$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/40E5348CE56411EBBDFCC829C4F9AE02.roa File: 40E5348CE56411EBBDFCC829C4F9AE02.roa (raw, json) Hash identifier: gJu/Ej8GcA2x/ObRe1cz7SURwRx6hfgiWt/Enfm0otk= Subject key identifier: 95:51:56:6B:CC:EC:9C:91:38:02:FE:BE:F8:B0:1E:18:08:50:D3:2B Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A Certificate serial: 5E21 Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/40E5348CE56411EBBDFCC829C4F9AE02.roa Signing time: Mon 02 Mar 2026 22:16:53 +0000 ROA not before: Thu 28 Aug 2025 14:54:11 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 140807 IP address blocks: 103.21.96.0/23 maxlen: 23 103.21.100.0/23 maxlen: 23 103.139.42.0/23 maxlen: 23 103.148.254.0/23 maxlen: 23 103.162.94.0/23 maxlen: 23 103.171.94.0/23 maxlen: 23 2404:dac0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 13 Mar 2026 14:32:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24097 (0x5e21) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A560A, serialNumber=167C3B221775FEC05039468150CE814756AC6F0A Validity Not Before: Aug 28 14:54:11 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=69a60c55-f3e4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:a1:05:fd:54:96:7d:67:70:c1:14:e6:9b:fc: d5:c6:52:52:e7:ed:e8:1e:88:ff:61:86:88:dc:a3: 5d:36:54:8c:71:f8:1e:82:49:e4:91:74:21:56:5e: d3:2c:8b:22:3a:e0:fd:e6:30:ef:73:f4:61:a3:61: 16:a3:92:e5:3a:6d:9d:3b:40:08:81:1e:75:93:01: df:28:8c:6f:39:5d:04:44:86:44:e9:b8:59:ae:bd: 2d:23:9b:26:9e:ba:e7:d3:85:5a:4e:6f:a0:0a:e4: ba:f9:83:90:10:0e:39:3c:7a:d3:fc:b9:3e:a5:97: 44:cb:4a:3d:1b:be:e9:93:45:99:e1:0d:a9:42:09: 47:7f:cd:7a:bf:5c:0f:8d:83:33:a1:49:84:dc:45: 83:3d:2a:59:25:aa:d8:19:19:87:2c:8d:e1:72:13: e5:76:fd:e4:34:6f:d7:32:d2:fa:9f:30:2f:98:40: 55:ed:7c:e7:1a:4a:69:5b:03:59:47:af:8a:3e:76: 99:a0:9a:7d:ea:3d:ce:81:47:7c:99:65:fb:8a:4a: 17:32:8d:25:59:2b:7c:69:af:8c:b6:a6:a5:6a:82: 2c:e2:64:ed:1e:f3:0e:c4:56:7a:b4:79:e0:fa:6e: 8a:54:ef:59:a5:1a:00:e7:36:94:d0:e3:27:14:94: 84:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:51:56:6B:CC:EC:9C:91:38:02:FE:BE:F8:B0:1E:18:08:50:D3:2B X509v3 Authority Key Identifier: keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/40E5348CE56411EBBDFCC829C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.21.96.0/23 103.21.100.0/23 103.139.42.0/23 103.148.254.0/23 103.162.94.0/23 103.171.94.0/23 IPv6: 2404:dac0::/48 Signature Algorithm: sha256WithRSAEncryption 71:8a:31:3d:6d:7c:f6:8e:f0:47:66:de:65:1a:14:fa:66:76: 58:53:23:e1:16:c2:67:a0:f0:34:d9:29:d5:02:76:0e:63:65: 35:ee:99:b0:ec:e4:6b:97:1a:88:da:95:10:e3:e2:04:6d:f1: f0:5c:82:a3:c4:df:a0:9b:d0:eb:8e:35:8e:1b:60:8e:95:52: 75:71:3a:5a:99:b3:66:6d:7a:c4:a1:9b:95:59:0e:92:ce:2b: 31:47:b8:06:9b:fb:e9:73:a8:c2:ef:86:c0:3d:1e:c1:bf:0e: 81:74:f7:19:15:7d:e9:32:02:d9:a2:0a:7b:23:fa:76:92:92: 52:8c:9b:77:80:f5:bb:a2:79:ca:7c:e4:d5:60:e7:db:03:85: 2f:86:22:a2:2b:73:64:f0:0f:40:32:56:b0:26:33:a9:a4:b0: be:11:8f:d9:d3:7f:1f:4d:22:33:96:00:09:35:1a:19:ee:39: ab:e5:e6:a4:7a:9b:44:71:fc:e5:aa:6f:5d:d2:b2:1e:4d:63: 64:cf:da:67:bc:49:cb:26:24:b7:73:12:3d:98:e0:5a:6f:5c: e8:2a:be:8a:75:07:83:d7:da:a0:ca:ba:0d:2a:b5:70:a3:d6: a1:78:54:e3:ce:ec:63:f9:d0:32:08:66:ff:4f:22:25:33:24: 4f:f2:cd:3e -----BEGIN CERTIFICATE----- MIIFazCCBFOgAwIBAgICXiEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3 NTZBQzZGMEEwHhcNMjUwODI4MTQ1NDExWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE2MGM1NS1mM2U0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoaEF/VSWfWdwwRTmm/zVxlJS5+3oHoj/YYaI3KNdNlSMcfgegknkkXQhVl7T LIsiOuD95jDvc/Rho2EWo5LlOm2dO0AIgR51kwHfKIxvOV0ERIZE6bhZrr0tI5sm nrrn04VaTm+gCuS6+YOQEA45PHrT/Lk+pZdEy0o9G77pk0WZ4Q2pQglHf816v1wP jYMzoUmE3EWDPSpZJarYGRmHLI3hchPldv3kNG/XMtL6nzAvmEBV7XznGkppWwNZ R6+KPnaZoJp96j3OgUd8mWX7ikoXMo0lWSt8aa+MtqalaoIs4mTtHvMOxFZ6tHng +m6KVO9ZpRoA5zaU0OMnFJSEAwIDAQABo4ICjzCCAoswHQYDVR0OBBYEFJVRVmvM 7JyROAL+vviwHhgIUNMrMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvNDBFNTM0OENF NTY0MTFFQkJERkNDODI5QzRGOUFFMDIucm9hME4GCCsGAQUFBwEHAQH/BD8wPTAq BAIAATAkAwQBZxVgAwQBZxVkAwQBZ4sqAwQBZ5T+AwQBZ6JeAwQBZ6teMA8EAgAC MAkDBwAkBNrAAAAwDQYJKoZIhvcNAQELBQADggEBAHGKMT1tfPaO8Edm3mUaFPpm dlhTI+EWwmeg8DTZKdUCdg5jZTXumbDs5GuXGojalRDj4gRt8fBcgqPE36Cb0OuO NY4bYI6VUnVxOlqZs2ZtesShm5VZDpLOKzFHuAab++lzqMLvhsA9HsG/DoF09xkV fekyAtmiCnsj+naSklKMm3eA9buiecp85NVg59sDhS+GIqIrc2TwD0AyVrAmM6mk sL4Rj9nTfx9NIjOWAAk1GhnuOavl5qR6m0Rx/OWqb13Ssh5NY2TP2me8ScsmJLdz Ej2Y4FpvXOgqvop1B4PX2qDKug0qtXCj1qF4VOPO7GP50DIIZv9PIiUzJE/yzT4= -----END CERTIFICATE-----Generated at Sat Mar 7 22:43:46 2026 by rpki-client