$ rpki-client -vvf rpki.apnic.net/member_repository/A91325FD/BCE4D10A1D6811E2AD6494A508B02CD2/58C5CA92AF9411EE9774D74CC4F9AE02.roa File: 58C5CA92AF9411EE9774D74CC4F9AE02.roa (raw, json) Hash identifier: tQvxZIDn5bn9gz1/NY4MSTVvEkMvmfWDoRTiKd2M46A= Subject key identifier: 10:97:0B:30:46:DE:02:2B:36:8B:18:C0:9C:1A:7E:C4:91:67:8F:08 Certificate issuer: /CN=A91325FD/serialNumber=2E8DAF49E27E4FC12BE05EF7DF1A82BB287126A1 Certificate serial: 3583 Authority key identifier: 2E:8D:AF:49:E2:7E:4F:C1:2B:E0:5E:F7:DF:1A:82:BB:28:71:26:A1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Lo2vSeJ-T8Er4F733xqCuyhxJqE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91325FD/BCE4D10A1D6811E2AD6494A508B02CD2/58C5CA92AF9411EE9774D74CC4F9AE02.roa Signing time: Wed 28 Jan 2026 15:10:03 +0000 ROA not before: Wed 28 Jan 2026 15:10:03 +0000 ROA not after: Fri 28 May 2027 00:00:00 +0000 asID: 19905 IP address blocks: 43.224.36.0/22 maxlen: 22 103.43.76.0/22 maxlen: 22 103.240.240.0/22 maxlen: 22 115.84.64.0/18 maxlen: 18 202.137.128.0/19 maxlen: 19 202.144.184.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91325FD/BCE4D10A1D6811E2AD6494A508B02CD2/Lo2vSeJ-T8Er4F733xqCuyhxJqE.crl rsync://rpki.apnic.net/member_repository/A91325FD/BCE4D10A1D6811E2AD6494A508B02CD2/Lo2vSeJ-T8Er4F733xqCuyhxJqE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Lo2vSeJ-T8Er4F733xqCuyhxJqE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 25 Feb 2026 14:15:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13699 (0x3583) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91325FD, serialNumber=2E8DAF49E27E4FC12BE05EF7DF1A82BB287126A1 Validity Not Before: Jan 28 15:10:03 2026 GMT Not After : May 28 00:00:00 2027 GMT Subject: CN=697a26ca-05d2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:d9:0a:87:da:48:61:73:df:14:da:8c:75:d0: cc:bf:2e:46:de:7f:a2:ee:79:0d:6d:b5:d3:8c:80: b4:de:aa:a0:c5:7d:5b:2d:70:72:48:ff:63:22:b4: 40:f6:16:0a:82:bd:08:df:89:12:12:5f:07:49:ea: 3a:cb:c2:80:3a:0f:4f:40:b4:c6:dc:52:76:53:67: 8c:85:f3:dc:1c:91:7c:0b:dc:38:48:57:c9:7c:8e: 2c:db:1a:37:e7:ac:54:18:42:b1:2e:06:1d:ee:f2: 78:6b:6a:bb:17:73:7d:67:6d:32:a7:e3:2e:a0:10: e2:e0:b7:b5:88:8c:e6:fc:7d:74:5c:29:d2:88:82: fb:b4:b4:6d:03:01:3a:d1:76:dc:b3:cc:ea:cc:0b: a4:0b:8e:00:42:54:21:ef:45:e3:aa:6d:41:e1:3e: e7:c4:e8:75:e1:f0:ca:cb:eb:a5:49:3d:07:fc:5d: 72:bc:53:8f:dd:51:0c:59:77:03:11:4f:30:af:78: 2a:44:c1:ff:74:91:bb:9f:92:e6:57:b4:08:ca:81: fa:31:97:6b:e7:83:86:d3:54:92:98:04:9b:d2:1b: 06:32:f8:20:47:c4:3a:38:ec:3f:3f:46:c1:e8:b6: c3:d5:5b:7c:c0:21:14:eb:9d:99:5f:29:af:03:86: d5:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:97:0B:30:46:DE:02:2B:36:8B:18:C0:9C:1A:7E:C4:91:67:8F:08 X509v3 Authority Key Identifier: