$ rpki-client -vvf rpki.apnic.net/member_repository/A916B974/E4E8900EFB6511EF9BBAEE49C4F9AE02/7D1F1FBEFB6611EFB1FB024BC4F9AE02.roa File: 7D1F1FBEFB6611EFB1FB024BC4F9AE02.roa (raw, json) Hash identifier: pFG5/WCaL+yt9ghGi9neBn3ryCri7CWT6hIptpI2Hyk= Subject key identifier: 3F:45:72:57:60:FA:5E:74:C6:F4:4E:8D:CA:80:77:74:D9:80:63:86 Certificate issuer: /CN=A916B974/serialNumber=90B2F12BE7A58663BF15DC717E7D40B30241B8EA Certificate serial: E4 Authority key identifier: 90:B2:F1:2B:E7:A5:86:63:BF:15:DC:71:7E:7D:40:B3:02:41:B8:EA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kLLxK-elhmO_Fdxxfn1AswJBuOo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916B974/E4E8900EFB6511EF9BBAEE49C4F9AE02/7D1F1FBEFB6611EFB1FB024BC4F9AE02.roa Signing time: Mon 11 May 2026 07:40:07 +0000 ROA not before: Mon 11 May 2026 07:40:07 +0000 ROA not after: Fri 30 Jul 2027 00:00:00 +0000 asID: 135357 IP address blocks: 43.240.144.0/22 maxlen: 22 43.240.144.0/24 maxlen: 24 43.240.145.0/24 maxlen: 24 43.240.146.0/24 maxlen: 24 43.240.147.0/24 maxlen: 24 103.215.48.0/22 maxlen: 22 103.215.48.0/24 maxlen: 24 103.215.49.0/24 maxlen: 24 103.215.50.0/24 maxlen: 24 103.215.51.0/24 maxlen: 24 144.48.220.0/22 maxlen: 22 144.48.220.0/24 maxlen: 24 144.48.221.0/24 maxlen: 24 144.48.222.0/24 maxlen: 24 144.48.223.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916B974/E4E8900EFB6511EF9BBAEE49C4F9AE02/kLLxK-elhmO_Fdxxfn1AswJBuOo.crl rsync://rpki.apnic.net/member_repository/A916B974/E4E8900EFB6511EF9BBAEE49C4F9AE02/kLLxK-elhmO_Fdxxfn1AswJBuOo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kLLxK-elhmO_Fdxxfn1AswJBuOo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 18 May 2026 07:40:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 228 (0xe4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916B974, serialNumber=90B2F12BE7A58663BF15DC717E7D40B30241B8EA Validity Not Before: May 11 07:40:07 2026 GMT Not After : Jul 30 00:00:00 2027 GMT Subject: CN=6a0187d7-25de Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:f4:f0:e3:f9:88:bf:24:c0:e3:60:92:f9:57: d3:08:0a:e5:72:90:28:39:e0:4e:a3:68:2a:72:3e: 60:87:3f:3d:b7:96:c9:61:09:9a:fb:1b:b2:d4:45: e1:fd:27:91:ca:da:bc:40:06:e3:74:5b:e5:8e:4f: 99:dc:3e:4e:c2:ef:6a:52:12:b6:94:b2:ce:63:08: 53:9b:b1:da:a6:b0:9e:85:77:49:c6:2c:e4:41:c4: 44:b9:29:32:b5:35:c4:46:06:9b:c3:85:f7:59:f4: 2d:70:67:e8:6b:5e:a9:91:0b:81:8e:b2:82:4e:3a: dc:eb:bf:21:a4:60:3e:24:e6:78:17:85:f2:16:d2: f6:6e:92:5e:0d:d3:72:e5:40:ea:f3:ba:e2:15:da: 3f:e5:fe:41:d8:41:4e:8e:50:16:d4:8a:aa:2b:d4: f6:88:77:d6:fc:42:e5:97:c9:9b:ff:68:ad:65:43: 2e:47:cc:a6:9c:47:5b:e2:74:01:2b:20:95:94:65: 12:2a:1c:9b:82:81:0e:1d:bf:b3:56:4f:0b:52:5d: d0:3b:58:67:e3:e8:b5:31:87:c0:dd:52:54:19:d3: 1a:c6:7a:ab:0b:78:87:5e:bd:cb:4d:ca:60:67:58: 4a:f5:89:d0:c9:4b:24:1e:04:31:d6:c8:bc:02:6b: e7:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:45:72:57:60:FA:5E:74:C6:F4:4E:8D:CA:80:77:74:D9:80:63:86 X509v3 Authority Key Identifier: