$ rpki-client -vvf rpki.apnic.net/member_repository/A919EE77/D9BE07BA0CED11EBA7F1115BC4F9AE02/CD284E600CEE11EB88376B5BC4F9AE02.roa File: CD284E600CEE11EB88376B5BC4F9AE02.roa (raw, json) Hash identifier: WVnMtC67sqQYeTgYbTZ4xUIDg4NnFA5/AGE6r2DSlK8= Subject key identifier: FC:22:F4:19:D3:45:40:97:6E:7F:E1:47:C7:13:55:9D:C7:12:31:8D Certificate issuer: /CN=A919EE77/serialNumber=B781A2E7D91EDCA8B030DE3EA89FA4FAF1791F21 Certificate serial: 083D Authority key identifier: B7:81:A2:E7:D9:1E:DC:A8:B0:30:DE:3E:A8:9F:A4:FA:F1:79:1F:21 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t4Gi59ke3KiwMN4-qJ-k-vF5HyE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919EE77/D9BE07BA0CED11EBA7F1115BC4F9AE02/CD284E600CEE11EB88376B5BC4F9AE02.roa Signing time: Sun 01 Mar 2026 14:52:22 +0000 ROA not before: Fri 04 Jul 2025 22:02:20 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 55720 IP address blocks: 103.248.20.0/24 maxlen: 24 103.248.21.0/24 maxlen: 24 103.248.22.0/24 maxlen: 24 103.248.23.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919EE77/D9BE07BA0CED11EBA7F1115BC4F9AE02/t4Gi59ke3KiwMN4-qJ-k-vF5HyE.crl rsync://rpki.apnic.net/member_repository/A919EE77/D9BE07BA0CED11EBA7F1115BC4F9AE02/t4Gi59ke3KiwMN4-qJ-k-vF5HyE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t4Gi59ke3KiwMN4-qJ-k-vF5HyE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 20:42:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2109 (0x83d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919EE77, serialNumber=B781A2E7D91EDCA8B030DE3EA89FA4FAF1791F21 Validity Not Before: Jul 4 22:02:20 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=69a452a5-f542 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:3e:2b:85:8c:21:2a:cb:05:e5:3c:4b:33:77: 0f:13:45:2b:8a:e9:be:41:03:02:55:4e:55:77:a6: 9c:67:f8:74:17:d4:a1:52:7a:d3:16:8b:a9:a2:03: 70:00:78:97:58:f1:1e:eb:57:24:b8:c6:33:83:3a: 43:b8:84:23:c6:44:de:a8:cb:08:22:0a:85:c7:cd: 1e:02:33:eb:27:c5:71:f1:7b:67:d1:76:c7:4e:8f: d5:52:bf:40:82:07:43:95:16:e7:a6:eb:90:93:2c: 59:d3:8a:ab:a8:61:25:00:c9:b3:74:d7:a8:81:3e: 2e:96:9a:33:3f:97:d9:69:d7:75:53:65:78:8a:f4: 2a:01:b5:4a:37:7f:dd:6d:6d:7f:83:53:7e:d1:ef: 06:58:2d:8c:1d:81:b7:a7:2b:36:32:f6:20:3d:eb: 46:4f:39:d3:97:8a:a7:16:98:4b:1f:dc:ec:00:aa: de:b5:b8:91:ad:f1:9b:bf:2d:03:78:3a:eb:50:2a: 61:79:cb:82:46:bb:6a:6f:8b:ad:64:a0:6f:d9:25: 5f:f0:eb:99:51:48:7d:61:b0:36:08:a3:69:9b:b8: bf:5f:d2:8e:57:c1:6d:4f:9b:3c:2a:a8:c4:24:76: d9:2d:1e:ba:32:91:98:b6:c8:97:ea:ec:73:97:a8: 93:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:22:F4:19:D3:45:40:97:6E:7F:E1:47:C7:13:55:9D:C7:12:31:8D X509v3 Authority Key Identifier: