$ rpki-client -vvf rpki.apnic.net/member_repository/A91F5DFB/47F74DE6FDBF11F0A5FE8CE6676F56BC/3C5B5EF4FDC011F0B8AD40E9676F56BC.roa File: 3C5B5EF4FDC011F0B8AD40E9676F56BC.roa (raw, json) Hash identifier: HUywEb4DmpOJlJ6C41xUxBBDq+TKKYsqSoqCvTi0z74= Subject key identifier: 04:9E:1B:80:4D:66:AD:EF:BB:1D:79:68:EA:C0:0F:69:54:6D:A9:05 Certificate issuer: /CN=A91F5DFB/serialNumber=2FA971A63BC263AEB4DAEBF20C2FC71183CA648F Certificate serial: 02 Authority key identifier: 2F:A9:71:A6:3B:C2:63:AE:B4:DA:EB:F2:0C:2F:C7:11:83:CA:64:8F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L6lxpjvCY6602uvyDC_HEYPKZI8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F5DFB/47F74DE6FDBF11F0A5FE8CE6676F56BC/3C5B5EF4FDC011F0B8AD40E9676F56BC.roa Signing time: Fri 30 Jan 2026 09:44:14 +0000 ROA not before: Fri 30 Jan 2026 09:44:14 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 45243 IP address blocks: 103.246.224.0/22 maxlen: 22 103.246.224.0/24 maxlen: 24 103.246.225.0/24 maxlen: 24 103.246.226.0/24 maxlen: 24 103.246.227.0/24 maxlen: 24 203.212.24.0/22 maxlen: 22 203.212.24.0/24 maxlen: 24 203.212.25.0/24 maxlen: 24 203.212.26.0/24 maxlen: 24 203.212.27.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F5DFB/47F74DE6FDBF11F0A5FE8CE6676F56BC/L6lxpjvCY6602uvyDC_HEYPKZI8.crl rsync://rpki.apnic.net/member_repository/A91F5DFB/47F74DE6FDBF11F0A5FE8CE6676F56BC/L6lxpjvCY6602uvyDC_HEYPKZI8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L6lxpjvCY6602uvyDC_HEYPKZI8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 26 Feb 2026 07:19:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F5DFB, serialNumber=2FA971A63BC263AEB4DAEBF20C2FC71183CA648F Validity Not Before: Jan 30 09:44:14 2026 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=697c7d6d-a759 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:7e:08:da:57:91:96:0e:f8:fa:b3:90:de:4c: 89:cf:60:f0:61:48:ba:ba:13:4e:c0:f1:c1:47:1f: 4e:5a:68:7c:d0:dd:b7:40:4f:80:f8:f9:92:00:53: 29:11:be:9a:42:40:9f:63:41:c8:43:b4:34:ef:04: 39:36:55:d9:0c:9d:e2:c1:da:69:68:64:7d:7e:e7: 24:67:8d:aa:b4:af:99:36:14:4f:10:07:4a:bf:db: 42:56:a2:81:88:f3:c0:ee:d5:7e:e9:3c:92:ce:d9: 7d:f5:75:a5:67:5f:f7:d2:08:e8:aa:27:f3:66:8e: cd:e7:b7:09:2e:85:05:dd:86:99:2e:f1:4f:24:a8: 13:66:5a:4d:be:0f:5f:5c:b2:0a:fd:09:46:6e:31: 6c:6d:5e:f2:d9:08:ea:7b:ba:77:ed:e3:c4:e8:cc: 47:3a:19:c6:2a:bb:89:e4:3b:ea:e5:b7:66:ba:89: f7:ce:98:35:ab:82:66:bd:4f:b1:6f:7b:9e:1f:05: c7:ec:39:31:58:64:05:a3:30:d8:d7:b6:a8:cd:cb: 52:a1:4b:80:f5:24:e0:22:85:61:74:0f:b2:b9:3b: af:4c:18:ea:d7:3f:e2:90:53:e1:0d:03:98:88:30: 40:93:17:b8:3f:d2:06:ff:d3:c0:90:12:66:08:9f: bd:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:9E:1B:80:4D:66:AD:EF:BB:1D:79:68:EA:C0:0F:69:54:6D:A9:05 X509v3 Authority Key Identifier: keyid:2F:A9:71:A6:3B:C2:63:AE:B4:DA:EB:F2:0C:2F:C7:11:83:CA:64:8F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F5DFB/47F74DE6FDBF11F0A5FE8CE6676F56BC/L6lxpjvCY6602uvyDC_HEYPKZI8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L6lxpjvCY6602uvyDC_HEYPKZI8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F5DFB/47F74DE6FDBF11F0A5FE8CE6676F56BC/3C5B5EF4FDC011F0B8AD40E9676F56BC.