$ rpki-client -vvf rpki.apnic.net/member_repository/A9148B6A/0875F4964C7411E997900F55C4F9AE02/07FF4ABC5A1011EAA8B1B456C4F9AE02.roa File: 07FF4ABC5A1011EAA8B1B456C4F9AE02.roa (raw, json) Hash identifier: na3agWbpkvvPPGYrDAzu2fpB/eIpBQi6AGL/7SLQlTY= Subject key identifier: 2F:CE:C7:48:FD:98:A9:14:99:68:AB:02:06:D7:05:42:2E:4F:3B:2D Certificate issuer: /CN=A9148B6A/serialNumber=A9712CCB7EEE024AEB88767B762E1093B140FF6E Certificate serial: 109C Authority key identifier: A9:71:2C:CB:7E:EE:02:4A:EB:88:76:7B:76:2E:10:93:B1:40:FF:6E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qXEsy37uAkrriHZ7di4Qk7FA_24.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9148B6A/0875F4964C7411E997900F55C4F9AE02/07FF4ABC5A1011EAA8B1B456C4F9AE02.roa Signing time: Sun 01 Mar 2026 13:48:03 +0000 ROA not before: Mon 30 Jun 2025 17:50:19 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 132298 IP address blocks: 103.237.36.0/22 maxlen: 24 160.202.144.0/22 maxlen: 24 2401:e7c0::/32 maxlen: 36 2401:e7c0::/48 maxlen: 48 2401:e7c0:3::/48 maxlen: 48 2401:e7c0:4::/48 maxlen: 48 2401:e7c0:f00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9148B6A/0875F4964C7411E997900F55C4F9AE02/qXEsy37uAkrriHZ7di4Qk7FA_24.crl rsync://rpki.apnic.net/member_repository/A9148B6A/0875F4964C7411E997900F55C4F9AE02/qXEsy37uAkrriHZ7di4Qk7FA_24.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qXEsy37uAkrriHZ7di4Qk7FA_24.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 17:14:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4252 (0x109c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9148B6A, serialNumber=A9712CCB7EEE024AEB88767B762E1093B140FF6E Validity Not Before: Jun 30 17:50:19 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=69a44393-52ee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:8d:c0:5a:15:ef:48:9c:d7:b0:77:9e:33:59: c8:2e:87:43:1d:d5:cb:dd:0d:13:38:b6:a7:60:e0: 2b:27:e9:15:04:a1:36:4e:78:84:28:91:02:ec:be: 96:3e:25:92:39:46:b6:b7:fb:e8:f2:3d:0e:92:63: 73:74:56:e4:ff:22:27:7f:a0:4f:33:34:56:61:b3: 19:0e:d3:fb:58:72:bf:f3:41:77:2c:87:61:9d:28: b0:58:20:17:0f:4e:02:44:5d:b9:6a:19:be:8e:df: 3e:d5:34:ea:e4:9e:fa:74:60:46:69:58:b0:92:0c: a7:95:24:56:2a:01:92:03:a1:53:58:23:6e:71:f8: 7c:7a:20:26:cf:60:27:51:59:ab:62:0f:92:35:f2: 1e:4b:1f:64:92:3a:2e:e1:3d:44:0d:15:c7:b8:47: ea:cf:cd:db:9f:40:f2:00:93:98:1e:ea:ea:1e:3a: 77:a9:01:2a:02:f9:76:3c:83:b1:28:fa:5b:47:26: a7:99:c9:9b:c1:32:cb:35:d4:39:3b:e0:5c:78:eb: 89:ef:7e:31:7b:5f:ab:c1:db:e1:3a:8c:74:7f:ec: de:65:87:2f:26:14:a9:bc:7b:9f:16:8b:4c:ea:35: d3:a6:97:74:0f:3d:cf:d5:04:f0:06:d5:79:d6:27: fc:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:CE:C7:48:FD:98:A9:14:99:68:AB:02:06:D7:05:42:2E:4F:3B:2D X509v3 Authority Key Identifier: keyid:A9:71:2C:CB:7E:EE:02:4A:EB:88:76:7B:76:2E:10:93:B1:40:FF:6E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9148B6A/0875F4964C7411E997900F55C4F9AE02/qXEsy37uAkrriHZ7di4Qk7FA_24.