$ rpki-client -vvf rpki.apnic.net/member_repository/A91C4D8E/589B933C06A411EAB3C66B38C4F9AE02/C9FF2A7E06A511EAA1FFDB3DC4F9AE02.roa File: C9FF2A7E06A511EAA1FFDB3DC4F9AE02.roa (raw, json) Hash identifier: P1CwXvoSaC8Lu5dwpXDKjVFcPINPtqxeyTNaABwm8Y0= Subject key identifier: 4E:58:F5:AD:24:63:20:F1:B3:4D:72:7D:60:1D:73:3C:5E:9A:E2:BE Certificate issuer: /CN=A91C4D8E/serialNumber=3F7D9BBAED7C5BFDBBA3A349ABE96B21AD27DA67 Certificate serial: 0CC8 Authority key identifier: 3F:7D:9B:BA:ED:7C:5B:FD:BB:A3:A3:49:AB:E9:6B:21:AD:27:DA:67 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P32buu18W_27o6NJq-lrIa0n2mc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C4D8E/589B933C06A411EAB3C66B38C4F9AE02/C9FF2A7E06A511EAA1FFDB3DC4F9AE02.roa Signing time: Mon 26 Jan 2026 18:15:26 +0000 ROA not before: Mon 26 Jan 2026 18:15:26 +0000 ROA not after: Wed 31 Mar 2027 00:00:00 +0000 asID: 138534 IP address blocks: 103.132.88.0/22 maxlen: 22 103.132.88.0/23 maxlen: 23 103.132.88.0/24 maxlen: 24 103.132.89.0/24 maxlen: 24 103.132.90.0/23 maxlen: 23 103.132.90.0/24 maxlen: 24 103.132.91.0/24 maxlen: 24 2404:3440::/32 maxlen: 32 2404:3440::/36 maxlen: 36 2404:3440:1000::/36 maxlen: 36 2404:3440:2000::/36 maxlen: 36 2404:3440:3000::/36 maxlen: 36 2404:3440:4000::/36 maxlen: 36 2404:3440:5000::/36 maxlen: 36 2404:3440:6000::/36 maxlen: 36 2404:3440:6000::/48 maxlen: 48 2404:3440:6001::/48 maxlen: 48 2404:3440:7000::/36 maxlen: 36 2404:3440:8000::/36 maxlen: 36 2404:3440:9000::/36 maxlen: 36 2404:3440:a000::/36 maxlen: 36 2404:3440:b000::/36 maxlen: 36 2404:3440:c000::/36 maxlen: 36 2404:3440:d000::/36 maxlen: 36 2404:3440:e000::/36 maxlen: 36 2404:3440:f000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C4D8E/589B933C06A411EAB3C66B38C4F9AE02/P32buu18W_27o6NJq-lrIa0n2mc.crl rsync://rpki.apnic.net/member_repository/A91C4D8E/589B933C06A411EAB3C66B38C4F9AE02/P32buu18W_27o6NJq-lrIa0n2mc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P32buu18W_27o6NJq-lrIa0n2mc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 25 Feb 2026 17:58:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3272 (0xcc8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C4D8E, serialNumber=3F7D9BBAED7C5BFDBBA3A349ABE96B21AD27DA67 Validity Not Before: Jan 26 18:15:26 2026 GMT Not After : Mar 31 00:00:00 2027 GMT Subject: CN=6977af3e-f1c2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:5d:ad:d6:c9:0c:92:fa:ff:bf:65:57:ce:9f: 0f:1b:69:e3:48:12:da:48:73:53:81:70:af:c5:14: e8:04:83:c9:28:8a:48:25:9b:36:b2:14:77:aa:69: 7f:79:df:46:97:3a:5c:03:63:2c:5c:49:cb:6f:56: 52:da:50:21:79:e7:d8:ce:88:74:f9:38:13:eb:dc: 81:3b:6a:5c:79:2d:f3:c3:a3:80:66:7d:47:bd:18: fe:a8:7e:bf:69:60:f1:4f:37:4f:85:e6:30:2a:69: 21:e7:99:d2:6b:eb:e3:ae:c3:25:7c:6d:86:42:3a: 90:9d:61:cd:1e:15:c1:95:ad:8d:20:f8:e9:d8:5a: 63:82:6d:47:55:01:e8:d9:60:85:94:8d:bc:34:05: ea:68:fd:96:dc:a1:6b:bf:e6:ef:0e:81:89:be:ac: 5a:25:44:a6:98:37:52:34:89:54:c7:62:3c:da:c6: 6e:04:e2:af:73:eb:1c:95:18:24:31:d2:4e:8e:13: f6:58:af:61:90:e0:b9:cf:39:15:b2:08:37:fa:20: 9e:2a:64:c3:75:aa:cf:53:6d:d4:e5:e8:90:6b:84: fe:43:5c:f5:be:4a:7c:aa:39:3c:84:65:bd:69:8c: a9:7f:ea:46:8d:6f:7a:f0:60:93:7f:01:e3:0d:9e: ee:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:58:F5:AD:24:63:20:F1:B3:4D:72:7D:60:1D:73:3C:5E:9A:E2:BE X509v3 Authority Key Identifier: keyid:3F:7D:9B:BA:ED:7C:5B:FD:BB:A3:A3:49:AB:E9:6B:21:AD:27:DA:67 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C4D8E/589B933C06A411EAB3C66B38C4F9AE02/P32buu18W_27o6NJq-lrIa0n2mc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P32buu18W_27o6NJq-lrIa0n2mc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C4D8E/589B933C06A411EAB3C66B38C4F9AE02/C9FF2A7E06A511EAA1FFDB3DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.132.88.0/22 IPv6: 2404:3440::/32 Signature Algorithm: sha256WithRSAEncryption 99:18:28:18:26:f4:ab:7a:a5:e7:c5:00:fa:de:0b:1e:3f:62: c9:50:a0:c4:26:29:b4:17:2e:87:7d:ad:17:61:11:09:e1:d5: 87:1b:1e:ed:cd:32:f3:86:08:b7:72:a1:ac:0b:5b:65:98:3b: 1d:a6:e0:eb:0a:c3:77:0e:2f:62:b7:4f:a7:91:a3:be:38:ce: cc:90:be:e3:54:9e:79:fa:2e:34:61:27:2c:6b:70:e6:58:8c: bd:a7:a7:a0:e5:eb:0f:ff:61:c9:34:61:fd:20:dc:f3:d7:4b: d2:d9:ad:43:d3:fa:03:34:70:73:42:01:b0:39:d7:bb:dc:01: 75:7d:f8:7e:bb:57:00:8c:fe:bc:bf:dc:be:f1:73:44:ee:24: f3:cd:27:7b:22:8d:55:a2:b2:27:45:cf:5a:f5:77:1e:da:bf: 3c:24:1f:82:4f:61:3d:88:7b:61:32:56:55:24:d1:d8:fa:ac: d9:9c:6a:5d:b5:d8:8c:80:a8:d0:dd:6f:42:77:76:4e:32:bb: 9a:2e:2a:06:4b:c1:29:ac:61:16:7f:69:b4:fb:54:ce:9c:ba: 61:9c:cf:c4:0e:a7:f1:dc:45:22:26:f5:72:11:c0:11:ce:b1: c2:9f:2d:50:c8:0b:83:30:fb:34:22:4e:0a:e8:00:95:62:b4: 88:3a:fd:48 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICDMgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAwwIQTkx QzREOEUxMTAvBgNVBAUTKDNGN0Q5QkJBRUQ3QzVCRkRCQkEzQTM0OUFCRTk2QjIx QUQyN0RBNjcwHhcNMjYwMTI2MTgxNTI2WhcNMjcwMzMxMDAwMDAwWjAYMRYwFAYD VQQDDA02OTc3YWYzZS1mMWMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3V2t1skMkvr/v2VXzp8PG2njSBLaSHNTgXCvxRToBIPJKIpIJZs2shR3qml/ ed9GlzpcA2MsXEnLb1ZS2lAheefYzoh0+TgT69yBO2pceS3zw6OAZn1HvRj+qH6/ aWDxTzdPheYwKmkh55nSa+vjrsMlfG2GQjqQnWHNHhXBla2NIPjp2Fpjgm1HVQHo 2WCFlI28NAXqaP2W3KFrv+bvDoGJvqxaJUSmmDdSNIlUx2I82sZuBOKvc+sclRgk MdJOjhP2WK9hkOC5zzkVsgg3+iCeKmTDdarPU23U5eiQa4T+Q1z1vkp8qjk8hGW9 aYypf+pGjW968GCTfwHjDZ7ulwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFE5Y9a0k YyDxs01yfWAdczxemuK+MB8GA1UdIwQYMBaAFD99m7rtfFv9u6OjSavpayGtJ9pn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNEQ4RS81ODlCOTMzQzA2 QTQxMUVBQjNDNjZCMzhDNEY5QUUwMi9QMzJidXUxOFdfMjdvNk5KcS1scklhMG4y bWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1AzMmJ1dTE4V18yN282TkpxLWxySWEwbjJtYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzREOEUvNTg5QjkzM0MwNkE0MTFFQUIzQzY2QjM4QzRGOUFFMDIvQzlGRjJBN0Uw NkE1MTFFQUExRkZEQjNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAJnhFgwDQQCAAIwBwMFACQENEAwDQYJKoZIhvcNAQELBQAD ggEBAJkYKBgm9Kt6pefFAPreCx4/YslQoMQmKbQXLod9rRdhEQnh1YcbHu3NMvOG CLdyoawLW2WYOx2m4OsKw3cOL2K3T6eRo744zsyQvuNUnnn6LjRhJyxrcOZYjL2n p6Dl6w//Yck0Yf0g3PPXS9LZrUPT+gM0cHNCAbA517vcAXV9+H67VwCM/ry/3L7x c0TuJPPNJ3sijVWisidFz1r1dx7avzwkH4JPYT2Ie2EyVlUk0dj6rNmcal212IyA qNDdb0J3dk4yu5ouKgZLwSmsYRZ/abT7VM6cumGcz8QOp/HcRSIm9XIRwBHOscKf LVDIC4Mw+zQiTgroAJVitIg6/Ug= -----END CERTIFICATE-----Generated at Fri Feb 20 03:44:16 2026 by rpki-client