$ rpki-client -vvf rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/CF2F506C8A0F11EA9DFF7F19C4F9AE02.roa File: CF2F506C8A0F11EA9DFF7F19C4F9AE02.roa (raw, json) Hash identifier: Uev6dESbR9jrBR21kOty0yon3IBMPTdsDiYNuwEZ5F0= Subject key identifier: 92:20:53:DC:FF:BC:73:23:24:4B:0E:B8:8E:A5:80:21:66:E1:55:5C Certificate issuer: /CN=A915D03A/serialNumber=615ED84C44E657F7095E0212AFEA052C542A0D91 Certificate serial: 1A69 Authority key identifier: 61:5E:D8:4C:44:E6:57:F7:09:5E:02:12:AF:EA:05:2C:54:2A:0D:91 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YV7YTETmV_cJXgISr-oFLFQqDZE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/CF2F506C8A0F11EA9DFF7F19C4F9AE02.roa Signing time: Sun 01 Mar 2026 18:35:31 +0000 ROA not before: Thu 08 Jan 2026 17:13:45 +0000 ROA not after: Tue 02 Mar 2027 00:00:00 +0000 asID: 0 IP address blocks: 43.249.212.0/22 maxlen: 22 114.141.72.0/21 maxlen: 21 124.158.24.0/22 maxlen: 22 202.9.70.0/23 maxlen: 23 202.74.62.0/23 maxlen: 23 2404:4e00:ff::/48 maxlen: 48 2404:4e00:6000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/YV7YTETmV_cJXgISr-oFLFQqDZE.crl rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/YV7YTETmV_cJXgISr-oFLFQqDZE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YV7YTETmV_cJXgISr-oFLFQqDZE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 16:19:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6761 (0x1a69) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915D03A, serialNumber=615ED84C44E657F7095E0212AFEA052C542A0D91 Validity Not Before: Jan 8 17:13:45 2026 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=69a486f3-f282 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:a4:79:83:92:89:21:c8:10:25:50:60:1b:c1: 9a:c8:c5:d6:6f:41:23:76:3d:d2:8c:7f:4b:11:54: c9:46:0f:5b:ea:03:5b:6a:51:b0:c3:90:4d:71:61: fd:5d:d2:09:1d:d2:f0:b7:38:39:9f:64:20:0b:b2: 01:77:0e:6e:4a:26:c7:8c:d8:f2:b3:74:12:18:6d: 0e:ba:4a:7c:95:94:e6:29:2a:51:2c:07:83:70:60: af:19:6f:5f:d1:a2:59:fc:f2:f5:93:a2:3f:59:fb: bc:8a:fc:f8:c5:d3:06:dd:81:54:10:b1:d6:64:e6: cd:08:d2:1c:6b:de:78:49:3e:4d:d0:54:4a:17:78: 35:dd:e5:2d:47:28:2a:53:c6:5e:78:5d:7b:13:9f: 4f:7a:b9:59:ff:d1:c6:7e:28:07:f8:39:a8:eb:ef: 61:6e:e5:ed:54:da:91:0d:6e:9c:d2:50:b3:8d:6d: 8a:14:66:9d:5c:b2:7a:58:08:eb:79:31:19:bb:a2: ed:0b:cb:5d:be:8c:c8:dd:4c:33:8f:56:d8:ff:9f: a1:66:1c:86:90:bb:05:37:a9:0e:65:d7:c0:19:28: 00:df:af:c0:c5:bd:2d:5f:d7:63:3f:df:fb:9d:a3: bd:ff:43:34:06:f7:e2:ce:1c:2d:b2:52:e1:3d:34: 6b:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:20:53:DC:FF:BC:73:23:24:4B:0E:B8:8E:A5:80:21:66:E1:55:5C X509v3 Authority Key Identifier: keyid:61:5E:D8:4C:44:E6:57:F7:09:5E:02:12:AF:EA:05:2C:54:2A:0D:91 