$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2D89DDC4AA3411EE9D1B7580C4F9AE02.roa File: 2D89DDC4AA3411EE9D1B7580C4F9AE02.roa (raw, json) Hash identifier: Xx4PAa7G4gI/0iMnWnmuL9buShUY4NS80HW9wrh8pNA= Subject key identifier: AC:CB:CC:09:36:A3:FD:D2:C9:54:AD:8C:B7:AF:99:7F:B3:DD:45:1F Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: DC8A Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2D89DDC4AA3411EE9D1B7580C4F9AE02.roa Signing time: Wed 25 Mar 2026 05:58:59 +0000 ROA not before: Wed 25 Mar 2026 05:58:59 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 150106 IP address blocks: 103.31.8.0/23 maxlen: 24 103.78.204.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Apr 2026 19:04:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56458 (0xdc8a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Mar 25 05:58:59 2026 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=69c379a3-ab12 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:91:f5:c8:ad:fe:4f:bf:1a:d6:ba:84:9a:bc: bc:75:dc:09:e4:54:7d:7f:fe:a8:ec:27:29:27:d8: 40:77:6b:b4:db:52:db:60:8e:12:2b:bc:4a:88:b3: fc:92:d4:4e:10:98:db:c9:2e:6e:7c:80:05:20:7a: 85:dc:73:48:a6:58:d8:e3:db:5b:37:7b:d8:79:f7: f5:d6:d1:ae:e2:e9:f3:f4:6b:95:05:2c:e2:75:23: b3:6b:70:0b:b1:7c:82:92:d6:fa:d8:1e:1c:45:dd: 4d:a3:4b:14:4c:72:69:d4:c8:da:bb:8b:10:ca:fc: 53:c4:70:6e:42:60:e2:02:fb:f0:a8:dd:e6:bd:5b: 44:c8:8e:4f:49:28:98:4f:ea:88:df:ec:2f:44:5c: 59:df:5f:27:8d:e6:f0:5e:e4:bc:c6:80:f6:4a:41: 10:53:16:54:d3:25:6f:2a:4c:97:e9:06:fa:46:1e: 1d:7f:c0:22:f0:b5:5e:ba:6b:cf:9a:31:2c:0e:49: ba:ae:92:bf:3e:cf:b7:32:f4:d3:e0:db:17:1e:3f: d9:7a:89:9d:5c:f7:d0:90:be:da:bc:59:57:6b:18: 90:aa:16:88:5b:b2:fc:d6:87:5a:db:b8:99:08:a2: 3c:82:2a:e2:53:78:f9:70:db:06:93:1a:4d:14:79: 3c:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:CB:CC:09:36:A3:FD:D2:C9:54:AD:8C:B7:AF:99:7F:B3:DD:45:1F X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2D89DDC4AA3411EE9D1B7580C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.31.8.0/23 103.78.204.0/22 Signature Algorithm: sha256WithRSAEncryption 4f:17:68:67:b0:54:d9:18:9a:34:7e:80:29:7c:e1:4d:9c:4a: 33:b9:37:30:16:14:63:0b:5b:6b:2d:6d:23:a4:36:35:e9:0f: 03:0e:8a:d2:98:29:e1:81:88:7d:c0:0d:9a:c7:41:ee:c9:00: 43:b4:fa:28:ba:da:c8:df:87:93:5a:fc:bf:ef:1f:15:40:c2: 2b:76:4d:a6:02:e8:ba:4e:73:e2:90:d5:64:4d:16:6c:ca:9b: c2:b7:00:00:b4:02:40:26:1e:81:fe:6f:2b:c8:e6:4d:a7:6e: e9:da:40:fd:e1:85:8a:df:c5:5e:ed:e0:26:34:bc:e7:79:84: 50:fb:0b:03:07:43:b7:7a:5b:a7:a6:3a:b9:bd:cc:24:7c:dd: 57:3c:18:a2:be:21:6b:16:39:f1:eb:65:6b:c8:79:bd:79:e4: 6b:47:15:03:59:8c:40:49:ba:d7:3f:53:fc:e5:e0:39:3c:7b: 2f:fb:20:0f:35:1a:9a:72:aa:11:d3:17:9a:8a:87:d4:7a:8f: d7:33:f2:79:b9:96:33:05:54:ce:ca:b0:43:6a:11:14:09:bb: 1d:6e:ba:d6:44:3a:1e:df:6b:a9:cf:19:25:01:88:49:13:a9: db:03:34:dd:9a:b6:76:19:ec:b1:10:31:ee:4d:44:70:fa:39: 73:ce:70:b8 -----BEGIN CERTIFICATE----- MIIFQzCCBCugAwIBAgIDANyKMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI2MDMyNTA1NTg1OVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjljMzc5YTMtYWIxMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMeR9cit/k+/Gta6hJq8vHXcCeRUfX/+qOwnKSfYQHdrtNtS22COEiu8Soiz /JLUThCY28kubnyABSB6hdxzSKZY2OPbWzd72Hn39dbRruLp8/RrlQUs4nUjs2tw C7F8gpLW+tgeHEXdTaNLFExyadTI2ruLEMr8U8RwbkJg4gL78Kjd5r1bRMiOT0ko mE/qiN/sL0RcWd9fJ43m8F7kvMaA9kpBEFMWVNMlbypMl+kG+kYeHX/AIvC1Xrpr z5oxLA5Juq6Svz7PtzL00+DbFx4/2XqJnVz30JC+2rxZV2sYkKoWiFuy/NaHWtu4 mQiiPIIq4lN4+XDbBpMaTRR5PCECAwEAAaOCAmYwggJiMB0GA1UdDgQWBBSsy8wJ NqP90slUrYy3r5l/s91FHzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzJEODlEREM0 QUEzNDExRUU5RDFCNzU4MEM0RjlBRTAyLnJvYTAlBggrBgEFBQcBBwEB/wQWMBQw EgQCAAEwDAMEAWcfCAMEAmdOzDANBgkqhkiG9w0BAQsFAAOCAQEATxdoZ7BU2Ria NH6AKXzhTZxKM7k3MBYUYwtbay1tI6Q2NekPAw6K0pgp4YGIfcANmsdB7skAQ7T6 KLrayN+Hk1r8v+8fFUDCK3ZNpgLouk5z4pDVZE0WbMqbwrcAALQCQCYegf5vK8jm Tadu6dpA/eGFit/FXu3gJjS853mEUPsLAwdDt3pbp6Y6ub3MJHzdVzwYor4haxY5 8etla8h5vXnka0cVA1mMQEm61z9T/OXgOTx7L/sgDzUamnKqEdMXmoqH1HqP1zPy ebmWMwVUzsqwQ2oRFAm7HW661kQ6Ht9rqc8ZJQGISROp2wM03Zq2dhnssRAx7k1E cPo5c85wuA== -----END CERTIFICATE-----Generated at Thu Mar 26 09:08:51 2026 by rpki-client