$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8AC4/C8FE174C577511ED81F13B6FC4F9AE02/0AFFF078577811ED959AC36FC4F9AE02.roa File: 0AFFF078577811ED959AC36FC4F9AE02.roa (raw, json) Hash identifier: pGBNoZVQ4x9HykZ/w/nfYdiBRr1XcTrcOsgRSH1bWes= Subject key identifier: 49:13:A3:89:AD:A3:61:4A:17:59:6A:8C:E2:0C:32:35:63:91:BE:38 Certificate issuer: /CN=A91F8AC4/serialNumber=A337633E35919940BD729D912F3663158C267C36 Certificate serial: 0290 Authority key identifier: A3:37:63:3E:35:91:99:40:BD:72:9D:91:2F:36:63:15:8C:26:7C:36 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ozdjPjWRmUC9cp2RLzZjFYwmfDY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F8AC4/C8FE174C577511ED81F13B6FC4F9AE02/0AFFF078577811ED959AC36FC4F9AE02.roa Signing time: Fri 03 Apr 2026 01:34:58 +0000 ROA not before: Fri 03 Apr 2026 01:34:58 +0000 ROA not after: Sat 01 Aug 2026 00:00:00 +0000 asID: 138633 IP address blocks: 103.135.98.0/24 maxlen: 24 103.135.99.0/24 maxlen: 24 2404:79c0::/48 maxlen: 48 2404:79c0:1::/48 maxlen: 48 2404:79c0:2::/48 maxlen: 48 2404:79c0:3::/48 maxlen: 48 2404:79c0:4::/48 maxlen: 48 2404:79c0:5::/48 maxlen: 48 2404:79c0:6::/48 maxlen: 48 2404:79c0:7::/48 maxlen: 48 2404:79c0:8::/48 maxlen: 48 2404:79c0:9::/48 maxlen: 48 2404:79c0:a::/48 maxlen: 48 2404:79c0:b::/48 maxlen: 48 2404:79c0:c::/48 maxlen: 48 2404:79c0:d::/48 maxlen: 48 2404:79c0:e::/48 maxlen: 48 2404:79c0:f::/48 maxlen: 48 2404:79c0:1001::/48 maxlen: 48 2404:79c0:1002::/48 maxlen: 48 2404:79c0:1003::/48 maxlen: 48 2404:79c0:2000::/48 maxlen: 48 2404:79c0:2001::/48 maxlen: 48 2404:79c0:3000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F8AC4/C8FE174C577511ED81F13B6FC4F9AE02/ozdjPjWRmUC9cp2RLzZjFYwmfDY.crl rsync://rpki.apnic.net/member_repository/A91F8AC4/C8FE174C577511ED81F13B6FC4F9AE02/ozdjPjWRmUC9cp2RLzZjFYwmfDY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ozdjPjWRmUC9cp2RLzZjFYwmfDY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 Apr 2026 01:22:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 656 (0x290) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F8AC4, serialNumber=A337633E35919940BD729D912F3663158C267C36 Validity Not Before: Apr 3 01:34:58 2026 GMT Not After : Aug 1 00:00:00 2026 GMT Subject: CN=69cf1942-d5d1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:d0:45:7e:04:ab:1b:d3:f2:07:ed:12:f3:d6: 07:0a:2d:2d:25:ac:f4:78:69:6b:11:7a:92:9b:d9: e6:94:27:a6:95:94:4a:58:ef:37:b4:e1:dd:62:2a: 5e:d4:1f:e3:87:bc:15:96:0a:3e:9f:b1:1a:ff:87: 1b:a7:da:19:10:b2:cb:dc:ee:ef:54:25:5f:e5:0c: 2b:46:14:a4:52:6f:4b:f6:af:a7:b2:e6:27:a5:36: 1f:b3:8c:2a:a6:0a:18:f4:40:d0:a0:8c:ec:93:db: 69:dd:0f:ac:39:a8:9f:9b:80:ba:06:b1:b0:cd:c7: 7e:82:07:83:ec:75:00:0d:66:22:af:72:df:4b:2e: 5c:91:14:a5:a3:0a:f4:b5:5f:a2:4e:e8:a8:c0:c1: e2:7e:c0:32:04:6c:c1:7c:e8:ea:71:df:54:9a:be: 15:c1:f9:8e:3f:26:91:fe:30:b4:f9:1d:6d:9a:db: 23:39:ac:f1:f2:fc:60:6c:b5:44:a2:36:6e:29:48: 6d:8f:62:69:f0:38:c2:fb:99:21:83:34:d5:b7:5f: dd:a3:3f:01:4f:bb:96:b1:61:c5:c4:f6:53:16:42: 48:5b:28:21:60:37:a5:c5:4b:c9:46:2c:e2:d9:fa: 31:68:37:2f:4f:78:a4:14:89:b8:36:b7:5e:66:c4: 30:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:13:A3:89:AD:A3:61:4A:17:59:6A:8C:E2:0C:32:35:63:91:BE:38 