$ rpki-client -vvf rpki.apnic.net/member_repository/A9194E03/3F48F2241DA611E29A075D9D08B02CD2/70B74E2A16D811F1AFC6DD17323D8C67.roa File: 70B74E2A16D811F1AFC6DD17323D8C67.roa (raw, json) Hash identifier: nrDC018+z1XNNvIImlFWWlSnFpyUJj5uRlYNJgcEsC8= Subject key identifier: A8:3C:1E:B1:3C:AA:DA:A1:AB:99:DE:9A:EA:36:C3:45:0C:98:06:19 Certificate issuer: /CN=A9194E03/serialNumber=E39AB1D07B50DBB9ABE2CB51CD9B1E3A5A854521 Certificate serial: 3590 Authority key identifier: E3:9A:B1:D0:7B:50:DB:B9:AB:E2:CB:51:CD:9B:1E:3A:5A:85:45:21 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/45qx0HtQ27mr4stRzZseOlqFRSE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9194E03/3F48F2241DA611E29A075D9D08B02CD2/70B74E2A16D811F1AFC6DD17323D8C67.roa Signing time: Tue 28 Apr 2026 01:08:51 +0000 ROA not before: Tue 28 Apr 2026 01:08:51 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 2914 IP address blocks: 101.0.12.0/24 maxlen: 24 101.0.13.0/24 maxlen: 24 101.0.14.0/24 maxlen: 24 101.0.15.0/24 maxlen: 24 101.0.16.0/24 maxlen: 24 101.0.20.0/24 maxlen: 24 101.0.21.0/24 maxlen: 24 101.0.22.0/24 maxlen: 24 103.46.204.0/24 maxlen: 24 103.46.207.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9194E03/3F48F2241DA611E29A075D9D08B02CD2/45qx0HtQ27mr4stRzZseOlqFRSE.crl rsync://rpki.apnic.net/member_repository/A9194E03/3F48F2241DA611E29A075D9D08B02CD2/45qx0HtQ27mr4stRzZseOlqFRSE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/45qx0HtQ27mr4stRzZseOlqFRSE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 19 May 2026 15:11:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13712 (0x3590) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9194E03, serialNumber=E39AB1D07B50DBB9ABE2CB51CD9B1E3A5A854521 Validity Not Before: Apr 28 01:08:51 2026 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=69f008a3-4b0e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:53:58:e4:b6:c0:ad:f3:71:ba:70:e9:e7:07: fe:51:a1:1d:ea:62:b6:fb:fc:6d:11:52:e7:d8:2b: 3a:f0:e8:55:93:43:bc:f5:5d:d3:da:59:51:6c:18: 7d:83:99:cb:ac:c5:ef:e0:ae:b0:e6:69:5b:e7:67: 92:d4:a2:f8:d1:65:99:42:28:f6:e0:eb:60:f2:49: 32:1e:09:72:6a:9d:65:22:11:58:3b:28:77:06:03: 2a:44:d8:b0:d5:54:03:ca:92:7e:99:33:3c:87:8f: 63:2e:38:2b:b0:37:dc:59:f3:c0:ad:60:9a:6c:d8: 30:58:40:d4:ba:25:b0:68:0e:e0:5f:f8:e2:cc:0f: cc:38:9b:cf:b4:94:c2:56:02:e3:65:56:97:4e:2a: 17:71:13:1b:63:45:87:a8:61:53:b9:06:a0:de:3d: c6:7f:79:32:4f:25:08:9f:e9:00:f4:3e:e3:6b:81: 4d:9e:f9:bf:f9:bc:2f:64:f7:b9:ca:f0:b1:dc:29: 3f:f5:0a:8a:8f:4b:26:d1:fd:7c:39:86:d3:cf:f7: 2d:3a:68:67:f6:ed:bf:5b:4a:82:21:01:69:a5:e2: 7d:a4:b3:48:61:a9:90:28:06:65:87:6d:e1:ea:67: 76:8b:ac:2a:8f:07:07:f1:21:4f:68:83:24:7a:15: ed:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:3C:1E:B1:3C:AA:DA:A1:AB:99:DE:9A:EA:36:C3:45:0C:98:06:19 X509v3 Authority Key Identifier: keyid:E3:9A:B1:D0:7B:50:DB:B9:AB:E2:CB:51:CD:9B:1E:3A:5A:85:45:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9194E03/3F48F2241DA611E29A075D9D08B02CD2/45qx0HtQ27mr4stRzZseOlqFRSE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/45qx0HtQ27mr4stRzZseOlqFRSE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9194E03/3F48F2241DA611E29A075D9D08B02CD2/70B74E2A16D811F1AFC6DD17323D8C67.roa sbgp-ipAddrBlock: critical IPv4: 101.0.12.0-101.0.16.255 101.0.20.0-101.0.22.255 103.46.204.0/24 103.46.207.0/24 Signature Algorithm: sha256WithRSAEncryption 5f:a5:81:aa:1c:7d:de:a2:89:3e:e7:b6:8b:b6:17:7a:8b:7a: 15:27:ef:93:71:aa:41:8f:94:fc:17:dc:53:ac:cb:71:07:ba: 9d:f5:49:eb:b4:94:e9:67:c3:39:62:38:83:b9:89:fd:60:00: 2a:c7:2e:7c:d6:60:5a:1c:9e:cd:4c:41:72:e7:e1:f9:aa:44: 21:49:73:bd:29:46:2c:20:6d:59:1f:ce:39:a0:5c:e8:b9:19: 01:9d:eb:0b:86:5e:f6:03:91:4a:09:52:09:86:70:70:7a:43: c7:4f:f4:30:81:4e:d0:70:ee:47:d2:44:a3:a6:f9:5e:d4:2f: 7d:09:62:b4:77:30:e9:20:fc:fa:58:b7:50:04:3a:d6:ae:f5: 8c:98:53:00:ce:9e:75:d1:96:d0:7e:5b:db:b5:55:57:91:df: 33:d9:39:e3:0e:a1:6b:c2:d8:7f:0a:77:c9:d6:8e:1a:39:b3: 3a:28:2a:32:a9:9b:b4:64:f7:ee:8a:23:11:79:dc:f2:79:8d: 43:40:0b:92:4b:df:aa:36:2c:38:c5:c6:6d:19:df:4d:36:8a: 52:2d:df:96:5d:b9:de:bb:9f:a0:ad:91:b1:b9:87:5e:9c:65: 82:4f:1b:e0:dd:64:87:7f:7b:00:2f:70:3b:0c:52:a1:6a:61: 09:c0:49:da -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgICNZAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTRFMDMxMTAvBgNVBAUTKEUzOUFCMUQwN0I1MERCQjlBQkUyQ0I1MUNEOUIxRTNB NUE4NTQ1MjEwHhcNMjYwNDI4MDEwODUxWhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWYwMDhhMy00YjBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoFNY5LbArfNxunDp5wf+UaEd6mK2+/xtEVLn2Cs68OhVk0O89V3T2llRbBh9 g5nLrMXv4K6w5mlb52eS1KL40WWZQij24Otg8kkyHglyap1lIhFYOyh3BgMqRNiw 1VQDypJ+mTM8h49jLjgrsDfcWfPArWCabNgwWEDUuiWwaA7gX/jizA/MOJvPtJTC VgLjZVaXTioXcRMbY0WHqGFTuQag3j3Gf3kyTyUIn+kA9D7ja4FNnvm/+bwvZPe5 yvCx3Ck/9QqKj0sm0f18OYbTz/ctOmhn9u2/W0qCIQFppeJ9pLNIYamQKAZlh23h 6md2i6wqjwcH8SFPaIMkehXtfQIDAQABo4ICgjCCAn4wHQYDVR0OBBYEFKg8HrE8 qtqhq5nemuo2w0UMmAYZMB8GA1UdIwQYMBaAFOOasdB7UNu5q+LLUc2bHjpahUUh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NEUwMy8zRjQ4RjIyNDFE QTYxMUUyOUEwNzVEOUQwOEIwMkNEMi80NXF4MEh0UTI3bXI0c3RSelpzZU9scUZS U0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzQ1cXgwSHRRMjdtcjRzdFJ6WnNlT2xxRlJTRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTRFMDMvM0Y0OEYyMjQxREE2MTFFMjlBMDc1RDlEMDhCMDJDRDIvNzBCNzRFMkEx NkQ4MTFGMUFGQzZERDE3MzIzRDhDNjcucm9hMEEGCCsGAQUFBwEHAQH/BDIwMDAu BAIAATAoMAwDBAJlAAwDBABlABAwDAMEAmUAFAMEAGUAFgMEAGcuzAMEAGcuzzAN BgkqhkiG9w0BAQsFAAOCAQEAX6WBqhx93qKJPue2i7YXeot6FSfvk3GqQY+U/Bfc U6zLcQe6nfVJ67SU6WfDOWI4g7mJ/WAAKscufNZgWhyezUxBcufh+apEIUlzvSlG LCBtWR/OOaBc6LkZAZ3rC4Ze9gORSglSCYZwcHpDx0/0MIFO0HDuR9JEo6b5XtQv fQlitHcw6SD8+li3UAQ61q71jJhTAM6eddGW0H5b27VVV5HfM9k54w6ha8LYfwp3 ydaOGjmzOigqMqmbtGT37oojEXnc8nmNQ0ALkkvfqjYsOMXGbRnfTTaKUi3fll25 3rufoK2RsbmHXpxlgk8b4N1kh397AC9wOwxSoWphCcBJ2g== -----END CERTIFICATE-----Generated at Wed May 13 05:52:56 2026 by rpki-client