$ rpki-client -vvf rpki.apnic.net/member_repository/A911C28A/2A3566A8C2A511EBB4D34E35C4F9AE02/2D5E84AAC2A911EBB2025B36C4F9AE02.roa File: 2D5E84AAC2A911EBB2025B36C4F9AE02.roa (raw, json) Hash identifier: Bvqn6u0monQlxskOsh000hdL0vmdx7aoT/EaSsI8xgc= Subject key identifier: 3E:5B:FF:DB:C2:BF:B9:21:5E:F7:8A:F1:14:2B:8D:47:B0:6A:39:F7 Certificate issuer: /CN=A911C28A/serialNumber=23DB3323DD2CD79C3738581D42F4AB0F498834C2 Certificate serial: 0656 Authority key identifier: 23:DB:33:23:DD:2C:D7:9C:37:38:58:1D:42:F4:AB:0F:49:88:34:C2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I9szI90s15w3OFgdQvSrD0mINMI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911C28A/2A3566A8C2A511EBB4D34E35C4F9AE02/2D5E84AAC2A911EBB2025B36C4F9AE02.roa Signing time: Sun 01 Mar 2026 08:48:35 +0000 ROA not before: Fri 02 May 2025 23:34:17 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 142131 IP address blocks: 103.166.179.0/24 maxlen: 24 103.168.176.0/24 maxlen: 24 2001:df6:9680::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911C28A/2A3566A8C2A511EBB4D34E35C4F9AE02/I9szI90s15w3OFgdQvSrD0mINMI.crl rsync://rpki.apnic.net/member_repository/A911C28A/2A3566A8C2A511EBB4D34E35C4F9AE02/I9szI90s15w3OFgdQvSrD0mINMI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I9szI90s15w3OFgdQvSrD0mINMI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 01:41:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1622 (0x656) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911C28A, serialNumber=23DB3323DD2CD79C3738581D42F4AB0F498834C2 Validity Not Before: May 2 23:34:17 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=69a3fd63-56ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:10:a6:11:46:cc:5d:ee:d3:3b:46:c3:76:4e: c3:88:47:a2:30:18:7b:af:16:bd:76:c7:86:db:0a: 5b:17:72:70:bc:6f:db:51:c2:3e:9a:e9:80:28:6f: df:72:ac:22:8c:75:95:f2:97:91:2a:67:5f:5f:57: 42:0a:7a:e7:cb:a7:8c:67:61:da:39:b3:ae:ed:31: 66:ee:e9:e7:bf:42:67:54:0f:b6:e4:da:00:8b:92: 81:8b:29:7b:87:64:4a:de:d3:2a:da:98:51:b5:a7: 60:79:ea:88:68:94:0b:c0:01:1a:24:49:23:73:90: b4:33:92:f0:e0:5c:8e:89:34:ae:0e:d4:cd:65:2e: f1:6b:64:93:c7:07:c7:38:18:cf:3a:76:03:7d:46: 63:40:ab:a9:53:eb:31:a2:0c:59:3d:78:d8:06:9d: 17:d1:de:b0:56:47:9f:44:fc:dc:02:39:fb:e9:f4: 1d:07:b8:ec:ad:d1:8e:0d:63:71:b7:d8:4d:60:4f: cc:c4:ed:ec:5d:ab:97:d2:32:8e:f3:c6:a6:c5:1a: e9:95:48:4c:91:16:30:80:ca:de:2d:39:48:90:44: 75:c8:45:80:9f:22:40:3f:f9:8c:50:92:f2:bd:85: 60:3e:34:de:25:bf:be:76:de:5f:1c:10:6f:0a:ef: 3e:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:5B:FF:DB:C2:BF:B9:21:5E:F7:8A:F1:14:2B:8D:47:B0:6A:39:F7 X509v3 Authority Key Identifier: keyid:23:DB:33:23:DD:2C:D7:9C:37:38:58:1D:42:F4:AB:0F:49:88:34:C2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911C28A/2A3566A8C2A511EBB4D34E35C4F9AE02/I9szI90s15w3OFgdQvSrD0mINMI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I9szI90s15w3OFgdQvSrD0mINMI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C28A/2A3566A8C2A511EBB4D34E35C4F9AE02/2D5E84AAC2A911EBB2025B36C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.166.179.0/24 103.168.176.0/24 IPv6: 2001:df6:9680::/48 Signature Algorithm: sha256WithRSAEncryption 7f:d4:86:47:2f:21:f5:23:8e:3f:4b:40:54:cc:65:fb:66:c1: 2d:56:c1:3d:d9:6c:c5:3c:d7:ab:3c:1a:18:34:3c:c4:98:69: 88:11:17:2b:fc:ac:de:52:8a:bd:fa:c4:49:16:87:18:10:f8: df:b6:0f:53:60:f2:1c:c4:4f:74:d3:9c:8d:23:d4:1e:4f:08: 8c:f1:55:26:89:e5:20:17:53:9c:9e:de:2c:2e:08:03:ca:6c: 9c:8b:08:6e:b7:89:4a:b7:8e:c7:ce:b4:50:0a:6a:de:5f:15: 23:69:c9:e5:dc:5b:96:03:d3:ff:a1:81:ea:cd:9c:fe:11:31: 05:72:f2:90:4f:03:a1:5d:67:d6:2c:12:f4:99:be:0d:6f:d5: 8d:07:be:56:68:9f:69:4c:69:22:ef:bb:9e:63:e5:06:ee:d4: a3:ec:4d:d5:23:94:f4:7a:12:7a:88:7d:f4:4b:3f:8d:2a:d8: cc:d6:b0:27:1a:f7:47:de:e6:c5:b7:e9:fe:53:57:90:56:96: 32:1f:80:43:70:4b:63:86:db:f2:5d:57:d5:b0:43:b1:d9:31: a3:af:0b:ac:41:ec:80:df:b4:90:a2:c3:f1:95:69:ac:73:8b: a6:e1:6d:c9:2c:e2:ff:24:39:92:9c:66:23:72:b8:94:53:9c: d5:fa:96:90 -----BEGIN CERTIFICATE----- MIIFUzCCBDugAwIBAgICBlYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUMyOEExMTAvBgNVBAUTKDIzREIzMzIzREQyQ0Q3OUMzNzM4NTgxRDQyRjRBQjBG NDk4ODM0QzIwHhcNMjUwNTAyMjMzNDE3WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWEzZmQ2My01NmZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsBCmEUbMXe7TO0bDdk7DiEeiMBh7rxa9dseG2wpbF3JwvG/bUcI+mumAKG/f cqwijHWV8peRKmdfX1dCCnrny6eMZ2HaObOu7TFm7unnv0JnVA+25NoAi5KBiyl7 h2RK3tMq2phRtadgeeqIaJQLwAEaJEkjc5C0M5Lw4FyOiTSuDtTNZS7xa2STxwfH OBjPOnYDfUZjQKupU+sxogxZPXjYBp0X0d6wVkefRPzcAjn76fQdB7jsrdGODWNx t9hNYE/MxO3sXauX0jKO88amxRrplUhMkRYwgMreLTlIkER1yEWAnyJAP/mMUJLy vYVgPjTeJb++dt5fHBBvCu8+MwIDAQABo4ICdzCCAnMwHQYDVR0OBBYEFD5b/9vC v7khXveK8RQrjUewajn3MB8GA1UdIwQYMBaAFCPbMyPdLNecNzhYHUL0qw9JiDTC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzI4QS8yQTM1NjZBOEMy QTUxMUVCQjREMzRFMzVDNEY5QUUwMi9JOXN6STkwczE1dzNPRmdkUXZTckQwbUlO TUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0k5c3pJOTBzMTV3M09GZ2RRdlNyRDBtSU5NSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUMyOEEvMkEzNTY2QThDMkE1MTFFQkI0RDM0RTM1QzRGOUFFMDIvMkQ1RTg0QUFD MkE5MTFFQkIyMDI1QjM2QzRGOUFFMDIucm9hMDYGCCsGAQUFBwEHAQH/BCcwJTAS BAIAATAMAwQAZ6azAwQAZ6iwMA8EAgACMAkDBwAgAQ32loAwDQYJKoZIhvcNAQEL BQADggEBAH/UhkcvIfUjjj9LQFTMZftmwS1WwT3ZbMU816s8Ghg0PMSYaYgRFyv8 rN5Sir36xEkWhxgQ+N+2D1Ng8hzET3TTnI0j1B5PCIzxVSaJ5SAXU5ye3iwuCAPK bJyLCG63iUq3jsfOtFAKat5fFSNpyeXcW5YD0/+hgerNnP4RMQVy8pBPA6FdZ9Ys EvSZvg1v1Y0HvlZon2lMaSLvu55j5Qbu1KPsTdUjlPR6EnqIffRLP40q2MzWsCca 90fe5sW36f5TV5BWljIfgENwS2OG2/JdV9WwQ7HZMaOvC6xB7IDftJCiw/GVaaxz i6bhbcks4v8kOZKcZiNyuJRTnNX6lpA= -----END CERTIFICATE-----Generated at Mon Mar 2 11:57:33 2026 by rpki-client