$ rpki-client -vvf rpki.sub.apnic.net/repository/A91DD5100000/0/34332e3235322e32332e302f32342d3234203d3e203239383032.roa File: 34332e3235322e32332e302f32342d3234203d3e203239383032.roa (raw, json) Hash identifier: 7QCONFpvmyuNf5zvgrCNMc+J3LAExntNG5Qv6K3hEbs= Subject key identifier: 2F:32:C0:6F:78:4D:AB:22:30:A5:00:5C:0A:B9:72:83:D4:1A:36:F6 Certificate issuer: /CN=A91DD5100000/serialNumber=5D707B0D3569622432B4BDCBFD320F9A8B6DDC7B Certificate serial: 271F9463126BFDC4B03288FC87E9DEE9DD346263 Authority key identifier: 5D:70:7B:0D:35:69:62:24:32:B4:BD:CB:FD:32:0F:9A:8B:6D:DC:7B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XXB7DTVpYiQytL3L_TIPmott3Hs.cer Subject info access: rsync://rpki.sub.apnic.net/repository/A91DD5100000/0/34332e3235322e32332e302f32342d3234203d3e203239383032.roa Signing time: Mon 16 Mar 2026 18:27:47 +0000 ROA not before: Mon 16 Mar 2026 18:22:47 +0000 ROA not after: Mon 15 Mar 2027 18:27:47 +0000 asID: 29802 IP address blocks: 43.252.23.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.sub.apnic.net/repository/A91DD5100000/0/5D707B0D3569622432B4BDCBFD320F9A8B6DDC7B.crl rsync://rpki.sub.apnic.net/repository/A91DD5100000/0/5D707B0D3569622432B4BDCBFD320F9A8B6DDC7B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XXB7DTVpYiQytL3L_TIPmott3Hs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 17 Mar 2026 22:23:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:1f:94:63:12:6b:fd:c4:b0:32:88:fc:87:e9:de:e9:dd:34:62:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DD5100000, serialNumber=5D707B0D3569622432B4BDCBFD320F9A8B6DDC7B Validity Not Before: Mar 16 18:22:47 2026 GMT Not After : Mar 15 18:27:47 2027 GMT Subject: CN=2F32C06F784DAB2230A5005C0AB97283D41A36F6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:af:9f:8e:b3:b6:47:37:fc:be:d8:4a:a9:3d: cf:19:5a:2d:ab:67:2e:fd:f8:d1:94:db:54:78:b6: 64:60:e5:62:67:70:1d:35:4f:f0:9b:eb:d5:18:e6: 3b:56:73:e2:20:5d:5c:02:af:da:c0:5f:82:ea:c3: e1:18:4d:1a:ae:96:6a:1e:a2:7e:0e:8b:7b:94:e3: 5d:64:df:c8:82:17:18:7f:a4:ac:bf:01:19:8c:fc: 51:fe:01:78:45:7a:e7:a9:0c:c8:15:d6:02:af:33: f5:81:8f:09:63:1e:04:95:60:6e:fe:1d:61:6f:08: a3:7e:cf:d4:5c:cd:1a:db:70:60:24:ff:7f:ee:1e: c4:68:66:59:30:dc:3f:8e:45:2d:ad:90:48:49:2a: 0f:0a:b0:7d:f8:25:93:fe:71:69:84:6c:01:ec:1d: 11:66:46:b7:95:d3:5e:e6:49:56:d4:32:17:3d:99: 6f:16:bf:6e:3d:3a:7e:61:a3:74:a3:f5:60:0e:29: 60:80:c8:ed:18:fb:54:cc:e5:7a:56:e2:ce:40:7a: 21:f8:e0:9a:1e:bb:b2:37:3e:01:bc:a0:7c:b9:80: df:60:7e:af:11:a8:66:86:85:ad:05:b6:74:8c:86: 5f:aa:3b:63:18:e0:a1:7f:d9:f6:9a:e8:80:e2:7c: 3c:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:32:C0:6F:78:4D:AB:22:30:A5:00:5C:0A:B9:72:83:D4:1A:36:F6 X509v3 Authority Key Identifier: keyid:5D:70:7B:0D:35:69:62:24:32:B4:BD:CB:FD:32:0F:9A:8B:6D:DC:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.sub.apnic.net/repository/A91DD5100000/0/5D707B0D3569622432B4BDCBFD320F9A8B6DDC7B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XXB7DTVpYiQytL3L_TIPmott3Hs.cer Subject Information Access: Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A91DD5100000/0/34332e3235322e32332e302f32342d3234203d3e203239383032.