$ rpki-client -vvf rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/E986DDEC979911ECB3B7CE39C4F9AE02.roa File: E986DDEC979911ECB3B7CE39C4F9AE02.roa (raw, json) Hash identifier: BfgbyrDUSPaDFbvmIvU+wE2M70H25WXoCbwhEXrv7bI= Subject key identifier: F9:A3:9D:B6:E0:96:51:3D:90:1B:54:0A:BA:E1:43:16:66:21:5C:90 Certificate issuer: /CN=A9152DE4/serialNumber=217C3D8BED0B40C0FB088B59EE6E65AE6C661F0D Certificate serial: 049A Authority key identifier: 21:7C:3D:8B:ED:0B:40:C0:FB:08:8B:59:EE:6E:65:AE:6C:66:1F:0D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IXw9i-0LQMD7CItZ7m5lrmxmHw0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/E986DDEC979911ECB3B7CE39C4F9AE02.roa Signing time: Tue 03 Mar 2026 00:32:03 +0000 ROA not before: Tue 03 Mar 2026 00:32:03 +0000 ROA not after: Sat 01 May 2027 00:00:00 +0000 asID: 149449 IP address blocks: 103.179.198.0/24 maxlen: 24 103.179.199.0/24 maxlen: 24 2400:4e20::/32 maxlen: 32 2400:4e20::/33 maxlen: 33 2400:4e20:8000::/33 maxlen: 33 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.crl rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IXw9i-0LQMD7CItZ7m5lrmxmHw0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 23:40:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1178 (0x49a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9152DE4, serialNumber=217C3D8BED0B40C0FB088B59EE6E65AE6C661F0D Validity Not Before: Mar 3 00:32:03 2026 GMT Not After : May 1 00:00:00 2027 GMT Subject: CN=69a62c03-6f38 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:ef:c8:da:b5:88:c5:8d:83:50:33:1f:c9:be: 65:98:60:09:47:27:01:99:0a:c7:98:92:21:20:f1: 92:76:18:73:9d:ed:a2:1d:d8:c4:a6:ef:6b:c8:3f: 37:ae:0a:be:5a:86:f1:1c:f6:c5:18:80:3c:6d:bc: f0:c2:72:9f:cf:0e:8e:e9:e2:cf:3a:78:04:b6:c4: 6f:2f:5b:8c:40:d6:5b:4c:47:a4:d1:a2:21:06:fa: f0:57:1e:6a:43:8a:80:fb:55:b3:b6:ae:37:42:53: d2:8a:bc:b4:cf:f1:9d:d5:f2:72:22:dc:a3:d9:17: 94:4c:3c:c0:97:de:fa:c8:59:eb:8e:5c:36:78:95: ac:06:a3:f4:3e:1c:78:9b:23:fc:da:b7:77:a3:8d: 04:92:a7:a6:18:3f:c2:fe:fe:67:39:f9:ed:5a:1a: 68:ff:58:0f:90:8a:e0:ee:63:20:51:a1:64:a9:6b: 2a:2f:e6:7f:03:ee:0b:56:26:dc:f0:36:0b:ed:07: 1d:cb:86:d3:e1:28:5e:42:cb:e0:51:bd:32:98:54: 7f:f8:ca:fa:af:85:95:41:a6:98:1d:12:ef:c3:d2: 78:69:2b:a3:3e:9c:65:af:c2:d4:13:63:0c:86:97: 1a:e4:bb:b6:14:3f:c9:94:97:8f:51:d5:14:1d:c1: 08:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:A3:9D:B6:E0:96:51:3D:90:1B:54:0A:BA:E1:43:16:66:21:5C:90 X509v3 Authority Key Identifier: keyid:21:7C:3D:8B:ED:0B:40:C0:FB:08:8B:59:EE:6E:65:AE:6C:66:1F:0D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IXw9i-0LQMD7CItZ7m5lrmxmHw0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/E986DDEC979911ECB3B7CE39C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.179.198.0/23 