$ rpki-client -vvf rpki.apnic.net/member_repository/A9158D75/7434940EF25E11E99130B181C4F9AE02/B4B32D509EDD11EC85676D09C4F9AE02.roa File: B4B32D509EDD11EC85676D09C4F9AE02.roa (raw, json) Hash identifier: uhdsb7IsbH2eS89Ae2T+bO+dY73SgZMqEnGlhmdvaA0= Subject key identifier: 5F:63:B0:3D:18:DA:63:16:A7:11:28:F4:1C:4F:DF:A7:A7:7F:AA:F8 Certificate issuer: /CN=A9158D75/serialNumber=F4345C314D6EBEDEB45FE0755F8FFEACF363CB8A Certificate serial: 0D60 Authority key identifier: F4:34:5C:31:4D:6E:BE:DE:B4:5F:E0:75:5F:8F:FE:AC:F3:63:CB:8A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9DRcMU1uvt60X-B1X4_-rPNjy4o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9158D75/7434940EF25E11E99130B181C4F9AE02/B4B32D509EDD11EC85676D09C4F9AE02.roa Signing time: Wed 18 Mar 2026 18:23:05 +0000 ROA not before: Wed 18 Mar 2026 18:23:05 +0000 ROA not after: Fri 28 May 2027 00:00:00 +0000 asID: 38031 IP address blocks: 43.254.96.0/22 maxlen: 24 61.247.176.0/20 maxlen: 24 103.245.96.0/22 maxlen: 22 103.245.98.0/23 maxlen: 24 111.221.0.0/21 maxlen: 24 114.134.88.0/21 maxlen: 24 203.112.72.0/21 maxlen: 24 2401:d380::/32 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9158D75/7434940EF25E11E99130B181C4F9AE02/9DRcMU1uvt60X-B1X4_-rPNjy4o.crl rsync://rpki.apnic.net/member_repository/A9158D75/7434940EF25E11E99130B181C4F9AE02/9DRcMU1uvt60X-B1X4_-rPNjy4o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9DRcMU1uvt60X-B1X4_-rPNjy4o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 02 Apr 2026 17:56:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3424 (0xd60) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9158D75, serialNumber=F4345C314D6EBEDEB45FE0755F8FFEACF363CB8A Validity Not Before: Mar 18 18:23:05 2026 GMT Not After : May 28 00:00:00 2027 GMT Subject: CN=69baed89-0e42 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:07:d8:32:c6:d3:b5:87:09:40:90:16:f4:a2: 32:45:1f:e7:a1:39:7c:69:33:54:22:65:9d:41:e9: 69:40:16:be:d3:e5:43:15:55:99:c2:e0:7f:cd:3e: 44:4e:9b:c5:be:a8:78:d1:9c:51:84:7d:98:0b:9c: 7e:42:8a:82:63:3a:2e:79:3e:98:78:3c:4a:4b:0d: a6:ee:a5:ce:5f:56:a3:06:4a:cf:e4:7c:d4:26:f6: b2:14:01:f5:f5:44:4c:b7:25:5b:e4:10:71:31:61: 34:65:39:b3:dd:e0:69:e5:f5:b3:37:12:c0:2b:47: f4:a8:29:ed:20:21:5c:43:77:42:9b:be:74:2e:9d: 8c:2a:68:42:0e:1d:de:d2:28:c6:b2:da:91:a3:a1: 68:ac:c9:f3:f5:54:c5:37:ae:dd:be:07:aa:db:cb: 4a:17:24:22:c4:47:42:b2:fe:b7:80:23:33:d5:db: f9:ab:94:45:1f:b8:78:8e:8e:9f:88:32:60:dd:88: f7:e2:d6:0a:14:9e:0d:c9:2c:4d:da:f0:b8:0a:87: 51:f3:41:2e:c3:34:6e:8f:be:74:f3:b4:aa:53:a4: 73:1a:7f:7d:72:b9:c3:df:40:5d:40:68:ff:c3:cd: ac:91:d7:56:3b:3f:05:5d:b3:9e:12:6b:e7:20:81: 7c:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:63:B0:3D:18:DA:63:16:A7:11:28:F4:1C:4F:DF:A7:A7:7F:AA:F8 X509v3 Authority Key Identifier: keyid:F4:34:5C:31:4D:6E:BE:DE:B4:5F:E0:75:5F:8F:FE:AC:F3:63:CB:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9158D75/7434940EF25E11E99130B181C4F9AE02/9DRcMU1uvt60X-B1X4_-rPNjy4o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9DRcMU1uvt60X-B1X4_-rPNjy4o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158D75/7434940EF25E11E99130B181C4F9AE02/B4B32D509EDD11EC85676D09C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.254.96.0/22 61.247.176.0/20 103.245.96.0/22 111.221.0.0/21 114.134.88.0/21 203.112.72.0/21 IPv6: 2401:d380::/32 Signature Algorithm: sha256WithRSAEncryption 21:f7:14:0f:72:a6:a9:08:ad:fa:32:cf:72:95:18:d7:34:c5: 9e:48:bc:d5:ad:99:ab:af:76:da:7c:98:3f:bc:7e:cc:e2:1f: 71:f0:4e:fe:7e:3e:f6:a4:75:da:08:a6:78:01:bb:85:a1:0b: 83:3b:0b:de:87:19:80:82:17:ef:0f:7e:18:17:7f:8e:68:6c: 34:23:38:e7:2e:86:c2:14:eb:b4:b4:8f:37:27:19:72:ba:3c: 87:a3:5b:d7:f8:24:ab:26:74:63:53:90:ab:e1:3b:32:16:1e: f9:fc:24:9c:9b:09:81:2a:ef:cd:5e:22:67:c7:f3:de:f9:57: db:10:6d:7b:13:3f:ad:3d:60:b6:fa:4e:fb:e1:34:52:ce:03: 40:dc:d4:a0:17:2c:61:d1:64:cf:fb:cb:dd:01:0c:3b:ff:7f: f9:36:18:e8:5b:fa:81:1e:29:1e:8e:35:49:e7:86:57:3c:09: 1f:b7:bb:27:8b:d2:f8:f2:95:8f:61:6b:9f:f8:c4:f0:41:0c: bd:23:08:78:1a:8e:82:42:8c:da:74:e8:88:17:91:ec:93:6b: c6:ea:34:42:26:07:a4:2c:ba:78:ee:6a:cb:d8:7e:fa:1d:46: af:67:fc:a7:d7:1d:be:42:cb:e8:c1:a6:d1:35:1d:b3:83:30: 09:f4:fd:3a -----BEGIN CERTIFICATE----- MIIFaTCCBFGgAwIBAgICDWAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NThENzUxMTAvBgNVBAUTKEY0MzQ1QzMxNEQ2RUJFREVCNDVGRTA3NTVGOEZGRUFD RjM2M0NCOEEwHhcNMjYwMzE4MTgyMzA1WhcNMjcwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02OWJhZWQ4OS0wZTQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6wfYMsbTtYcJQJAW9KIyRR/noTl8aTNUImWdQelpQBa+0+VDFVWZwuB/zT5E TpvFvqh40ZxRhH2YC5x+QoqCYzoueT6YeDxKSw2m7qXOX1ajBkrP5HzUJvayFAH1 9URMtyVb5BBxMWE0ZTmz3eBp5fWzNxLAK0f0qCntICFcQ3dCm750Lp2MKmhCDh3e 0ijGstqRo6ForMnz9VTFN67dvgeq28tKFyQixEdCsv63gCMz1dv5q5RFH7h4jo6f iDJg3Yj34tYKFJ4NySxN2vC4CodR80EuwzRuj75087SqU6RzGn99crnD30BdQGj/ w82skddWOz8FXbOeEmvnIIF8VQIDAQABo4ICjTCCAokwHQYDVR0OBBYEFF9jsD0Y 2mMWpxEo9BxP36enf6r4MB8GA1UdIwQYMBaAFPQ0XDFNbr7etF/gdV+P/qzzY8uK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OEQ3NS83NDM0OTQwRUYy NUUxMUU5OTEzMEIxODFDNEY5QUUwMi85RFJjTVUxdXZ0NjBYLUIxWDRfLXJQTmp5 NG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzlEUmNNVTF1dnQ2MFgtQjFYNF8tclBOank0by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NThENzUvNzQzNDk0MEVGMjVFMTFFOTkxMzBCMTgxQzRGOUFFMDIvQjRCMzJENTA5 RUREMTFFQzg1Njc2RDA5QzRGOUFFMDIucm9hMEwGCCsGAQUFBwEHAQH/BD0wOzAq BAIAATAkAwQCK/5gAwQEPfewAwQCZ/VgAwQDb90AAwQDcoZYAwQDy3BIMA0EAgAC MAcDBQAkAdOAMA0GCSqGSIb3DQEBCwUAA4IBAQAh9xQPcqapCK36Ms9ylRjXNMWe SLzVrZmrr3bafJg/vH7M4h9x8E7+fj72pHXaCKZ4AbuFoQuDOwvehxmAghfvD34Y F3+OaGw0IzjnLobCFOu0tI83JxlyujyHo1vX+CSrJnRjU5Cr4TsyFh75/CScmwmB Ku/NXiJnx/Pe+VfbEG17Ez+tPWC2+k774TRSzgNA3NSgFyxh0WTP+8vdAQw7/3/5 NhjoW/qBHikejjVJ54ZXPAkft7sni9L48pWPYWuf+MTwQQy9Iwh4Go6CQozadOiI F5Hsk2vG6jRCJgekLLp47mrL2H76HUavZ/yn1x2+QsvowabRNR2zgzAJ9P06 -----END CERTIFICATE-----Generated at Fri Mar 27 02:03:11 2026 by rpki-client