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.252.23.0/24 Signature Algorithm: sha256WithRSAEncryption 82:34:63:ec:25:c7:45:32:14:e0:34:31:6e:ba:2f:c2:01:ba: 0c:8b:29:fe:9f:9b:f7:bf:06:4f:e6:ef:e1:d9:80:cf:79:ec: 82:81:13:32:df:98:c4:2a:04:6c:43:bb:cf:72:a6:20:35:81: 11:3e:cc:c1:46:f4:38:d2:cf:c0:ae:61:e8:5f:d4:23:72:18: a0:62:44:fe:8f:2d:ed:65:6a:ab:63:db:b8:b7:af:e7:bd:a1: 4b:3e:2a:4f:67:d2:70:53:18:dc:92:2f:24:04:24:a5:5c:3d: c1:7b:24:84:67:96:6a:49:8d:d0:de:94:d3:aa:db:7b:61:c9: 50:62:fc:e7:56:7a:b6:d9:39:7a:bd:a8:2e:2e:1e:29:6c:e7: 10:f6:ee:b2:be:65:c3:a4:f6:bd:eb:66:03:04:42:34:fa:e6: 6a:bf:fc:6c:ff:16:13:af:d7:c4:c8:96:a5:cd:5f:39:d7:b5: 6f:ee:11:51:77:0c:44:cb:c9:02:af:d1:92:e5:e5:ae:04:54: 60:85:82:98:d9:86:cf:5c:de:2f:20:6a:ae:39:f2:6e:d5:1c: 86:08:11:e2:a9:10:08:18:c1:95:d5:9b:83:b8:4c:7e:d0:03: 71:e1:8e:c6:91:77:08:5d:81:dc:44:02:0a:b1:5d:05:43:d9: 10:84:1f:29 -----BEGIN CERTIFICATE----- MIIFHDCCBASgAwIBAgIUJx+UYxJr/cSwMoj8h+ne6d00YmMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxREQ1MTAwMDAwMTEwLwYDVQQFEyg1RDcwN0IwRDM1 Njk2MjI0MzJCNEJEQ0JGRDMyMEY5QThCNkREQzdCMB4XDTI2MDMxNjE4MjI0N1oX DTI3MDMxNTE4Mjc0N1owMzExMC8GA1UEAxMoMkYzMkMwNkY3ODREQUIyMjMwQTUw MDVDMEFCOTcyODNENDFBMzZGNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALavn46ztkc3/L7YSqk9zxlaLatnLv340ZTbVHi2ZGDlYmdwHTVP8Jvr1Rjm O1Zz4iBdXAKv2sBfgurD4RhNGq6Wah6ifg6Le5TjXWTfyIIXGH+krL8BGYz8Uf4B eEV656kMyBXWAq8z9YGPCWMeBJVgbv4dYW8Io37P1FzNGttwYCT/f+4exGhmWTDc P45FLa2QSEkqDwqwffglk/5xaYRsAewdEWZGt5XTXuZJVtQyFz2Zbxa/bj06fmGj dKP1YA4pYIDI7Rj7VMzlelbizkB6Ifjgmh67sjc+AbygfLmA32B+rxGoZoaFrQW2 dIyGX6o7YxjgoX/Z9progOJ8PIsCAwEAAaOCAg8wggILMB0GA1UdDgQWBBQvMsBv eE2rIjClAFwKuXKD1Bo29jAfBgNVHSMEGDAWgBRdcHsNNWliJDK0vcv9Mg+ai23c ezAOBgNVHQ8BAf8EBAMCB4AwcgYDVR0fBGswaTBnoGWgY4ZhcnN5bmM6Ly9ycGtp LnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTFERDUxMDAwMDAvMC81RDcwN0Iw RDM1Njk2MjI0MzJCNEJEQ0JGRDMyMEY5QThCNkREQzdCLmNybDB+BggrBgEFBQcB AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np dG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9YWEI3RFRWcFlp UXl0TDNMX1RJUG1vdHQzSHMuY2VyMIGJBggrBgEFBQcBCwR9MHsweQYIKwYBBQUH MAuGbXJzeW5jOi8vcnBraS5zdWIuYXBuaWMubmV0L3JlcG9zaXRvcnkvQTkxREQ1 MTAwMDAwLzAvMzQzMzJlMzIzNTMyMmUzMjMzMmUzMDJmMzIzNDJkMzIzNDIwM2Qz ZTIwMzIzOTM4MzAzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggr BgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACv8FzANBgkqhkiG9w0BAQsFAAOCAQEA gjRj7CXHRTIU4DQxbrovwgG6DIsp/p+b978GT+bv4dmAz3nsgoETMt+YxCoEbEO7 z3KmIDWBET7MwUb0ONLPwK5h6F/UI3IYoGJE/o8t7WVqq2PbuLev572hSz4qT2fS cFMY3JIvJAQkpVw9wXskhGeWakmN0N6U06rbe2HJUGL851Z6ttk5er2oLi4eKWzn EPbusr5lw6T2vetmAwRCNPrmar/8bP8WE6/XxMiWpc1fOde1b+4RUXcMRMvJAq/R kuXlrgRUYIWCmNmGz1zeLyBqrjnybtUchggR4qkQCBjBldWbg7hMftADceGOxpF3 CF2B3EQCCrFdBUPZEIQfKQ== -----END CERTIFICATE-----Generated at Tue Mar 17 02:19:53 2026 by rpki-client