$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/BB8F87B4D4B011ECAA427351C4F9AE02.roa File: BB8F87B4D4B011ECAA427351C4F9AE02.roa (raw, json) Hash identifier: UzEPTLsD5T1ajQoZ/gCnYZnBau95KS3L99yADoGvBuE= Subject key identifier: A6:56:37:A1:C1:4F:8C:A7:26:7D:76:5B:57:F0:A0:C3:09:CE:16:66 Certificate issuer: /CN=A91C1621/serialNumber=FA4179627F5B26594E5630353A0B7785E0D692C5 Certificate serial: 354E Authority key identifier: FA:41:79:62:7F:5B:26:59:4E:56:30:35:3A:0B:77:85:E0:D6:92:C5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-kF5Yn9bJllOVjA1Ogt3heDWksU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/BB8F87B4D4B011ECAA427351C4F9AE02.roa Signing time: Sun 01 Mar 2026 15:25:24 +0000 ROA not before: Tue 28 Oct 2025 14:30:05 +0000 ROA not after: Sun 31 Jan 2027 00:00:00 +0000 asID: 1299 IP address blocks: 27.123.212.0/24 maxlen: 24 27.123.213.0/24 maxlen: 24 27.123.214.0/24 maxlen: 24 27.123.215.0/24 maxlen: 24 103.29.144.0/24 maxlen: 24 103.29.145.0/24 maxlen: 24 103.29.146.0/24 maxlen: 24 103.29.147.0/24 maxlen: 24 202.126.88.0/24 maxlen: 24 202.126.89.0/24 maxlen: 24 202.126.90.0/24 maxlen: 24 202.126.91.0/24 maxlen: 24 2405:600::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/-kF5Yn9bJllOVjA1Ogt3heDWksU.crl rsync://rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/-kF5Yn9bJllOVjA1Ogt3heDWksU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-kF5Yn9bJllOVjA1Ogt3heDWksU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 13 Mar 2026 14:16:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13646 (0x354e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C1621, serialNumber=FA4179627F5B26594E5630353A0B7785E0D692C5 Validity Not Before: Oct 28 14:30:05 2025 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=69a45a64-3673 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:40:24:8f:35:20:23:be:40:56:62:12:2c:29: ee:3d:52:8c:31:58:1b:b3:8f:ab:27:51:00:b9:00: 9a:39:72:62:a5:42:72:db:c0:27:06:10:40:d5:5a: 66:54:e3:ed:09:dd:68:79:d8:af:91:00:38:af:cb: 7c:15:2c:c1:6e:6d:1f:11:3b:cf:85:28:55:ff:57: 45:f9:58:cb:cc:2a:83:1f:66:8c:99:bf:6e:ec:71: 2a:29:f6:67:81:ca:8a:1c:7e:88:05:07:12:94:4e: 31:38:69:49:55:d1:4b:5c:86:6a:25:e0:fe:7e:96: ab:ff:c1:21:29:59:65:2d:64:b1:7d:12:1e:28:bc: ff:a1:ab:18:0d:2f:6a:54:71:58:76:55:24:0a:82: df:97:dd:e8:b5:88:a6:e4:0e:0e:f4:90:8b:f7:63: a0:f8:43:c8:ad:92:62:3f:5d:7b:39:3d:3d:91:a4: fb:bd:e4:f9:06:fc:48:09:90:95:f1:59:49:ca:32: 70:c0:c6:4d:e5:1a:81:d9:67:88:38:37:8a:a1:76: 7a:f5:bb:ea:b0:0f:04:dc:00:40:2c:57:f6:8d:11: 7b:2e:bc:4e:f8:4f:b3:7e:ea:ab:ca:c0:68:0f:3c: be:fa:5b:45:fd:05:b6:99:15:c6:d6:4c:5a:79:4e: 0b:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:56:37:A1:C1:4F:8C:A7:26:7D:76:5B:57:F0:A0:C3:09:CE:16:66 X509v3 Authority Key Identifier: keyid:FA:41:79:62:7F:5B:26:59:4E:56:30:35:3A:0B:77:85:E0:D6:92:C5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/-kF5Yn9bJllOVjA1Ogt3heDWksU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-kF5Yn9bJllOVjA1Ogt3heDWksU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/BB8F87B4D4B011ECAA427351C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 27.123.212.0/22 103.29.144.0/22 202.126.88.0/22 IPv6: 2405:600::/32 Signature Algorithm: sha256WithRSAEncryption 27:78:b5:1d:f7:f2:72:b7:94:9c:03:14:0d:ff:ed:42:4f:12: b4:2d:66:19:26:50:9e:75:69:b6:6e:9c:19:82:ab:44:bb:da: 0c:f3:1d:ed:f9:62:aa:78:86:9e:2a:18:44:a8:7a:5a:5f:11: 46:55:68:b8:37:d4:c3:1f:64:33:fa:c3:17:6d:9b:fe:52:3b: 37:64:89:21:57:73:8f:81:f7:8e:5a:22:b4:f5:e3:01:49:a7: c8:e0:49:6b:a5:b8:47:3d:1a:6f:02:66:64:ac:64:df:9e:e3: 7f:fc:90:49:58:45:c6:2e:da:60:92:f4:63:66:6d:04:3b:c4: db:72:3a:aa:d0:d9:43:1e:d2:63:27:1c:a5:bf:ec:a0:9b:d9: 5c:86:94:6a:b7:dc:79:de:da:5a:8f:61:cc:d7:04:f3:31:3f: 2b:0a:73:ed:d2:c7:68:96:40:63:d3:88:2a:66:69:ef:5a:2a: 9d:b4:27:db:4e:a6:71:57:d2:b5:96:73:73:49:78:13:94:f1: 5b:4a:30:68:bf:e9:b3:ae:00:53:d4:98:a2:7f:48:4b:9a:04: 3b:00:d7:bb:1b:00:6f:49:f0:b7:97:c5:21:ea:16:27:77:77: 45:97:1a:3b:36:d1:e0:f0:7b:1b:53:c9:55:4e:7e:39:bf:d6: 2a:98:c1:15 -----BEGIN CERTIFICATE----- MIIFVzCCBD+gAwIBAgICNU4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzE2MjExMTAvBgNVBAUTKEZBNDE3OTYyN0Y1QjI2NTk0RTU2MzAzNTNBMEI3Nzg1 RTBENjkyQzUwHhcNMjUxMDI4MTQzMDA1WhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NWE2NC0zNjczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwkAkjzUgI75AVmISLCnuPVKMMVgbs4+rJ1EAuQCaOXJipUJy28AnBhBA1Vpm VOPtCd1oedivkQA4r8t8FSzBbm0fETvPhShV/1dF+VjLzCqDH2aMmb9u7HEqKfZn gcqKHH6IBQcSlE4xOGlJVdFLXIZqJeD+fpar/8EhKVllLWSxfRIeKLz/oasYDS9q VHFYdlUkCoLfl93otYim5A4O9JCL92Og+EPIrZJiP117OT09kaT7veT5BvxICZCV 8VlJyjJwwMZN5RqB2WeIODeKoXZ69bvqsA8E3ABALFf2jRF7LrxO+E+zfuqrysBo Dzy++ltF/QW2mRXG1kxaeU4LyQIDAQABo4ICezCCAncwHQYDVR0OBBYEFKZWN6HB T4ynJn12W1fwoMMJzhZmMB8GA1UdIwQYMBaAFPpBeWJ/WyZZTlYwNToLd4Xg1pLF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMTYyMS85OUQ2OERDRTFE NjkxMUUyQTQ2NDBEQTcwOEIwMkNEMi8ta0Y1WW45YkpsbE9WakExT2d0M2hlRFdr c1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1rRjVZbjliSmxsT1ZqQTFPZ3QzaGVEV2tzVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzE2MjEvOTlENjhEQ0UxRDY5MTFFMkE0NjQwREE3MDhCMDJDRDIvQkI4Rjg3QjRE NEIwMTFFQ0FBNDI3MzUxQzRGOUFFMDIucm9hMDoGCCsGAQUFBwEHAQH/BCswKTAY BAIAATASAwQCG3vUAwQCZx2QAwQCyn5YMA0EAgACMAcDBQAkBQYAMA0GCSqGSIb3 DQEBCwUAA4IBAQAneLUd9/Jyt5ScAxQN/+1CTxK0LWYZJlCedWm2bpwZgqtEu9oM 8x3t+WKqeIaeKhhEqHpaXxFGVWi4N9TDH2Qz+sMXbZv+Ujs3ZIkhV3OPgfeOWiK0 9eMBSafI4ElrpbhHPRpvAmZkrGTfnuN//JBJWEXGLtpgkvRjZm0EO8Tbcjqq0NlD HtJjJxylv+ygm9lchpRqt9x53tpaj2HM1wTzMT8rCnPt0sdolkBj04gqZmnvWiqd tCfbTqZxV9K1lnNzSXgTlPFbSjBov+mzrgBT1Jiif0hLmgQ7ANe7GwBvSfC3l8Uh 6hYnd3dFlxo7NtHg8HsbU8lVTn45v9YqmMEV -----END CERTIFICATE-----Generated at Sat Mar 7 11:14:42 2026 by rpki-client