$ rpki-client -vvf rpki.apnic.net/member_repository/A918B0B9/9CBF3D908FA011EAAA9BBA18C4F9AE02/52F955A89B1511EA9BEFA53BC4F9AE02.roa File: 52F955A89B1511EA9BEFA53BC4F9AE02.roa (raw, json) Hash identifier: mNeRqaSY4bVJ7ErHkgjVt3OEqspS9nVqduSxSH22Fmw= Subject key identifier: E3:DA:AA:53:DC:3F:FE:7E:36:BB:E5:17:2B:A7:AE:67:24:7D:63:BA Certificate issuer: /CN=A918B0B9/serialNumber=5C5A4FAE4AF01FFDC9275355CCBAB8C810189F54 Certificate serial: 0A35 Authority key identifier: 5C:5A:4F:AE:4A:F0:1F:FD:C9:27:53:55:CC:BA:B8:C8:10:18:9F:54 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918B0B9/9CBF3D908FA011EAAA9BBA18C4F9AE02/52F955A89B1511EA9BEFA53BC4F9AE02.roa Signing time: Mon 02 Mar 2026 12:26:03 +0000 ROA not before: Mon 28 Jul 2025 20:30:25 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 58627 IP address blocks: 43.242.236.0/22 maxlen: 22 43.242.236.0/24 maxlen: 24 43.242.237.0/24 maxlen: 24 43.242.238.0/24 maxlen: 24 43.242.239.0/24 maxlen: 24 103.1.32.0/22 maxlen: 22 103.1.32.0/24 maxlen: 24 103.1.33.0/24 maxlen: 24 103.1.34.0/24 maxlen: 24 103.1.35.0/24 maxlen: 24 103.9.244.0/22 maxlen: 22 103.9.244.0/24 maxlen: 24 103.9.245.0/24 maxlen: 24 103.9.246.0/24 maxlen: 24 103.9.247.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918B0B9/9CBF3D908FA011EAAA9BBA18C4F9AE02/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.crl rsync://rpki.apnic.net/member_repository/A918B0B9/9CBF3D908FA011EAAA9BBA18C4F9AE02/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 19:34:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2613 (0xa35) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918B0B9, serialNumber=5C5A4FAE4AF01FFDC9275355CCBAB8C810189F54 Validity Not Before: Jul 28 20:30:25 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=69a581db-7f3b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:1a:ad:a6:e7:4c:d6:3a:a8:b6:20:65:63:07: 6b:e2:82:90:89:f7:b5:50:b2:75:7a:84:e3:68:9e: d1:d5:6a:b9:16:63:15:f0:98:98:63:42:69:a2:04: a2:d7:19:46:6b:48:11:b2:d3:1d:f0:81:57:79:02: 2a:c9:0f:73:56:08:1c:14:70:03:5b:93:52:33:53: 9f:f4:30:80:f3:e9:67:69:df:a6:c2:99:33:4b:21: 55:ca:bd:ee:b1:67:db:49:59:9d:5e:bc:0f:ab:5d: 7a:ee:1f:74:24:04:f9:d7:1f:52:08:77:2f:65:9a: b5:43:a7:6c:fd:a3:2b:e8:47:39:c6:5d:70:6b:8a: 94:c0:7e:da:c4:93:7e:ca:c1:52:06:f1:a8:4f:10: ab:38:e8:57:39:25:ef:1a:6b:b7:1d:c3:8d:f9:d6: 30:5e:1d:07:0a:1d:f0:ee:b2:28:04:e4:08:4e:31: 90:f1:9a:45:70:3d:48:1b:a6:17:73:53:55:d7:6f: 01:53:a4:7b:a6:60:34:6f:71:7f:38:74:de:62:27: 34:2b:3d:eb:02:18:36:3a:ad:49:5b:4c:99:5f:f6: 0b:69:a3:6e:18:3d:c3:af:aa:30:4a:05:5b:51:7b: f6:bf:82:a1:ec:e4:7d:af:0e:03:aa:34:a1:d7:ac: 1c:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:DA:AA:53:DC:3F:FE:7E:36:BB:E5:17:2B:A7:AE:67:24:7D:63:BA X509v3 Authority Key Identifier: keyid:5C:5A:4F:AE:4A:F0:1F:FD:C9:27:53:55:CC:BA:B8:C8:10:18:9F:54 