$ rpki-client -vvf rpki.apnic.net/member_repository/A911E6CA/7409B47A4FC711EA8E46D415C4F9AE02/AA1ABF0AB20011EA9C0DFB2FC4F9AE02.roa File: AA1ABF0AB20011EA9C0DFB2FC4F9AE02.roa (raw, json) Hash identifier: LOxwXXl/1ogY6Z8WRaqQT9gSdmIV2VI2MhmnG9CX5Ao= Subject key identifier: 8B:E5:77:34:D6:88:05:12:57:14:AA:10:4E:20:75:A5:91:C3:DE:16 Certificate issuer: /CN=A911E6CA/serialNumber=76B9D339FACD62B47E93E8884DE850396DBCEFB4 Certificate serial: 0B78 Authority key identifier: 76:B9:D3:39:FA:CD:62:B4:7E:93:E8:88:4D:E8:50:39:6D:BC:EF:B4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/drnTOfrNYrR-k-iITehQOW2877Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911E6CA/7409B47A4FC711EA8E46D415C4F9AE02/AA1ABF0AB20011EA9C0DFB2FC4F9AE02.roa Signing time: Sun 01 Mar 2026 12:19:23 +0000 ROA not before: Tue 18 Mar 2025 19:39:33 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 138688 IP address blocks: 103.136.156.0/23 maxlen: 23 103.136.156.0/24 maxlen: 24 103.136.157.0/24 maxlen: 24 2407:4140::/32 maxlen: 32 2407:4140::/48 maxlen: 48 2407:4140:1::/48 maxlen: 48 2407:4140:2::/48 maxlen: 48 2407:4140:3::/48 maxlen: 48 2407:4140:4::/48 maxlen: 48 2407:4140:5::/48 maxlen: 48 2407:4140:6::/48 maxlen: 48 2407:4140:7::/48 maxlen: 48 2407:4140:8::/48 maxlen: 48 2407:4140:9::/48 maxlen: 48 2407:4140:a::/48 maxlen: 48 2407:4140:b::/48 maxlen: 48 2407:4140:c::/48 maxlen: 48 2407:4140:d::/48 maxlen: 48 2407:4140:e::/48 maxlen: 48 2407:4140:f::/48 maxlen: 48 2407:4140:10::/48 maxlen: 48 2407:4140:11::/48 maxlen: 48 2407:4140:13::/48 maxlen: 48 2407:4140:14::/48 maxlen: 48 2407:4140:15::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911E6CA/7409B47A4FC711EA8E46D415C4F9AE02/drnTOfrNYrR-k-iITehQOW2877Q.crl rsync://rpki.apnic.net/member_repository/A911E6CA/7409B47A4FC711EA8E46D415C4F9AE02/drnTOfrNYrR-k-iITehQOW2877Q.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/drnTOfrNYrR-k-iITehQOW2877Q.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 02:54:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2936 (0xb78) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911E6CA, serialNumber=76B9D339FACD62B47E93E8884DE850396DBCEFB4 Validity Not Before: Mar 18 19:39:33 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=69a42ecb-da8b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:25:9d:99:f7:52:43:f3:e3:97:c7:eb:f9:b9: da:6c:5d:e6:58:08:61:d5:b5:ca:00:74:d4:c4:56: 9c:9e:2d:dd:7d:ed:ec:df:20:9a:7a:b7:73:ef:9f: d6:d9:b4:b6:f2:ed:06:6f:68:3f:ea:90:08:71:20: 29:d4:6a:84:29:61:cc:77:46:da:97:7c:86:d2:f9: e5:64:8b:a4:c6:27:0e:e1:88:cb:8d:0e:2b:68:e0: 44:c5:a2:43:63:db:0b:12:a1:93:0b:3b:1e:c6:ea: 5c:e1:ed:c3:dd:cc:2a:c7:4a:1e:8a:11:70:fe:44: eb:75:36:c5:36:e1:7f:e8:16:70:8d:81:71:14:a4: a6:7b:42:f7:2d:a8:78:db:31:54:bd:4d:6e:72:1e: ab:0f:3f:53:f7:23:b1:e7:30:95:bf:84:16:6a:f1: a7:89:87:58:41:b4:85:7d:44:8f:38:4d:da:27:be: c6:22:77:c7:a2:2c:85:e9:cb:61:97:e6:e7:63:1f: 6c:c1:d6:ad:7c:98:dc:d3:4c:1c:19:07:3c:53:af: cb:0f:42:2a:e2:7b:69:14:32:a8:a7:6c:33:b8:63: d1:75:ea:2c:ae:bb:e3:ab:4a:24:1b:0f:35:78:ab: 53:38:41:bd:1b:43:b8:ba:b0:29:9b:2d:eb:54:29: 