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.246.224.0/22 203.212.24.0/22 Signature Algorithm: sha256WithRSAEncryption 12:12:c6:cb:47:2a:dd:d4:ce:f1:a0:80:36:46:47:8e:e7:12: 42:ab:2a:37:f0:56:84:dd:20:64:be:97:43:5c:43:15:40:bb: 09:55:19:09:5c:43:7a:0f:96:83:eb:82:67:af:ec:dd:eb:20: 2c:ac:3e:09:5d:f2:ed:e5:95:a9:b8:be:34:75:3c:59:32:7c: bf:78:74:ad:16:af:44:d5:83:66:c2:da:da:64:e8:90:97:b3: a3:a3:4c:78:0c:a1:79:3c:8b:d2:4b:49:91:58:74:7c:98:d6: 2b:d2:dc:c4:26:db:63:53:94:4c:12:45:6c:67:c5:84:07:c4: 94:b9:5d:11:fc:0b:b2:07:ff:85:a5:60:20:ec:da:eb:fe:28: 82:44:28:71:37:58:b1:c0:4f:b5:be:4e:93:e6:15:28:19:2a: 31:62:c2:0d:e2:fb:7b:56:b4:7b:6d:1e:97:37:13:da:97:94: 69:6c:fb:cd:db:1b:ae:5a:79:bc:c8:15:25:5e:a8:d6:3f:af: af:9e:9f:8b:c7:fa:9f:93:5b:6b:4f:f2:38:94:d2:d9:d7:ef: 15:29:d2:27:f1:2c:c0:d1:04:85:64:79:26:81:ab:e6:3b:7b: 41:e5:55:f3:9f:c4:68:d7:9f:3b:77:4d:cd:06:ce:53:af:24: ad:1a:a2:5d -----BEGIN CERTIFICATE----- MIIFdjCCBF6gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDDAhBOTFG NURGQjExMC8GA1UEBRMoMkZBOTcxQTYzQkMyNjNBRUI0REFFQkYyMEMyRkM3MTE4 M0NBNjQ4RjAeFw0yNjAxMzAwOTQ0MTRaFw0yNjA4MzEwMDAwMDBaMBgxFjAUBgNV BAMMDTY5N2M3ZDZkLWE3NTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDRfgjaV5GWDvj6s5DeTInPYPBhSLq6E07A8cFHH05aaHzQ3bdAT4D4+ZIAUykR vppCQJ9jQchDtDTvBDk2VdkMneLB2mloZH1+5yRnjaq0r5k2FE8QB0q/20JWooGI 88Du1X7pPJLO2X31daVnX/fSCOiqJ/Nmjs3ntwkuhQXdhpku8U8kqBNmWk2+D19c sgr9CUZuMWxtXvLZCOp7unft48TozEc6GcYqu4nkO+rlt2a6iffOmDWrgma9T7Fv e54fBcfsOTFYZAWjMNjXtqjNy1KhS4D1JOAihWF0D7K5O69MGOrXP+KQU+ENA5iI MECTF7g/0gb/08CQEmYIn727AgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUBJ4bgE1m re+7HXlo6sAPaVRtqQUwHwYDVR0jBBgwFoAUL6lxpjvCY6602uvyDC/HEYPKZI8w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY1REZCLzQ3Rjc0REU2RkRC RjExRjBBNUZFOENFNjY3NkY1NkJDL0w2bHhwanZDWTY2MDJ1dnlEQ19IRVlQS1pJ OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvTDZseHBqdkNZNjYwMnV2eURDX0hFWVBLWkk4LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NURGQi80N0Y3NERFNkZEQkYxMUYwQTVGRThDRTY2NzZGNTZCQy8zQzVCNUVGNEZE QzAxMUYwQjhBRDQwRTk2NzZGNTZCQy5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW MBQwEgQCAAEwDAMEAmf24AMEAsvUGDANBgkqhkiG9w0BAQsFAAOCAQEAEhLGy0cq 3dTO8aCANkZHjucSQqsqN/BWhN0gZL6XQ1xDFUC7CVUZCVxDeg+Wg+uCZ6/s3esg LKw+CV3y7eWVqbi+NHU8WTJ8v3h0rRavRNWDZsLa2mTokJezo6NMeAyheTyL0ktJ kVh0fJjWK9LcxCbbY1OUTBJFbGfFhAfElLldEfwLsgf/haVgIOza6/4ogkQocTdY scBPtb5Ok+YVKBkqMWLCDeL7e1a0e20elzcT2peUaWz7zdsbrlp5vMgVJV6o1j+v r56fi8f6n5Nba0/yOJTS2dfvFSnSJ/EswNEEhWR5JoGr5jt7QeVV85/EaNefO3dN zQbOU68krRqiXQ== -----END CERTIFICATE-----Generated at Thu Feb 19 16:37:43 2026 by rpki-client