$ rpki-client -vvf rpki.apnic.net/member_repository/A917D9FC/C6B034AAB89911E7B269B850C4F9AE02/F49AA4A889C211EEADFCF27CC4F9AE02.roa File: F49AA4A889C211EEADFCF27CC4F9AE02.roa (raw, json) Hash identifier: F7gvzg0So++J2V4XA9vCkNOHszA1gZ0+wMtYApbJrQM= Subject key identifier: 1F:A8:5B:7D:86:08:D1:DA:25:4F:E8:D9:23:61:9E:12:48:2D:57:E4 Certificate issuer: /CN=A917D9FC/serialNumber=7A6E30210642CF4FBB4173F352748E1EA5C2C7C3 Certificate serial: 18D1 Authority key identifier: 7A:6E:30:21:06:42:CF:4F:BB:41:73:F3:52:74:8E:1E:A5:C2:C7:C3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/em4wIQZCz0-7QXPzUnSOHqXCx8M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917D9FC/C6B034AAB89911E7B269B850C4F9AE02/F49AA4A889C211EEADFCF27CC4F9AE02.roa Signing time: Sun 01 Mar 2026 16:25:20 +0000 ROA not before: Tue 24 Feb 2026 17:14:20 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 9287 IP address blocks: 45.125.128.0/22 maxlen: 22 45.125.128.0/24 maxlen: 24 45.125.129.0/24 maxlen: 24 45.125.131.0/24 maxlen: 24 45.252.52.0/22 maxlen: 22 45.252.52.0/24 maxlen: 24 45.252.53.0/24 maxlen: 24 45.252.54.0/24 maxlen: 24 45.252.55.0/24 maxlen: 24 103.55.1.0/24 maxlen: 24 103.55.2.0/24 maxlen: 24 103.76.196.0/22 maxlen: 22 103.76.196.0/24 maxlen: 24 103.76.197.0/24 maxlen: 24 103.76.198.0/24 maxlen: 24 103.76.199.0/24 maxlen: 24 103.115.132.0/22 maxlen: 22 103.115.132.0/24 maxlen: 24 103.115.133.0/24 maxlen: 24 103.115.134.0/24 maxlen: 24 103.115.135.0/24 maxlen: 24 2404:3280::/32 maxlen: 32 2404:3280:1::/48 maxlen: 48 2404:3280:a::/48 maxlen: 48 2404:3280:c::/48 maxlen: 48 2404:3280:f::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917D9FC/C6B034AAB89911E7B269B850C4F9AE02/em4wIQZCz0-7QXPzUnSOHqXCx8M.crl rsync://rpki.apnic.net/member_repository/A917D9FC/C6B034AAB89911E7B269B850C4F9AE02/em4wIQZCz0-7QXPzUnSOHqXCx8M.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/em4wIQZCz0-7QXPzUnSOHqXCx8M.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 02 Apr 2026 16:27:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6353 (0x18d1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917D9FC, serialNumber=7A6E30210642CF4FBB4173F352748E1EA5C2C7C3 Validity Not Before: Feb 24 17:14:20 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=69a46870-4187 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:f6:c9:0c:28:d9:db:00:3c:a7:33:40:7b:cc: e2:55:68:4f:5b:22:b8:be:ec:57:e5:84:7f:03:c9: 96:6c:a5:c4:c6:68:8f:30:bd:61:30:f0:07:e0:07: a6:2e:f8:65:02:d5:4f:38:40:03:46:82:31:ba:6e: 3f:55:7c:ef:9e:b2:cb:79:cf:bb:26:70:44:54:a0: ba:ab:dc:f8:a9:6d:a9:ff:a9:e8:d0:12:76:ed:6e: 0d:dc:fa:04:4b:21:b7:ce:50:fa:16:2c:36:65:88: a7:7b:b2:e1:1e:66:b9:a2:bd:11:26:1c:ff:84:d8: 3c:9d:52:82:63:cb:b2:d9:47:1a:4e:f8:4b:41:98: 85:14:0b:4a:64:5e:11:df:3a:b2:8a:0e:8a:64:a3: c8:dc:77:20:41:0c:8a:6b:ec:b1:8d:30:f2:96:4f: af:a7:3b:b1:bc:f7:e1:aa:ce:9c:76:93:96:e4:26: 75:5b:f0:f6:f4:88:73:c5:7d:b0:5c:2d:b5:10:51: 18:49:7d:38:85:3b:f9:ba:27:7a:9e:81:02:61:54: f4:b3:c9:11:a7:80:74:df:96:56:fe:c1:68:dd:24: 4e:a5:f2:f5:d7:82:0a:5a:1e:71:d2:1b:89:09:f6: cc:99:3a:21:11:f1:bc:00:71:51:88:b3:10:fe:57: b4:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:A8:5B:7D:86:08:D1:DA:25:4F:E8:D9:23:61:9E:12:48:2D:57:E4 