2d:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:E5:77:34:D6:88:05:12:57:14:AA:10:4E:20:75:A5:91:C3:DE:16 X509v3 Authority Key Identifier: keyid:76:B9:D3:39:FA:CD:62:B4:7E:93:E8:88:4D:E8:50:39:6D:BC:EF:B4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911E6CA/7409B47A4FC711EA8E46D415C4F9AE02/drnTOfrNYrR-k-iITehQOW2877Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/drnTOfrNYrR-k-iITehQOW2877Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911E6CA/7409B47A4FC711EA8E46D415C4F9AE02/AA1ABF0AB20011EA9C0DFB2FC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.136.156.0/23 IPv6: 2407:4140::/32 Signature Algorithm: sha256WithRSAEncryption 86:6a:6c:87:2b:a2:74:a7:e3:49:15:e1:d0:3e:b1:da:83:39: ed:a7:a1:56:11:dd:29:ad:a8:24:c0:5a:8f:f6:7d:3f:eb:56: 5b:16:e3:5c:d5:c5:d6:86:0f:3d:6c:5a:09:90:0a:33:3d:76: 46:ed:b5:6e:5e:dd:82:1f:ea:50:aa:bb:75:0e:2f:e4:b7:23: 49:7c:25:05:ca:1e:cb:87:07:a7:90:3f:7e:4e:5a:bf:b7:6f: 4a:ca:69:ae:89:67:d5:54:93:0c:70:27:f3:79:8b:6f:b5:dc: 56:5a:b0:ee:19:3e:e7:80:86:37:0e:b2:71:38:7d:5d:c8:49: f7:73:2d:f3:85:ea:86:49:58:76:aa:21:99:9b:c2:41:a0:9d: c4:40:c9:e0:23:c5:25:d5:0e:31:c9:ce:c9:62:d2:f9:f6:91: d0:9a:8b:24:26:04:32:55:12:ed:f4:ea:43:79:93:ee:0b:2f: e1:d6:04:f0:02:f2:0f:f5:4f:ea:99:aa:f7:4e:0a:3c:b4:eb: 5f:fc:bb:9b:d8:f6:b8:2b:e1:31:77:a0:f5:72:18:8a:1c:74: d7:0c:d3:f2:9d:85:40:a6:f4:ba:38:af:89:d8:aa:80:19:86: 60:e3:7e:05:2b:f8:45:44:9a:55:db:54:ee:50:4e:ac:fc:79: 98:3f:ae:03 -----BEGIN CERTIFICATE----- MIIFSzCCBDOgAwIBAgICC3gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUU2Q0ExMTAvBgNVBAUTKDc2QjlEMzM5RkFDRDYyQjQ3RTkzRTg4ODRERTg1MDM5 NkRCQ0VGQjQwHhcNMjUwMzE4MTkzOTMzWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MmVjYi1kYThiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyyWdmfdSQ/Pjl8fr+bnabF3mWAhh1bXKAHTUxFacni3dfe3s3yCaerdz75/W 2bS28u0Gb2g/6pAIcSAp1GqEKWHMd0bal3yG0vnlZIukxicO4YjLjQ4raOBExaJD Y9sLEqGTCzsexupc4e3D3cwqx0oeihFw/kTrdTbFNuF/6BZwjYFxFKSme0L3Lah4 2zFUvU1uch6rDz9T9yOx5zCVv4QWavGniYdYQbSFfUSPOE3aJ77GInfHoiyF6cth l+bnYx9swdatfJjc00wcGQc8U6/LD0Iq4ntpFDKop2wzuGPRdeosrrvjq0okGw81 eKtTOEG9G0O4urApmy3rVCktcwIDAQABo4ICbzCCAmswHQYDVR0OBBYEFIvldzTW iAUSVxSqEE4gdaWRw94WMB8GA1UdIwQYMBaAFHa50zn6zWK0fpPoiE3oUDltvO+0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRTZDQS83NDA5QjQ3QTRG QzcxMUVBOEU0NkQ0MTVDNEY5QUUwMi9kcm5UT2ZyTllyUi1rLWlJVGVoUU9XMjg3 N1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2RyblRPZnJOWXJSLWstaUlUZWhRT1cyODc3US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUU2Q0EvNzQwOUI0N0E0RkM3MTFFQThFNDZENDE1QzRGOUFFMDIvQUExQUJGMEFC MjAwMTFFQTlDMERGQjJGQzRGOUFFMDIucm9hMC4GCCsGAQUFBwEHAQH/BB8wHTAM BAIAATAGAwQBZ4icMA0EAgACMAcDBQAkB0FAMA0GCSqGSIb3DQEBCwUAA4IBAQCG amyHK6J0p+NJFeHQPrHagzntp6FWEd0pragkwFqP9n0/61ZbFuNc1cXWhg89bFoJ kAozPXZG7bVuXt2CH+pQqrt1Di/ktyNJfCUFyh7LhwenkD9+Tlq/t29KymmuiWfV VJMMcCfzeYtvtdxWWrDuGT7ngIY3DrJxOH1dyEn3cy3zheqGSVh2qiGZm8JBoJ3E QMngI8Ul1Q4xyc7JYtL59pHQmoskJgQyVRLt9OpDeZPuCy/h1gTwAvIP9U/qmar3 Tgo8tOtf/Lub2Pa4K+Exd6D1chiKHHTXDNPynYVApvS6OK+J2KqAGYZg434FK/hF RJpV21TuUE6s/HmYP64D -----END CERTIFICATE-----Generated at Mon Mar 2 18:07:40 2026 by rpki-client