$ rpki-client -vvf rpki.apnic.net/member_repository/A9167B9D/C5556F1E3CAF11ECB31F3C38C4F9AE02/D70119A43CB211EC9A01695FC4F9AE02.roa File: D70119A43CB211EC9A01695FC4F9AE02.roa (raw, json) Hash identifier: PEJr+Mm39qdGaPmAkNHpAbI5gf+Z7mrX4P7uIMXjoD4= Subject key identifier: 0F:7C:3F:BF:15:3B:1F:A4:AB:BF:0D:08:4F:A5:6C:48:30:92:EC:11 Certificate issuer: /CN=A9167B9D/serialNumber=99FCF804CAC87D5885718F190BAA2E2C85F1B18D Certificate serial: 0525 Authority key identifier: 99:FC:F8:04:CA:C8:7D:58:85:71:8F:19:0B:AA:2E:2C:85:F1:B1:8D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mfz4BMrIfViFcY8ZC6ouLIXxsY0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9167B9D/C5556F1E3CAF11ECB31F3C38C4F9AE02/D70119A43CB211EC9A01695FC4F9AE02.roa Signing time: Sun 01 Mar 2026 12:44:50 +0000 ROA not before: Wed 10 Dec 2025 22:17:43 +0000 ROA not after: Sun 31 Jan 2027 00:00:00 +0000 asID: 148975 IP address blocks: 103.175.20.0/23 maxlen: 23 103.175.20.0/24 maxlen: 24 103.175.21.0/24 maxlen: 24 2001:df7:e880::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9167B9D/C5556F1E3CAF11ECB31F3C38C4F9AE02/mfz4BMrIfViFcY8ZC6ouLIXxsY0.crl rsync://rpki.apnic.net/member_repository/A9167B9D/C5556F1E3CAF11ECB31F3C38C4F9AE02/mfz4BMrIfViFcY8ZC6ouLIXxsY0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mfz4BMrIfViFcY8ZC6ouLIXxsY0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 23:14:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1317 (0x525) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9167B9D, serialNumber=99FCF804CAC87D5885718F190BAA2E2C85F1B18D Validity Not Before: Dec 10 22:17:43 2025 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=69a434c2-36d1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:e7:75:ee:f6:7f:45:21:07:a8:38:c9:c7:35: 0b:2a:09:80:ba:7c:20:35:15:3b:9f:7a:f4:07:5a: 92:9a:06:2a:be:a9:33:e6:f1:3a:41:c7:16:c3:b1: b4:6c:58:c5:a1:db:aa:79:59:e7:aa:90:c1:e1:8e: 91:ff:07:6d:1d:01:7f:11:f8:8d:b2:fd:81:5d:c7: d7:b8:a3:4a:d1:ab:06:75:67:a3:d9:a9:53:99:d9: ed:fc:9b:61:31:ba:6b:d8:e0:7b:61:6d:29:19:82: 46:ed:03:4a:78:da:c3:da:f8:18:b2:74:ef:a4:c1: 4a:8c:6b:7d:70:43:f4:0d:97:7d:79:1c:52:84:55: 58:95:89:00:f0:be:ad:63:a9:09:09:4a:8b:a3:a7: 94:99:9d:eb:27:b7:2e:f5:3a:67:00:29:a7:c7:c0: 3e:77:fd:83:ec:62:51:a0:a5:33:b3:9e:18:66:ed: 9b:22:39:95:5d:0f:b2:09:84:2e:f2:53:1c:0c:f6: 57:b7:f5:15:d2:81:a6:f7:19:73:aa:3e:f9:c2:3b: 15:ea:08:04:30:81:f8:3f:f8:ae:1e:5d:90:b7:9d: aa:7f:fa:f4:05:2b:eb:d5:b4:5a:2b:48:f5:85:74: 9b:4d:e8:af:b9:cd:67:ef:f6:e9:b0:5f:55:ca:8a: c3:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:7C:3F:BF:15:3B:1F:A4:AB:BF:0D:08:4F:A5:6C:48:30:92:EC:11 X509v3 Authority Key Identifier: