$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/03A91AAEE52C11EFB2237F6CC4F9AE02.roa File: 03A91AAEE52C11EFB2237F6CC4F9AE02.roa (raw, json) Hash identifier: HJiR5/Y4kfFSsaOrIGEAqMcFgqHcvo0oUMeSnWu41sk= Subject key identifier: 40:E5:08:DB:2F:A0:D6:7F:02:C1:E3:81:9A:F3:8D:A5:6A:9E:2B:8C Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: EB0C Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/03A91AAEE52C11EFB2237F6CC4F9AE02.roa Signing time: Sun 31 May 2026 17:49:02 +0000 ROA not before: Sun 31 May 2026 17:49:02 +0000 ROA not after: Thu 01 Oct 2026 00:00:00 +0000 asID: 17754 IP address blocks: 103.48.71.0/24 maxlen: 24 175.101.0.0/16 maxlen: 24 202.133.48.0/20 maxlen: 24 202.153.32.0/20 maxlen: 24 2401:fb00::/33 maxlen: 33 2401:fb00::/40 maxlen: 48 2401:fb00:100::/40 maxlen: 48 2401:fb00:200::/40 maxlen: 48 2401:fb00:300::/40 maxlen: 48 2401:fb00:400::/40 maxlen: 48 2401:fb00:500::/40 maxlen: 48 2401:fb00:600::/40 maxlen: 48 2401:fb00:700::/40 maxlen: 48 2401:fb00:800::/40 maxlen: 48 2401:fb00:900::/40 maxlen: 48 2401:fb00:7600::/40 maxlen: 48 2401:fb00:7700::/40 maxlen: 48 2401:fb00:7800::/40 maxlen: 48 2401:fb00:7900::/40 maxlen: 48 2401:fb00:7a00::/40 maxlen: 48 2401:fb00:7b00::/40 maxlen: 48 2401:fb00:7c00::/40 maxlen: 48 2401:fb00:7d00::/40 maxlen: 48 2401:fb00:7e00::/40 maxlen: 48 2401:fb00:7f00::/40 maxlen: 48 2401:fb00:8000::/33 maxlen: 33 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 11 Jun 2026 09:26:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60172 (0xeb0c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 31 17:49:02 2026 GMT Not After : Oct 1 00:00:00 2026 GMT Subject: CN=6a1c748d-d296 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:c9:f8:90:3a:6c:c0:6f:60:e1:1d:69:c9:b3: 97:0b:c6:2f:8c:ed:7e:7c:d6:03:bc:c9:35:36:21: a0:74:0b:46:c6:56:49:ba:86:2a:46:10:28:d5:67: 8d:d9:a7:dd:3b:e2:cb:3a:6f:b0:e7:22:6f:d3:a2: 33:4e:f4:51:35:47:93:87:1d:be:66:05:20:70:74: 46:2c:f1:8d:6f:87:03:80:d2:d6:9e:82:88:73:fd: 4f:6a:9a:e5:fe:a0:fe:ed:4b:cb:b2:ae:0d:14:d4: fe:31:f4:3d:32:62:ac:76:af:53:dd:17:ab:e7:80: 06:c2:1d:90:03:da:89:41:96:71:8a:c2:e4:bc:8c: 3b:e2:e8:21:28:ab:46:a0:be:39:39:9e:62:12:60: 85:46:4b:f6:17:8b:bd:36:c3:6b:3a:da:ea:f3:73: ed:38:ca:7f:45:fb:12:c2:4d:86:d3:90:20:07:e8: 26:bb:d6:1e:9e:db:b8:71:85:5c:47:48:6f:1c:94: 21:df:f5:f4:ff:d8:9a:22:48:9b:2b:fd:9c:47:3e: d8:d9:64:d7:f2:fb:c9:e0:e5:c3:de:d7:32:b4:a2: 3e:8c:ac:b6:10:7c:97:c6:f8:45:4c:1e:0b:20:2c: 42:60:69:62:9c:58:1b:4a:89:30:d1:89:59:4c:4b: 83:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:E5:08:DB:2F:A0:D6:7F:02:C1:E3:81:9A:F3:8D:A5:6A:9E:2B:8C X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/03A91AAEE52C11EFB2237F6CC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.48.71.0/24 175.101.0.0/16 202.133.48.0/20 202.153.32.0/20 IPv6: 2401:fb00::/32 Signature Algorithm: sha256WithRSAEncryption 9e:87:dc:a3:e8:14:00:53:c1:f5:57:cf:10:35:ba:b5:c8:f9: bc:9c:78:06:4b:3b:e0:00:28:96:c3:15:3e:a3:a4:69:2c:f6: ce:98:d3:58:3b:07:23:11:09:9c:e5:f5:c0:a0:4f:6c:d3:77: 38:97:ff:c9:31:0d:8c:be:23:f0:7f:3c:ce:27:9c:64:0a:b6: 2d:b5:31:2c:a8:05:82:b1:37:23:b1:fa:c6:f5:44:d6:a6:59: 57:87:24:b8:fa:e6:e8:df:2a:27:6e:2f:31:70:05:5e:29:91: 8b:3b:ee:4b:28:33:27:2e:67:13:94:a8:17:5f:93:11:28:3c: 4b:f3:d0:d6:61:1b:10:d0:76:c4:bb:70:05:8e:cf:d6:48:ca: 2c:c1:77:a6:b6:d3:c4:81:71:bb:43:e6:99:d3:ff:d7:e4:93: e5:ae:71:43:cc:54:3a:17:e5:86:84:e3:9b:49:d0:65:6e:24: d6:6a:e0:25:69:7e:7b:60:9a:fc:c3:07:2c:b6:a6:5a:d4:b2: 22:8d:c2:bf:c1:02:e2:16:d4:3a:52:59:81:35:9f:74:a0:e2: 22:e2:f6:c0:21:e9:03:13:d6:c9:ea:db:cc:80:a7:4b:da:8c: 43:c6:60:bf:55:b4:9f:5e:9c:de:de:02:a2:8f:ee:66:05:17: 48:9c:a3:23 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIDAOsMMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI2MDUzMTE3NDkwMloXDTI2MTAwMTAwMDAwMFowGDEWMBQG A1UEAxMNNmExYzc0OGQtZDI5NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKfJ+JA6bMBvYOEdacmzlwvGL4ztfnzWA7zJNTYhoHQLRsZWSbqGKkYQKNVn jdmn3TviyzpvsOcib9OiM070UTVHk4cdvmYFIHB0RizxjW+HA4DS1p6CiHP9T2qa 5f6g/u1Ly7KuDRTU/jH0PTJirHavU90Xq+eABsIdkAPaiUGWcYrC5LyMO+LoISir RqC+OTmeYhJghUZL9heLvTbDazra6vNz7TjKf0X7EsJNhtOQIAfoJrvWHp7buHGF XEdIbxyUId/19P/YmiJImyv9nEc+2Nlk1/L7yeDlw97XMrSiPoysthB8l8b4RUwe CyAsQmBpYpxYG0qJMNGJWUxLg3MCAwEAAaOCAoAwggJ8MB0GA1UdDgQWBBRA5Qjb L6DWfwLB44Ga842lap4rjDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzAzQTkxQUFF RTUyQzExRUZCMjIzN0Y2Q0M0RjlBRTAyLnJvYTA/BggrBgEFBQcBBwEB/wQwMC4w HQQCAAEwFwMEAGcwRwMDAK9lAwQEyoUwAwQEypkgMA0EAgACMAcDBQAkAfsAMA0G CSqGSIb3DQEBCwUAA4IBAQCeh9yj6BQAU8H1V88QNbq1yPm8nHgGSzvgACiWwxU+ o6RpLPbOmNNYOwcjEQmc5fXAoE9s03c4l//JMQ2MviPwfzzOJ5xkCrYttTEsqAWC sTcjsfrG9UTWpllXhyS4+ubo3yonbi8xcAVeKZGLO+5LKDMnLmcTlKgXX5MRKDxL 89DWYRsQ0HbEu3AFjs/WSMoswXemttPEgXG7Q+aZ0//X5JPlrnFDzFQ6F+WGhOOb SdBlbiTWauAlaX57YJr8wwcstqZa1LIijcK/wQLiFtQ6UlmBNZ90oOIi4vbAIekD E9bJ6tvMgKdL2oxDxmC/VbSfXpze3gKij+5mBRdInKMj -----END CERTIFICATE-----Generated at Thu Jun 4 11:17:42 2026 by rpki-client