$ rpki-client -vvf rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/E52708AADFCE11EFBC4CD631C4F9AE02.roa File: E52708AADFCE11EFBC4CD631C4F9AE02.roa (raw, json) Hash identifier: UwLoOyaZbHGVyc3Yo+XyKXXwqdXa6YKf1q7At4kg4i0= Subject key identifier: 8D:83:DB:D9:7D:D6:0F:E3:97:E2:91:5E:60:CC:37:A1:0F:B5:71:6E Certificate issuer: /CN=A9157DA0/serialNumber=8887CF6CF5102F0FB713F4C4A1BDE389481F1C44 Certificate serial: 355D Authority key identifier: 88:87:CF:6C:F5:10:2F:0F:B7:13:F4:C4:A1:BD:E3:89:48:1F:1C:44 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/E52708AADFCE11EFBC4CD631C4F9AE02.roa Signing time: Mon 20 Apr 2026 15:12:49 +0000 ROA not before: Mon 20 Apr 2026 15:12:49 +0000 ROA not after: Fri 30 Jul 2027 00:00:00 +0000 asID: 38875 IP address blocks: 43.248.156.0/23 maxlen: 23 119.252.120.0/23 maxlen: 23 119.252.120.0/24 maxlen: 24 119.252.121.0/24 maxlen: 24 124.109.12.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.crl rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 19 May 2026 14:36:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13661 (0x355d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157DA0, serialNumber=8887CF6CF5102F0FB713F4C4A1BDE389481F1C44 Validity Not Before: Apr 20 15:12:49 2026 GMT Not After : Jul 30 00:00:00 2027 GMT Subject: CN=69e64271-b862 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:90:0f:2c:35:69:cb:a9:93:45:1f:94:3c:d1: 80:89:11:77:59:3f:b8:d9:84:85:44:c5:b9:52:f6: ca:a1:7a:46:6b:0f:6f:a8:9c:d8:96:48:25:62:50: 80:8a:d5:9f:a0:03:c7:cf:91:13:3c:97:ee:70:ba: 34:0b:35:7f:67:31:ba:05:fe:31:36:ae:23:46:13: 7b:41:ef:29:25:0f:60:2e:79:d6:f3:5a:54:9c:71: 8f:ac:a5:18:43:17:92:0b:ae:7c:56:a6:80:6e:6a: 87:0e:b9:c1:35:1a:5e:29:d1:ba:ad:41:01:29:0d: 73:cd:61:5d:24:5a:88:d7:8a:47:9f:2e:f2:77:2e: 78:47:dc:d2:c6:8d:54:53:7d:23:e1:0d:db:1f:9c: f1:a5:8c:76:60:89:4c:16:c1:44:4e:8b:50:04:91: e8:05:e6:22:df:6c:61:8f:fd:2e:8e:cd:fc:04:c4: df:0f:e9:4b:6a:de:4c:f7:f4:23:7c:52:5f:bd:af: 79:d5:e3:a5:a8:df:43:27:93:42:a1:e9:25:d3:05: 7e:1b:f7:26:57:01:d5:a9:50:eb:31:88:94:4a:06: ae:78:6b:44:37:79:89:80:d8:f5:49:90:83:4d:1e: f8:a5:82:87:9a:c1:1f:2e:1d:f7:19:df:a3:c3:66: 4e:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:83:DB:D9:7D:D6:0F:E3:97:E2:91:5E:60:CC:37:A1:0F:B5:71:6E X509v3 Authority Key Identifier: keyid:88:87:CF:6C:F5:10:2F:0F:B7:13:F4:C4:A1:BD:E3:89:48:1F:1C:44 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/E52708AADFCE11EFBC4CD631C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.248.156.0/23 119.252.120.0/23 