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918B0B9/9CBF3D908FA011EAAA9BBA18C4F9AE02/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XFpPrkrwH_3JJ1NVzLq4yBAYn1Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918B0B9/9CBF3D908FA011EAAA9BBA18C4F9AE02/52F955A89B1511EA9BEFA53BC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.242.236.0/22 103.1.32.0/22 103.9.244.0/22 Signature Algorithm: sha256WithRSAEncryption 3f:4f:63:2e:23:da:8c:71:c3:61:f4:b5:0a:18:74:90:11:35: 49:df:c0:f2:03:38:e4:70:29:41:55:14:e8:cf:90:2c:dc:66: 03:b3:cd:c7:48:6a:f8:fd:c1:4b:f9:b0:81:e7:92:8e:f4:ef: 82:fb:f2:e6:d5:f5:0e:73:20:23:28:3e:a1:d1:a2:0f:84:ce: cd:89:bc:7a:f3:95:cb:d4:d1:bd:41:93:c2:d7:33:bb:3e:09: 0d:3d:cf:3d:49:b0:c9:bb:e6:de:e4:ff:c5:d7:53:f5:1c:50: f3:af:61:9d:46:ad:83:bf:03:f0:b1:f7:38:a9:dc:ff:58:c3: a5:97:0d:d4:8a:73:23:4f:39:12:3e:5d:5e:53:97:ed:08:cc: f1:c2:20:12:d7:4d:65:84:b5:d3:94:ec:35:d0:2f:ab:38:6b: 5e:3f:19:d7:d3:8b:b0:e7:0c:20:45:a5:4a:4f:23:ea:3d:ea: de:6f:4b:27:41:a8:36:ac:bd:89:1c:75:bc:51:ca:2d:d9:a0: 0d:44:80:20:97:5c:39:48:32:de:65:4e:2f:7f:02:b6:26:b2: ce:8e:5a:e4:b3:69:8a:6b:58:cd:e3:ac:1d:42:4c:a5:1f:5a: 0f:4a:c5:45:94:7d:cb:ba:a0:d3:ea:c3:a3:08:1a:f1:cf:2c: b3:3d:8e:4a -----BEGIN CERTIFICATE----- MIIFSDCCBDCgAwIBAgICCjUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEIwQjkxMTAvBgNVBAUTKDVDNUE0RkFFNEFGMDFGRkRDOTI3NTM1NUNDQkFCOEM4 MTAxODlGNTQwHhcNMjUwNzI4MjAzMDI1WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE1ODFkYi03ZjNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoRqtpudM1jqotiBlYwdr4oKQife1ULJ1eoTjaJ7R1Wq5FmMV8JiYY0JpogSi 1xlGa0gRstMd8IFXeQIqyQ9zVggcFHADW5NSM1Of9DCA8+lnad+mwpkzSyFVyr3u sWfbSVmdXrwPq1167h90JAT51x9SCHcvZZq1Q6ds/aMr6Ec5xl1wa4qUwH7axJN+ ysFSBvGoTxCrOOhXOSXvGmu3HcON+dYwXh0HCh3w7rIoBOQITjGQ8ZpFcD1IG6YX c1NV128BU6R7pmA0b3F/OHTeYic0Kz3rAhg2Oq1JW0yZX/YLaaNuGD3Dr6owSgVb UXv2v4Kh7OR9rw4DqjSh16wcdQIDAQABo4ICbDCCAmgwHQYDVR0OBBYEFOPaqlPc P/5+NrvlFyunrmckfWO6MB8GA1UdIwQYMBaAFFxaT65K8B/9ySdTVcy6uMgQGJ9U MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QjBCOS85Q0JGM0Q5MDhG QTAxMUVBQUE5QkJBMThDNEY5QUUwMi9YRnBQcmtyd0hfM0pKMU5WekxxNHlCQVlu MVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hGcFBya3J3SF8zSkoxTlZ6THE0eUJBWW4xUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEIwQjkvOUNCRjNEOTA4RkEwMTFFQUFBOUJCQTE4QzRGOUFFMDIvNTJGOTU1QTg5 QjE1MTFFQTlCRUZBNTNCQzRGOUFFMDIucm9hMCsGCCsGAQUFBwEHAQH/BBwwGjAY BAIAATASAwQCK/LsAwQCZwEgAwQCZwn0MA0GCSqGSIb3DQEBCwUAA4IBAQA/T2Mu I9qMccNh9LUKGHSQETVJ38DyAzjkcClBVRToz5As3GYDs83HSGr4/cFL+bCB55KO 9O+C+/Lm1fUOcyAjKD6h0aIPhM7Nibx685XL1NG9QZPC1zO7PgkNPc89SbDJu+be 5P/F11P1HFDzr2GdRq2DvwPwsfc4qdz/WMOllw3UinMjTzkSPl1eU5ftCMzxwiAS 101lhLXTlOw10C+rOGtePxnX04uw5wwgRaVKTyPqPereb0snQag2rL2JHHW8Ucot 2aANRIAgl1w5SDLeZU4vfwK2JrLOjlrks2mKa1jN46wdQkylH1oPSsVFlH3LuqDT 6sOjCBrxzyyzPY5K -----END CERTIFICATE-----Generated at Thu Mar 26 15:18:17 2026 by rpki-client