$ rpki-client -vvf rpki.apnic.net/member_repository/A91F090C/B7C4E9365D2911EAB054FF3BC4F9AE02/4AFC3AFA53FB11F1B2460F6FB6EE528E.roa File: 4AFC3AFA53FB11F1B2460F6FB6EE528E.roa (raw, json) Hash identifier: oTk4BDZk11e5ZQ+9bJkxgoOL1+4Pr97SRItzO/VRRPw= Subject key identifier: 2D:C6:6B:BF:56:CE:5E:3A:C6:CA:2E:58:8E:8C:80:1F:73:60:6A:BC Certificate issuer: /CN=A91F090C/serialNumber=8AEE29DB2FE91407FE40E4BE78C40626D7E18FB1 Certificate serial: 07 Authority key identifier: 8A:EE:29:DB:2F:E9:14:07:FE:40:E4:BE:78:C4:06:26:D7:E1:8F:B1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iu4p2y_pFAf-QOS-eMQGJtfhj7E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F090C/B7C4E9365D2911EAB054FF3BC4F9AE02/4AFC3AFA53FB11F1B2460F6FB6EE528E.roa Signing time: Wed 20 May 2026 03:23:38 +0000 ROA not before: Wed 20 May 2026 03:23:38 +0000 ROA not after: Tue 02 Mar 2027 00:00:00 +0000 asID: 45176 IP address blocks: 119.15.156.0/22 maxlen: 22 119.15.156.0/24 maxlen: 24 119.15.157.0/24 maxlen: 24 119.15.158.0/24 maxlen: 24 119.15.159.0/24 maxlen: 24 2405:dbc0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F090C/B7C4E9365D2911EAB054FF3BC4F9AE02/iu4p2y_pFAf-QOS-eMQGJtfhj7E.crl rsync://rpki.apnic.net/member_repository/A91F090C/B7C4E9365D2911EAB054FF3BC4F9AE02/iu4p2y_pFAf-QOS-eMQGJtfhj7E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iu4p2y_pFAf-QOS-eMQGJtfhj7E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 May 2026 19:16:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7 (0x7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F090C, serialNumber=8AEE29DB2FE91407FE40E4BE78C40626D7E18FB1 Validity Not Before: May 20 03:23:38 2026 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=6a0d293a-d9e7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:43:b1:b6:bf:82:33:26:ef:97:e4:42:59:28: 2b:a7:db:41:29:55:ec:52:9e:4d:5c:b3:05:1d:29: e8:fa:2b:81:43:25:58:5a:75:41:2a:9a:ec:5d:13: cd:23:82:0d:4d:ca:3f:e3:2c:d0:e9:ee:a4:14:fd: 6d:fc:f7:b3:d4:8e:cf:bf:95:c7:ee:30:1b:cb:f0: 5f:bc:aa:69:74:87:e6:4d:a2:c3:bc:d9:6b:bc:5a: 38:e6:5c:a4:4d:ca:de:f2:a4:52:68:ee:1f:db:e2: a1:94:78:dd:a8:c7:9e:79:02:8f:54:7d:ec:53:57: 7e:90:05:4a:a3:a7:28:4a:45:a5:6d:7d:a7:0b:75: bc:51:f1:a4:c1:3b:97:38:1d:1b:0b:e6:a6:04:86: 9e:b0:bd:66:49:f4:94:73:4f:0f:c6:d4:2a:68:ae: ae:3f:37:19:75:d7:03:8d:e3:ad:85:6e:fd:2a:3c: 1c:53:1d:f9:84:c6:ca:d4:05:75:24:ac:05:62:76: 57:b8:7b:6c:69:00:74:8f:68:a5:ec:5f:54:cf:62: aa:4e:e3:3c:62:81:2d:96:63:75:ca:c5:94:b9:00: 2c:8f:b8:d2:c1:fa:99:45:4d:83:c1:ad:07:fd:b5: ce:00:a2:1e:cf:9b:f8:75:a6:78:b7:60:18:bc:59: 90:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:C6:6B:BF:56:CE:5E:3A:C6:CA:2E:58:8E:8C:80:1F:73:60:6A:BC X509v3 Authority Key Identifier: keyid:8A:EE:29:DB:2F:E9:14:07:FE:40:E4:BE:78:C4:06:26:D7:E1:8F:B1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F090C/B7C4E9365D2911EAB054FF3BC4F9AE02/iu4p2y_pFAf-QOS-eMQGJtfhj7E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iu4p2y_pFAf-QOS-eMQGJtfhj7E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F090C/B7C4E9365D2911EAB054FF3BC4F9AE02/4AFC3AFA53FB11F1B2460F6FB6EE528E.roa sbgp-ipAddrBlock: critical IPv4: 119.15.156.0/22 IPv6: 2405:dbc0::/32 Signature Algorithm: sha256WithRSAEncryption 04:8a:c0:ed:a2:c4:ba:3e:62:43:22:42:9c:7c:9e:73:25:dc: ce:92:d1:e5:db:70:1f:2b:39:29:6c:be:83:61:43:07:26:77: 39:d5:e9:2e:cb:7f:6c:9a:40:5a:87:fd:c7:69:17:7e:56:a6: 13:b4:b4:a9:9b:19:e1:7b:cb:26:46:d9:1d:7c:60:56:e3:1f: e6:47:1e:59:58:5b:aa:b4:2a:2e:56:40:02:f5:93:c3:a7:53: 51:32:83:61:59:c0:40:a5:07:ef:84:47:77:e2:85:6a:cb:2e: b1:be:31:c5:ab:d3:e9:4b:aa:2b:ad:4d:30:82:ce:92:72:d3: e6:fa:70:30:85:15:e4:ba:8d:98:b5:84:ae:69:46:91:22:6f: 58:18:d9:15:e6:e1:35:af:8c:52:06:ae:66:31:d3:d8:b9:5b: 73:47:90:2f:1c:5b:cd:63:32:c6:36:9a:35:47:2b:49:cf:98: d6:dd:d2:9f:eb:0b:f8:33:1f:ac:60:e5:a9:12:63:f6:8f:39: c1:a1:44:b2:19:0f:65:99:24:8c:89:0c:08:2a:8b:50:42:d6: 41:e5:ef:b0:f5:c5:66:4c:fa:c2:12:ef:f8:77:d6:ba:08:08: 6c:5a:32:a5:62:18:bc:fb:73:de:b2:81:4c:f8:5b:1c:1c:68: 5a:a2:0a:ca -----BEGIN CERTIFICATE----- MIIFSjCCBDKgAwIBAgIBBzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG MDkwQzExMC8GA1UEBRMoOEFFRTI5REIyRkU5MTQwN0ZFNDBFNEJFNzhDNDA2MjZE N0UxOEZCMTAeFw0yNjA1MjAwMzIzMzhaFw0yNzAzMDIwMDAwMDBaMBgxFjAUBgNV BAMTDTZhMGQyOTNhLWQ5ZTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCUQ7G2v4IzJu+X5EJZKCun20EpVexSnk1cswUdKej6K4FDJVhadUEqmuxdE80j gg1Nyj/jLNDp7qQU/W3897PUjs+/lcfuMBvL8F+8qml0h+ZNosO82Wu8WjjmXKRN yt7ypFJo7h/b4qGUeN2ox555Ao9UfexTV36QBUqjpyhKRaVtfacLdbxR8aTBO5c4 HRsL5qYEhp6wvWZJ9JRzTw/G1Cporq4/Nxl11wON462Fbv0qPBxTHfmExsrUBXUk rAVidle4e2xpAHSPaKXsX1TPYqpO4zxigS2WY3XKxZS5ACyPuNLB+plFTYPBrQf9 tc4Aoh7Pm/h1pni3YBi8WZAZAgMBAAGjggJvMIICazAdBgNVHQ4EFgQULcZrv1bO XjrGyi5YjoyAH3NgarwwHwYDVR0jBBgwFoAUiu4p2y/pFAf+QOS+eMQGJtfhj7Ew DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYwOTBDL0I3QzRFOTM2NUQy OTExRUFCMDU0RkYzQkM0RjlBRTAyL2l1NHAyeV9wRkFmLVFPUy1lTVFHSnRmaGo3 RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvaXU0cDJ5X3BGQWYtUU9TLWVNUUdKdGZoajdFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgZYGCCsGAQUFBwELBIGJMIGGMIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MDkwQy9CN0M0RTkzNjVEMjkxMUVBQjA1NEZGM0JDNEY5QUUwMi80QUZDM0FGQTUz RkIxMUYxQjI0NjBGNkZCNkVFNTI4RS5yb2EwLgYIKwYBBQUHAQcBAf8EHzAdMAwE AgABMAYDBAJ3D5wwDQQCAAIwBwMFACQF28AwDQYJKoZIhvcNAQELBQADggEBAASK wO2ixLo+YkMiQpx8nnMl3M6S0eXbcB8rOSlsvoNhQwcmdznV6S7Lf2yaQFqH/cdp F35WphO0tKmbGeF7yyZG2R18YFbjH+ZHHllYW6q0Ki5WQAL1k8OnU1Eyg2FZwECl B++ER3fihWrLLrG+McWr0+lLqiutTTCCzpJy0+b6cDCFFeS6jZi1hK5pRpEib1gY 2RXm4TWvjFIGrmYx09i5W3NHkC8cW81jMsY2mjVHK0nPmNbd0p/rC/gzH6xg5akS Y/aPOcGhRLIZD2WZJIyJDAgqi1BC1kHl77D1xWZM+sIS7/h31roICGxaMqViGLz7 c96ygUz4WxwcaFqiCso= -----END CERTIFICATE-----Generated at Thu May 21 10:12:44 2026 by rpki-client