$ rpki-client -vvf rpki.apnic.net/member_repository/A911FD55/E78FD2AA473211EA810B5042C4F9AE02/C8A09F34F11C11EA83A6D247C4F9AE02.roa File: C8A09F34F11C11EA83A6D247C4F9AE02.roa (raw, json) Hash identifier: Tt+/ZFDCBvQEpgRT0vX9Jm9igfEF7EehekjpgCR5Fbg= Subject key identifier: 89:2F:AA:30:F7:D8:95:C2:B8:E4:2E:20:AB:AC:B6:C8:B1:57:D0:54 Certificate issuer: /CN=A911FD55/serialNumber=ACDEBBDC8AEA7A61136931833863B1E39E017E27 Certificate serial: 0B9B Authority key identifier: AC:DE:BB:DC:8A:EA:7A:61:13:69:31:83:38:63:B1:E3:9E:01:7E:27 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rN673IrqemETaTGDOGOx454Bfic.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911FD55/E78FD2AA473211EA810B5042C4F9AE02/C8A09F34F11C11EA83A6D247C4F9AE02.roa Signing time: Sun 01 Mar 2026 14:45:12 +0000 ROA not before: Tue 06 Jan 2026 19:15:55 +0000 ROA not after: Tue 02 Mar 2027 00:00:00 +0000 asID: 138418 IP address blocks: 103.114.60.0/23 maxlen: 23 103.114.60.0/24 maxlen: 24 103.114.61.0/24 maxlen: 24 103.125.28.0/22 maxlen: 22 103.125.28.0/23 maxlen: 23 103.125.28.0/24 maxlen: 24 103.125.29.0/24 maxlen: 24 103.125.30.0/23 maxlen: 23 103.125.30.0/24 maxlen: 24 103.125.31.0/24 maxlen: 24 2403:eb40::/32 maxlen: 32 2403:eb40::/48 maxlen: 48 2403:eb40:1000::/48 maxlen: 48 2403:eb40:2000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911FD55/E78FD2AA473211EA810B5042C4F9AE02/rN673IrqemETaTGDOGOx454Bfic.crl rsync://rpki.apnic.net/member_repository/A911FD55/E78FD2AA473211EA810B5042C4F9AE02/rN673IrqemETaTGDOGOx454Bfic.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rN673IrqemETaTGDOGOx454Bfic.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:30:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2971 (0xb9b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911FD55, serialNumber=ACDEBBDC8AEA7A61136931833863B1E39E017E27 Validity Not Before: Jan 6 19:15:55 2026 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=69a450f8-0f9b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:0c:e4:81:ad:b6:f3:63:41:4c:bd:15:a4:7f: a8:b3:52:85:4b:29:b3:02:b9:8d:23:b1:40:07:8b: 4e:fa:a8:9e:33:21:f6:29:45:f3:87:c3:75:0a:04: e8:de:c3:a5:0b:c6:ee:1f:0f:29:f4:9e:95:57:fd: f3:73:5e:f1:9c:6c:22:be:5c:74:78:0f:70:07:c8: 9f:52:a9:7b:c2:cd:a5:f3:4b:a1:cc:29:85:b7:b9: f3:68:ae:fa:2b:26:56:5f:a1:6d:96:7a:90:fa:67: fd:06:3e:27:7c:cd:20:13:e6:67:d8:ff:c6:08:70: 7e:71:45:d6:91:6b:92:7d:26:7c:a5:c4:82:11:60: 67:9a:f7:dc:11:7c:34:85:fd:74:43:49:bd:e6:62: 77:57:68:b7:00:4b:f2:10:6c:67:7d:88:41:65:89: aa:90:3d:c7:c4:56:44:9a:1f:bd:13:14:f3:ea:68: 3e:9b:13:b6:62:72:98:53:28:cc:b4:ce:7c:15:a0: dd:70:4f:f5:65:ce:90:99:81:8f:dd:61:54:e9:8c: 92:7d:f8:a4:b3:b5:0a:ae:7d:52:d5:d5:dd:62:31: ea:30:bb:43:d4:55:a4:89:31:39:05:4b:22:70:7c: 3f:aa:90:bd:15:14:52:ab:d5:a4:5d:3d:79:00:a9: 71:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:2F:AA:30:F7:D8:95:C2:B8:E4:2E:20:AB:AC:B6:C8:B1:57:D0:54 X509v3 Authority Key Identifier: keyid:AC:DE:BB:DC:8A:EA:7A:61:13:69:31:83:38:63:B1:E3:9E:01:7E:27 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911FD55/E78FD2AA473211EA810B5042C4F9AE02/rN673IrqemETaTGDOGOx454Bfic.