$ rpki-client -vvf rpki.apnic.net/member_repository/A919C0F6/D2BB755AEF4F11EDB5D71F46C4F9AE02/D016C916EF5A11EDA6863E67C4F9AE02.roa File: D016C916EF5A11EDA6863E67C4F9AE02.roa (raw, json) Hash identifier: nXaJEL2Mrq8fU+6wPKkU0sQrXeAgVj/w4qTZTobSWEM= Subject key identifier: 00:6D:BE:8E:DF:A0:32:67:CB:D9:A4:7A:86:C1:E9:9A:2D:83:13:43 Certificate issuer: /CN=A919C0F6/serialNumber=AD4667CEE8E3F9EDFF92E7FBBB37FFC66C0073A2 Certificate serial: 0215 Authority key identifier: AD:46:67:CE:E8:E3:F9:ED:FF:92:E7:FB:BB:37:FF:C6:6C:00:73:A2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rUZnzujj-e3_kuf7uzf_xmwAc6I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919C0F6/D2BB755AEF4F11EDB5D71F46C4F9AE02/D016C916EF5A11EDA6863E67C4F9AE02.roa Signing time: Sun 01 Mar 2026 06:35:09 +0000 ROA not before: Sat 03 May 2025 03:39:40 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 58594 IP address blocks: 43.250.120.0/22 maxlen: 22 43.250.120.0/24 maxlen: 24 43.250.121.0/24 maxlen: 24 43.250.122.0/24 maxlen: 24 43.250.123.0/24 maxlen: 24 103.9.12.0/22 maxlen: 22 103.9.12.0/24 maxlen: 24 103.9.13.0/24 maxlen: 24 103.9.14.0/24 maxlen: 24 103.9.15.0/24 maxlen: 24 2401:27c0::/32 maxlen: 32 2401:27c0::/36 maxlen: 36 2401:27c0:1000::/36 maxlen: 36 2401:27c0:2000::/36 maxlen: 36 2401:27c0:3000::/36 maxlen: 36 2401:27c0:4000::/36 maxlen: 36 2401:27c0:5000::/36 maxlen: 36 2401:27c0:6000::/36 maxlen: 36 2401:27c0:7000::/36 maxlen: 36 2401:27c0:8000::/36 maxlen: 36 2401:27c0:9000::/36 maxlen: 36 2401:27c0:a000::/36 maxlen: 36 2401:27c0:b000::/36 maxlen: 36 2401:27c0:c000::/36 maxlen: 36 2401:27c0:d000::/36 maxlen: 36 2401:27c0:e000::/36 maxlen: 36 2401:27c0:f000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919C0F6/D2BB755AEF4F11EDB5D71F46C4F9AE02/rUZnzujj-e3_kuf7uzf_xmwAc6I.crl rsync://rpki.apnic.net/member_repository/A919C0F6/D2BB755AEF4F11EDB5D71F46C4F9AE02/rUZnzujj-e3_kuf7uzf_xmwAc6I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rUZnzujj-e3_kuf7uzf_xmwAc6I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Apr 2026 02:10:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 533 (0x215) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919C0F6, serialNumber=AD4667CEE8E3F9EDFF92E7FBBB37FFC66C0073A2 Validity Not Before: May 3 03:39:40 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=69a3de1d-02f9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:43:9e:53:c8:3f:04:b9:10:ee:0b:16:2d:a8: 32:9e:03:18:92:31:0c:b8:87:2d:fc:4d:d3:53:dd: e9:2d:b3:73:63:e6:6c:ff:d5:d5:5c:a5:79:8a:9b: 09:d4:cf:56:3e:ab:17:55:4c:8b:69:bd:ad:8c:9c: df:6d:60:9b:7f:94:51:19:ad:cf:b5:06:47:57:e6: f7:23:fd:7a:bd:bb:ed:f0:96:99:62:5b:71:d1:63: fe:64:0e:2a:b6:b4:ca:f9:d9:95:27:31:80:45:72: b4:a8:6b:cf:52:70:91:06:8f:a8:6f:88:60:4c:15: c9:14:b7:0b:c7:19:e6:0b:30:63:95:8c:d2:b6:c0: 8a:45:04:79:76:86:f9:20:02:0a:77:e0:a9:eb:c5: d0:fe:43:20:2c:cb:a6:54:fa:f0:ec:9e:07:0a:92: 33:f4:9d:10:28:5c:f7:9b:2a:f2:7b:56:3d:fe:34: 36:3b:19:ac:a3:0b:4c:e0:c3:b8:9b:7d:c5:a9:37: 97:13:64:f4:9d:2f:c4:db:4e:d5:85:d4:cd:7e:9b: 57:f4:06:70:fc:42:68:31:43:63:70:e1:1f:37:a8: 2f:21:87:11:60:23:55:8e:4b:22:2d:57:2a:98:4d: 70:fc:35:d5:1f:f9:1e:d5:24:30:fa:d1:e6:0d:d9: a9:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:6D:BE:8E:DF:A0:32:67:CB:D9:A4:7A:86:C1:E9:9A:2D:83:13:43 X509v3 Authority Key Identifier: keyid:AD:46:67:CE:E8:E3:F9:ED:FF:92:E7:FB:BB:37:FF:C6:6C:00:73:A2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919C0F6/D2BB755AEF4F11EDB5D71F46C4F9AE02/rUZnzujj-e3_kuf7uzf_xmwAc6I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rUZnzujj-e3_kuf7uzf_xmwAc6I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919C0F6/D2BB755AEF4F11EDB5D71F46C4F9AE02/D016C916EF5A11EDA6863E67C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.250.120.0/22 103.9.12.0/22 IPv6: 2401:27c0::/32 Signature Algorithm: sha256WithRSAEncryption b3:89:ba:0e:f3:f9:b6:40:ed:a7:09:13:07:aa:9f:f3:4e:37: db:4f:55:63:2e:17:b8:b6:20:16:f8:2c:f2:cb:89:5c:d5:9a: 33:4a:cf:b0:cc:99:1f:e4:6d:39:32:47:64:44:6a:d8:3c:ef: 28:27:20:85:93:f2:b5:71:33:91:90:3d:45:33:60:e0:06:97: 04:5c:63:25:2d:a8:40:79:ba:03:21:b0:76:40:b3:e9:62:d4: 03:82:2f:f1:e2:a5:11:15:2c:bb:ee:89:90:4b:69:9b:63:6f: 99:94:f9:ba:7e:06:e5:69:e5:b3:d6:d1:8c:78:f9:45:3a:d9: f3:fb:1a:07:1d:dd:8a:5c:b5:82:4f:04:18:d6:e0:51:ae:85: d0:e7:81:7e:e0:84:23:29:a9:e6:18:3f:3f:e1:85:76:87:07: 76:8a:3d:4f:93:95:bd:2b:78:55:5c:0e:10:c2:75:ee:cf:04: 67:75:ba:16:d4:c2:de:d2:fa:e3:f3:3a:b6:ce:3c:e4:96:87: e4:75:0e:99:1a:eb:89:2c:5d:c4:a1:52:32:ae:87:fe:0a:86: 31:87:ba:49:08:51:98:6b:c1:db:4a:e1:e3:d9:7c:f8:16:0d: 32:3a:62:73:57:8f:cf:88:41:b9:7e:43:38:cd:7d:e0:08:0c: a8:2e:af:19 -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgICAhUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUMwRjYxMTAvBgNVBAUTKEFENDY2N0NFRThFM0Y5RURGRjkyRTdGQkJCMzdGRkM2 NkMwMDczQTIwHhcNMjUwNTAzMDMzOTQwWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWEzZGUxZC0wMmY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwkOeU8g/BLkQ7gsWLagyngMYkjEMuIct/E3TU93pLbNzY+Zs/9XVXKV5ipsJ 1M9WPqsXVUyLab2tjJzfbWCbf5RRGa3PtQZHV+b3I/16vbvt8JaZYltx0WP+ZA4q trTK+dmVJzGARXK0qGvPUnCRBo+ob4hgTBXJFLcLxxnmCzBjlYzStsCKRQR5dob5 IAIKd+Cp68XQ/kMgLMumVPrw7J4HCpIz9J0QKFz3myrye1Y9/jQ2OxmsowtM4MO4 m33FqTeXE2T0nS/E207VhdTNfptX9AZw/EJoMUNjcOEfN6gvIYcRYCNVjksiLVcq mE1w/DXVH/ke1SQw+tHmDdmpdQIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFABtvo7f oDJny9mkeobB6ZotgxNDMB8GA1UdIwQYMBaAFK1GZ87o4/nt/5Ln+7s3/8ZsAHOi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QzBGNi9EMkJCNzU1QUVG NEYxMUVEQjVENzFGNDZDNEY5QUUwMi9yVVpuenVqai1lM19rdWY3dXpmX3htd0Fj NkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JVWm56dWpqLWUzX2t1Zjd1emZfeG13QWM2SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OUMwRjYvRDJCQjc1NUFFRjRGMTFFREI1RDcxRjQ2QzRGOUFFMDIvRDAxNkM5MTZF RjVBMTFFREE2ODYzRTY3QzRGOUFFMDIucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS BAIAATAMAwQCK/p4AwQCZwkMMA0EAgACMAcDBQAkASfAMA0GCSqGSIb3DQEBCwUA A4IBAQCziboO8/m2QO2nCRMHqp/zTjfbT1VjLhe4tiAW+Czyy4lc1ZozSs+wzJkf 5G05MkdkRGrYPO8oJyCFk/K1cTORkD1FM2DgBpcEXGMlLahAeboDIbB2QLPpYtQD gi/x4qURFSy77omQS2mbY2+ZlPm6fgblaeWz1tGMePlFOtnz+xoHHd2KXLWCTwQY 1uBRroXQ54F+4IQjKanmGD8/4YV2hwd2ij1Pk5W9K3hVXA4QwnXuzwRndboW1MLe 0vrj8zq2zjzklofkdQ6ZGuuJLF3EoVIyrof+CoYxh7pJCFGYa8HbSuHj2Xz4Fg0y OmJzV4/PiEG5fkM4zX3gCAyoLq8Z -----END CERTIFICATE-----Generated at Thu Mar 26 19:14:52 2026 by rpki-client