keyid:B7:81:A2:E7:D9:1E:DC:A8:B0:30:DE:3E:A8:9F:A4:FA:F1:79:1F:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919EE77/D9BE07BA0CED11EBA7F1115BC4F9AE02/t4Gi59ke3KiwMN4-qJ-k-vF5HyE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t4Gi59ke3KiwMN4-qJ-k-vF5HyE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919EE77/D9BE07BA0CED11EBA7F1115BC4F9AE02/CD284E600CEE11EB88376B5BC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.248.20.0/22 Signature Algorithm: sha256WithRSAEncryption 5a:bd:c8:b1:13:84:4e:29:12:d1:53:3f:84:f3:5c:c5:75:40: 3c:b2:93:9b:d5:ca:bc:cc:a7:bc:db:24:95:eb:21:85:b1:36: e7:7d:6f:99:0c:56:33:f5:e1:86:22:f8:2c:b6:43:90:a5:5d: 6a:08:32:4b:9a:17:a0:0e:da:f0:cf:de:c0:85:e8:73:1a:6a: b8:e4:21:18:de:d7:42:81:f8:5c:e5:96:75:28:82:0b:5b:ef: ab:f5:eb:52:f4:3b:15:cf:9a:ff:81:e3:4a:bc:72:18:84:e4: c4:3f:8a:f3:b2:5b:fb:3d:6c:36:b2:ba:0c:ac:bd:63:e1:38: 8b:21:6c:fe:bd:ae:2e:a6:29:45:cc:0b:09:0c:a0:ac:02:84: 86:72:1c:79:2d:91:3c:71:b6:d5:ac:a1:b9:f7:48:5a:37:1a: ca:bd:bb:06:02:f5:26:c2:0f:8b:f4:f4:71:94:d5:80:76:43: 79:e4:97:87:f7:f4:d2:16:5c:c6:28:45:b4:e2:73:71:2f:97: 85:aa:c3:06:a8:53:90:b5:fa:2e:f6:2d:4e:22:5c:54:8f:63: 99:2e:30:39:d6:ec:6a:6a:c0:22:27:62:8e:52:ae:c1:cf:1c: e0:a8:97:fe:75:fa:a1:fd:70:fd:aa:de:9c:ec:93:aa:7e:31: 46:1b:ef:f3 -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgICCD0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUVFNzcxMTAvBgNVBAUTKEI3ODFBMkU3RDkxRURDQThCMDMwREUzRUE4OUZBNEZB RjE3OTFGMjEwHhcNMjUwNzA0MjIwMjIwWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NTJhNS1mNTQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArT4rhYwhKssF5TxLM3cPE0Urium+QQMCVU5Vd6acZ/h0F9ShUnrTFoupogNw AHiXWPEe61ckuMYzgzpDuIQjxkTeqMsIIgqFx80eAjPrJ8Vx8Xtn0XbHTo/VUr9A ggdDlRbnpuuQkyxZ04qrqGElAMmzdNeogT4ulpozP5fZadd1U2V4ivQqAbVKN3/d bW1/g1N+0e8GWC2MHYG3pys2MvYgPetGTznTl4qnFphLH9zsAKretbiRrfGbvy0D eDrrUCphecuCRrtqb4utZKBv2SVf8OuZUUh9YbA2CKNpm7i/X9KOV8FtT5s8KqjE JHbZLR66MpGYtsiX6uxzl6iTZQIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFPwi9BnT RUCXbn/hR8cTVZ3HEjGNMB8GA1UdIwQYMBaAFLeBoufZHtyosDDePqifpPrxeR8h MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RUU3Ny9EOUJFMDdCQTBD RUQxMUVCQTdGMTExNUJDNEY5QUUwMi90NEdpNTlrZTNLaXdNTjQtcUotay12RjVI eUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3Q0R2k1OWtlM0tpd01ONC1xSi1rLXZGNUh5RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OUVFNzcvRDlCRTA3QkEwQ0VEMTFFQkE3RjExMTVCQzRGOUFFMDIvQ0QyODRFNjAw Q0VFMTFFQjg4Mzc2QjVCQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCZ/gUMA0GCSqGSIb3DQEBCwUAA4IBAQBavcixE4ROKRLRUz+E81zF dUA8spOb1cq8zKe82ySV6yGFsTbnfW+ZDFYz9eGGIvgstkOQpV1qCDJLmhegDtrw z97AhehzGmq45CEY3tdCgfhc5ZZ1KIILW++r9etS9DsVz5r/geNKvHIYhOTEP4rz slv7PWw2sroMrL1j4TiLIWz+va4upilFzAsJDKCsAoSGchx5LZE8cbbVrKG590ha NxrKvbsGAvUmwg+L9PRxlNWAdkN55JeH9/TSFlzGKEW04nNxL5eFqsMGqFOQtfou 9i1OIlxUj2OZLjA51uxqasAiJ2KOUq7BzxzgqJf+dfqh/XD9qt6c7JOqfjFGG+/z -----END CERTIFICATE-----Generated at Thu Mar 26 06:46:31 2026 by rpki-client