$ rpki-client -vvf rpki.apnic.net/member_repository/A9174880/69F04BA81D6A11E2BB7014A808B02CD2/3869DF8A1C6011EEAF58FB61C4F9AE02.roa File: 3869DF8A1C6011EEAF58FB61C4F9AE02.roa (raw, json) Hash identifier: DmeP00Tglg1B2vHEmL9YYBPAmu6yzXlrGlk/VI9+C3Y= Subject key identifier: C1:7C:B4:61:65:0F:E5:30:8F:62:D5:97:59:E8:C5:6B:1F:02:36:82 Certificate issuer: /CN=A9174880/serialNumber=4F2FD3F00B58F134A9A8E3E7DDA8D8D20AC03527 Certificate serial: 35C5 Authority key identifier: 4F:2F:D3:F0:0B:58:F1:34:A9:A8:E3:E7:DD:A8:D8:D2:0A:C0:35:27 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ty_T8AtY8TSpqOPn3ajY0grANSc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9174880/69F04BA81D6A11E2BB7014A808B02CD2/3869DF8A1C6011EEAF58FB61C4F9AE02.roa Signing time: Mon 02 Mar 2026 05:03:32 +0000 ROA not before: Wed 04 Feb 2026 15:10:06 +0000 ROA not after: Wed 31 Mar 2027 00:00:00 +0000 asID: 132040 IP address blocks: 103.23.16.0/22 maxlen: 24 110.173.160.0/20 maxlen: 24 202.8.44.0/22 maxlen: 24 218.100.21.0/24 maxlen: 24 218.100.23.0/24 maxlen: 24 218.100.26.0/24 maxlen: 24 2001:4410::/32 maxlen: 40 2001:4410:1000::/45 maxlen: 48 2001:4410:2000::/43 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9174880/69F04BA81D6A11E2BB7014A808B02CD2/Ty_T8AtY8TSpqOPn3ajY0grANSc.crl rsync://rpki.apnic.net/member_repository/A9174880/69F04BA81D6A11E2BB7014A808B02CD2/Ty_T8AtY8TSpqOPn3ajY0grANSc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ty_T8AtY8TSpqOPn3ajY0grANSc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 02 Apr 2026 14:16:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13765 (0x35c5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9174880, serialNumber=4F2FD3F00B58F134A9A8E3E7DDA8D8D20AC03527 Validity Not Before: Feb 4 15:10:06 2026 GMT Not After : Mar 31 00:00:00 2027 GMT Subject: CN=69a51a24-094e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:0c:39:10:8a:c5:6b:9f:10:eb:d9:bc:ff:c8: 66:0f:20:24:88:05:50:72:b4:9e:cf:5c:d6:ec:4f: 5a:d0:25:0a:5a:70:a8:84:41:7b:9b:57:09:d2:89: 85:3b:e1:61:c2:7b:db:fd:6a:ae:72:9d:82:ed:0e: 26:a4:09:e0:d0:59:ba:54:0d:01:f2:4f:85:37:cf: 59:56:11:59:44:94:f4:f1:a5:85:6b:e8:84:14:a4: a9:0d:33:62:b1:fc:84:9f:ec:ac:75:d7:75:2e:74: 18:34:ec:52:2d:a2:1c:3b:63:b0:64:2d:25:de:53: 13:bf:75:f2:a2:69:a5:02:ea:27:c2:8d:c7:ea:f3: 48:55:a0:97:23:22:1f:c1:6e:4e:0b:e7:19:72:65: f3:6d:b0:e3:bf:db:13:86:c1:7a:12:4d:0d:8c:81: 65:6e:c3:03:bf:4c:3a:42:33:02:86:27:39:bd:61: 6a:c5:37:98:95:f0:fc:cf:37:40:79:85:73:8a:98: cc:b3:25:32:10:96:df:c0:40:c6:5c:af:53:a8:ac: ff:3a:e9:68:f7:a8:98:4c:eb:c6:b8:c2:33:e9:00: a1:13:1c:28:11:55:6f:2b:77:62:3f:eb:e8:05:0b: 5b:06:85:71:eb:fa:48:9e:53:18:72:3f:34:f1:47: bf:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:7C:B4:61:65:0F:E5:30:8F:62:D5:97:59:E8:C5:6B:1F:02:36:82 X509v3 Authority Key Identifier: keyid:4F:2F:D3:F0:0B:58:F1:34:A9:A8:E3:E7:DD:A8:D8:D2:0A:C0:35:27 