124.109.12.0/22 Signature Algorithm: sha256WithRSAEncryption 27:d6:10:5e:01:ad:9c:10:de:50:1a:f3:ef:43:f4:d2:ee:88: 5e:f3:c0:01:b5:d2:2d:01:06:b9:a1:fa:f9:83:8e:63:18:a0: 11:8f:6b:1c:a5:69:2e:d1:13:e9:fe:2d:ac:a0:0a:c5:2d:d6: be:82:59:3f:eb:79:12:3e:80:e1:33:e4:e6:45:ee:7f:6f:01: 10:01:b9:7e:ea:3f:00:0a:88:9e:6a:fe:19:f5:d4:fb:52:b2: 0f:7c:cf:dd:34:dc:29:2c:80:b1:87:c1:cb:4c:0e:6e:a2:95: c7:83:6a:30:d3:9b:f3:63:57:12:c4:94:1c:68:e6:ac:82:e8: 80:ab:b8:af:91:9d:ab:47:97:e9:32:84:10:3a:02:5b:1e:e7: 37:04:b4:2c:80:fb:11:bd:f7:23:44:ae:bf:e6:dc:a4:6a:ec: fe:27:a2:84:7c:b0:da:ba:e6:7b:85:48:47:b4:40:25:36:a8: a1:ca:34:7f:74:c1:4b:8e:6c:e3:b7:be:0e:24:f1:c1:05:3e: 5a:57:ef:d7:e0:b1:64:e5:7a:3f:73:5a:5e:c4:cf:22:d0:f5: 0a:e6:39:fd:13:e2:6e:24:79:bf:d4:2e:7c:73:00:ae:f9:7a: 7b:ad:ad:11:15:59:e5:3d:41:04:ee:ce:fc:85:43:20:85:73: 51:e3:c2:64 -----BEGIN CERTIFICATE----- MIIFSDCCBDCgAwIBAgICNV0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdEQTAxMTAvBgNVBAUTKDg4ODdDRjZDRjUxMDJGMEZCNzEzRjRDNEExQkRFMzg5 NDgxRjFDNDQwHhcNMjYwNDIwMTUxMjQ5WhcNMjcwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWU2NDI3MS1iODYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAopAPLDVpy6mTRR+UPNGAiRF3WT+42YSFRMW5UvbKoXpGaw9vqJzYlkglYlCA itWfoAPHz5ETPJfucLo0CzV/ZzG6Bf4xNq4jRhN7Qe8pJQ9gLnnW81pUnHGPrKUY QxeSC658VqaAbmqHDrnBNRpeKdG6rUEBKQ1zzWFdJFqI14pHny7ydy54R9zSxo1U U30j4Q3bH5zxpYx2YIlMFsFETotQBJHoBeYi32xhj/0ujs38BMTfD+lLat5M9/Qj fFJfva951eOlqN9DJ5NCoekl0wV+G/cmVwHVqVDrMYiUSgaueGtEN3mJgNj1SZCD TR74pYKHmsEfLh33Gd+jw2ZO3wIDAQABo4ICbDCCAmgwHQYDVR0OBBYEFI2D29l9 1g/jl+KRXmDMN6EPtXFuMB8GA1UdIwQYMBaAFIiHz2z1EC8PtxP0xKG944lIHxxE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0RBMC8zQTBEOTMxMDFE OEMxMUUyOEVGRjU3RTcwOEIwMkNEMi9pSWZQYlBVUUx3LTNFX1RFb2IzamlVZ2ZI RVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lJZlBiUFVRTHctM0VfVEVvYjNqaVVnZkhFUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTdEQTAvM0EwRDkzMTAxRDhDMTFFMjhFRkY1N0U3MDhCMDJDRDIvRTUyNzA4QUFE RkNFMTFFRkJDNENENjMxQzRGOUFFMDIucm9hMCsGCCsGAQUFBwEHAQH/BBwwGjAY BAIAATASAwQBK/icAwQBd/x4AwQCfG0MMA0GCSqGSIb3DQEBCwUAA4IBAQAn1hBe Aa2cEN5QGvPvQ/TS7ohe88ABtdItAQa5ofr5g45jGKARj2scpWku0RPp/i2soArF Lda+glk/63kSPoDhM+TmRe5/bwEQAbl+6j8ACoieav4Z9dT7UrIPfM/dNNwpLICx h8HLTA5uopXHg2ow05vzY1cSxJQcaOasguiAq7ivkZ2rR5fpMoQQOgJbHuc3BLQs gPsRvfcjRK6/5tykauz+J6KEfLDauuZ7hUhHtEAlNqihyjR/dMFLjmzjt74OJPHB BT5aV+/X4LFk5Xo/c1pexM8i0PUK5jn9E+JuJHm/1C58cwCu+Xp7ra0RFVnlPUEE 7s78hUMghXNR48Jk -----END CERTIFICATE-----Generated at Wed May 13 03:25:33 2026 by rpki-client