keyid:90:B2:F1:2B:E7:A5:86:63:BF:15:DC:71:7E:7D:40:B3:02:41:B8:EA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916B974/E4E8900EFB6511EF9BBAEE49C4F9AE02/kLLxK-elhmO_Fdxxfn1AswJBuOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kLLxK-elhmO_Fdxxfn1AswJBuOo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916B974/E4E8900EFB6511EF9BBAEE49C4F9AE02/7D1F1FBEFB6611EFB1FB024BC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.240.144.0/22 103.215.48.0/22 144.48.220.0/22 Signature Algorithm: sha256WithRSAEncryption 9f:bb:94:b3:76:11:aa:8e:bf:7d:b9:f6:06:82:19:9d:1a:17: 9c:56:d4:c1:c7:61:1f:ef:3e:2b:10:64:ba:f8:8d:b3:21:7b: 46:11:9f:2a:c0:e3:3c:20:40:19:6e:24:fd:2a:27:0e:da:93: 12:e7:c5:86:7a:c7:1c:02:41:fe:76:7a:00:a7:32:5d:6e:9f: 48:0b:9e:52:8c:8c:c5:dd:67:38:02:60:39:c0:1c:5f:3b:32: 3c:33:87:61:2f:a1:09:9f:f0:b1:cf:73:a4:f1:1f:0a:c3:09: 5e:aa:10:ec:0e:bd:8b:45:59:3e:f7:58:e5:21:db:e0:72:7c: d5:d7:b3:92:39:b5:92:7f:01:af:82:a3:a3:cc:a7:16:dd:38: fa:b4:8d:98:96:dc:e4:b8:85:b0:c1:4b:2d:fb:33:69:b7:23: b3:0a:84:b6:43:5c:4e:4e:44:8c:35:1f:38:6b:b5:94:df:65: 1c:6b:18:9d:23:5c:d0:3d:1b:ad:c8:a2:22:cf:32:7a:4a:38: 6e:2c:01:fe:6f:10:d2:34:dd:1a:c0:fc:32:28:27:cf:5c:a1: 03:28:f3:ec:46:c1:d4:37:ce:c9:ba:5e:40:0e:74:08:81:78: e0:b7:b1:9b:a4:a9:da:2c:07:74:b3:53:08:65:14:80:8c:5a: 7c:08:b7:eb -----BEGIN CERTIFICATE----- MIIFSDCCBDCgAwIBAgICAOQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkI5NzQxMTAvBgNVBAUTKDkwQjJGMTJCRTdBNTg2NjNCRjE1REM3MTdFN0Q0MEIz MDI0MUI4RUEwHhcNMjYwNTExMDc0MDA3WhcNMjcwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02YTAxODdkNy0yNWRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw/Tw4/mIvyTA42CS+VfTCArlcpAoOeBOo2gqcj5ghz89t5bJYQma+xuy1EXh /SeRytq8QAbjdFvljk+Z3D5Owu9qUhK2lLLOYwhTm7HaprCehXdJxizkQcREuSky tTXERgabw4X3WfQtcGfoa16pkQuBjrKCTjrc678hpGA+JOZ4F4XyFtL2bpJeDdNy 5UDq87riFdo/5f5B2EFOjlAW1IqqK9T2iHfW/ELll8mb/2itZUMuR8ymnEdb4nQB KyCVlGUSKhybgoEOHb+zVk8LUl3QO1hn4+i1MYfA3VJUGdMaxnqrC3iHXr3LTcpg Z1hK9YnQyUskHgQx1si8AmvnlQIDAQABo4ICbDCCAmgwHQYDVR0OBBYEFD9Fcldg +l50xvROjcqAd3TZgGOGMB8GA1UdIwQYMBaAFJCy8SvnpYZjvxXccX59QLMCQbjq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2Qjk3NC9FNEU4OTAwRUZC NjUxMUVGOUJCQUVFNDlDNEY5QUUwMi9rTEx4Sy1lbGhtT19GZHh4Zm4xQXN3SkJ1 T28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tMTHhLLWVsaG1PX0ZkeHhmbjFBc3dKQnVPby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NkI5NzQvRTRFODkwMEVGQjY1MTFFRjlCQkFFRTQ5QzRGOUFFMDIvN0QxRjFGQkVG QjY2MTFFRkIxRkIwMjRCQzRGOUFFMDIucm9hMCsGCCsGAQUFBwEHAQH/BBwwGjAY BAIAATASAwQCK/CQAwQCZ9cwAwQCkDDcMA0GCSqGSIb3DQEBCwUAA4IBAQCfu5Sz dhGqjr99ufYGghmdGhecVtTBx2Ef7z4rEGS6+I2zIXtGEZ8qwOM8IEAZbiT9KicO 2pMS58WGesccAkH+dnoApzJdbp9IC55SjIzF3Wc4AmA5wBxfOzI8M4dhL6EJn/Cx z3Ok8R8KwwleqhDsDr2LRVk+91jlIdvgcnzV17OSObWSfwGvgqOjzKcW3Tj6tI2Y ltzkuIWwwUst+zNptyOzCoS2Q1xOTkSMNR84a7WU32UcaxidI1zQPRutyKIizzJ6 SjhuLAH+bxDSNN0awPwyKCfPXKEDKPPsRsHUN87Jul5ADnQIgXjgt7GbpKnaLAd0 s1MIZRSAjFp8CLfr -----END CERTIFICATE-----Generated at Wed May 13 05:06:16 2026 by rpki-client