$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/3DE1DBC4D81011EC892E8A79C4F9AE02.roa File: 3DE1DBC4D81011EC892E8A79C4F9AE02.roa (raw, json) Hash identifier: axiKuwLSfY8matk7uBsk8eo5tXOq+cX6OWML8EZD+cQ= Subject key identifier: 96:17:FD:E5:B4:23:55:2D:02:9C:65:D2:AB:E3:86:56:A5:A8:0E:58 Certificate issuer: /CN=A91ACD4D/serialNumber=3A46FB0F40F69D5E1DB75D2851F040C19F66F22C Certificate serial: 16C6 Authority key identifier: 3A:46:FB:0F:40:F6:9D:5E:1D:B7:5D:28:51:F0:40:C1:9F:66:F2:2C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Okb7D0D2nV4dt10oUfBAwZ9m8iw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/3DE1DBC4D81011EC892E8A79C4F9AE02.roa Signing time: Sun 01 Mar 2026 13:44:40 +0000 ROA not before: Tue 02 Sep 2025 17:05:51 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 1299 IP address blocks: 115.187.88.0/24 maxlen: 24 115.187.89.0/24 maxlen: 24 115.187.90.0/24 maxlen: 24 115.187.91.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/Okb7D0D2nV4dt10oUfBAwZ9m8iw.crl rsync://rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/Okb7D0D2nV4dt10oUfBAwZ9m8iw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Okb7D0D2nV4dt10oUfBAwZ9m8iw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 13 Mar 2026 16:31:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5830 (0x16c6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ACD4D, serialNumber=3A46FB0F40F69D5E1DB75D2851F040C19F66F22C Validity Not Before: Sep 2 17:05:51 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=69a442c8-cb34 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:2c:82:88:10:d6:b8:02:3e:34:53:1a:f4:8a: 33:de:6f:e4:93:39:8d:6d:d4:d1:1a:ac:f8:6c:35: 8b:77:a1:50:86:94:f2:d2:8e:f2:12:17:bd:4f:9d: 94:d7:d5:cc:bb:52:4b:fd:46:59:a0:c8:d4:b8:d7: f4:eb:3e:1a:fc:95:53:9d:a9:38:7e:52:b1:e8:56: bc:00:14:f1:3e:96:0d:1c:4c:86:18:dd:22:e0:a9: f8:bd:51:1a:6d:36:bc:20:ba:71:0a:40:7e:61:ad: b9:c6:bb:27:c2:1b:33:b6:28:0e:29:41:e2:16:0a: 50:da:a3:c5:c6:f2:42:b9:ba:a1:5b:34:54:f8:06: f0:b5:81:2f:ea:76:59:93:7b:04:b1:f0:08:b8:e7: 05:0a:48:b3:eb:5d:68:32:12:35:8d:d6:7f:f0:e6: 67:d9:36:27:e7:45:80:b1:f5:a2:91:28:45:b3:27: 6e:87:53:1b:e8:26:1b:32:7f:03:96:63:9c:2c:ef: 68:14:20:a7:7a:05:80:90:d2:07:d2:8b:95:98:b8: 14:97:b5:a0:e5:de:83:7a:47:9d:e0:60:c6:27:2e: f2:03:da:50:f6:59:2c:08:0a:ba:e5:f8:e7:c0:6e: 56:38:77:9a:16:ed:5d:ab:7a:7f:e9:62:91:8e:a3: 6f:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:17:FD:E5:B4:23:55:2D:02:9C:65:D2:AB:E3:86:56:A5:A8:0E:58 X509v3 Authority Key Identifier: keyid:3A:46:FB:0F:40:F6:9D:5E:1D:B7:5D:28:51:F0:40:C1:9F:66:F2:2C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/Okb7D0D2nV4dt10oUfBAwZ9m8iw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Okb7D0D2nV4dt10oUfBAwZ9m8iw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/3DE1DBC4D81011EC892E8A79C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 