E:5C:1F:7B:78:3A:C4:B7:EC:BA:4A:01:C3:54:DF:9B Certificate issuer: /CN=A91FC25F/serialNumber=486CB816BE3A5E03CB72772988A0DE0EA972CDAA Certificate serial: 4D Authority key identifier: 48:6C:B8:16:BE:3A:5E:03:CB:72:77:29:88:A0:DE:0E:A9:72:CD:AA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SGy4Fr46XgPLcncpiKDeDqlyzao.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FC25F/FC1FBE92A27611F0AF63281BC4F9AE02/4AF261A4A27811F0898CD81DC4F9AE02.roa Signing time: Sun 01 Mar 2026 06:14:20 +0000 ROA not before: Mon 06 Oct 2025 05:49:59 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 154273 IP address blocks: 43.229.18.0/23 maxlen: 23 43.229.18.0/24 maxlen: 24 43.229.19.0/24 maxlen: 24 2001:df6:2a40::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FC25F/FC1FBE92A27611F0AF63281BC4F9AE02/SGy4Fr46XgPLcncpiKDeDqlyzao.crl rsync://rpki.apnic.net/member_repository/A91FC25F/FC1FBE92A27611F0AF63281BC4F9AE02/SGy4Fr46XgPLcncpiKDeDqlyzao.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SGy4Fr46XgPLcncpiKDeDqlyzao.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 09:40:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77 (0x4d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FC25F, serialNumber=486CB816BE3A5E03CB72772988A0DE0EA972CDAA Validity Not Before: Oct 6 05:49:59 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=69a3d93c-9c96 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:f5:76:c3:b2:9a:89:dd:d7:f8:8e:54:86:ea: 99:7e:3a:0d:a0:85:f1:09:38:7f:2c:21:88:7f:6a: 14:53:34:25:39:b1:21:00:1c:43:ef:54:1a:ee:fc: 3b:d2:1b:c8:c2:44:bb:34:fc:94:62:06:35:6b:69: a1:01:da:54:87:b7:4a:bd:38:0a:21:81:92:61:45: eb:76:0e:a1:e9:d6:42:94:91:f9:6b:e0:1a:3a:11: 6f:98:14:ec:de:e4:1f:7d:8a:5a:4e:7c:0c:e9:87: 7e:6c:72:41:ee:22:5f:e8:a3:e6:93:41:30:6d:b0: e2:01:ed:41:18:44:76:6f:5f:ea:10:5d:b2:be:84: eb:bd:46:bd:d7:07:80:01:9b:88:36:d7:66:b5:84: d2:15:e8:89:b9:56:f7:eb:13:6e:bc:b3:b9:13:69: 5e:3a:98:3d:dd:d5:4e:cc:6f:e4:2a:ec:4b:60:83: 6d:17:b6:8e:e4:09:80:76:a4:fd:2d:7d:74:9d:00: 41:94:b9:60:9f:50:ff:fd:aa:07:ba:22:d2:88:2d: 59:6f:91:44:95:36:84:49:12:bf:a3:9e:eb:78:12: 3d:2c:64:c7:04:67:d7:20:cc:66:58:cc:5f:7d:a9: 50:5b:8a:33:cf:2b:69:18:01:97:d6:f8:63:d2:86: 81:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:A0:D7:91:0E:5C:1F:7B:78:3A:C4:B7:EC:BA:4A:01:C3:54:DF:9B X509v3 Authority Key Identifier: keyid:48:6C:B8:16:BE:3A:5E:03:CB:72:77:29:88:A0:DE:0E:A9:72:CD:AA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FC25F/FC1FBE92A27611F0AF63281BC4F9AE02/SGy4Fr46XgPLcncpiKDeDqlyzao.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SGy4Fr46XgPLcncpiKDeDqlyzao.