$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC40/617F353640E111EABC62DB26C4F9AE02/4BB2BBFEEA0B11F09069D0EA6F6F56BC.roa File: 4BB2BBFEEA0B11F09069D0EA6F6F56BC.roa (raw, json) Hash identifier: 2xZ7k/voMKzDAbPl0iSayXcIKNq/l+8uvtLON3JZksk= Subject key identifier: EF:81:43:94:9B:94:1F:C5:FC:D9:A6:5D:A6:6D:79:AA:5F:81:4A:0D Certificate issuer: /CN=A918FC40/serialNumber=1601D8650DD556B2AFB083B233FF65AE3DAD1571 Certificate serial: 0BE1 Authority key identifier: 16:01:D8:65:0D:D5:56:B2:AF:B0:83:B2:33:FF:65:AE:3D:AD:15:71 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FgHYZQ3VVrKvsIOyM_9lrj2tFXE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918FC40/617F353640E111EABC62DB26C4F9AE02/4BB2BBFEEA0B11F09069D0EA6F6F56BC.roa Signing time: Sun 01 Mar 2026 18:34:26 +0000 ROA not before: Wed 21 Jan 2026 08:40:57 +0000 ROA not after: Tue 02 Mar 2027 00:00:00 +0000 asID: 23532 IP address blocks: 103.23.72.0/24 maxlen: 24 103.23.73.0/24 maxlen: 24 103.23.74.0/24 maxlen: 24 103.23.75.0/24 maxlen: 24 103.246.255.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918FC40/617F353640E111EABC62DB26C4F9AE02/FgHYZQ3VVrKvsIOyM_9lrj2tFXE.crl rsync://rpki.apnic.net/member_repository/A918FC40/617F353640E111EABC62DB26C4F9AE02/FgHYZQ3VVrKvsIOyM_9lrj2tFXE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FgHYZQ3VVrKvsIOyM_9lrj2tFXE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 18:48:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3041 (0xbe1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918FC40, serialNumber=1601D8650DD556B2AFB083B233FF65AE3DAD1571 Validity Not Before: Jan 21 08:40:57 2026 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=69a486b2-dc47 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:bc:8d:e7:32:01:f0:b7:11:de:56:bc:59:07: 6d:25:62:81:c1:5b:9f:c9:d1:a1:b7:55:ab:9c:1a: de:0f:5c:c2:57:30:82:17:39:96:7a:5f:c2:b0:24: b0:b4:7e:49:bf:a7:48:a4:e2:6f:14:d3:0c:f2:38: f2:cb:11:d4:96:a3:75:9c:d4:18:7a:4e:a7:37:ee: 58:ba:80:fe:e6:2b:eb:d3:8c:34:02:68:37:b7:e5: 35:8d:17:53:c2:7e:f0:54:90:66:98:40:32:48:c2: de:7b:eb:b4:d7:95:16:84:df:5f:07:44:05:78:03: 44:c0:93:db:91:c1:7e:7d:62:1b:c3:ee:bf:48:12: ea:4d:cd:a8:61:e9:11:92:7a:0b:36:a8:aa:0e:1f: 79:06:96:7f:48:91:0b:62:ff:3f:d1:8b:38:10:72: d7:51:cc:d0:df:8c:de:a7:ed:48:eb:d9:c9:38:1f: 76:4c:30:87:6c:a6:04:cd:2b:c5:61:a8:ff:d1:fc: 34:ed:75:39:9b:c5:db:36:97:94:c9:d1:c6:03:31: 25:e7:64:6d:25:cd:54:9f:8e:53:4e:d9:ed:a8:57: 9d:78:78:8f:2d:38:92:29:f9:e2:05:71:90:39:fa: c2:55:d5:d0:2c:04:c7:60:da:e8:81:68:eb:81:2c: d3:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:81:43:94:9B:94:1F:C5:FC:D9:A6:5D:A6:6D:79:AA:5F:81:4A:0D X509v3 Authority Key Identifier: keyid:16:01:D8:65:0D:D5:56:B2:AF:B0:83:B2:33:FF:65:AE:3D:AD:15:71 