X509v3 Authority Key Identifier: keyid:A3:37:63:3E:35:91:99:40:BD:72:9D:91:2F:36:63:15:8C:26:7C:36 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F8AC4/C8FE174C577511ED81F13B6FC4F9AE02/ozdjPjWRmUC9cp2RLzZjFYwmfDY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ozdjPjWRmUC9cp2RLzZjFYwmfDY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8AC4/C8FE174C577511ED81F13B6FC4F9AE02/0AFFF078577811ED959AC36FC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.135.98.0/23 IPv6: 2404:79c0::/44 2404:79c0:1001::-2404:79c0:1003:ffff:ffff:ffff:ffff:ffff 2404:79c0:2000::/47 2404:79c0:3000::/48 Signature Algorithm: sha256WithRSAEncryption b1:4c:50:d2:ce:ba:7f:12:ab:3b:bb:c8:a4:d8:b0:b6:67:eb: 31:ce:df:43:64:ac:c4:ff:e9:b6:bb:1d:88:e9:2f:1c:a2:7f: c8:d0:f4:b6:44:3b:54:cc:4d:fd:78:ce:f5:33:dd:f6:90:53: 39:b5:82:84:30:aa:8f:c2:40:bb:3c:84:50:63:aa:de:a8:80: e5:8f:f0:f9:dd:3e:6d:40:a9:78:c1:9d:b4:a2:ef:25:c4:f5: 28:4c:73:47:ea:b3:ff:56:9e:b1:21:34:b7:ec:e2:18:72:28: 60:50:e7:73:1e:79:f9:af:4d:e6:fa:14:b5:57:52:92:43:05: cb:89:b4:69:8d:e4:07:6e:23:fa:29:8c:79:17:01:88:b8:03: 6e:f2:ec:91:74:8c:64:90:4e:44:4b:7f:b4:be:12:76:61:11: d3:85:52:50:a4:48:97:ca:4a:1b:ab:e5:b2:0b:38:09:ab:a7: da:20:1f:4e:dc:a8:a7:95:e4:1f:30:36:e0:4d:e3:08:a8:3f: 28:4b:33:3b:e7:f3:1b:64:f2:e5:a9:1f:ba:4d:db:6f:68:aa: b9:8b:28:5c:2f:bb:44:41:b9:3e:78:51:ca:fd:95:29:33:ae: 2e:e0:dc:c5:a5:ef:97:d0:fa:2f:3c:c7:db:33:94:2e:04:14: f8:d1:0c:59 -----BEGIN CERTIFICATE----- MIIFczCCBFugAwIBAgICApAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjhBQzQxMTAvBgNVBAUTKEEzMzc2MzNFMzU5MTk5NDBCRDcyOUQ5MTJGMzY2MzE1 OEMyNjdDMzYwHhcNMjYwNDAzMDEzNDU4WhcNMjYwODAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWNmMTk0Mi1kNWQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAm9BFfgSrG9PyB+0S89YHCi0tJaz0eGlrEXqSm9nmlCemlZRKWO83tOHdYipe 1B/jh7wVlgo+n7Ea/4cbp9oZELLL3O7vVCVf5QwrRhSkUm9L9q+nsuYnpTYfs4wq pgoY9EDQoIzsk9tp3Q+sOaifm4C6BrGwzcd+ggeD7HUADWYir3LfSy5ckRSlowr0 tV+iTuiowMHifsAyBGzBfOjqcd9Umr4VwfmOPyaR/jC0+R1tmtsjOazx8vxgbLVE ojZuKUhtj2Jp8DjC+5khgzTVt1/doz8BT7uWsWHFxPZTFkJIWyghYDelxUvJRizi 2foxaDcvT3ikFIm4NrdeZsQwsQIDAQABo4IClzCCApMwHQYDVR0OBBYEFEkTo4mt o2FKF1lqjOIMMjVjkb44MB8GA1UdIwQYMBaAFKM3Yz41kZlAvXKdkS82YxWMJnw2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOEFDNC9DOEZFMTc0QzU3 NzUxMUVEODFGMTNCNkZDNEY5QUUwMi9vemRqUGpXUm1VQzljcDJSTHpaakZZd21m RFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL296ZGpQaldSbVVDOWNwMlJMelpqRll3bWZEWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjhBQzQvQzhGRTE3NEM1Nzc1MTFFRDgxRjEzQjZGQzRGOUFFMDIvMEFGRkYwNzg1 Nzc4MTFFRDk1OUFDMzZGQzRGOUFFMDIucm9hMFYGCCsGAQUFBwEHAQH/BEcwRTAM BAIAATAGAwQBZ4diMDUEAgACMC8DBwQkBHnAAAAwEgMHACQEecAQAQMHAiQEecAQ AAMHASQEecAgAAMHACQEecAwADANBgkqhkiG9w0BAQsFAAOCAQEAsUxQ0s66fxKr O7vIpNiwtmfrMc7fQ2SsxP/ptrsdiOkvHKJ/yND0tkQ7VMxN/XjO9TPd9pBTObWC hDCqj8JAuzyEUGOq3qiA5Y/w+d0+bUCpeMGdtKLvJcT1KExzR+qz/1aesSE0t+zi GHIoYFDncx55+a9N5voUtVdSkkMFy4m0aY3kB24j+imMeRcBiLgDbvLskXSMZJBO REt/tL4SdmER04VSUKRIl8pKG6vlsgs4Caun2iAfTtyop5XkHzA24E3jCKg/KEsz O+fzG2Ty5akfuk3bb2iquYsoXC+7REG5PnhRyv2VKTOuLuDcxaXvl9D6LzzH2zOU LgQU+NEMWQ== -----END CERTIFICATE-----Generated at Sun Apr 5 20:58:57 2026 by rpki-client