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/YV7YTETmV_cJXgISr-oFLFQqDZE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YV7YTETmV_cJXgISr-oFLFQqDZE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/CF2F506C8A0F11EA9DFF7F19C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.249.212.0/22 114.141.72.0/21 124.158.24.0/22 202.9.70.0/23 202.74.62.0/23 IPv6: 2404:4e00:ff::/48 2404:4e00:6000::/40 Signature Algorithm: sha256WithRSAEncryption 94:6c:fd:23:b8:17:29:fd:b3:61:5e:89:81:3f:99:80:5c:f4: ac:69:b3:02:4b:5a:9f:5a:a2:37:22:8c:fe:2f:35:c0:87:d1: 98:9e:d5:17:8c:04:c7:d0:31:c5:8a:4b:e6:89:b0:8d:37:93: bf:63:bb:0e:a2:b2:f4:84:83:d7:75:6c:a2:7f:66:af:98:68: a7:c8:4d:07:6f:b0:8b:6f:a9:33:93:dc:49:d3:c7:77:06:08: 5f:02:21:f9:53:0d:71:10:91:7c:65:82:62:a8:3d:04:ee:85: ea:20:95:47:f8:27:c8:07:68:91:6a:47:52:fe:d2:25:b4:91: 58:6d:87:18:c7:e1:ef:f1:8c:ad:ae:8c:83:5a:fe:fb:80:1c: 49:f3:49:32:1b:c6:d5:d1:2b:5b:1d:20:81:7f:b3:22:02:b1: 39:7a:4e:33:3f:e3:c3:4b:86:3f:7d:a4:46:64:9c:95:4e:e7: ed:5c:fd:43:f2:92:a6:41:44:1c:c9:22:e8:7c:15:c6:02:cc: 17:4e:da:79:3b:69:2a:1a:40:02:af:8c:b3:d0:bb:ee:d7:48: ac:cb:f6:5e:ae:09:b8:49:db:a1:2f:a4:20:a5:d8:55:61:ad: 90:de:82:8f:95:27:a7:63:4c:bc:a6:e0:b7:36:12:45:02:c0: d8:d5:29:a0 -----BEGIN CERTIFICATE----- MIIFbTCCBFWgAwIBAgICGmkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUQwM0ExMTAvBgNVBAUTKDYxNUVEODRDNDRFNjU3RjcwOTVFMDIxMkFGRUEwNTJD NTQyQTBEOTEwHhcNMjYwMTA4MTcxMzQ1WhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0ODZmMy1mMjgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv6R5g5KJIcgQJVBgG8GayMXWb0Ejdj3SjH9LEVTJRg9b6gNbalGww5BNcWH9 XdIJHdLwtzg5n2QgC7IBdw5uSibHjNjys3QSGG0Oukp8lZTmKSpRLAeDcGCvGW9f 0aJZ/PL1k6I/Wfu8ivz4xdMG3YFUELHWZObNCNIca954ST5N0FRKF3g13eUtRygq U8ZeeF17E59PerlZ/9HGfigH+Dmo6+9hbuXtVNqRDW6c0lCzjW2KFGadXLJ6WAjr eTEZu6LtC8tdvozI3Uwzj1bY/5+hZhyGkLsFN6kOZdfAGSgA36/Axb0tX9djP9/7 naO9/0M0BvfizhwtslLhPTRrEQIDAQABo4ICkTCCAo0wHQYDVR0OBBYEFJIgU9z/ vHMjJEsOuI6lgCFm4VVcMB8GA1UdIwQYMBaAFGFe2ExE5lf3CV4CEq/qBSxUKg2R MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RDAzQS8xQjY0NzcxMDky NDYxMUU3OUFBRUJFMTBDNEY5QUUwMi9ZVjdZVEVUbVZfY0pYZ0lTci1vRkxGUXFE WkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1lWN1lURVRtVl9jSlhnSVNyLW9GTEZRcURaRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NUQwM0EvMUI2NDc3MTA5MjQ2MTFFNzlBQUVCRTEwQzRGOUFFMDIvQ0YyRjUwNkM4 QTBGMTFFQTlERkY3RjE5QzRGOUFFMDIucm9hMFAGCCsGAQUFBwEHAQH/BEEwPzAk BAIAATAeAwQCK/nUAwQDco1IAwQCfJ4YAwQByglGAwQByko+MBcEAgACMBEDBwAk BE4AAP8DBgAkBE4AYDANBgkqhkiG9w0BAQsFAAOCAQEAlGz9I7gXKf2zYV6JgT+Z gFz0rGmzAktan1qiNyKM/i81wIfRmJ7VF4wEx9AxxYpL5omwjTeTv2O7DqKy9ISD 13Vson9mr5hop8hNB2+wi2+pM5PcSdPHdwYIXwIh+VMNcRCRfGWCYqg9BO6F6iCV R/gnyAdokWpHUv7SJbSRWG2HGMfh7/GMra6Mg1r++4AcSfNJMhvG1dErWx0ggX+z IgKxOXpOMz/jw0uGP32kRmSclU7n7Vz9Q/KSpkFEHMki6HwVxgLMF07aeTtpKhpA Aq+Ms9C77tdIrMv2Xq4JuEnboS+kIKXYVWGtkN6Cj5Unp2NMvKbgtzYSRQLA2NUp oA== -----END CERTIFICATE-----Generated at Thu Mar 26 03:45:45 2026 by rpki-client