$ rpki-client -vvf rpki.apnic.net/member_repository/A9158E7B/511B3B1AD99A11F08D4938B065D3641D/B2897A041D1C11F19ECA08BE103D8C67.roa File: B2897A041D1C11F19ECA08BE103D8C67.roa (raw, json) Hash identifier: VQAnAshqNaJSS0rUq9sVC9WDtf0AoAAQTcJNc9J4oxg= Subject key identifier: 4A:6B:20:B7:E7:57:50:DA:2F:7D:6D:6E:D8:C7:A7:5B:62:17:AE:F4 Certificate issuer: /CN=A9158E7B/serialNumber=BA394275C4FF8F8EF234749A36F2A1913927955B Certificate serial: 36 Authority key identifier: BA:39:42:75:C4:FF:8F:8E:F2:34:74:9A:36:F2:A1:91:39:27:95:5B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ujlCdcT_j47yNHSaNvKhkTknlVs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9158E7B/511B3B1AD99A11F08D4938B065D3641D/B2897A041D1C11F19ECA08BE103D8C67.roa Signing time: Wed 11 Mar 2026 07:34:12 +0000 ROA not before: Wed 11 Mar 2026 07:34:12 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 152194 IP address blocks: 43.243.108.0/22 maxlen: 24 103.231.28.0/22 maxlen: 24 2405:fc40::/32 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9158E7B/511B3B1AD99A11F08D4938B065D3641D/ujlCdcT_j47yNHSaNvKhkTknlVs.crl rsync://rpki.apnic.net/member_repository/A9158E7B/511B3B1AD99A11F08D4938B065D3641D/ujlCdcT_j47yNHSaNvKhkTknlVs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ujlCdcT_j47yNHSaNvKhkTknlVs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Apr 2026 07:46:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54 (0x36) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9158E7B, serialNumber=BA394275C4FF8F8EF234749A36F2A1913927955B Validity Not Before: Mar 11 07:34:12 2026 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=69b11af4-8be5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:fa:f9:5e:8b:86:0c:8e:9b:29:db:8d:61:7f: db:d4:1f:17:d0:da:92:96:4d:04:1f:9d:b9:53:a6: 37:8a:34:3e:c9:8a:ac:e4:da:51:15:e8:93:73:93: 7d:58:2c:9d:2a:3f:34:c8:f5:fa:ec:9c:4c:e8:33: 05:20:9f:72:78:39:09:fa:41:41:ec:67:5e:72:97: 21:52:e9:a7:42:f4:93:1f:c0:23:4f:59:9b:e1:cf: 89:ed:9b:ed:d2:8a:87:88:70:59:92:b8:fa:bf:87: e9:0d:74:99:d8:73:20:ee:92:aa:19:16:0f:c4:f1: 65:69:e1:c1:67:f3:7d:ad:e3:e7:fe:8b:a9:f7:ce: 5a:7e:13:30:0a:d2:8c:aa:ec:96:aa:81:d1:7d:5d: f1:06:77:11:94:17:16:93:ea:e0:b3:23:ce:f3:c7: 80:9a:e9:69:0d:28:41:6f:ac:9e:a3:82:7b:b4:37: a7:80:a3:d5:93:4c:cc:fe:fa:20:2f:33:ac:a5:39: 2c:ed:61:5f:1f:6f:59:d8:c8:66:77:40:a5:42:24: 9c:52:88:f6:3b:c7:e3:ef:1f:f6:7b:a5:5b:dc:6b: f2:fd:74:1c:e8:4a:3f:e1:e2:fb:0e:f9:cf:ba:52: 70:58:57:a1:0f:67:e3:6e:f4:79:9a:4e:af:88:5a: 23:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:6B:20:B7:E7:57:50:DA:2F:7D:6D:6E:D8:C7:A7:5B:62:17:AE:F4 X509v3 Authority Key Identifier: keyid:BA:39:42:75:C4:FF:8F:8E:F2:34:74:9A:36:F2:A1:91:39:27:95:5B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9158E7B/511B3B1AD99A11F08D4938B065D3641D/ujlCdcT_j47yNHSaNvKhkTknlVs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ujlCdcT_j47yNHSaNvKhkTknlVs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158E7B/511B3B1AD99A11F08D4938B065D3641D/B2897A041D1C11F19ECA08BE103D8C67.roa