IPv6: 2400:4e20::/32 Signature Algorithm: sha256WithRSAEncryption 91:90:97:1f:45:87:39:a9:18:67:b0:40:05:30:cf:d1:ae:1b: 91:7d:95:43:f2:cd:c0:71:b4:3d:d2:4e:b8:20:cd:0c:0f:dd: 08:65:76:cf:a8:4f:d2:01:c8:ab:ec:35:bc:32:7f:fb:ef:ba: c4:ee:4d:cf:34:5a:b1:9f:d3:31:d8:9c:f8:50:b8:2d:70:f1: 61:f2:d3:96:22:61:cd:24:e3:7d:8a:d2:d7:ee:cc:9a:d5:e7: 9a:84:e6:f4:75:ed:b2:db:b5:06:46:f7:7f:8d:e8:fb:b8:da: 19:39:5f:2e:e3:cb:15:38:c7:89:29:26:96:ac:1f:4b:df:70: 90:7a:96:ea:e2:8b:ea:67:4b:8d:82:00:7d:61:7a:c2:d1:03: 86:d0:5b:28:ec:87:f1:74:41:20:c0:6b:ba:42:48:42:40:0e: 59:ea:f8:36:f6:86:15:38:29:e4:5f:d3:7f:af:a7:a9:fc:45: b9:38:26:08:c5:fb:8d:d6:a7:ad:df:d9:a1:06:66:9b:06:dc: c0:cc:73:8a:0c:f6:07:ed:75:48:e8:3b:8a:77:52:86:8f:b2: 2a:58:bb:8e:56:8f:b9:28:11:57:c8:38:49:f3:44:58:fd:37: 18:da:ea:8b:b6:02:54:b0:7e:2c:56:66:85:30:90:5d:8f:fb: b3:34:77:18 -----BEGIN CERTIFICATE----- MIIFSzCCBDOgAwIBAgICBJowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTJERTQxMTAvBgNVBAUTKDIxN0MzRDhCRUQwQjQwQzBGQjA4OEI1OUVFNkU2NUFF NkM2NjFGMEQwHhcNMjYwMzAzMDAzMjAzWhcNMjcwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE2MmMwMy02ZjM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApO/I2rWIxY2DUDMfyb5lmGAJRycBmQrHmJIhIPGSdhhzne2iHdjEpu9ryD83 rgq+WobxHPbFGIA8bbzwwnKfzw6O6eLPOngEtsRvL1uMQNZbTEek0aIhBvrwVx5q Q4qA+1Wztq43QlPSiry0z/Gd1fJyItyj2ReUTDzAl976yFnrjlw2eJWsBqP0Phx4 myP82rd3o40EkqemGD/C/v5nOfntWhpo/1gPkIrg7mMgUaFkqWsqL+Z/A+4LVibc 8DYL7Qcdy4bT4SheQsvgUb0ymFR/+Mr6r4WVQaaYHRLvw9J4aSujPpxlr8LUE2MM hpca5Lu2FD/JlJePUdUUHcEICQIDAQABo4ICbzCCAmswHQYDVR0OBBYEFPmjnbbg llE9kBtUCrrhQxZmIVyQMB8GA1UdIwQYMBaAFCF8PYvtC0DA+wiLWe5uZa5sZh8N MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MkRFNC80Q0NDQzMzMjc5 MkExMUVDQjBDNTkxNjJDNEY5QUUwMi9JWHc5aS0wTFFNRDdDSXRaN201bHJteG1I dzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lYdzlpLTBMUU1EN0NJdFo3bTVscm14bUh3MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTJERTQvNENDQ0MzMzI3OTJBMTFFQ0IwQzU5MTYyQzRGOUFFMDIvRTk4NkRERUM5 Nzk5MTFFQ0IzQjdDRTM5QzRGOUFFMDIucm9hMC4GCCsGAQUFBwEHAQH/BB8wHTAM BAIAATAGAwQBZ7PGMA0EAgACMAcDBQAkAE4gMA0GCSqGSIb3DQEBCwUAA4IBAQCR kJcfRYc5qRhnsEAFMM/RrhuRfZVD8s3AcbQ90k64IM0MD90IZXbPqE/SAcir7DW8 Mn/777rE7k3PNFqxn9Mx2Jz4ULgtcPFh8tOWImHNJON9itLX7sya1eeahOb0de2y 27UGRvd/jej7uNoZOV8u48sVOMeJKSaWrB9L33CQepbq4ovqZ0uNggB9YXrC0QOG 0Fso7IfxdEEgwGu6QkhCQA5Z6vg29oYVOCnkX9N/r6ep/EW5OCYIxfuN1qet39mh BmabBtzAzHOKDPYH7XVI6DuKd1KGj7IqWLuOVo+5KBFXyDhJ80RY/TcY2uqLtgJU sH4sVmaFMJBdj/uzNHcY -----END CERTIFICATE-----Generated at Thu Mar 26 08:47:36 2026 by rpki-client