$ rpki-client -vvf rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/B4B1A742BE4C11EEB1327A54C4F9AE02.roa File: B4B1A742BE4C11EEB1327A54C4F9AE02.roa (raw, json) Hash identifier: aaio9X7jltQXqJl+GwT+Oyhu5HboHbxMTjJ0svAwdfQ= Subject key identifier: E3:39:37:CD:B3:3D:98:4A:4E:D8:CE:FB:AE:99:CD:96:02:10:C3:3D Certificate issuer: /CN=A9132B4D/serialNumber=23F5D93A82E7D7840679B1C64DA37C37CFFE77EF Certificate serial: 070D Authority key identifier: 23:F5:D9:3A:82:E7:D7:84:06:79:B1:C6:4D:A3:7C:37:CF:FE:77:EF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I_XZOoLn14QGebHGTaN8N8_-d-8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/B4B1A742BE4C11EEB1327A54C4F9AE02.roa Signing time: Thu 12 Mar 2026 07:46:28 +0000 ROA not before: Thu 12 Mar 2026 07:46:28 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 9231 IP address blocks: 58.82.192.0/19 maxlen: 24 58.82.224.0/19 maxlen: 24 103.15.84.0/22 maxlen: 24 123.136.0.0/20 maxlen: 24 161.81.0.0/16 maxlen: 24 182.239.72.0/21 maxlen: 24 182.239.80.0/20 maxlen: 24 182.239.104.0/21 maxlen: 24 182.239.112.0/20 maxlen: 24 203.142.97.0/24 maxlen: 24 203.142.98.0/24 maxlen: 24 203.142.99.0/24 maxlen: 24 203.142.127.0/24 maxlen: 24 223.122.0.0/18 maxlen: 24 223.122.64.0/18 maxlen: 24 223.122.128.0/17 maxlen: 24 223.123.192.0/20 maxlen: 24 2401:3000::/36 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/I_XZOoLn14QGebHGTaN8N8_-d-8.crl rsync://rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/I_XZOoLn14QGebHGTaN8N8_-d-8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I_XZOoLn14QGebHGTaN8N8_-d-8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 22:12:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1805 (0x70d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9132B4D, serialNumber=23F5D93A82E7D7840679B1C64DA37C37CFFE77EF Validity Not Before: Mar 12 07:46:28 2026 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=69b26f54-5a6f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:97:c3:07:93:c6:01:4e:6d:a0:bb:b4:42:a3: 34:67:f9:c7:83:42:6c:5b:cc:31:73:92:ad:08:e9: 34:b0:a9:38:5f:b1:4f:a1:a9:d2:0a:4b:8b:e5:d3: 4c:e3:6e:01:30:08:08:36:25:22:5f:73:95:07:26: b7:68:2e:52:0c:8f:ed:93:fd:2e:84:be:39:c9:32: e6:00:35:e7:c4:0b:f6:de:a3:2a:0f:1b:39:f6:c4: 45:3f:22:be:f3:7c:f9:39:b0:be:cb:f8:3d:52:7e: 08:b1:73:4f:c8:41:b9:cb:4f:21:a4:06:6b:22:03: 11:a4:c8:5a:da:9e:87:cb:0f:66:27:d3:97:1a:41: 1f:cd:1c:2b:a0:e1:76:f4:43:70:6d:5d:80:98:4e: bb:cb:00:a5:ed:f5:65:93:b2:c4:e1:cf:e3:6b:99: 33:29:8a:83:d1:e5:f2:80:b0:50:2e:cf:da:c0:b4: a6:b3:15:8a:e1:f0:c8:06:25:b4:ca:41:08:3f:3e: 50:41:18:37:3c:1d:6f:3e:11:56:cd:9c:31:61:70: 9c:54:08:ef:4a:4f:51:ff:be:fb:7d:63:5c:06:6a: 09:fc:9a:fb:49:6a:57:6f:a7:75:3d:e9:1b:b7:de: dc:a2:76:5c:be:a0:20:ff:7a:4d:ea:9f:6a:8a:d6: 7b:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:39:37:CD:B3:3D:98:4A:4E:D8:CE:FB:AE:99:CD:96:02:10:C3:3D X509v3 Authority Key Identifier: keyid:23:F5:D9:3A:82:E7:D7:84:06:79:B1:C6:4D:A3:7C:37:CF:FE:77:EF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/I_XZOoLn14QGebHGTaN8N8_-d-8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I_XZOoLn14QGebHGTaN8N8_-d-8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/B4B1A742BE4C11EEB1327A54C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 58.82.192.0/18 103.15.84.0/22 123.136.0.0/20 161.81.0.0/16 182.239.72.0-182.239.95.255 182.239.104.0-182.239.127.255 203.142.97.0-203.142.99.255 203.142.127.0/24 223.122.0.0/16 223.123.192.0/20 IPv6: 2401:3000::/36 Signature Algorithm: sha256WithRSAEncryption ae:d5:cd:0d:c3:bd:64:35:5c:95:01:66:85:9a:46:5f:8d:cf: 96:4a:02:f5:c1:90:c9:ab:77:68:aa:ec:55:92:a1:4f:29:0b: e5:34:de:f6:91:ec:48:92:a3:5d:8a:93:d5:99:52:b7:36:7f: 80:f8:66:fc:22:be:fb:fd:00:31:a7:f1:c3:3e:7c:12:ff:a1: 46:7d:63:fc:0f:c3:6e:19:25:f1:b1:ff:60:5e:c3:4b:48:e5: 65:63:6e:06:da:70:6a:56:3d:ca:f8:92:81:03:7b:9f:d4:16: 27:09:de:47:cb:cd:cc:80:0d:81:ca:09:6f:57:72:5a:67:42: 9f:6a:86:16:26:5d:22:98:6e:f9:65:4f:cb:a3:a2:dc:34:ee: 88:0e:a4:ad:da:8c:a3:e8:c8:1a:42:26:67:32:4c:11:59:b6: a4:3d:e6:c1:53:55:1f:2b:80:63:8b:e5:b2:bf:99:1b:d4:d3: c8:ee:77:81:aa:88:7b:c5:aa:4a:30:30:f6:40:8f:5e:24:de: ca:5e:2d:72:0c:4e:d7:85:ad:b7:18:07:b7:cc:79:01:5d:d3: bc:40:69:9d:80:af:af:b7:0f:50:64:b9:03:c9:fc:d5:7f:74: d9:e6:e3:a2:f5:d6:96:43:70:ed:ce:85:fd:7f:49:a8:33:e4: ca:2c:75:62 -----BEGIN CERTIFICATE----- MIIFmDCCBICgAwIBAgICBw0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzJCNEQxMTAvBgNVBAUTKDIzRjVEOTNBODJFN0Q3ODQwNjc5QjFDNjREQTM3QzM3 Q0ZGRTc3RUYwHhcNMjYwMzEyMDc0NjI4WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWIyNmY1NC01YTZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA25fDB5PGAU5toLu0QqM0Z/nHg0JsW8wxc5KtCOk0sKk4X7FPoanSCkuL5dNM 424BMAgINiUiX3OVBya3aC5SDI/tk/0uhL45yTLmADXnxAv23qMqDxs59sRFPyK+ 83z5ObC+y/g9Un4IsXNPyEG5y08hpAZrIgMRpMha2p6Hyw9mJ9OXGkEfzRwroOF2 9ENwbV2AmE67ywCl7fVlk7LE4c/ja5kzKYqD0eXygLBQLs/awLSmsxWK4fDIBiW0 ykEIPz5QQRg3PB1vPhFWzZwxYXCcVAjvSk9R/777fWNcBmoJ/Jr7SWpXb6d1Pekb t97conZcvqAg/3pN6p9qitZ7JQIDAQABo4ICvDCCArgwHQYDVR0OBBYEFOM5N82z PZhKTtjO+66ZzZYCEMM9MB8GA1UdIwQYMBaAFCP12TqC59eEBnmxxk2jfDfP/nfv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMkI0RC9DMTk5RTAwNkIy MDUxMUVCQUVBRTlGMTBDNEY5QUUwMi9JX1haT29MbjE0UUdlYkhHVGFOOE44Xy1k LTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lfWFpPb0xuMTRRR2ViSEdUYU44TjhfLWQtOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzJCNEQvQzE5OUUwMDZCMjA1MTFFQkFFQUU5RjEwQzRGOUFFMDIvQjRCMUE3NDJC RTRDMTFFRUIxMzI3QTU0QzRGOUFFMDIucm9hMHsGCCsGAQUFBwEHAQH/BGwwajBY BAIAATBSAwQGOlLAAwQCZw9UAwQEe4gAAwMAoVEwDAMEA7bvSAMEBbbvQDAMAwQD tu9oAwQHtu8AMAwDBADLjmEDBALLjmADBADLjn8DAwDfegMEBN97wDAOBAIAAjAI AwYEJAEwAAAwDQYJKoZIhvcNAQELBQADggEBAK7VzQ3DvWQ1XJUBZoWaRl+Nz5ZK AvXBkMmrd2iq7FWSoU8pC+U03vaR7EiSo12Kk9WZUrc2f4D4Zvwivvv9ADGn8cM+ fBL/oUZ9Y/wPw24ZJfGx/2Bew0tI5WVjbgbacGpWPcr4koEDe5/UFicJ3kfLzcyA DYHKCW9XclpnQp9qhhYmXSKYbvllT8ujotw07ogOpK3ajKPoyBpCJmcyTBFZtqQ9 5sFTVR8rgGOL5bK/mRvU08jud4GqiHvFqkowMPZAj14k3speLXIMTteFrbcYB7fM eQFd07xAaZ2Ar6+3D1BkuQPJ/NV/dNnm46L11pZDcO3Ohf1/Sagz5MosdWI= -----END CERTIFICATE-----Generated at Thu Mar 26 22:08:18 2026 by rpki-client