$ rpki-client -vvf rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8BFEF29C3AEA11EC84E6634EC4F9AE02.roa File: 8BFEF29C3AEA11EC84E6634EC4F9AE02.roa (raw, json) Hash identifier: /mnlEhnqqNNmaXEyoXT4uNGbhSnUFbs7WLtZHVUC6k0= Subject key identifier: 8A:62:37:66:1D:4B:66:AD:15:97:5E:8F:0F:B3:29:96:61:F6:B6:89 Certificate issuer: /CN=A91B885C/serialNumber=5374C6E75F186052455A2D8DA5292FEF009CC9AF Certificate serial: 0DE6 Authority key identifier: 53:74:C6:E7:5F:18:60:52:45:5A:2D:8D:A5:29:2F:EF:00:9C:C9:AF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8BFEF29C3AEA11EC84E6634EC4F9AE02.roa Signing time: Sun 01 Mar 2026 17:46:37 +0000 ROA not before: Sat 22 Nov 2025 17:37:42 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 134520 IP address blocks: 27.122.56.0/24 maxlen: 24 27.122.57.0/24 maxlen: 24 43.239.156.0/22 maxlen: 24 43.251.157.0/24 maxlen: 24 43.251.158.0/24 maxlen: 24 43.251.159.0/24 maxlen: 24 103.1.152.0/24 maxlen: 24 103.1.153.0/24 maxlen: 24 103.1.154.0/24 maxlen: 24 103.10.196.0/24 maxlen: 24 103.10.198.0/24 maxlen: 24 103.35.72.0/22 maxlen: 22 103.35.72.0/24 maxlen: 24 103.35.73.0/24 maxlen: 24 103.35.74.0/24 maxlen: 24 103.35.75.0/24 maxlen: 24 2402:c480:8000::/48 maxlen: 48 2402:c480:9000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.crl rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 25 Mar 2026 17:48:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3558 (0xde6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B885C, serialNumber=5374C6E75F186052455A2D8DA5292FEF009CC9AF Validity Not Before: Nov 22 17:37:42 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=69a47b7c-ef8f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:15:95:70:72:77:a1:62:ca:dc:c2:4f:bc:d9: 1f:ec:f1:53:4d:4f:6b:be:6f:2d:b5:57:0b:b1:a5: 28:0c:5f:15:eb:40:b0:8a:d3:a3:86:fe:dc:07:d1: f2:92:f6:cd:fe:18:38:da:d7:62:b1:f3:77:9e:6d: a5:3d:4c:86:75:bc:3e:cf:16:d3:f9:2b:be:fd:d0: 01:fb:5f:ad:f5:f6:b4:25:5d:82:2e:86:ed:3b:ca: b9:74:22:a9:77:63:16:51:f4:69:af:2b:1d:9a:b0: d0:d8:80:f1:4f:3b:fe:d7:0b:5f:05:c9:d6:d7:42: a9:a1:fc:74:92:83:33:8a:b4:28:5d:24:ef:1e:fd: 38:60:7c:52:3c:d6:53:51:cf:42:0b:f4:b6:92:1c: 08:dc:0f:7e:f0:58:35:29:7b:94:9b:6b:fe:e0:a4: fb:4b:53:5e:52:c2:57:e1:3c:ca:42:aa:4c:9c:f4: f0:a7:14:f1:14:31:b5:c3:52:dd:69:a2:f9:77:9d: c2:fb:c2:3e:e0:82:2d:b7:e4:d4:2e:0c:ec:87:52: a3:34:b9:2c:e2:6d:54:86:df:3e:dd:98:f0:78:78: b8:5b:99:cc:6b:5f:82:44:5a:69:53:57:78:0f:bd: 56:20:ad:9d:cb:31:a4:bf:cf:f9:37:6f:97:79:bd: 8e:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:62:37:66:1D:4B:66:AD:15:97:5E:8F:0F:B3:29:96:61:F6:B6:89 X509v3 Authority Key Identifier: keyid:53:74:C6:E7:5F:18:60:52:45:5A:2D:8D:A5:29:2F:EF:00:9C:C9:AF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8BFEF29C3AEA11EC84E6634EC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 