$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4264/C58D6FFA410411E79EC0385DC4F9AE02/D75BE71A410511E7970A2A5FC4F9AE02.roa File: D75BE71A410511E7970A2A5FC4F9AE02.roa (raw, json) Hash identifier: bVX95h5YGIEFl/nNsvVn6rJFnDmppDxCWRFjlU5VtvU= Subject key identifier: 55:B8:39:D5:99:FA:17:19:3A:2D:4B:D8:1D:59:17:C4:CA:20:0D:14 Certificate issuer: /CN=A91A4264/serialNumber=60DD65EC7F72EB6C7DA8B93706E2D3BA0F065BFC Certificate serial: 1B16 Authority key identifier: 60:DD:65:EC:7F:72:EB:6C:7D:A8:B9:37:06:E2:D3:BA:0F:06:5B:FC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YN1l7H9y62x9qLk3BuLTug8GW_w.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A4264/C58D6FFA410411E79EC0385DC4F9AE02/D75BE71A410511E7970A2A5FC4F9AE02.roa Signing time: Wed 22 Apr 2026 16:20:43 +0000 ROA not before: Wed 22 Apr 2026 16:20:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 9541 IP address blocks: 103.213.112.0/22 maxlen: 22 103.213.112.0/23 maxlen: 23 103.213.112.0/24 maxlen: 24 103.213.113.0/24 maxlen: 24 103.213.114.0/23 maxlen: 23 103.213.114.0/24 maxlen: 24 103.213.115.0/24 maxlen: 24 192.140.148.0/22 maxlen: 22 192.140.148.0/23 maxlen: 23 192.140.148.0/24 maxlen: 24 192.140.149.0/24 maxlen: 24 192.140.150.0/23 maxlen: 23 192.140.150.0/24 maxlen: 24 192.140.151.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A4264/C58D6FFA410411E79EC0385DC4F9AE02/YN1l7H9y62x9qLk3BuLTug8GW_w.crl rsync://rpki.apnic.net/member_repository/A91A4264/C58D6FFA410411E79EC0385DC4F9AE02/YN1l7H9y62x9qLk3BuLTug8GW_w.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YN1l7H9y62x9qLk3BuLTug8GW_w.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 09 May 2026 22:28:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6934 (0x1b16) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A4264, serialNumber=60DD65EC7F72EB6C7DA8B93706E2D3BA0F065BFC Validity Not Before: Apr 22 16:20:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=69e8f55b-b69b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:05:5d:15:61:ba:d0:8a:d6:b1:1d:c0:f9:e2: 68:98:33:18:ad:e3:16:83:48:0c:70:63:a1:2c:37: cb:2a:2d:28:87:e4:f8:a2:f2:da:4a:e4:b5:35:bf: 86:e9:2e:d8:87:f7:8f:35:70:33:97:a2:86:ca:e3: 14:9f:98:88:aa:f4:75:d4:34:94:e0:82:f4:d6:40: 49:95:a4:6f:da:ec:23:b2:b3:9f:c0:71:05:e8:0c: b7:28:3e:5b:6f:e1:09:70:f4:4e:ed:41:8e:93:6b: 0b:b1:53:42:03:14:e6:4e:4f:e1:aa:6c:f9:7e:38: ec:5b:a0:06:46:df:23:3b:53:bd:39:4c:8b:ef:dd: 5a:c2:cd:50:56:41:aa:36:fb:a3:19:70:39:9e:8e: f7:3a:dc:64:ce:85:57:cb:5d:c1:ae:36:60:16:ea: 70:f8:eb:40:a1:ac:17:b9:c8:72:b0:c9:7c:1c:a9: 7e:28:84:ee:db:11:eb:6c:ae:fc:0f:40:db:9b:32: b3:19:c7:f3:3e:63:92:24:85:ea:db:82:37:05:55: 63:88:a9:03:9d:1f:c4:7a:19:ae:cf:51:da:cb:51: 4e:6b:2c:3b:b6:07:55:a2:cc:07:ab:59:99:97:48: 99:32:73:18:83:c0:76:a7:5c:63:39:04:88:4f:57: fd:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:B8:39:D5:99:FA:17:19:3A:2D:4B:D8:1D:59:17:C4:CA:20:0D:14 X509v3 Authority Key Identifier: keyid:60:DD:65:EC:7F:72:EB:6C:7D:A8:B9:37:06:E2:D3:BA:0F:06:5B:FC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A4264/C58D6FFA410411E79EC0385DC4F9AE02/YN1l7H9y62x9qLk3BuLTug8GW_w.