$ rpki-client -vvf rpki.apnic.net/member_repository/A919D588/BF7D5E767BF311F0A05FAD82C4F9AE02/8A65797E7BF511F0BEBF8326C4F9AE02.roa File: 8A65797E7BF511F0BEBF8326C4F9AE02.roa (raw, json) Hash identifier: iP831x/fULSZ/fmDwuHrWqBHoTP+BYRChB7pWllsa7M= Subject key identifier: C2:6F:0A:75:4E:6A:74:7C:98:FF:F4:A0:B4:C7:B5:23:19:F6:E3:52 Certificate issuer: /CN=A919D588/serialNumber=882859D52301F01571D9D4CF953F45E075E09A98 Certificate serial: 70 Authority key identifier: 88:28:59:D5:23:01:F0:15:71:D9:D4:CF:95:3F:45:E0:75:E0:9A:98 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iChZ1SMB8BVx2dTPlT9F4HXgmpg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919D588/BF7D5E767BF311F0A05FAD82C4F9AE02/8A65797E7BF511F0BEBF8326C4F9AE02.roa Signing time: Mon 02 Mar 2026 12:39:21 +0000 ROA not before: Mon 18 Aug 2025 05:38:17 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 45158 IP address blocks: 103.251.172.0/22 maxlen: 23 120.29.240.0/21 maxlen: 21 120.29.245.0/24 maxlen: 24 120.29.246.0/24 maxlen: 24 2407:1e00::/32 maxlen: 32 2407:1e00::/33 maxlen: 40 2407:1e00:1003::/48 maxlen: 48 2407:1e00:8000::/33 maxlen: 37 2407:1e00:8000::/34 maxlen: 40 2407:1e00:c000::/35 maxlen: 40 2407:1e00:e000::/36 maxlen: 40 2407:1e00:f000::/37 maxlen: 40 2407:1e00:f800::/38 maxlen: 38 2407:1e00:f800::/39 maxlen: 39 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919D588/BF7D5E767BF311F0A05FAD82C4F9AE02/iChZ1SMB8BVx2dTPlT9F4HXgmpg.crl rsync://rpki.apnic.net/member_repository/A919D588/BF7D5E767BF311F0A05FAD82C4F9AE02/iChZ1SMB8BVx2dTPlT9F4HXgmpg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iChZ1SMB8BVx2dTPlT9F4HXgmpg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Apr 2026 07:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 112 (0x70) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919D588, serialNumber=882859D52301F01571D9D4CF953F45E075E09A98 Validity Not Before: Aug 18 05:38:17 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=69a584f9-8e1e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:ce:f9:b1:4e:31:cf:7b:05:37:21:d6:9d:a5: b6:0b:03:43:a7:52:01:b3:70:98:20:1d:80:85:2e: 72:e8:fb:42:f2:68:62:01:f4:44:08:44:80:23:af: c0:69:72:db:12:ee:15:ee:64:b4:98:2b:d3:16:81: 04:cc:c9:8c:f2:26:08:f4:7a:d7:60:9f:72:91:93: 6a:61:02:da:1e:7e:5a:ee:17:11:df:18:da:3e:ee: ff:cd:56:7f:51:80:57:a5:7f:45:ab:51:b1:b3:f6: 4a:e7:62:fd:74:f4:ed:24:18:17:a3:3f:46:76:39: 5b:47:e8:cd:1b:42:e3:f6:5e:de:40:04:9d:f0:7c: bd:41:4c:10:22:2d:a6:e1:0e:54:c0:8f:8e:9e:07: 42:90:42:0b:d0:ac:32:38:45:2f:cb:f7:ff:09:c0: a4:1c:3a:07:92:56:96:f5:18:09:bb:ff:d4:9b:f8: f9:93:74:1f:a6:e0:97:dc:d3:b9:8b:f6:a3:2e:45: 85:d2:5a:c5:05:ee:91:79:d8:83:d7:ca:49:ba:20: f7:6e:38:a0:b6:82:bd:93:a6:c4:f7:11:37:6e:01: 20:4a:49:86:44:4d:96:5f:46:6b:b3:c0:db:26:c5: c2:e1:6f:3a:92:24:48:74:b7:b7:4e:1a:56:7b:1f: af:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:6F:0A:75:4E:6A:74:7C:98:FF:F4:A0:B4:C7:B5:23:19:F6:E3:52 X509v3 Authority Key Identifier: keyid:88:28:59:D5:23:01:F0:15:71:D9:D4:CF:95:3F:45:E0:75:E0:9A:98 