sbgp-ipAddrBlock: critical IPv4: 43.243.108.0/22 103.231.28.0/22 IPv6: 2405:fc40::/32 Signature Algorithm: sha256WithRSAEncryption 2e:2c:73:75:2a:a9:ad:5c:76:be:4c:eb:d0:d4:3f:2e:13:9b: 51:54:75:7d:bf:62:f9:fe:d0:cb:c4:90:1c:4e:6c:f9:ef:75: aa:5c:25:f9:cf:0c:95:f1:e5:bc:d7:f3:51:c9:93:aa:04:8d: 08:8a:55:6a:ac:78:df:e6:f6:a4:a6:da:a5:a6:20:12:c9:24: 4f:5f:3d:4c:cb:69:a1:a1:e1:0b:b4:86:11:ed:3e:86:5f:66: e7:e4:55:14:86:1b:56:b0:f8:7e:3b:6e:75:20:9b:95:6f:1f: eb:30:6f:92:a6:8e:26:60:ca:a3:b8:1f:fe:36:ac:9b:46:f8: 22:fb:c2:1d:62:0c:2e:9e:59:95:61:ec:3e:45:f5:36:10:67: 99:72:e9:cc:9b:f2:cf:56:d4:83:e4:f0:ea:c1:aa:d7:e9:1a: 60:6f:04:75:3c:f6:84:86:af:7b:be:1b:53:38:bb:d8:f7:a6: 95:e5:2b:7e:b2:c4:ab:81:55:92:2e:56:ca:2c:db:28:8b:08: 8c:d1:1a:2d:b4:dc:54:75:6a:23:e3:53:3e:83:ab:c1:ae:f7: 54:1c:57:15:3a:db:28:f6:c3:a9:4c:18:a3:b8:07:b1:c8:3f: 20:2d:4c:1b:a7:37:3e:16:ba:5d:03:62:64:c3:f3:e1:c9:7a: ca:ea:cf:1d -----BEGIN CERTIFICATE----- MIIFUDCCBDigAwIBAgIBNjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1 OEU3QjExMC8GA1UEBRMoQkEzOTQyNzVDNEZGOEY4RUYyMzQ3NDlBMzZGMkExOTEz OTI3OTU1QjAeFw0yNjAzMTEwNzM0MTJaFw0yNjA3MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY5YjExYWY0LThiZTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCw+vlei4YMjpsp241hf9vUHxfQ2pKWTQQfnblTpjeKND7Jiqzk2lEV6JNzk31Y LJ0qPzTI9frsnEzoMwUgn3J4OQn6QUHsZ15ylyFS6adC9JMfwCNPWZvhz4ntm+3S ioeIcFmSuPq/h+kNdJnYcyDukqoZFg/E8WVp4cFn832t4+f+i6n3zlp+EzAK0oyq 7JaqgdF9XfEGdxGUFxaT6uCzI87zx4Ca6WkNKEFvrJ6jgnu0N6eAo9WTTMz++iAv M6ylOSztYV8fb1nYyGZ3QKVCJJxSiPY7x+PvH/Z7pVvca/L9dBzoSj/h4vsO+c+6 UnBYV6EPZ+Nu9HmaTq+IWiO/AgMBAAGjggJ1MIICcTAdBgNVHQ4EFgQUSmsgt+dX UNovfW1u2MenW2IXrvQwHwYDVR0jBBgwFoAUujlCdcT/j47yNHSaNvKhkTknlVsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU4RTdCLzUxMUIzQjFBRDk5 QTExRjA4RDQ5MzhCMDY1RDM2NDFEL3VqbENkY1RfajQ3eU5IU2FOdktoa1RrbmxW cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvdWpsQ2RjVF9qNDd5TkhTYU52S2hrVGtubFZzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgZYGCCsGAQUFBwELBIGJMIGGMIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 OEU3Qi81MTFCM0IxQUQ5OUExMUYwOEQ0OTM4QjA2NUQzNjQxRC9CMjg5N0EwNDFE MUMxMUYxOUVDQTA4QkUxMDNEOEM2Ny5yb2EwNAYIKwYBBQUHAQcBAf8EJTAjMBIE AgABMAwDBAIr82wDBAJn5xwwDQQCAAIwBwMFACQF/EAwDQYJKoZIhvcNAQELBQAD ggEBAC4sc3Uqqa1cdr5M69DUPy4Tm1FUdX2/Yvn+0MvEkBxObPnvdapcJfnPDJXx 5bzX81HJk6oEjQiKVWqseN/m9qSm2qWmIBLJJE9fPUzLaaGh4Qu0hhHtPoZfZufk VRSGG1aw+H47bnUgm5VvH+swb5KmjiZgyqO4H/42rJtG+CL7wh1iDC6eWZVh7D5F 9TYQZ5ly6cyb8s9W1IPk8OrBqtfpGmBvBHU89oSGr3u+G1M4u9j3ppXlK36yxKuB VZIuVsos2yiLCIzRGi203FR1aiPjUz6Dq8Gu91QcVxU62yj2w6lMGKO4B7HIPyAt TBunNz4Wul0DYmTD8+HJesrqzx0= -----END CERTIFICATE-----Generated at Thu Mar 26 04:07:35 2026 by rpki-client