X509v3 Authority Key Identifier: keyid:7A:6E:30:21:06:42:CF:4F:BB:41:73:F3:52:74:8E:1E:A5:C2:C7:C3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917D9FC/C6B034AAB89911E7B269B850C4F9AE02/em4wIQZCz0-7QXPzUnSOHqXCx8M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/em4wIQZCz0-7QXPzUnSOHqXCx8M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917D9FC/C6B034AAB89911E7B269B850C4F9AE02/F49AA4A889C211EEADFCF27CC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 45.125.128.0/22 45.252.52.0/22 103.55.1.0-103.55.2.255 103.76.196.0/22 103.115.132.0/22 IPv6: 2404:3280::/32 Signature Algorithm: sha256WithRSAEncryption 51:99:4d:45:fe:a5:7d:ce:9f:bd:90:2d:3f:21:31:62:b9:71: db:a7:a4:63:85:30:bd:2b:c7:49:0a:5b:47:84:27:b0:45:8a: fb:a1:68:73:fa:8f:56:63:9b:33:c5:e8:39:bd:90:28:bf:59: e0:d4:fd:45:1f:b8:1b:76:12:29:e9:c3:fc:0b:5d:1f:30:61: 05:4e:d2:6f:23:d0:df:21:81:cc:a0:f1:a1:a4:d1:0b:a5:10: c0:9d:c8:fa:5f:2c:f8:f5:c2:03:4e:ef:92:69:36:7d:9a:5e: 52:e6:22:bd:da:07:ab:d2:d7:83:0e:e4:e5:27:57:db:0a:45: eb:d7:13:ce:05:2e:1d:fc:fc:5c:69:df:a3:bb:bf:3e:e5:65: 28:af:69:77:4d:63:e0:57:12:4f:17:3c:4d:27:d9:61:1f:3d: b6:76:18:33:3c:9d:8c:f4:41:de:0b:f7:e2:4a:0d:09:e6:d0: c4:7c:3a:33:b3:13:51:72:7d:30:30:12:df:05:30:09:58:8d: be:9f:9c:7f:95:07:62:20:d8:7b:4b:cc:5c:42:70:cb:ef:c4: dc:4f:b3:b7:8e:be:2e:1d:b5:fe:02:56:aa:a6:d1:52:cf:46: 00:ce:27:41:40:7d:9d:60:c9:4f:73:68:02:76:53:78:61:2d: b5:bf:56:30 -----BEGIN CERTIFICATE----- MIIFazCCBFOgAwIBAgICGNEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0Q5RkMxMTAvBgNVBAUTKDdBNkUzMDIxMDY0MkNGNEZCQjQxNzNGMzUyNzQ4RTFF QTVDMkM3QzMwHhcNMjYwMjI0MTcxNDIwWhcNMjcwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0Njg3MC00MTg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApfbJDCjZ2wA8pzNAe8ziVWhPWyK4vuxX5YR/A8mWbKXExmiPML1hMPAH4Aem LvhlAtVPOEADRoIxum4/VXzvnrLLec+7JnBEVKC6q9z4qW2p/6no0BJ27W4N3PoE SyG3zlD6Fiw2ZYine7LhHma5or0RJhz/hNg8nVKCY8uy2UcaTvhLQZiFFAtKZF4R 3zqyig6KZKPI3HcgQQyKa+yxjTDylk+vpzuxvPfhqs6cdpOW5CZ1W/D29IhzxX2w XC21EFEYSX04hTv5uid6noECYVT0s8kRp4B035ZW/sFo3SROpfL114IKWh5x0huJ CfbMmTohEfG8AHFRiLMQ/le0DQIDAQABo4ICjzCCAoswHQYDVR0OBBYEFB+oW32G CNHaJU/o2SNhnhJILVfkMB8GA1UdIwQYMBaAFHpuMCEGQs9Pu0Fz81J0jh6lwsfD MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RDlGQy9DNkIwMzRBQUI4 OTkxMUU3QjI2OUI4NTBDNEY5QUUwMi9lbTR3SVFaQ3owLTdRWFB6VW5TT0hxWEN4 OE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2VtNHdJUVpDejAtN1FYUHpVblNPSHFYQ3g4TS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0Q5RkMvQzZCMDM0QUFCODk5MTFFN0IyNjlCODUwQzRGOUFFMDIvRjQ5QUE0QTg4 OUMyMTFFRUFERkNGMjdDQzRGOUFFMDIucm9hME4GCCsGAQUFBwEHAQH/BD8wPTAs BAIAATAmAwQCLX2AAwQCLfw0MAwDBABnNwEDBABnNwIDBAJnTMQDBAJnc4QwDQQC AAIwBwMFACQEMoAwDQYJKoZIhvcNAQELBQADggEBAFGZTUX+pX3On72QLT8hMWK5 cdunpGOFML0rx0kKW0eEJ7BFivuhaHP6j1ZjmzPF6Dm9kCi/WeDU/UUfuBt2Einp w/wLXR8wYQVO0m8j0N8hgcyg8aGk0QulEMCdyPpfLPj1wgNO75JpNn2aXlLmIr3a B6vS14MO5OUnV9sKRevXE84FLh38/Fxp36O7vz7lZSivaXdNY+BXEk8XPE0n2WEf PbZ2GDM8nYz0Qd4L9+JKDQnm0MR8OjOzE1FyfTAwEt8FMAlYjb6fnH+VB2Ig2HtL zFxCcMvvxNxPs7eOvi4dtf4CVqqm0VLPRgDOJ0FAfZ1gyU9zaAJ2U3hhLbW/VjA= -----END CERTIFICATE-----Generated at Fri Mar 27 01:55:58 2026 by rpki-client