$ rpki-client -vvf rpki.apnic.net/member_repository/A91D90B9/D1EA8CF4B58711ECBEDB9229C4F9AE02/CC5A0854D0DD11EFB1C6656DC4F9AE02.roa File: CC5A0854D0DD11EFB1C6656DC4F9AE02.roa (raw, json) Hash identifier: NSST2LOuWe69wNvMDCc9lW2N+MLu6oemF2NWRRONKO4= Subject key identifier: 49:64:3B:DE:56:F6:20:73:3A:9D:98:DC:81:26:7F:20:6C:6D:B4:A3 Certificate issuer: /CN=A91D90B9/serialNumber=5A183B1E0FFCA6DADD796F6BB4AAAF93692F0DC9 Certificate serial: 0414 Authority key identifier: 5A:18:3B:1E:0F:FC:A6:DA:DD:79:6F:6B:B4:AA:AF:93:69:2F:0D:C9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Whg7Hg_8ptrdeW9rtKqvk2kvDck.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D90B9/D1EA8CF4B58711ECBEDB9229C4F9AE02/CC5A0854D0DD11EFB1C6656DC4F9AE02.roa Signing time: Mon 02 Mar 2026 15:11:52 +0000 ROA not before: Tue 19 Aug 2025 01:38:41 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 58945 IP address blocks: 103.26.112.0/22 maxlen: 24 103.35.157.0/24 maxlen: 24 103.35.159.0/24 maxlen: 24 106.0.52.0/22 maxlen: 24 2401:4440::/32 maxlen: 32 2401:4440::/36 maxlen: 36 2401:4440::/48 maxlen: 48 2401:4440:1000::/36 maxlen: 36 2401:4440:2000::/36 maxlen: 36 2401:4440:3000::/36 maxlen: 36 2401:4440:4000::/36 maxlen: 36 2401:4440:5000::/36 maxlen: 36 2401:4440:6000::/36 maxlen: 36 2401:4440:7000::/36 maxlen: 36 2401:4440:8000::/36 maxlen: 36 2401:4440:9000::/36 maxlen: 36 2401:4440:a000::/36 maxlen: 36 2401:4440:a001::/48 maxlen: 48 2401:4440:a002::/48 maxlen: 48 2401:4440:b000::/36 maxlen: 36 2401:4440:c000::/36 maxlen: 36 2401:4440:d000::/36 maxlen: 36 2401:4440:e000::/36 maxlen: 36 2401:4440:f000::/36 maxlen: 36 2401:4440:fb00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D90B9/D1EA8CF4B58711ECBEDB9229C4F9AE02/Whg7Hg_8ptrdeW9rtKqvk2kvDck.crl rsync://rpki.apnic.net/member_repository/A91D90B9/D1EA8CF4B58711ECBEDB9229C4F9AE02/Whg7Hg_8ptrdeW9rtKqvk2kvDck.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Whg7Hg_8ptrdeW9rtKqvk2kvDck.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 20 Mar 2026 00:03:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1044 (0x414) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D90B9, serialNumber=5A183B1E0FFCA6DADD796F6BB4AAAF93692F0DC9 Validity Not Before: Aug 19 01:38:41 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=69a5a8b7-3a8d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:6c:1a:2c:91:0a:c3:04:69:7f:9e:c8:6c:6b: 04:21:5b:25:79:9b:19:14:cc:2e:d7:4e:ad:c1:70: 3c:cb:1f:46:3a:10:fd:14:0d:64:8c:06:bd:90:e9: 05:46:25:a4:52:76:a0:f2:7d:52:c4:ab:a2:28:e9: e9:8b:e1:a5:2c:d8:66:e9:ca:a8:52:fb:d5:7c:01: 57:1f:4a:2e:c9:01:c1:91:a8:21:fd:27:59:fa:f0: 79:6d:27:80:ee:bc:46:38:24:86:87:30:12:83:79: be:61:dc:13:90:09:73:ce:99:73:df:0a:0e:f5:c2: a5:9c:88:81:bb:da:e1:c2:5b:ad:eb:b5:68:8b:32: 92:30:54:d9:9e:9a:44:6f:37:a1:ae:72:4e:07:9d: 39:7c:7f:4a:1b:b6:5a:eb:d0:06:27:fd:1c:75:a0: 98:24:65:0c:4f:0b:cf:29:ca:c6:b0:f8:29:ea:45: aa:86:d7:a2:39:2a:ad:01:09:62:bf:b5:6e:20:e7: d8:02:2e:98:29:80:28:ad:a9:63:f4:1a:e4:17:2f: 0c:61:ea:c5:ad:f8:8c:bb:9e:42:5a:f2:e0:89:62: e1:d4:6b:ef:30:0a:16:4d:a5:d0:90:d1:45:a5:c6: 7a:bf:bc:9b:49:1b:63:36:7d:9d:d8:f3:51:3d:32: d6:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:64:3B:DE:56:F6:20:73:3A:9D:98:DC:81:26:7F:20:6C:6D:B4:A3 X509v3 Authority Key Identifier: keyid:5A:18:3B:1E:0F:FC:A6:DA:DD:79:6F:6B:B4:AA:AF:93:69:2F:0D:C9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D90B9/D1EA8CF4B58711ECBEDB9229C4F9AE02/Whg7Hg_8ptrdeW9rtKqvk2kvDck.