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qXEsy37uAkrriHZ7di4Qk7FA_24.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148B6A/0875F4964C7411E997900F55C4F9AE02/07FF4ABC5A1011EAA8B1B456C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.237.36.0/22 160.202.144.0/22 IPv6: 2401:e7c0::/32 Signature Algorithm: sha256WithRSAEncryption 33:32:da:21:e4:95:c7:b2:f5:89:a2:8b:d2:d1:2b:a0:51:eb: b3:d7:e5:fe:07:b0:4b:ea:7a:0d:cb:ff:32:7c:0e:78:9c:1b: 2d:ff:c8:df:88:57:1c:df:a6:90:a4:84:35:21:dd:4f:5d:cd: a9:72:b3:84:ea:c3:c9:95:90:5c:57:5c:3f:61:6e:9c:ab:f1: f5:e8:b8:cc:c7:bf:d6:5c:c4:0d:b0:e0:96:9d:06:28:dc:13: 2c:c8:47:64:db:30:c4:89:87:50:5f:36:dc:33:96:df:43:3e: e1:30:05:69:4f:3c:39:fd:16:1c:87:6f:83:14:35:73:6d:dd: cb:72:ee:53:e0:30:67:66:e9:24:96:57:59:be:12:02:08:a9: c8:25:27:6b:eb:fb:c9:ef:03:b8:73:b2:bf:b2:45:da:76:a1: 25:4a:d5:74:13:09:6c:ac:e7:a6:90:00:16:6e:0d:b8:d1:36: 30:6f:21:89:46:44:e0:14:a8:43:a9:c7:af:a1:97:0e:9a:30: d2:18:0e:22:21:84:12:0d:f5:09:6e:c1:c8:0c:05:ec:64:22: a5:11:0e:7b:63:3d:6c:85:77:61:7f:aa:2f:3a:2d:4d:2c:7a: 1b:33:55:ea:1c:56:14:81:b3:f7:0e:6b:dd:bc:8c:0c:e2:c2: ca:0f:c7:e1 -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgICEJwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDhCNkExMTAvBgNVBAUTKEE5NzEyQ0NCN0VFRTAyNEFFQjg4NzY3Qjc2MkUxMDkz QjE0MEZGNkUwHhcNMjUwNjMwMTc1MDE5WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NDM5My01MmVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArY3AWhXvSJzXsHeeM1nILodDHdXL3Q0TOLanYOArJ+kVBKE2TniEKJEC7L6W PiWSOUa2t/vo8j0OkmNzdFbk/yInf6BPMzRWYbMZDtP7WHK/80F3LIdhnSiwWCAX D04CRF25ahm+jt8+1TTq5J76dGBGaViwkgynlSRWKgGSA6FTWCNucfh8eiAmz2An UVmrYg+SNfIeSx9kkjou4T1EDRXHuEfqz83bn0DyAJOYHurqHjp3qQEqAvl2PIOx KPpbRyanmcmbwTLLNdQ5O+BceOuJ734xe1+rwdvhOox0f+zeZYcvJhSpvHufFotM 6jXTppd0Dz3P1QTwBtV51if8zQIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFC/Ox0j9 mKkUmWirAgbXBUIuTzstMB8GA1UdIwQYMBaAFKlxLMt+7gJK64h2e3YuEJOxQP9u MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEI2QS8wODc1RjQ5NjRD NzQxMUU5OTc5MDBGNTVDNEY5QUUwMi9xWEVzeTM3dUFrcnJpSFo3ZGk0UWs3RkFf MjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3FYRXN5Mzd1QWtycmlIWjdkaTRRazdGQV8yNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDhCNkEvMDg3NUY0OTY0Qzc0MTFFOTk3OTAwRjU1QzRGOUFFMDIvMDdGRjRBQkM1 QTEwMTFFQUE4QjFCNDU2QzRGOUFFMDIucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS BAIAATAMAwQCZ+0kAwQCoMqQMA0EAgACMAcDBQAkAefAMA0GCSqGSIb3DQEBCwUA A4IBAQAzMtoh5JXHsvWJoovS0SugUeuz1+X+B7BL6noNy/8yfA54nBst/8jfiFcc 36aQpIQ1Id1PXc2pcrOE6sPJlZBcV1w/YW6cq/H16LjMx7/WXMQNsOCWnQYo3BMs yEdk2zDEiYdQXzbcM5bfQz7hMAVpTzw5/RYch2+DFDVzbd3Lcu5T4DBnZukklldZ vhICCKnIJSdr6/vJ7wO4c7K/skXadqElStV0EwlsrOemkAAWbg240TYwbyGJRkTg FKhDqcevoZcOmjDSGA4iIYQSDfUJbsHIDAXsZCKlEQ57Yz1shXdhf6ovOi1NLHob M1XqHFYUgbP3DmvdvIwM4sLKD8fh -----END CERTIFICATE-----Generated at Thu Mar 26 19:40:09 2026 by rpki-client