27.122.56.0/23 43.239.156.0/22 43.251.157.0-43.251.159.255 103.1.152.0-103.1.154.255 103.10.196.0/24 103.10.198.0/24 103.35.72.0/22 IPv6: 2402:c480:8000::/48 2402:c480:9000::/48 Signature Algorithm: sha256WithRSAEncryption 15:49:36:21:50:d6:3c:a8:5a:c7:b5:a4:77:bb:65:f1:d4:48: c7:8e:10:80:98:1a:17:ea:6f:62:dd:4e:59:42:6b:a5:50:e5: e4:eb:1a:05:8e:9a:01:60:4c:d3:86:0a:54:79:50:6f:c5:d1: 92:7d:ad:55:22:e8:08:55:1c:ce:b5:31:fa:9d:54:94:82:63: b7:b6:54:bb:81:1d:75:6d:f1:82:b7:24:31:cc:13:32:af:f0: 6e:cd:e9:94:e6:2b:b0:53:f9:21:f4:9a:0d:99:38:a2:8e:91: 62:ad:ff:9b:d9:23:b6:28:e7:cb:4f:22:e1:c5:2f:97:f9:bf: d8:a2:c2:d7:6a:b6:41:ab:4b:14:58:1f:bf:e3:94:34:b5:72: eb:1f:57:ae:7c:cb:07:36:b7:97:48:4c:52:76:0a:8a:34:ac: 5e:c2:b3:fc:c4:90:9c:c1:2a:cb:a5:54:55:27:22:62:50:1b: b7:c3:8d:f7:d3:79:42:40:aa:3a:f4:b2:fc:61:c9:9a:b7:b7: db:65:c3:23:4f:96:ef:ce:ab:f2:8d:24:66:22:7b:d4:76:7f: d1:18:fc:d7:89:da:1e:6b:dc:fa:d8:d2:1e:d7:58:f7:d0:4e: f0:b5:10:f0:f2:66:c3:62:12:35:3d:0a:c7:8d:ba:d4:e8:e4: 15:da:2f:95 -----BEGIN CERTIFICATE----- MIIFijCCBHKgAwIBAgICDeYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qjg4NUMxMTAvBgNVBAUTKDUzNzRDNkU3NUYxODYwNTI0NTVBMkQ4REE1MjkyRkVG MDA5Q0M5QUYwHhcNMjUxMTIyMTczNzQyWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0N2I3Yy1lZjhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5RWVcHJ3oWLK3MJPvNkf7PFTTU9rvm8ttVcLsaUoDF8V60CwitOjhv7cB9Hy kvbN/hg42tdisfN3nm2lPUyGdbw+zxbT+Su+/dAB+1+t9fa0JV2CLobtO8q5dCKp d2MWUfRprysdmrDQ2IDxTzv+1wtfBcnW10Kpofx0koMzirQoXSTvHv04YHxSPNZT Uc9CC/S2khwI3A9+8Fg1KXuUm2v+4KT7S1NeUsJX4TzKQqpMnPTwpxTxFDG1w1Ld aaL5d53C+8I+4IItt+TULgzsh1KjNLks4m1Uht8+3ZjweHi4W5nMa1+CRFppU1d4 D71WIK2dyzGkv8/5N2+Xeb2O+wIDAQABo4ICrjCCAqowHQYDVR0OBBYEFIpiN2Yd S2atFZdejw+zKZZh9raJMB8GA1UdIwQYMBaAFFN0xudfGGBSRVotjaUpL+8AnMmv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCODg1Qy81QzE5Rjg0MkYy NjcxMUU5ODdDNzEzMUZDNEY5QUUwMi9VM1RHNTE4WVlGSkZXaTJOcFNrdjd3Q2N5 YTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1UzVEc1MThZWUZKRldpMk5wU2t2N3dDY3lhOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Qjg4NUMvNUMxOUY4NDJGMjY3MTFFOTg3QzcxMzFGQzRGOUFFMDIvOEJGRUYyOUMz QUVBMTFFQzg0RTY2MzRFQzRGOUFFMDIucm9hMG0GCCsGAQUFBwEHAQH/BF4wXDBA BAIAATA6AwQBG3o4AwQCK++cMAwDBAAr+50DBAUr+4AwDAMEA2cBmAMEAGcBmgME AGcKxAMEAGcKxgMEAmcjSDAYBAIAAjASAwcAJALEgIAAAwcAJALEgJAAMA0GCSqG SIb3DQEBCwUAA4IBAQAVSTYhUNY8qFrHtaR3u2Xx1EjHjhCAmBoX6m9i3U5ZQmul UOXk6xoFjpoBYEzThgpUeVBvxdGSfa1VIugIVRzOtTH6nVSUgmO3tlS7gR11bfGC tyQxzBMyr/BuzemU5iuwU/kh9JoNmTiijpFirf+b2SO2KOfLTyLhxS+X+b/YosLX arZBq0sUWB+/45Q0tXLrH1eufMsHNreXSExSdgqKNKxewrP8xJCcwSrLpVRVJyJi UBu3w43303lCQKo69LL8Ycmat7fbZcMjT5bvzqvyjSRmInvUdn/RGPzXidoea9z6 2NIe11j30E7wtRDw8mbDYhI1PQrHjbrU6OQV2i+V -----END CERTIFICATE-----Generated at Fri Mar 20 15:58:49 2026 by rpki-client