$ rpki-client -vvf rpki.apnic.net/member_repository/A9135F86/88ED5C84EF2C11EF9C3F3C7BC4F9AE02/4A41D220EF2D11EF8502717CC4F9AE02.roa File: 4A41D220EF2D11EF8502717CC4F9AE02.roa (raw, json) Hash identifier: C0UeRmdUC5XES5gqgoPUp5FT+eSznO9ZwMgEuNb9JBA= Subject key identifier: B4:F6:FE:37:9B:38:28:E5:FB:99:38:C7:ED:E9:FE:A8:55:45:6C:7B Certificate issuer: /CN=A9135F86/serialNumber=67412F0C730D9F45467A526C3825EC38FE700B63 Certificate serial: CB Authority key identifier: 67:41:2F:0C:73:0D:9F:45:46:7A:52:6C:38:25:EC:38:FE:70:0B:63 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z0EvDHMNn0VGelJsOCXsOP5wC2M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9135F86/88ED5C84EF2C11EF9C3F3C7BC4F9AE02/4A41D220EF2D11EF8502717CC4F9AE02.roa Signing time: Sat 07 Mar 2026 06:43:07 +0000 ROA not before: Sat 07 Mar 2026 06:43:07 +0000 ROA not after: Sat 01 May 2027 00:00:00 +0000 asID: 58530 IP address blocks: 103.225.156.0/24 maxlen: 24 103.225.157.0/24 maxlen: 24 103.225.158.0/24 maxlen: 24 103.225.159.0/24 maxlen: 24 103.247.248.0/24 maxlen: 24 103.247.249.0/24 maxlen: 24 103.247.250.0/24 maxlen: 24 103.247.251.0/24 maxlen: 24 103.254.140.0/24 maxlen: 24 103.254.141.0/24 maxlen: 24 103.254.142.0/24 maxlen: 24 103.254.143.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9135F86/88ED5C84EF2C11EF9C3F3C7BC4F9AE02/Z0EvDHMNn0VGelJsOCXsOP5wC2M.crl rsync://rpki.apnic.net/member_repository/A9135F86/88ED5C84EF2C11EF9C3F3C7BC4F9AE02/Z0EvDHMNn0VGelJsOCXsOP5wC2M.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z0EvDHMNn0VGelJsOCXsOP5wC2M.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Apr 2026 05:59:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 203 (0xcb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9135F86, serialNumber=67412F0C730D9F45467A526C3825EC38FE700B63 Validity Not Before: Mar 7 06:43:07 2026 GMT Not After : May 1 00:00:00 2027 GMT Subject: CN=69abc8fb-ada0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:5e:4d:43:08:2d:7b:46:ad:cc:be:53:4a:30: 5f:a7:7a:0c:ee:3d:42:85:73:a4:26:41:4e:72:c6: 12:8d:e0:c2:6a:fd:e5:42:27:83:60:24:7b:4f:c5: 7c:6c:2d:4c:48:07:21:7b:e2:cd:c6:b5:b4:7f:1d: ee:95:3f:6a:88:7d:87:43:1a:27:2b:0a:8f:82:d2: 68:fb:d3:1f:0e:99:f1:1b:a9:5e:51:f7:2e:22:83: 17:d3:76:16:9d:2e:dd:91:8c:0f:c5:a3:9b:15:ba: 42:d3:19:3b:74:d0:09:be:5b:fb:4f:ed:66:eb:3f: b1:1a:84:cc:bc:1a:8e:83:ea:51:8c:31:86:01:ee: 14:13:e1:8a:f7:9e:14:7d:11:d0:d8:59:32:02:9f: f5:a3:69:3d:b7:f9:90:7c:af:45:85:25:c5:e3:23: 04:dd:db:0b:e0:dc:61:bb:d7:dc:83:38:bc:1f:99: 55:2e:da:35:b7:ef:76:2e:91:70:c6:dd:e3:ef:54: dc:31:0f:1f:83:89:ed:0c:ee:ff:6d:d1:ec:60:71: 48:8e:f9:7e:bc:86:f2:a1:66:e3:27:d6:3b:a7:9c: a1:8c:5c:a0:84:94:59:c4:6d:e7:6e:13:8b:23:c5: c2:2a:13:89:2c:27:31:01:9f:10:3e:cd:57:3a:84: 80:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:F6:FE:37:9B:38:28:E5:FB:99:38:C7:ED:E9:FE:A8:55:45:6C:7B X509v3 Authority Key Identifier: keyid:67:41:2F:0C:73:0D:9F:45:46:7A:52:6C:38:25:EC:38:FE:70:0B:63 