$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/CF428AB8A87511EF9905FE0AC4F9AE02.roa File: CF428AB8A87511EF9905FE0AC4F9AE02.roa (raw, json) Hash identifier: Sv8UCxBeWwv3k3wKxsFFfIB2BJozVKwhclD5jn9EQrg= Subject key identifier: C6:9C:B7:AA:28:91:CF:37:EE:D7:31:BC:34:82:DE:00:81:5D:B0:15 Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A Certificate serial: 5E5F Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/CF428AB8A87511EF9905FE0AC4F9AE02.roa Signing time: Mon 02 Mar 2026 22:17:55 +0000 ROA not before: Thu 28 Aug 2025 14:55:07 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 150820 IP address blocks: 36.50.174.0/23 maxlen: 23 103.70.114.0/23 maxlen: 23 203.175.96.0/23 maxlen: 23 2001:df3:f0c0::/48 maxlen: 48 2001:df3:f140::/48 maxlen: 48 2001:df4:35c0::/48 maxlen: 48 2001:df4:5040::/48 maxlen: 48 2001:df4:8d40::/48 maxlen: 48 2001:df4:9b40::/48 maxlen: 48 2001:df4:a640::/48 maxlen: 48 2001:df4:ee40::/48 maxlen: 48 2001:df5:82c0::/48 maxlen: 48 2401:4e20::/48 maxlen: 48 2401:9be0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 13 Mar 2026 14:32:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24159 (0x5e5f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A560A, serialNumber=167C3B221775FEC05039468150CE814756AC6F0A Validity Not Before: Aug 28 14:55:07 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=69a60c93-762b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:94:39:15:2c:72:d2:74:cf:f7:99:20:d9:40: 58:3e:2e:90:d6:2e:e7:db:20:12:16:68:c7:b4:ae: dd:84:18:a2:cd:e6:a0:4c:63:ce:f6:76:77:e9:0e: 76:5f:18:c3:ba:7c:ff:f4:13:34:3b:14:06:33:bd: 3e:b1:a2:8f:25:30:a8:e1:b5:c3:ed:b2:7f:5d:3c: 57:fe:81:a1:f6:c9:36:85:d2:78:62:c6:6c:3a:e3: 22:26:21:91:78:48:f6:c8:ec:c3:fb:7c:7c:1b:5a: 2e:5e:23:b1:ff:ec:48:93:b4:7a:fc:0c:c6:85:3a: 06:83:e0:a9:41:a8:70:32:31:3f:5a:9c:8e:4c:84: 62:99:01:26:81:36:50:36:6a:f4:b9:90:96:9c:c0: 8a:b5:4c:03:42:3a:27:ad:a5:58:3e:b0:d8:08:4d: 40:44:de:69:60:37:b0:98:f4:d0:79:9f:89:aa:5f: 4f:7e:31:1f:52:d1:bf:a9:1d:9b:23:71:22:4c:48: 25:cd:41:12:d9:9d:96:11:12:08:fd:13:6d:c4:53: ba:d2:78:fe:12:c2:34:42:40:2e:1e:25:e1:3d:f8: ba:b6:56:a4:ce:5f:ed:54:46:d3:21:cf:b1:6a:28: 32:19:ac:c5:d7:a0:ec:19:7f:7c:b5:c9:74:65:7c: 89:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:9C:B7:AA:28:91:CF:37:EE:D7:31:BC:34:82:DE:00:81:5D:B0:15 X509v3 Authority Key Identifier: keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/CF428AB8A87511EF9905FE0AC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 36.50.174.0/23 