$ rpki-client -vvf rpki.apnic.net/member_repository/A91151C9/C300C2CEC6FA11E7AAABCC0BC4F9AE02/A652A68C3DB911EFACDF8C75C4F9AE02.roa File: A652A68C3DB911EFACDF8C75C4F9AE02.roa (raw, json) Hash identifier: rehHNVoMzYrcbyHR3xn9AScPl8hoBFDtA7CJ2MlnTrM= Subject key identifier: 4A:0D:5E:09:8B:A4:44:13:3E:93:99:BC:2E:27:2B:FB:77:97:3B:97 Certificate issuer: /CN=A91151C9/serialNumber=875F40021C6D43B04EFE894A7FC15CC4F6ED89BA Certificate serial: 189A Authority key identifier: 87:5F:40:02:1C:6D:43:B0:4E:FE:89:4A:7F:C1:5C:C4:F6:ED:89:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h19AAhxtQ7BO_olKf8FcxPbtibo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91151C9/C300C2CEC6FA11E7AAABCC0BC4F9AE02/A652A68C3DB911EFACDF8C75C4F9AE02.roa Signing time: Wed 13 May 2026 01:15:06 +0000 ROA not before: Wed 13 May 2026 01:15:06 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 64096 IP address blocks: 43.228.180.0/22 maxlen: 22 43.228.180.0/24 maxlen: 24 43.228.181.0/24 maxlen: 24 43.228.182.0/23 maxlen: 24 103.47.200.0/22 maxlen: 24 103.103.176.0/22 maxlen: 22 103.103.176.0/23 maxlen: 24 103.103.178.0/24 maxlen: 24 103.103.179.0/24 maxlen: 24 103.212.56.0/22 maxlen: 22 103.212.56.0/24 maxlen: 24 103.212.57.0/24 maxlen: 24 103.212.58.0/23 maxlen: 24 116.206.0.0/22 maxlen: 22 116.206.0.0/24 maxlen: 24 116.206.1.0/24 maxlen: 24 116.206.2.0/23 maxlen: 24 2404:ff80::/32 maxlen: 32 2404:ff80:100::/48 maxlen: 48 2404:ff80:101::/48 maxlen: 48 2404:ff80:102::/48 maxlen: 48 2404:ff80:1001::/48 maxlen: 48 2404:ff80:c000::/34 maxlen: 34 2404:ff80:ffe0::/44 maxlen: 48 2404:ff80:fff0::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91151C9/C300C2CEC6FA11E7AAABCC0BC4F9AE02/h19AAhxtQ7BO_olKf8FcxPbtibo.crl rsync://rpki.apnic.net/member_repository/A91151C9/C300C2CEC6FA11E7AAABCC0BC4F9AE02/h19AAhxtQ7BO_olKf8FcxPbtibo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h19AAhxtQ7BO_olKf8FcxPbtibo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 May 2026 16:30:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6298 (0x189a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91151C9, serialNumber=875F40021C6D43B04EFE894A7FC15CC4F6ED89BA Validity Not Before: May 13 01:15:06 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6a03d09a-2f7a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:67:8e:a3:b8:7c:ca:49:d0:af:40:7f:9a:eb: 55:e0:af:7b:20:0b:11:7c:fb:f7:26:a7:92:1a:e7: 85:5c:87:33:31:73:2f:bc:e7:c8:48:20:b7:1a:24: 37:15:77:ba:6b:21:ff:1a:e1:2f:68:1b:1b:26:67: 39:b2:14:e0:b2:67:e1:29:ce:50:a1:76:4b:ad:db: 19:5e:1a:cc:e1:50:a0:a8:72:93:18:bc:ae:c1:7b: 6d:f7:13:44:da:87:97:17:fb:a4:37:5b:15:1d:6c: 39:42:a1:45:b0:6e:d0:be:f6:73:6e:8e:a9:b3:97: 05:2a:42:78:be:04:c0:79:70:d4:0d:0e:3e:ca:c9: 07:73:00:a0:a3:e3:13:bb:98:ff:18:20:17:09:a6: 73:c5:19:f5:c6:51:bd:9f:5e:2d:8e:fc:85:c7:4a: c8:c5:d6:c9:31:70:79:62:dc:80:66:af:f7:76:74: bb:eb:7e:06:8a:a9:34:cd:a3:80:0c:eb:b4:28:d8: 71:86:a2:38:dd:e1:d9:be:b4:9b:2e:b2:71:7b:68: d8:4d:9d:3c:84:52:f4:24:68:57:6d:1f:4b:3e:16: ec:28:28:f1:4d:ed:4b:78:9b:1c:8d:d9:6a:ec:83: 29:6f:df:27:78:05:ed:41:54:2d:1c:df:93:78:9e: c2:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:0D:5E:09:8B:A4:44:13:3E:93:99:BC:2E:27:2B:FB:77:97:3B:97 