keyid:99:FC:F8:04:CA:C8:7D:58:85:71:8F:19:0B:AA:2E:2C:85:F1:B1:8D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9167B9D/C5556F1E3CAF11ECB31F3C38C4F9AE02/mfz4BMrIfViFcY8ZC6ouLIXxsY0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mfz4BMrIfViFcY8ZC6ouLIXxsY0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9167B9D/C5556F1E3CAF11ECB31F3C38C4F9AE02/D70119A43CB211EC9A01695FC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.175.20.0/23 IPv6: 2001:df7:e880::/48 Signature Algorithm: sha256WithRSAEncryption 9a:a8:e1:48:f6:44:34:98:38:04:f6:4e:49:54:c2:4c:39:eb: 59:99:ef:ad:ca:3a:4f:84:ea:10:be:4f:57:61:ff:2d:88:74: 61:f2:4b:13:31:51:bd:d1:b0:2a:2f:1f:2c:42:56:12:7a:0e: 8b:af:de:eb:cc:67:c4:54:25:6c:4b:84:ba:a5:37:a4:ad:6a: c8:5c:50:70:d7:08:0b:b8:5a:f5:4f:4f:54:a0:fe:8d:e0:fb: 66:f8:e6:cc:da:55:28:9e:7b:43:4b:1d:c5:a4:b6:fe:4c:ae: 4f:46:e9:23:2e:d5:bb:20:fd:46:da:bb:4d:0e:0a:aa:39:0b: 92:e6:e6:79:aa:90:81:ee:95:c8:ca:f0:04:32:18:50:fb:3f: e8:34:91:87:7f:33:e3:61:3b:9d:71:a4:8e:cc:a5:00:89:3c: 7d:e6:33:40:81:57:7e:81:b6:d7:10:1e:b3:f2:2c:87:73:f8: 59:ef:80:c1:d4:2e:77:51:ad:d6:17:f9:05:cf:10:74:87:63: de:38:70:78:44:23:19:c0:53:da:01:b7:97:54:d1:ec:90:fb: b5:b0:ec:cb:94:55:4a:f0:8f:e5:dd:90:0f:8f:d9:93:d3:fd: 4d:07:7d:7d:a7:bb:91:d1:95:40:82:e3:a9:72:ac:61:f7:5e: 35:5c:be:7a -----BEGIN CERTIFICATE----- MIIFTTCCBDWgAwIBAgICBSUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjdCOUQxMTAvBgNVBAUTKDk5RkNGODA0Q0FDODdENTg4NTcxOEYxOTBCQUEyRTJD ODVGMUIxOEQwHhcNMjUxMjEwMjIxNzQzWhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MzRjMi0zNmQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz+d17vZ/RSEHqDjJxzULKgmAunwgNRU7n3r0B1qSmgYqvqkz5vE6QccWw7G0 bFjFoduqeVnnqpDB4Y6R/wdtHQF/EfiNsv2BXcfXuKNK0asGdWej2alTmdnt/Jth Mbpr2OB7YW0pGYJG7QNKeNrD2vgYsnTvpMFKjGt9cEP0DZd9eRxShFVYlYkA8L6t Y6kJCUqLo6eUmZ3rJ7cu9TpnACmnx8A+d/2D7GJRoKUzs54YZu2bIjmVXQ+yCYQu 8lMcDPZXt/UV0oGm9xlzqj75wjsV6ggEMIH4P/iuHl2Qt52qf/r0BSvr1bRaK0j1 hXSbTeivuc1n7/bpsF9VyorDXwIDAQABo4ICcTCCAm0wHQYDVR0OBBYEFA98P78V Ox+kq78NCE+lbEgwkuwRMB8GA1UdIwQYMBaAFJn8+ATKyH1YhXGPGQuqLiyF8bGN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2N0I5RC9DNTU1NkYxRTND QUYxMUVDQjMxRjNDMzhDNEY5QUUwMi9tZno0Qk1ySWZWaUZjWThaQzZvdUxJWHhz WTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL21mejRCTXJJZlZpRmNZOFpDNm91TElYeHNZMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NjdCOUQvQzU1NTZGMUUzQ0FGMTFFQ0IzMUYzQzM4QzRGOUFFMDIvRDcwMTE5QTQz Q0IyMTFFQzlBMDE2OTVGQzRGOUFFMDIucm9hMDAGCCsGAQUFBwEHAQH/BCEwHzAM BAIAATAGAwQBZ68UMA8EAgACMAkDBwAgAQ336IAwDQYJKoZIhvcNAQELBQADggEB AJqo4Uj2RDSYOAT2TklUwkw561mZ763KOk+E6hC+T1dh/y2IdGHySxMxUb3RsCov HyxCVhJ6Douv3uvMZ8RUJWxLhLqlN6StashcUHDXCAu4WvVPT1Sg/o3g+2b45sza VSiee0NLHcWktv5Mrk9G6SMu1bsg/Ubau00OCqo5C5Lm5nmqkIHulcjK8AQyGFD7 P+g0kYd/M+NhO51xpI7MpQCJPH3mM0CBV36BttcQHrPyLIdz+FnvgMHULndRrdYX +QXPEHSHY944cHhEIxnAU9oBt5dU0eyQ+7Ww7MuUVUrwj+XdkA+P2ZPT/U0HfX2n u5HRlUCC46lyrGH3XjVcvno= -----END CERTIFICATE-----Generated at Thu Mar 26 07:15:19 2026 by rpki-client