103.70.114.0/23 203.175.96.0/23 IPv6: 2001:df3:f0c0::/48 2001:df3:f140::/48 2001:df4:35c0::/48 2001:df4:5040::/48 2001:df4:8d40::/48 2001:df4:9b40::/48 2001:df4:a640::/48 2001:df4:ee40::/48 2001:df5:82c0::/48 2401:4e20::/48 2401:9be0::/48 Signature Algorithm: sha256WithRSAEncryption 0c:a2:f7:67:da:a8:4e:99:06:ff:6f:14:e5:7c:fa:23:f3:8a: 63:ef:d1:8e:1f:3e:6f:fe:7d:25:52:cd:ed:e3:dc:bd:1b:81: 63:0e:81:97:86:92:ca:8e:d7:f5:64:84:fb:ba:b7:c9:72:d8: cf:7e:b3:bb:e3:35:98:c0:3e:f3:73:ad:28:ec:f2:98:07:5a: b9:9d:98:41:b9:8a:52:fa:83:eb:bc:60:01:aa:4a:b6:39:2c: c3:6e:84:46:cc:ba:be:ee:d7:85:d0:ac:05:2a:0d:04:8b:e8: 79:16:50:05:c3:22:86:e7:75:40:8d:10:f2:2c:8c:fe:19:dd: 0a:07:7d:f0:3f:a3:6a:3f:3b:94:45:b7:93:56:a2:d1:44:72: 0e:b0:1b:9a:19:72:ce:f9:07:b5:5a:a8:2a:12:e3:31:0d:a5: 32:f2:1f:67:0f:4f:36:61:42:71:0a:62:f7:29:8d:5f:db:43: 3e:97:14:46:73:27:96:ba:12:9d:40:dd:17:96:77:17:8c:51: 96:37:43:e3:7d:2a:03:7e:a0:ff:ed:9a:d5:f2:8d:06:23:f4: 95:dd:b9:e2:e4:69:d1:4a:94:78:e3:01:68:51:54:94:b9:66: 9f:ad:c4:c2:fa:c3:ad:2a:48:f8:90:79:93:b9:f0:7d:77:0f: 93:b7:6f:a2 -----BEGIN CERTIFICATE----- MIIFtjCCBJ6gAwIBAgICXl8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3 NTZBQzZGMEEwHhcNMjUwODI4MTQ1NTA3WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE2MGM5My03NjJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqZQ5FSxy0nTP95kg2UBYPi6Q1i7n2yASFmjHtK7dhBiizeagTGPO9nZ36Q52 XxjDunz/9BM0OxQGM70+saKPJTCo4bXD7bJ/XTxX/oGh9sk2hdJ4YsZsOuMiJiGR eEj2yOzD+3x8G1ouXiOx/+xIk7R6/AzGhToGg+CpQahwMjE/WpyOTIRimQEmgTZQ Nmr0uZCWnMCKtUwDQjonraVYPrDYCE1ARN5pYDewmPTQeZ+Jql9PfjEfUtG/qR2b I3EiTEglzUES2Z2WERII/RNtxFO60nj+EsI0QkAuHiXhPfi6tlakzl/tVEbTIc+x aigyGazF16DsGX98tcl0ZXyJZQIDAQABo4IC2jCCAtYwHQYDVR0OBBYEFMact6oo kc837tcxvDSC3gCBXbAVMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvQ0Y0MjhBQjhB ODc1MTFFRjk5MDVGRTBBQzRGOUFFMDIucm9hMIGYBggrBgEFBQcBBwEB/wSBiDCB hTAYBAIAATASAwQBJDKuAwQBZ0ZyAwQBy69gMGkEAgACMGMDBwAgAQ3z8MADBwAg AQ3z8UADBwAgAQ30NcADBwAgAQ30UEADBwAgAQ30jUADBwAgAQ30m0ADBwAgAQ30 pkADBwAgAQ307kADBwAgAQ31gsADBwAkAU4gAAADBwAkAZvgAAAwDQYJKoZIhvcN AQELBQADggEBAAyi92faqE6ZBv9vFOV8+iPzimPv0Y4fPm/+fSVSze3j3L0bgWMO gZeGksqO1/VkhPu6t8ly2M9+s7vjNZjAPvNzrSjs8pgHWrmdmEG5ilL6g+u8YAGq SrY5LMNuhEbMur7u14XQrAUqDQSL6HkWUAXDIobndUCNEPIsjP4Z3QoHffA/o2o/ O5RFt5NWotFEcg6wG5oZcs75B7VaqCoS4zENpTLyH2cPTzZhQnEKYvcpjV/bQz6X FEZzJ5a6Ep1A3ReWdxeMUZY3Q+N9KgN+oP/tmtXyjQYj9JXdueLkadFKlHjjAWhR VJS5Zp+txML6w60qSPiQeZO58H13D5O3b6I= -----END CERTIFICATE-----Generated at Sat Mar 7 22:44:07 2026 by rpki-client