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9174880/69F04BA81D6A11E2BB7014A808B02CD2/Ty_T8AtY8TSpqOPn3ajY0grANSc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ty_T8AtY8TSpqOPn3ajY0grANSc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9174880/69F04BA81D6A11E2BB7014A808B02CD2/3869DF8A1C6011EEAF58FB61C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.23.16.0/22 110.173.160.0/20 202.8.44.0/22 218.100.21.0/24 218.100.23.0/24 218.100.26.0/24 IPv6: 2001:4410::/32 Signature Algorithm: sha256WithRSAEncryption 5d:25:2a:c6:90:00:8f:f4:6c:e7:d4:b2:f4:fa:75:d5:a9:52: ef:21:43:be:ff:f6:57:be:4e:fd:af:6a:0e:57:58:a2:85:24: c5:8d:40:1f:e3:c8:a1:6e:29:c1:99:d1:9e:e2:7a:fd:9f:41: 26:e0:cd:0e:97:03:24:e9:02:b0:49:da:a0:c9:f7:2a:8f:cf: b1:0b:fe:67:e7:ee:51:ef:d3:ea:da:03:d4:7b:51:91:e8:a9: 63:f0:8d:93:04:19:1b:e7:64:ca:c9:2c:2a:5d:f0:6f:84:85: 92:67:f2:a3:b3:e5:dc:a9:92:c5:3a:cd:a5:6e:fe:85:24:13: 46:3c:b8:60:94:26:ae:47:f1:23:9e:49:74:27:aa:33:3a:bb: 1d:0b:bb:50:2a:0d:8d:3a:71:7a:f5:a8:ee:7f:82:37:0a:ec: b1:d6:ef:87:a4:32:80:f2:05:5d:2c:6d:1b:97:1a:4b:c1:f4: 2b:7a:6d:9f:a7:0c:4f:1b:c3:19:40:b8:91:7d:7e:1e:f1:eb: 1c:03:8b:f4:d1:84:0a:34:e5:82:08:35:ca:7e:a1:0a:ef:a8: 29:5a:69:ef:c1:3f:3e:8a:aa:ee:0b:7a:64:d7:97:79:2c:37: 68:99:7c:04:1d:c3:b7:50:e5:53:5e:9a:b0:a7:41:4f:16:b5: 07:0a:ab:8f -----BEGIN CERTIFICATE----- MIIFaTCCBFGgAwIBAgICNcUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzQ4ODAxMTAvBgNVBAUTKDRGMkZEM0YwMEI1OEYxMzRBOUE4RTNFN0REQThEOEQy MEFDMDM1MjcwHhcNMjYwMjA0MTUxMDA2WhcNMjcwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE1MWEyNC0wOTRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2Aw5EIrFa58Q69m8/8hmDyAkiAVQcrSez1zW7E9a0CUKWnCohEF7m1cJ0omF O+Fhwnvb/Wqucp2C7Q4mpAng0Fm6VA0B8k+FN89ZVhFZRJT08aWFa+iEFKSpDTNi sfyEn+ysddd1LnQYNOxSLaIcO2OwZC0l3lMTv3XyommlAuonwo3H6vNIVaCXIyIf wW5OC+cZcmXzbbDjv9sThsF6Ek0NjIFlbsMDv0w6QjMChic5vWFqxTeYlfD8zzdA eYVzipjMsyUyEJbfwEDGXK9TqKz/Oulo96iYTOvGuMIz6QChExwoEVVvK3diP+vo BQtbBoVx6/pInlMYcj808Ue/2QIDAQABo4ICjTCCAokwHQYDVR0OBBYEFMF8tGFl D+Uwj2LVl1noxWsfAjaCMB8GA1UdIwQYMBaAFE8v0/ALWPE0qajj592o2NIKwDUn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NDg4MC82OUYwNEJBODFE NkExMUUyQkI3MDE0QTgwOEIwMkNEMi9UeV9UOEF0WThUU3BxT1BuM2FqWTBnckFO U2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1R5X1Q4QXRZOFRTcHFPUG4zYWpZMGdyQU5TYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzQ4ODAvNjlGMDRCQTgxRDZBMTFFMkJCNzAxNEE4MDhCMDJDRDIvMzg2OURGOEEx QzYwMTFFRUFGNThGQjYxQzRGOUFFMDIucm9hMEwGCCsGAQUFBwEHAQH/BD0wOzAq BAIAATAkAwQCZxcQAwQEbq2gAwQCyggsAwQA2mQVAwQA2mQXAwQA2mQaMA0EAgAC MAcDBQAgAUQQMA0GCSqGSIb3DQEBCwUAA4IBAQBdJSrGkACP9Gzn1LL0+nXVqVLv IUO+//ZXvk79r2oOV1iihSTFjUAf48ihbinBmdGe4nr9n0Em4M0OlwMk6QKwSdqg yfcqj8+xC/5n5+5R79Pq2gPUe1GR6Klj8I2TBBkb52TKySwqXfBvhIWSZ/Kjs+Xc qZLFOs2lbv6FJBNGPLhglCauR/Ejnkl0J6ozOrsdC7tQKg2NOnF69ajuf4I3Cuyx 1u+HpDKA8gVdLG0blxpLwfQrem2fpwxPG8MZQLiRfX4e8escA4v00YQKNOWCCDXK fqEK76gpWmnvwT8+iqruC3pk15d5LDdomXwEHcO3UOVTXpqwp0FPFrUHCquP -----END CERTIFICATE-----Generated at Thu Mar 26 18:54:06 2026 by rpki-client