115.187.88.0/22 Signature Algorithm: sha256WithRSAEncryption 08:be:56:a3:ca:ae:51:b2:6d:53:88:61:78:e5:b8:66:ab:c9: e5:7c:cd:a9:89:1c:44:a5:02:47:88:b2:75:3b:2f:10:ff:54: 2c:54:62:6e:97:1a:99:2f:8e:8d:4c:44:fa:69:58:ee:e5:92: b7:68:86:73:2b:a7:2f:0a:41:1f:99:a5:2a:f4:c9:43:43:2f: 8a:b6:da:8c:96:3f:d2:81:a4:a9:ca:a5:0a:68:f8:ff:ae:c8: 4d:00:0a:e9:db:ab:b1:5e:fa:63:44:98:6d:ae:fa:7e:93:05: 23:94:59:54:a1:cf:2d:b0:25:53:fe:11:1b:5c:87:f0:08:dd: 4f:a6:bb:5e:89:77:e1:ac:76:63:4b:71:a2:3c:d0:3f:1b:a3: cf:4f:e2:32:dc:76:fc:dc:5c:1b:37:ea:8e:04:5c:bc:e7:cd: 1e:fb:c3:f6:b2:97:09:28:b1:96:3a:b6:22:ee:50:f4:10:d1: e0:f3:67:3b:8c:f0:16:d7:1e:3f:f2:d0:e7:90:d0:d0:b5:3d: 58:33:40:04:33:de:7c:71:b6:02:d9:2f:9b:3e:76:8f:c0:e6: 28:c4:3d:0a:ac:9a:ea:fb:d3:ee:56:5f:97:e1:e3:1c:ab:8f: 89:6f:49:55:06:6d:84:a9:ad:13:9b:fb:03:54:4b:d1:74:ab: 05:89:af:38 -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgICFsYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUNENEQxMTAvBgNVBAUTKDNBNDZGQjBGNDBGNjlENUUxREI3NUQyODUxRjA0MEMx OUY2NkYyMkMwHhcNMjUwOTAyMTcwNTUxWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NDJjOC1jYjM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvSyCiBDWuAI+NFMa9Ioz3m/kkzmNbdTRGqz4bDWLd6FQhpTy0o7yEhe9T52U 19XMu1JL/UZZoMjUuNf06z4a/JVTnak4flKx6Fa8ABTxPpYNHEyGGN0i4Kn4vVEa bTa8ILpxCkB+Ya25xrsnwhsztigOKUHiFgpQ2qPFxvJCubqhWzRU+AbwtYEv6nZZ k3sEsfAIuOcFCkiz611oMhI1jdZ/8OZn2TYn50WAsfWikShFsyduh1Mb6CYbMn8D lmOcLO9oFCCnegWAkNIH0ouVmLgUl7Wg5d6Deked4GDGJy7yA9pQ9lksCAq65fjn wG5WOHeaFu1dq3p/6WKRjqNv8QIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFJYX/eW0 I1UtApxl0qvjhlalqA5YMB8GA1UdIwQYMBaAFDpG+w9A9p1eHbddKFHwQMGfZvIs MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0Q0RC8xMzdEMDBENDE2 MEUxMUU4ODUyQzQzN0VDNEY5QUUwMi9Pa2I3RDBEMm5WNGR0MTBvVWZCQXdaOW04 aXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09rYjdEMEQyblY0ZHQxMG9VZkJBd1o5bThpdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUNENEQvMTM3RDAwRDQxNjBFMTFFODg1MkM0MzdFQzRGOUFFMDIvM0RFMURCQzRE ODEwMTFFQzg5MkU4QTc5QzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCc7tYMA0GCSqGSIb3DQEBCwUAA4IBAQAIvlajyq5Rsm1TiGF45bhm q8nlfM2piRxEpQJHiLJ1Oy8Q/1QsVGJulxqZL46NTET6aVju5ZK3aIZzK6cvCkEf maUq9MlDQy+KttqMlj/SgaSpyqUKaPj/rshNAArp26uxXvpjRJhtrvp+kwUjlFlU oc8tsCVT/hEbXIfwCN1PprteiXfhrHZjS3GiPNA/G6PPT+Iy3Hb83FwbN+qOBFy8 580e+8P2spcJKLGWOrYi7lD0ENHg82c7jPAW1x4/8tDnkNDQtT1YM0AEM958cbYC 2S+bPnaPwOYoxD0KrJrq+9PuVl+X4eMcq4+Jb0lVBm2Eqa0Tm/sDVEvRdKsFia84 -----END CERTIFICATE-----Generated at Sat Mar 7 11:16:46 2026 by rpki-client