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919D588/BF7D5E767BF311F0A05FAD82C4F9AE02/iChZ1SMB8BVx2dTPlT9F4HXgmpg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iChZ1SMB8BVx2dTPlT9F4HXgmpg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919D588/BF7D5E767BF311F0A05FAD82C4F9AE02/8A65797E7BF511F0BEBF8326C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.251.172.0/22 120.29.240.0/21 IPv6: 2407:1e00::/32 Signature Algorithm: sha256WithRSAEncryption 4a:87:33:b8:7b:48:b7:6e:44:78:3c:24:25:f4:e0:1d:d9:be: ba:5e:93:a5:fe:11:1b:79:80:69:9c:d0:14:65:aa:1e:58:ae: 56:fb:52:61:2f:65:0c:91:f1:dc:ba:c5:71:86:e5:c6:2c:89: 63:35:64:fb:0d:0a:7c:e7:f8:c1:0c:52:59:d8:18:0b:5a:e6: 18:ba:36:ab:f6:a7:77:39:ab:22:ad:6d:94:fd:e7:17:c0:e2: 36:01:1d:da:55:86:8c:13:a9:a0:af:79:af:8a:79:cd:7c:32: b9:8e:71:cb:4a:82:fb:46:8b:21:3a:9f:56:c3:d7:19:f0:f8: db:b1:ca:82:e8:4e:83:f9:64:42:be:d9:72:6b:b7:c1:02:43: 02:72:11:66:23:11:c4:f4:35:91:53:80:7c:3d:fa:99:cb:66: 3c:b5:af:5d:f1:b9:df:a6:d8:e1:63:4d:80:8b:bc:14:40:32: ec:e5:3e:f7:3b:94:fc:de:55:8e:df:77:bc:f4:50:1c:6f:0c: cd:6b:04:e3:ef:06:94:b2:35:67:2e:1c:e7:6b:8a:c9:01:73: b2:e8:f8:c8:3b:c9:b9:51:7f:19:df:d1:ac:50:7f:b2:51:4e: a4:00:c1:e8:f1:70:ee:d4:e6:d3:70:02:41:57:9b:e5:0b:0c: db:d0:2a:a1 -----BEGIN CERTIFICATE----- MIIFUDCCBDigAwIBAgIBcDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5 RDU4ODExMC8GA1UEBRMoODgyODU5RDUyMzAxRjAxNTcxRDlENENGOTUzRjQ1RTA3 NUUwOUE5ODAeFw0yNTA4MTgwNTM4MTdaFw0yNjEwMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY5YTU4NGY5LThlMWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCtzvmxTjHPewU3IdadpbYLA0OnUgGzcJggHYCFLnLo+0LyaGIB9EQIRIAjr8Bp ctsS7hXuZLSYK9MWgQTMyYzyJgj0etdgn3KRk2phAtoeflruFxHfGNo+7v/NVn9R gFelf0WrUbGz9krnYv109O0kGBejP0Z2OVtH6M0bQuP2Xt5ABJ3wfL1BTBAiLabh DlTAj46eB0KQQgvQrDI4RS/L9/8JwKQcOgeSVpb1GAm7/9Sb+PmTdB+m4Jfc07mL 9qMuRYXSWsUF7pF52IPXykm6IPduOKC2gr2TpsT3ETduASBKSYZETZZfRmuzwNsm xcLhbzqSJEh0t7dOGlZ7H6+vAgMBAAGjggJ1MIICcTAdBgNVHQ4EFgQUwm8KdU5q dHyY//SgtMe1Ixn241IwHwYDVR0jBBgwFoAUiChZ1SMB8BVx2dTPlT9F4HXgmpgw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTlENTg4L0JGN0Q1RTc2N0JG MzExRjBBMDVGQUQ4MkM0RjlBRTAyL2lDaFoxU01COEJWeDJkVFBsVDlGNEhYZ21w Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvaUNoWjFTTUI4QlZ4MmRUUGxUOUY0SFhnbXBnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgZYGCCsGAQUFBwELBIGJMIGGMIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 RDU4OC9CRjdENUU3NjdCRjMxMUYwQTA1RkFEODJDNEY5QUUwMi84QTY1Nzk3RTdC RjUxMUYwQkVCRjgzMjZDNEY5QUUwMi5yb2EwNAYIKwYBBQUHAQcBAf8EJTAjMBIE AgABMAwDBAJn+6wDBAN4HfAwDQQCAAIwBwMFACQHHgAwDQYJKoZIhvcNAQELBQAD ggEBAEqHM7h7SLduRHg8JCX04B3Zvrpek6X+ERt5gGmc0BRlqh5Yrlb7UmEvZQyR 8dy6xXGG5cYsiWM1ZPsNCnzn+MEMUlnYGAta5hi6Nqv2p3c5qyKtbZT95xfA4jYB HdpVhowTqaCvea+Kec18MrmOcctKgvtGiyE6n1bD1xnw+NuxyoLoToP5ZEK+2XJr t8ECQwJyEWYjEcT0NZFTgHw9+pnLZjy1r13xud+m2OFjTYCLvBRAMuzlPvc7lPze VY7fd7z0UBxvDM1rBOPvBpSyNWcuHOdriskBc7Lo+Mg7yblRfxnf0axQf7JRTqQA wejxcO7U5tNwAkFXm+ULDNvQKqE= -----END CERTIFICATE-----Generated at Thu Mar 26 02:28:48 2026 by rpki-client