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9135F86/88ED5C84EF2C11EF9C3F3C7BC4F9AE02/Z0EvDHMNn0VGelJsOCXsOP5wC2M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z0EvDHMNn0VGelJsOCXsOP5wC2M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9135F86/88ED5C84EF2C11EF9C3F3C7BC4F9AE02/4A41D220EF2D11EF8502717CC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.225.156.0/22 103.247.248.0/22 103.254.140.0/22 Signature Algorithm: sha256WithRSAEncryption df:99:99:bf:d7:a3:6a:d2:5b:4e:fc:13:48:8e:af:38:e1:fb: 93:4c:ab:7b:36:ba:d2:ed:a9:3d:7f:81:ef:d0:ae:0f:32:df: 31:04:f3:cb:2f:99:96:bb:71:d8:5e:1f:8b:71:16:38:49:9f: 91:36:dd:2a:8b:d7:d1:f1:77:52:ff:76:85:1e:95:8a:0e:b9: 36:b7:bd:c4:31:36:fe:ef:81:40:bc:12:17:88:b6:0a:82:06: 31:d8:80:69:58:f1:20:27:ea:a9:24:e5:29:29:24:ac:65:56: 01:1e:27:10:68:35:17:35:a4:a6:c0:0a:22:2c:38:91:f6:3e: c4:e0:7a:1a:dc:5a:93:48:7a:a5:03:84:98:c7:f2:c6:de:28: 95:a7:a5:dd:3e:e1:1b:4b:9f:02:20:dd:97:24:14:93:3b:f7: 2e:57:51:7f:87:d5:ea:c8:d1:3d:fe:99:cc:42:0e:ec:00:2c: 0d:d2:2f:bc:cd:9f:be:1e:a8:0a:fc:b3:ed:2f:7a:df:e7:e8: 7e:01:0b:b0:35:8d:c7:4a:ad:5f:4d:5e:73:e1:2e:a0:9a:8e: 7a:c5:76:c2:87:22:4c:1c:ce:70:01:dc:c5:9e:5b:86:26:65: b0:08:4a:c1:15:a8:48:e6:17:23:cd:f9:5c:d2:b0:18:4a:2a: d1:cc:46:17 -----BEGIN CERTIFICATE----- MIIFSDCCBDCgAwIBAgICAMswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzVGODYxMTAvBgNVBAUTKDY3NDEyRjBDNzMwRDlGNDU0NjdBNTI2QzM4MjVFQzM4 RkU3MDBCNjMwHhcNMjYwMzA3MDY0MzA3WhcNMjcwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWFiYzhmYi1hZGEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1F5NQwgte0atzL5TSjBfp3oM7j1ChXOkJkFOcsYSjeDCav3lQieDYCR7T8V8 bC1MSAche+LNxrW0fx3ulT9qiH2HQxonKwqPgtJo+9MfDpnxG6leUfcuIoMX03YW nS7dkYwPxaObFbpC0xk7dNAJvlv7T+1m6z+xGoTMvBqOg+pRjDGGAe4UE+GK954U fRHQ2FkyAp/1o2k9t/mQfK9FhSXF4yME3dsL4Nxhu9fcgzi8H5lVLto1t+92LpFw xt3j71TcMQ8fg4ntDO7/bdHsYHFIjvl+vIbyoWbjJ9Y7p5yhjFyghJRZxG3nbhOL I8XCKhOJLCcxAZ8QPs1XOoSAPQIDAQABo4ICbDCCAmgwHQYDVR0OBBYEFLT2/jeb OCjl+5k4x+3p/qhVRWx7MB8GA1UdIwQYMBaAFGdBLwxzDZ9FRnpSbDgl7Dj+cAtj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNUY4Ni84OEVENUM4NEVG MkMxMUVGOUMzRjNDN0JDNEY5QUUwMi9aMEV2REhNTm4wVkdlbEpzT0NYc09QNXdD Mk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1owRXZESE1ObjBWR2VsSnNPQ1hzT1A1d0MyTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzVGODYvODhFRDVDODRFRjJDMTFFRjlDM0YzQzdCQzRGOUFFMDIvNEE0MUQyMjBF RjJEMTFFRjg1MDI3MTdDQzRGOUFFMDIucm9hMCsGCCsGAQUFBwEHAQH/BBwwGjAY BAIAATASAwQCZ+GcAwQCZ/f4AwQCZ/6MMA0GCSqGSIb3DQEBCwUAA4IBAQDfmZm/ 16Nq0ltO/BNIjq844fuTTKt7NrrS7ak9f4Hv0K4PMt8xBPPLL5mWu3HYXh+LcRY4 SZ+RNt0qi9fR8XdS/3aFHpWKDrk2t73EMTb+74FAvBIXiLYKggYx2IBpWPEgJ+qp JOUpKSSsZVYBHicQaDUXNaSmwAoiLDiR9j7E4Hoa3FqTSHqlA4SYx/LG3iiVp6Xd PuEbS58CIN2XJBSTO/cuV1F/h9XqyNE9/pnMQg7sACwN0i+8zZ++HqgK/LPtL3rf 5+h+AQuwNY3HSq1fTV5z4S6gmo56xXbChyJMHM5wAdzFnluGJmWwCErBFahI5hcj zflc0rAYSirRzEYX -----END CERTIFICATE-----Generated at Thu Mar 26 14:10:36 2026 by rpki-client