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rN673IrqemETaTGDOGOx454Bfic.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911FD55/E78FD2AA473211EA810B5042C4F9AE02/C8A09F34F11C11EA83A6D247C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.114.60.0/23 103.125.28.0/22 IPv6: 2403:eb40::/32 Signature Algorithm: sha256WithRSAEncryption 91:9c:7b:94:1c:93:56:f3:d5:40:d4:ac:f7:4c:e3:d6:e0:25: 97:f9:a3:e8:11:ce:f3:dd:c4:a1:c1:88:e0:0e:48:83:f6:f6: ab:9d:56:79:10:b5:32:c4:c5:e9:4a:60:ce:f6:b8:c9:63:20: 10:9a:4f:17:ca:c6:4f:eb:7d:e7:c3:19:79:76:b7:71:fb:7a: 11:bc:2c:7a:30:0c:53:c1:76:58:ba:db:7d:ca:f8:9a:27:e5: c6:3b:d8:db:47:bd:48:81:69:c7:8a:47:54:90:fa:ed:eb:39: 22:f0:9f:92:9a:fc:22:68:b6:db:08:36:a3:3f:59:b4:59:08: 6c:cb:3a:8d:c6:49:1d:72:7f:68:46:d1:1e:99:63:fa:aa:53: 07:ad:c3:a4:42:14:e6:db:45:0e:4f:0f:d6:d7:90:8d:65:47: 43:cf:0b:a4:8d:04:3e:63:da:c7:af:d9:32:c0:6c:20:a7:ff: 3d:0a:f9:b5:e7:0a:91:1a:1f:97:f3:36:6d:ba:f5:ae:f9:97: 06:64:56:f5:ac:f7:dc:1e:93:e1:a7:f7:50:f2:f3:90:aa:52: ff:d6:17:dc:54:bf:e1:c0:bd:60:f9:8f:ca:37:30:de:2a:43: 20:72:63:b7:a3:94:4b:71:e9:a2:b3:f3:91:fe:12:69:86:4b: 55:8b:9a:e8 -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgICC5swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUZENTUxMTAvBgNVBAUTKEFDREVCQkRDOEFFQTdBNjExMzY5MzE4MzM4NjNCMUUz OUUwMTdFMjcwHhcNMjYwMTA2MTkxNTU1WhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NTBmOC0wZjliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7wzkga2282NBTL0VpH+os1KFSymzArmNI7FAB4tO+qieMyH2KUXzh8N1CgTo 3sOlC8buHw8p9J6VV/3zc17xnGwivlx0eA9wB8ifUql7ws2l80uhzCmFt7nzaK76 KyZWX6FtlnqQ+mf9Bj4nfM0gE+Zn2P/GCHB+cUXWkWuSfSZ8pcSCEWBnmvfcEXw0 hf10Q0m95mJ3V2i3AEvyEGxnfYhBZYmqkD3HxFZEmh+9ExTz6mg+mxO2YnKYUyjM tM58FaDdcE/1Zc6QmYGP3WFU6YySffiks7UKrn1S1dXdYjHqMLtD1FWkiTE5BUsi cHw/qpC9FRRSq9WkXT15AKlxEQIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFIkvqjD3 2JXCuOQuIKustsixV9BUMB8GA1UdIwQYMBaAFKzeu9yK6nphE2kxgzhjseOeAX4n MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRkQ1NS9FNzhGRDJBQTQ3 MzIxMUVBODEwQjUwNDJDNEY5QUUwMi9yTjY3M0lycWVtRVRhVEdET0dPeDQ1NEJm aWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JONjczSXJxZW1FVGFUR0RPR094NDU0QmZpYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUZENTUvRTc4RkQyQUE0NzMyMTFFQTgxMEI1MDQyQzRGOUFFMDIvQzhBMDlGMzRG MTFDMTFFQTgzQTZEMjQ3QzRGOUFFMDIucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS BAIAATAMAwQBZ3I8AwQCZ30cMA0EAgACMAcDBQAkA+tAMA0GCSqGSIb3DQEBCwUA A4IBAQCRnHuUHJNW89VA1Kz3TOPW4CWX+aPoEc7z3cShwYjgDkiD9varnVZ5ELUy xMXpSmDO9rjJYyAQmk8XysZP633nwxl5drdx+3oRvCx6MAxTwXZYutt9yviaJ+XG O9jbR71IgWnHikdUkPrt6zki8J+SmvwiaLbbCDajP1m0WQhsyzqNxkkdcn9oRtEe mWP6qlMHrcOkQhTm20UOTw/W15CNZUdDzwukjQQ+Y9rHr9kywGwgp/89Cvm15wqR Gh+X8zZtuvWu+ZcGZFb1rPfcHpPhp/dQ8vOQqlL/1hfcVL/hwL1g+Y/KNzDeKkMg cmO3o5RLcemis/OR/hJphktVi5ro -----END CERTIFICATE-----Generated at Mon Mar 2 20:02:23 2026 by rpki-client