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YN1l7H9y62x9qLk3BuLTug8GW_w.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4264/C58D6FFA410411E79EC0385DC4F9AE02/D75BE71A410511E7970A2A5FC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.213.112.0/22 192.140.148.0/22 Signature Algorithm: sha256WithRSAEncryption 55:4d:18:8e:f2:58:6c:42:d0:2c:d7:8e:16:7d:7f:01:9a:35: 12:8f:f1:89:a4:ab:e0:17:6c:9d:71:39:5c:78:5e:ea:a4:2b: 1e:87:5f:53:8d:e5:bc:e8:ba:d3:9f:e3:c9:ed:16:c5:d3:1f: cd:1a:62:d3:fe:45:b0:79:ea:07:cb:73:7b:bd:b4:69:9a:8c: eb:80:24:1b:40:83:d8:41:7e:68:ed:3f:34:1f:51:0c:32:de: 80:0d:06:74:89:47:75:fc:57:f5:ee:c9:00:08:7c:ca:58:c3: 6a:a8:2f:03:e1:e0:c7:b0:f3:10:69:f7:ef:c7:cf:6c:cd:f9: 89:c6:04:50:19:19:48:0b:7f:aa:b3:ce:87:ed:5a:17:0a:67: 6e:80:e8:41:a6:62:91:60:d8:22:6f:13:6e:ce:29:6a:9d:d2: c4:ea:62:ae:81:7e:fa:54:c1:1d:c8:4f:c6:14:be:6c:aa:c6: a1:13:f9:e6:7b:b4:0a:8b:4b:32:b7:9c:58:dc:d1:f2:32:91: ec:ba:65:dd:66:6c:75:85:74:29:b6:92:2f:df:7e:a2:05:13: 63:8a:8d:41:c6:f0:32:00:3c:2c:c2:c7:b4:bf:0d:b7:d9:4c: 02:c8:50:ab:f0:55:b0:b8:a7:d6:d3:ea:ce:83:85:b8:df:9b: aa:ff:18:19 -----BEGIN CERTIFICATE----- MIIFQjCCBCqgAwIBAgICGxYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTQyNjQxMTAvBgNVBAUTKDYwREQ2NUVDN0Y3MkVCNkM3REE4QjkzNzA2RTJEM0JB MEYwNjVCRkMwHhcNMjYwNDIyMTYyMDQzWhcNMjcwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWU4ZjU1Yi1iNjliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxAVdFWG60IrWsR3A+eJomDMYreMWg0gMcGOhLDfLKi0oh+T4ovLaSuS1Nb+G 6S7Yh/ePNXAzl6KGyuMUn5iIqvR11DSU4IL01kBJlaRv2uwjsrOfwHEF6Ay3KD5b b+EJcPRO7UGOk2sLsVNCAxTmTk/hqmz5fjjsW6AGRt8jO1O9OUyL791aws1QVkGq NvujGXA5no73OtxkzoVXy13BrjZgFupw+OtAoawXuchysMl8HKl+KITu2xHrbK78 D0DbmzKzGcfzPmOSJIXq24I3BVVjiKkDnR/Eehmuz1Hay1FOayw7tgdVoswHq1mZ l0iZMnMYg8B2p1xjOQSIT1f9vQIDAQABo4ICZjCCAmIwHQYDVR0OBBYEFFW4OdWZ +hcZOi1L2B1ZF8TKIA0UMB8GA1UdIwQYMBaAFGDdZex/cutsfai5Nwbi07oPBlv8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDI2NC9DNThENkZGQTQx MDQxMUU3OUVDMDM4NURDNEY5QUUwMi9ZTjFsN0g5eTYyeDlxTGszQnVMVHVnOEdX X3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1lOMWw3SDl5NjJ4OXFMazNCdUxUdWc4R1dfdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTQyNjQvQzU4RDZGRkE0MTA0MTFFNzlFQzAzODVEQzRGOUFFMDIvRDc1QkU3MUE0 MTA1MTFFNzk3MEEyQTVGQzRGOUFFMDIucm9hMCUGCCsGAQUFBwEHAQH/BBYwFDAS BAIAATAMAwQCZ9VwAwQCwIyUMA0GCSqGSIb3DQEBCwUAA4IBAQBVTRiO8lhsQtAs 144WfX8BmjUSj/GJpKvgF2ydcTlceF7qpCseh19TjeW86LrTn+PJ7RbF0x/NGmLT /kWweeoHy3N7vbRpmozrgCQbQIPYQX5o7T80H1EMMt6ADQZ0iUd1/Ff17skACHzK WMNqqC8D4eDHsPMQaffvx89szfmJxgRQGRlIC3+qs86H7VoXCmdugOhBpmKRYNgi bxNuzilqndLE6mKugX76VMEdyE/GFL5sqsahE/nme7QKi0syt5xY3NHyMpHsumXd Zmx1hXQptpIv336iBRNjio1BxvAyADwswse0vw232UwCyFCr8FWwuKfW0+rOg4W4 35uq/xgZ -----END CERTIFICATE-----Generated at Tue May 5 04:54:18 2026 by rpki-client