$ rpki-client -vvf rpki.apnic.net/member_repository/A9162DD6/9CD7CB0A3FEA11E991839D0DC4F9AE02/D97D5F6A3FEB11E9882E830FC4F9AE02.roa File: D97D5F6A3FEB11E9882E830FC4F9AE02.roa (raw, json) Hash identifier: YTLM/IZw3IIR4MorBonKso+E+SL2P2Fu9vwyg8zdQ0M= Subject key identifier: 31:42:8C:95:0E:40:BC:B2:43:90:ED:08:C9:E9:AE:A7:3B:9E:40:61 Certificate issuer: /CN=A9162DD6/serialNumber=0E2870631FA0EFEAE94531DB0E26045CA3BC819B Certificate serial: 10E6 Authority key identifier: 0E:28:70:63:1F:A0:EF:EA:E9:45:31:DB:0E:26:04:5C:A3:BC:81:9B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DihwYx-g7-rpRTHbDiYEXKO8gZs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9162DD6/9CD7CB0A3FEA11E991839D0DC4F9AE02/D97D5F6A3FEB11E9882E830FC4F9AE02.roa Signing time: Fri 20 Mar 2026 17:21:56 +0000 ROA not before: Fri 20 Mar 2026 17:21:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 18225 IP address blocks: 103.161.218.0/24 maxlen: 24 103.161.219.0/24 maxlen: 24 202.154.160.0/21 maxlen: 21 202.154.168.0/24 maxlen: 24 202.154.169.0/24 maxlen: 24 202.154.170.0/24 maxlen: 24 202.154.171.0/24 maxlen: 24 202.154.172.0/24 maxlen: 24 202.154.173.0/24 maxlen: 24 202.154.174.0/24 maxlen: 24 202.154.175.0/24 maxlen: 24 2406:de00:100::/40 maxlen: 40 2406:de00:200::/40 maxlen: 40 2406:de00:400::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9162DD6/9CD7CB0A3FEA11E991839D0DC4F9AE02/DihwYx-g7-rpRTHbDiYEXKO8gZs.crl rsync://rpki.apnic.net/member_repository/A9162DD6/9CD7CB0A3FEA11E991839D0DC4F9AE02/DihwYx-g7-rpRTHbDiYEXKO8gZs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DihwYx-g7-rpRTHbDiYEXKO8gZs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 17:12:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4326 (0x10e6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162DD6, serialNumber=0E2870631FA0EFEAE94531DB0E26045CA3BC819B Validity Not Before: Mar 20 17:21:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=69bd8234-1525 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:ef:c7:33:53:53:ff:bf:33:18:53:58:cb:2c: 04:f1:fd:bd:1a:02:dd:01:7c:50:0e:8b:91:0e:c2: c5:05:8f:65:d5:0e:eb:2f:3a:e9:49:51:31:65:86: f3:c8:a3:53:de:28:9c:e7:bc:87:c9:9e:93:15:63: 1e:81:87:65:6d:b2:fc:03:6a:12:1e:7d:f9:5e:a3: 2b:ef:fe:31:cf:fe:45:82:63:13:3e:c8:49:8b:9b: 53:6f:5c:dc:9d:7f:cf:59:ea:07:9f:27:de:85:93: 3f:d9:59:53:c9:8d:39:82:1b:2f:f3:89:88:26:34: af:4f:02:1c:94:2c:e4:7e:08:4b:69:6a:8a:55:a4: db:a8:e3:a2:db:a7:94:ab:64:0b:b4:90:51:6e:bb: d4:95:c3:cd:78:c9:b5:aa:b1:28:b0:68:39:15:d2: ce:2f:c0:2e:b3:f0:69:4d:a9:68:a2:22:b9:12:fe: 35:67:1b:4f:67:38:91:b9:b8:86:28:70:56:63:52: 3d:c2:00:90:d2:6f:89:65:77:fb:18:e5:f7:f9:6c: 75:bd:28:83:ae:9b:e6:38:1c:7a:02:b1:31:4f:4d: 71:45:73:a9:f6:d3:aa:27:45:3d:5e:b7:e1:32:10: fd:de:c5:cc:ca:95:40:02:86:38:b3:ce:e5:a8:0e: de:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:42:8C:95:0E:40:BC:B2:43:90:ED:08:C9:E9:AE:A7:3B:9E:40:61 X509v3 Authority Key Identifier: keyid:0E:28:70:63:1F:A0:EF:EA:E9:45:31:DB:0E:26:04:5C:A3:BC:81:9B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9162DD6/9CD7CB0A3FEA11E991839D0DC4F9AE02/DihwYx-g7-rpRTHbDiYEXKO8gZs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DihwYx-g7-rpRTHbDiYEXKO8gZs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9162DD6/9CD7CB0A3FEA11E991839D0DC4F9AE02/D97D5F6A3FEB11E9882E830FC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.161.218.0/23 202.154.160.0/20 IPv6: 2406:de00:100::-2406:de00:2ff:ffff:ffff:ffff:ffff:ffff 2406:de00:400::/40 Signature Algorithm: sha256WithRSAEncryption 57:11:0a:08:69:17:d8:31:80:4e:31:0d:d9:5f:49:eb:65:21: 2a:10:88:d3:11:71:d4:b4:69:78:c3:a0:59:bf:06:2a:0b:18: 4a:40:f1:c0:b5:30:86:58:b8:cd:9a:a6:70:46:01:b4:43:4c: 98:81:5f:62:4f:5e:0c:17:00:49:44:ea:6c:0c:30:0d:cf:86: 40:eb:d9:c3:57:ad:a8:0c:41:1b:c4:10:29:a3:71:66:96:81: ea:5b:3e:16:9c:e9:4f:43:75:8d:10:50:65:eb:e1:c3:77:24: 11:be:0f:f7:8e:b6:3f:8a:90:a9:1d:20:f2:d9:cf:23:e2:d4: cf:9c:a7:c0:4b:a1:06:f2:e6:aa:3b:9e:60:79:53:30:32:a0: 64:eb:1d:3f:1f:97:d2:cc:09:66:2e:d9:58:c7:44:ad:c2:48: 8e:1a:10:8e:50:74:87:dc:13:53:fa:dd:51:b2:7e:e8:c3:49: a5:04:25:62:c7:d4:5f:f2:fc:3d:a7:28:ec:8d:e5:52:27:27: 74:3f:e3:a0:ce:29:6d:86:10:78:c7:52:02:77:e0:cb:7f:4d: 2f:de:77:51:7b:e8:81:59:12:bc:25:e3:13:8c:b8:ae:5a:b7: 76:9e:86:6c:7f:1b:ce:fe:29:0c:51:ee:bb:96:b6:5f:94:1a: 6e:58:fc:c7 -----BEGIN CERTIFICATE----- MIIFZDCCBEygAwIBAgICEOYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjJERDYxMTAvBgNVBAUTKDBFMjg3MDYzMUZBMEVGRUFFOTQ1MzFEQjBFMjYwNDVD QTNCQzgxOUIwHhcNMjYwMzIwMTcyMTU2WhcNMjcwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWJkODIzNC0xNTI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5u/HM1NT/78zGFNYyywE8f29GgLdAXxQDouRDsLFBY9l1Q7rLzrpSVExZYbz yKNT3iic57yHyZ6TFWMegYdlbbL8A2oSHn35XqMr7/4xz/5FgmMTPshJi5tTb1zc nX/PWeoHnyfehZM/2VlTyY05ghsv84mIJjSvTwIclCzkfghLaWqKVaTbqOOi26eU q2QLtJBRbrvUlcPNeMm1qrEosGg5FdLOL8Aus/BpTalooiK5Ev41ZxtPZziRubiG KHBWY1I9wgCQ0m+JZXf7GOX3+Wx1vSiDrpvmOBx6ArExT01xRXOp9tOqJ0U9Xrfh MhD93sXMypVAAoY4s87lqA7etQIDAQABo4ICiDCCAoQwHQYDVR0OBBYEFDFCjJUO QLyyQ5DtCMnprqc7nkBhMB8GA1UdIwQYMBaAFA4ocGMfoO/q6UUx2w4mBFyjvIGb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MkRENi85Q0Q3Q0IwQTNG RUExMUU5OTE4MzlEMERDNEY5QUUwMi9EaWh3WXgtZzctcnBSVEhiRGlZRVhLTzhn WnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0RpaHdZeC1nNy1ycFJUSGJEaVlFWEtPOGdacy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NjJERDYvOUNEN0NCMEEzRkVBMTFFOTkxODM5RDBEQzRGOUFFMDIvRDk3RDVGNkEz RkVCMTFFOTg4MkU4MzBGQzRGOUFFMDIucm9hMEcGCCsGAQUFBwEHAQH/BDgwNjAS BAIAATAMAwQBZ6HaAwQEypqgMCAEAgACMBowEAMGACQG3gABAwYAJAbeAAIDBgAk Bt4ABDANBgkqhkiG9w0BAQsFAAOCAQEAVxEKCGkX2DGATjEN2V9J62UhKhCI0xFx 1LRpeMOgWb8GKgsYSkDxwLUwhli4zZqmcEYBtENMmIFfYk9eDBcASUTqbAwwDc+G QOvZw1etqAxBG8QQKaNxZpaB6ls+FpzpT0N1jRBQZevhw3ckEb4P9462P4qQqR0g 8tnPI+LUz5ynwEuhBvLmqjueYHlTMDKgZOsdPx+X0swJZi7ZWMdErcJIjhoQjlB0 h9wTU/rdUbJ+6MNJpQQlYsfUX/L8Paco7I3lUicndD/joM4pbYYQeMdSAnfgy39N L953UXvogVkSvCXjE4y4rlq3dp6GbH8bzv4pDFHuu5a2X5Qablj8xw== -----END CERTIFICATE-----Generated at Thu Mar 26 08:48:22 2026 by rpki-client