keyid:2E:8D:AF:49:E2:7E:4F:C1:2B:E0:5E:F7:DF:1A:82:BB:28:71:26:A1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91325FD/BCE4D10A1D6811E2AD6494A508B02CD2/Lo2vSeJ-T8Er4F733xqCuyhxJqE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Lo2vSeJ-T8Er4F733xqCuyhxJqE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91325FD/BCE4D10A1D6811E2AD6494A508B02CD2/58C5CA92AF9411EE9774D74CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.224.36.0/22 103.43.76.0/22 103.240.240.0/22 115.84.64.0/18 202.137.128.0/19 202.144.184.0/21 Signature Algorithm: sha256WithRSAEncryption 51:2d:83:f3:9c:a8:42:ba:5b:9a:a8:0f:eb:72:b8:65:b0:62: fa:39:46:4c:ca:3f:5f:65:ff:af:89:90:a0:d3:62:b9:63:13: 8f:e9:67:98:1b:0f:79:ec:21:21:91:d7:b0:d0:15:9d:9a:52: 51:0b:5b:7d:eb:bf:94:de:c1:86:58:5c:62:96:a9:8c:2c:6c: 95:24:6e:cb:98:a8:34:f4:61:1e:aa:c1:2f:18:23:8e:51:8c: ae:b5:3a:de:4b:8a:0c:26:f0:fc:fa:3c:ee:5f:b5:90:23:21: 87:67:ee:bb:78:57:f8:ab:33:f5:74:28:70:5f:04:6b:b5:d1: d5:aa:95:c5:fe:b2:12:96:f9:ee:0b:05:23:ae:a6:27:ab:43: 86:fa:ab:f7:5c:4a:56:1e:eb:42:dd:43:13:23:83:be:b8:19: 78:4c:7b:75:0c:67:90:ad:0d:89:29:9d:94:b7:98:40:37:ac: 9a:12:fc:a1:3e:f8:e7:b8:80:84:f6:6c:12:b8:ec:ab:4d:9c: 01:6c:87:0e:09:f7:30:3d:b8:94:05:2e:d2:69:fe:32:a0:d1: a2:c8:24:07:32:30:f2:67:34:60:9f:99:ed:81:b1:47:b9:a7: 1e:74:84:4a:ab:fd:2f:d6:dc:0f:6b:02:51:38:2e:58:78:ae: 60:c6:60:66 -----BEGIN CERTIFICATE----- MIIFjzCCBHegAwIBAgICNYMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAwwIQTkx MzI1RkQxMTAvBgNVBAUTKDJFOERBRjQ5RTI3RTRGQzEyQkUwNUVGN0RGMUE4MkJC Mjg3MTI2QTEwHhcNMjYwMTI4MTUxMDAzWhcNMjcwNTI4MDAwMDAwWjAYMRYwFAYD VQQDDA02OTdhMjZjYS0wNWQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqtkKh9pIYXPfFNqMddDMvy5G3n+i7nkNbbXTjIC03qqgxX1bLXBySP9jIrRA 9hYKgr0I34kSEl8HSeo6y8KAOg9PQLTG3FJ2U2eMhfPcHJF8C9w4SFfJfI4s2xo3 56xUGEKxLgYd7vJ4a2q7F3N9Z20yp+MuoBDi4Le1iIzm/H10XCnSiIL7tLRtAwE6 0Xbcs8zqzAukC44AQlQh70Xjqm1B4T7nxOh14fDKy+ulST0H/F1yvFOP3VEMWXcD EU8wr3gqRMH/dJG7n5LmV7QIyoH6MZdr54OG01SSmASb0hsGMvggR8Q6OOw/P0bB 6LbD1Vt8wCEU652ZXymvA4bVDQIDAQABo4ICszCCAq8wHQYDVR0OBBYEFBCXCzBG 3gIrNosYwJwafsSRZ48IMB8GA1UdIwQYMBaAFC6Nr0nifk/BK+Be998agrsocSah MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMjVGRC9CQ0U0RDEwQTFE NjgxMUUyQUQ2NDk0QTUwOEIwMkNEMi9MbzJ2U2VKLVQ4RXI0RjczM3hxQ3V5aHhK cUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xvMnZTZUotVDhFcjRGNzMzeHFDdXloeEpxRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzI1RkQvQkNFNEQxMEExRDY4MTFFMkFENjQ5NEE1MDhCMDJDRDIvNThDNUNBOTJB Rjk0MTFFRTk3NzRENzRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E LjAsMCoEAgABMCQDBAIr4CQDBAJnK0wDBAJn8PADBAZzVEADBAXKiYADBAPKkLgw DQYJKoZIhvcNAQELBQADggEBAFEtg/OcqEK6W5qoD+tyuGWwYvo5RkzKP19l/6+J kKDTYrljE4/pZ5gbD3nsISGR17DQFZ2aUlELW33rv5TewYZYXGKWqYwsbJUkbsuY qDT0YR6qwS8YI45RjK61Ot5Ligwm8Pz6PO5ftZAjIYdn7rt4V/irM/V0KHBfBGu1 0dWqlcX+shKW+e4LBSOupierQ4b6q/dcSlYe60LdQxMjg764GXhMe3UMZ5CtDYkp nZS3mEA3rJoS/KE++Oe4gIT2bBK47KtNnAFshw4J9zA9uJQFLtJp/jKg0aLIJAcy MPJnNGCfme2BsUe5px50hEqr/S/W3A9rAlE4Llh4rmDGYGY= -----END CERTIFICATE-----Generated at Fri Feb 20 01:32:26 2026 by rpki-client