X509v3 Authority Key Identifier: keyid:87:5F:40:02:1C:6D:43:B0:4E:FE:89:4A:7F:C1:5C:C4:F6:ED:89:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91151C9/C300C2CEC6FA11E7AAABCC0BC4F9AE02/h19AAhxtQ7BO_olKf8FcxPbtibo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h19AAhxtQ7BO_olKf8FcxPbtibo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91151C9/C300C2CEC6FA11E7AAABCC0BC4F9AE02/A652A68C3DB911EFACDF8C75C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.228.180.0/22 103.47.200.0/22 103.103.176.0/22 103.212.56.0/22 116.206.0.0/22 IPv6: 2404:ff80::/32 Signature Algorithm: sha256WithRSAEncryption c7:cb:e3:ce:92:41:a8:89:cb:a7:27:bd:ff:5d:06:2b:45:d2: 1b:e6:8e:88:f1:fc:57:ae:fe:c2:0a:11:32:9b:85:fe:b3:04: c9:59:24:0c:fb:d3:1a:a2:e2:35:0f:bb:67:a8:be:ad:9d:c9: c2:53:c7:3c:ee:7b:54:42:9a:47:f5:3f:30:33:b9:7f:15:2c: f0:af:27:1c:34:c7:be:ce:a4:11:b0:80:f4:53:c0:52:a6:2d: a7:dc:aa:63:b9:74:6c:c2:66:3b:2d:e9:a4:06:c2:38:c9:ea: 7b:20:0e:d3:a8:7b:30:a0:1f:ab:ee:cd:d5:ee:48:40:9e:0c: 6c:cd:79:41:9a:42:55:4f:18:66:95:7e:d7:90:ee:96:4a:00: fc:c8:b9:a6:65:e1:47:2a:de:bb:fe:8f:65:6e:4b:03:71:d1: 00:c2:ad:dc:44:51:c5:67:ef:a0:7d:cf:06:a8:1d:33:e0:3b: 4d:a1:92:4c:c8:88:a9:4c:b7:2f:1e:7c:e9:6d:bd:24:da:5a: 34:e5:cd:74:fc:bc:5a:de:7e:cd:db:f7:a2:e9:cf:bb:b7:76: 5b:11:7f:48:53:2c:7b:cd:d1:b4:4e:34:50:0d:b2:e3:6b:36: 68:46:ab:18:27:41:9e:5c:91:1d:45:92:1e:e7:66:70:1f:7e: d5:30:8b:96 -----BEGIN CERTIFICATE----- MIIFYzCCBEugAwIBAgICGJowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTUxQzkxMTAvBgNVBAUTKDg3NUY0MDAyMUM2RDQzQjA0RUZFODk0QTdGQzE1Q0M0 RjZFRDg5QkEwHhcNMjYwNTEzMDExNTA2WhcNMjcwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02YTAzZDA5YS0yZjdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2meOo7h8yknQr0B/mutV4K97IAsRfPv3JqeSGueFXIczMXMvvOfISCC3GiQ3 FXe6ayH/GuEvaBsbJmc5shTgsmfhKc5QoXZLrdsZXhrM4VCgqHKTGLyuwXtt9xNE 2oeXF/ukN1sVHWw5QqFFsG7QvvZzbo6ps5cFKkJ4vgTAeXDUDQ4+yskHcwCgo+MT u5j/GCAXCaZzxRn1xlG9n14tjvyFx0rIxdbJMXB5YtyAZq/3dnS7634Giqk0zaOA DOu0KNhxhqI43eHZvrSbLrJxe2jYTZ08hFL0JGhXbR9LPhbsKCjxTe1LeJscjdlq 7IMpb98neAXtQVQtHN+TeJ7CFQIDAQABo4IChzCCAoMwHQYDVR0OBBYEFEoNXgmL pEQTPpOZvC4nK/t3lzuXMB8GA1UdIwQYMBaAFIdfQAIcbUOwTv6JSn/BXMT27Ym6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNTFDOS9DMzAwQzJDRUM2 RkExMUU3QUFBQkNDMEJDNEY5QUUwMi9oMTlBQWh4dFE3Qk9fb2xLZjhGY3hQYnRp Ym8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2gxOUFBaHh0UTdCT19vbEtmOEZjeFBidGliby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MTUxQzkvQzMwMEMyQ0VDNkZBMTFFN0FBQUJDQzBCQzRGOUFFMDIvQTY1MkE2OEMz REI5MTFFRkFDREY4Qzc1QzRGOUFFMDIucm9hMEYGCCsGAQUFBwEHAQH/BDcwNTAk BAIAATAeAwQCK+S0AwQCZy/IAwQCZ2ewAwQCZ9Q4AwQCdM4AMA0EAgACMAcDBQAk BP+AMA0GCSqGSIb3DQEBCwUAA4IBAQDHy+POkkGoicunJ73/XQYrRdIb5o6I8fxX rv7CChEym4X+swTJWSQM+9MaouI1D7tnqL6tncnCU8c87ntUQppH9T8wM7l/FSzw ryccNMe+zqQRsID0U8BSpi2n3KpjuXRswmY7LemkBsI4yep7IA7TqHswoB+r7s3V 7khAngxszXlBmkJVTxhmlX7XkO6WSgD8yLmmZeFHKt67/o9lbksDcdEAwq3cRFHF Z++gfc8GqB0z4DtNoZJMyIipTLcvHnzpbb0k2lo05c10/Lxa3n7N2/ei6c+7t3Zb EX9IUyx7zdG0TjRQDbLjazZoRqsYJ0GeXJEdRZIe52ZwH37VMIuW -----END CERTIFICATE-----Generated at Thu May 21 11:57:47 2026 by rpki-client