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918FC40/617F353640E111EABC62DB26C4F9AE02/FgHYZQ3VVrKvsIOyM_9lrj2tFXE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FgHYZQ3VVrKvsIOyM_9lrj2tFXE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC40/617F353640E111EABC62DB26C4F9AE02/4BB2BBFEEA0B11F09069D0EA6F6F56BC.roa sbgp-ipAddrBlock: critical IPv4: 103.23.72.0/22 103.246.255.0/24 Signature Algorithm: sha256WithRSAEncryption 2b:24:1a:af:51:2f:f1:ec:e0:a3:41:da:41:df:44:8c:3c:b2: 0a:89:6e:df:a1:b6:e0:d3:a7:db:50:03:e7:75:80:24:40:46: 41:10:d3:0b:d5:f9:0d:08:63:67:9f:af:61:ec:45:ce:64:95: c1:6a:54:e4:aa:d8:ca:d2:13:d1:17:f5:9e:ed:92:36:ef:a5: 9c:e1:2b:f9:2f:70:11:0f:04:e3:aa:c1:7d:3c:a7:43:95:40: 44:70:de:ce:a6:c6:ab:c8:ae:ff:6d:b4:bb:d1:c0:a3:d9:e0: 2a:83:0d:ee:65:b8:41:16:37:2b:b0:a7:a3:ef:b7:27:3d:55: c4:cc:09:69:c5:81:81:2a:2b:e5:36:b3:e2:62:7b:d5:bd:7a: e7:7e:e9:10:49:4a:14:68:f1:9b:5e:32:91:08:de:b8:05:24: 28:03:73:f5:f3:c8:57:44:e7:c0:69:a7:de:5d:52:0b:f3:a0: 40:f2:76:23:64:6d:45:f5:ed:12:d7:d8:d4:04:4a:08:dc:1b: c2:71:e7:1a:ab:1c:5e:88:c5:51:d9:91:1a:36:32:9f:21:f6: d8:f9:74:53:22:41:97:4f:74:a8:b1:a0:00:be:25:dd:85:f1: 3e:3f:e6:fc:88:ce:55:a2:a8:dc:a9:78:0a:f0:e5:29:78:e4: 3e:1c:48:44 -----BEGIN CERTIFICATE----- MIIFQjCCBCqgAwIBAgICC+EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEZDNDAxMTAvBgNVBAUTKDE2MDFEODY1MERENTU2QjJBRkIwODNCMjMzRkY2NUFF M0RBRDE1NzEwHhcNMjYwMTIxMDg0MDU3WhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0ODZiMi1kYzQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAq7yN5zIB8LcR3la8WQdtJWKBwVufydGht1WrnBreD1zCVzCCFzmWel/CsCSw tH5Jv6dIpOJvFNMM8jjyyxHUlqN1nNQYek6nN+5YuoD+5ivr04w0Amg3t+U1jRdT wn7wVJBmmEAySMLee+u015UWhN9fB0QFeANEwJPbkcF+fWIbw+6/SBLqTc2oYekR knoLNqiqDh95BpZ/SJELYv8/0Ys4EHLXUczQ34zep+1I69nJOB92TDCHbKYEzSvF Yaj/0fw07XU5m8XbNpeUydHGAzEl52RtJc1Un45TTtntqFedeHiPLTiSKfniBXGQ OfrCVdXQLATHYNrogWjrgSzTZQIDAQABo4ICZjCCAmIwHQYDVR0OBBYEFO+BQ5Sb lB/F/NmmXaZteapfgUoNMB8GA1UdIwQYMBaAFBYB2GUN1Vayr7CDsjP/Za49rRVx MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM0MC82MTdGMzUzNjQw RTExMUVBQkM2MkRCMjZDNEY5QUUwMi9GZ0hZWlEzVlZyS3ZzSU95TV85bHJqMnRG WEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZnSFlaUTNWVnJLdnNJT3lNXzlscmoydEZYRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEZDNDAvNjE3RjM1MzY0MEUxMTFFQUJDNjJEQjI2QzRGOUFFMDIvNEJCMkJCRkVF QTBCMTFGMDkwNjlEMEVBNkY2RjU2QkMucm9hMCUGCCsGAQUFBwEHAQH/BBYwFDAS BAIAATAMAwQCZxdIAwQAZ/b/MA0GCSqGSIb3DQEBCwUAA4IBAQArJBqvUS/x7OCj QdpB30SMPLIKiW7fobbg06fbUAPndYAkQEZBENML1fkNCGNnn69h7EXOZJXBalTk qtjK0hPRF/We7ZI276Wc4Sv5L3ARDwTjqsF9PKdDlUBEcN7OpsaryK7/bbS70cCj 2eAqgw3uZbhBFjcrsKej77cnPVXEzAlpxYGBKivlNrPiYnvVvXrnfukQSUoUaPGb XjKRCN64BSQoA3P188hXROfAaafeXVIL86BA8nYjZG1F9e0S19jUBEoI3BvCceca qxxeiMVR2ZEaNjKfIfbY+XRTIkGXT3SosaAAviXdhfE+P+b8iM5VoqjcqXgK8OUp eOQ+HEhE -----END CERTIFICATE-----Generated at Thu Mar 26 13:57:22 2026 by rpki-client