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FC25F/FC1FBE92A27611F0AF63281BC4F9AE02/4AF261A4A27811F0898CD81DC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.229.18.0/23 IPv6: 2001:df6:2a40::/48 Signature Algorithm: sha256WithRSAEncryption ba:a8:e7:d7:3c:e1:6a:35:a5:fc:4a:ed:6f:96:5a:28:fd:cc: 90:a9:8a:7a:10:ab:9c:97:05:5b:a4:c6:f0:4f:14:44:ed:d0: 90:f2:8c:11:9b:40:a7:0e:8d:35:a1:b7:88:b5:fa:0a:6c:bf: a1:21:68:3f:1e:e4:aa:f3:6a:e1:04:93:cb:20:5e:92:5a:a2: 92:44:10:40:29:5e:a6:38:7a:3e:60:3a:18:d4:6b:c7:97:cf: 3c:ca:bb:3b:e9:61:02:e0:ba:22:2d:84:fb:3f:c0:c4:c5:fa: ae:18:7e:6e:1a:aa:6c:e6:5c:c6:21:5b:5f:31:01:dc:7a:19: c8:7a:d9:2d:52:eb:c7:ff:fc:a5:03:b3:8b:d7:93:f5:9b:31: 95:5e:a9:c4:e8:42:9f:98:3d:73:86:c2:f2:36:27:24:a0:3a: 73:ce:b3:d2:8b:e9:f0:62:d8:54:ce:18:1f:ce:c2:24:3f:22: 6a:fa:10:ab:5f:1d:9d:37:21:48:c0:0f:83:f1:6c:20:ef:28: 41:bd:75:2b:0c:25:c4:78:47:18:70:29:62:47:39:41:af:54: d2:1f:95:2d:18:7a:bc:11:3c:a5:b4:e2:a4:7d:d0:e4:f1:8f: 61:b4:77:67:8f:43:d2:c2:bb:8a:e0:67:b4:9f:e9:e9:5a:5a: 07:72:17:f7 -----BEGIN CERTIFICATE----- MIIFTDCCBDSgAwIBAgIBTTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG QzI1RjExMC8GA1UEBRMoNDg2Q0I4MTZCRTNBNUUwM0NCNzI3NzI5ODhBMERFMEVB OTcyQ0RBQTAeFw0yNTEwMDYwNTQ5NTlaFw0yNjEyMzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY5YTNkOTNjLTljOTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCz9XbDspqJ3df4jlSG6pl+Og2ghfEJOH8sIYh/ahRTNCU5sSEAHEPvVBru/DvS G8jCRLs0/JRiBjVraaEB2lSHt0q9OAohgZJhRet2DqHp1kKUkflr4Bo6EW+YFOze 5B99ilpOfAzph35sckHuIl/oo+aTQTBtsOIB7UEYRHZvX+oQXbK+hOu9Rr3XB4AB m4g212a1hNIV6Im5VvfrE268s7kTaV46mD3d1U7Mb+Qq7Etgg20Xto7kCYB2pP0t fXSdAEGUuWCfUP/9qge6ItKILVlvkUSVNoRJEr+jnut4Ej0sZMcEZ9cgzGZYzF99 qVBbijPPK2kYAZfW+GPShoGLAgMBAAGjggJxMIICbTAdBgNVHQ4EFgQUVKDXkQ5c H3t4OsS37LpKAcNU35swHwYDVR0jBBgwFoAUSGy4Fr46XgPLcncpiKDeDqlyzaow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZDMjVGL0ZDMUZCRTkyQTI3 NjExRjBBRjYzMjgxQkM0RjlBRTAyL1NHeTRGcjQ2WGdQTGNuY3BpS0RlRHFseXph by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvU0d5NEZyNDZYZ1BMY25jcGlLRGVEcWx5emFvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgZYGCCsGAQUFBwELBIGJMIGGMIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QzI1Ri9GQzFGQkU5MkEyNzYxMUYwQUY2MzI4MUJDNEY5QUUwMi80QUYyNjFBNEEy NzgxMUYwODk4Q0Q4MURDNEY5QUUwMi5yb2EwMAYIKwYBBQUHAQcBAf8EITAfMAwE AgABMAYDBAEr5RIwDwQCAAIwCQMHACABDfYqQDANBgkqhkiG9w0BAQsFAAOCAQEA uqjn1zzhajWl/Ertb5ZaKP3MkKmKehCrnJcFW6TG8E8URO3QkPKMEZtApw6NNaG3 iLX6Cmy/oSFoPx7kqvNq4QSTyyBeklqikkQQQClepjh6PmA6GNRrx5fPPMq7O+lh AuC6Ii2E+z/AxMX6rhh+bhqqbOZcxiFbXzEB3HoZyHrZLVLrx//8pQOzi9eT9Zsx lV6pxOhCn5g9c4bC8jYnJKA6c86z0ovp8GLYVM4YH87CJD8iavoQq18dnTchSMAP g/FsIO8oQb11KwwlxHhHGHApYkc5Qa9U0h+VLRh6vBE8pbTipH3Q5PGPYbR3Z49D 0sK7iuBntJ/p6VpaB3IX9w== -----END CERTIFICATE-----Generated at Mon Mar 2 03:49:01 2026 by rpki-client