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Whg7Hg_8ptrdeW9rtKqvk2kvDck.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D90B9/D1EA8CF4B58711ECBEDB9229C4F9AE02/CC5A0854D0DD11EFB1C6656DC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.26.112.0/22 103.35.157.0/24 103.35.159.0/24 106.0.52.0/22 IPv6: 2401:4440::/32 Signature Algorithm: sha256WithRSAEncryption 53:bb:bd:33:39:7b:31:48:25:fb:f5:38:3f:ad:f6:9c:fa:4a: 5c:c7:d9:c8:82:1b:87:1b:32:d5:1b:4e:53:ce:79:f3:81:a6: cb:c1:17:a3:3b:dd:16:c8:8b:2b:24:c0:e7:bf:80:89:9e:ee: 73:2f:a8:0d:a0:f4:e8:7e:e9:68:63:20:e3:22:f0:97:ba:81: 89:1c:c4:4f:8c:73:7d:09:a0:79:1f:a6:03:d7:27:24:b7:18: 00:4f:93:bf:25:d4:f3:98:5e:2d:c5:3f:02:a5:cd:dd:69:3a: eb:ec:b1:6d:d8:66:4b:23:c8:73:af:93:f2:f5:05:63:2d:7c: 51:00:e8:43:15:79:77:0a:90:c9:8e:ef:43:c4:a2:52:51:08: ad:b1:8d:a3:4e:d6:09:4a:0a:ef:15:d0:99:86:73:b9:56:9d: ba:ed:f5:bf:26:f4:11:d0:b3:39:74:d4:ed:22:8a:61:e4:cd: 47:22:d4:7f:b4:9e:5d:33:19:37:c6:50:17:9d:12:79:49:1f: 12:e8:b6:82:e1:1c:57:13:8b:c3:d2:57:4c:4d:2c:68:6f:98: b2:98:65:84:a9:4c:ed:b7:87:58:d6:78:96:f2:57:ee:1f:7e: 26:6f:94:0d:b2:c9:83:b9:bf:52:ab:9c:d8:69:9c:d1:c5:f8: d7:fb:57:b0 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgICBBQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDkwQjkxMTAvBgNVBAUTKDVBMTgzQjFFMEZGQ0E2REFERDc5NkY2QkI0QUFBRjkz NjkyRjBEQzkwHhcNMjUwODE5MDEzODQxWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE1YThiNy0zYThkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAomwaLJEKwwRpf57IbGsEIVsleZsZFMwu106twXA8yx9GOhD9FA1kjAa9kOkF RiWkUnag8n1SxKuiKOnpi+GlLNhm6cqoUvvVfAFXH0ouyQHBkagh/SdZ+vB5bSeA 7rxGOCSGhzASg3m+YdwTkAlzzplz3woO9cKlnIiBu9rhwlut67VoizKSMFTZnppE bzehrnJOB505fH9KG7Za69AGJ/0cdaCYJGUMTwvPKcrGsPgp6kWqhteiOSqtAQli v7VuIOfYAi6YKYAoralj9BrkFy8MYerFrfiMu55CWvLgiWLh1GvvMAoWTaXQkNFF pcZ6v7ybSRtjNn2d2PNRPTLWpwIDAQABo4ICgTCCAn0wHQYDVR0OBBYEFElkO95W 9iBzOp2Y3IEmfyBsbbSjMB8GA1UdIwQYMBaAFFoYOx4P/Kba3Xlva7Sqr5NpLw3J MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOTBCOS9EMUVBOENGNEI1 ODcxMUVDQkVEQjkyMjlDNEY5QUUwMi9XaGc3SGdfOHB0cmRlVzlydEtxdmsya3ZE Y2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1doZzdIZ184cHRyZGVXOXJ0S3F2azJrdkRjay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDkwQjkvRDFFQThDRjRCNTg3MTFFQ0JFREI5MjI5QzRGOUFFMDIvQ0M1QTA4NTRE MEREMTFFRkIxQzY2NTZEQzRGOUFFMDIucm9hMEAGCCsGAQUFBwEHAQH/BDEwLzAe BAIAATAYAwQCZxpwAwQAZyOdAwQAZyOfAwQCagA0MA0EAgACMAcDBQAkAURAMA0G CSqGSIb3DQEBCwUAA4IBAQBTu70zOXsxSCX79Tg/rfac+kpcx9nIghuHGzLVG05T znnzgabLwRejO90WyIsrJMDnv4CJnu5zL6gNoPTofuloYyDjIvCXuoGJHMRPjHN9 CaB5H6YD1ycktxgAT5O/JdTzmF4txT8Cpc3daTrr7LFt2GZLI8hzr5Py9QVjLXxR AOhDFXl3CpDJju9DxKJSUQitsY2jTtYJSgrvFdCZhnO5Vp267fW/JvQR0LM5dNTt Ioph5M1HItR/tJ5dMxk3xlAXnRJ5SR8S6LaC4RxXE4vD0ldMTSxob5iymGWEqUzt t4dY1niW8lfuH34mb5QNssmDub9Sq5zYaZzRxfjX+1ew -----END CERTIFICATE-----Generated at Fri Mar 13 16:27:06 2026 by rpki-client