$ rpki-client -vvf rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/ABC651E668F611EFBDC1C345C4F9AE02.roa File: ABC651E668F611EFBDC1C345C4F9AE02.roa (raw, json) Hash identifier: O2/KxKIdSE2v482JbxbnQ0getoqbnZqZ+/nYKo7sZyY= Subject key identifier: 73:B1:EC:2B:FE:FA:53:DD:5D:90:8B:76:BE:74:84:06:63:19:97:C9 Certificate issuer: /CN=A912442A/serialNumber=8485A39ED6B62128EDF4F99B2C2A811F5C201570 Certificate serial: 0449 Authority key identifier: 84:85:A3:9E:D6:B6:21:28:ED:F4:F9:9B:2C:2A:81:1F:5C:20:15:70 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hIWjnta2ISjt9PmbLCqBH1wgFXA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/ABC651E668F611EFBDC1C345C4F9AE02.roa Signing time: Sun 01 Mar 2026 18:49:56 +0000 ROA not before: Tue 02 Dec 2025 23:59:16 +0000 ROA not after: Sun 31 Jan 2027 00:00:00 +0000 asID: 45796 IP address blocks: 103.23.120.0/22 maxlen: 24 115.31.158.0/24 maxlen: 24 115.31.164.0/24 maxlen: 24 223.27.200.0/24 maxlen: 24 223.27.232.0/24 maxlen: 24 223.27.237.0/24 maxlen: 24 2402:9b00::/32 maxlen: 32 2402:9b00:80::/48 maxlen: 48 2402:9b00:82::/48 maxlen: 48 2402:9b00:83::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/hIWjnta2ISjt9PmbLCqBH1wgFXA.crl rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/hIWjnta2ISjt9PmbLCqBH1wgFXA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hIWjnta2ISjt9PmbLCqBH1wgFXA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 23:54:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1097 (0x449) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912442A, serialNumber=8485A39ED6B62128EDF4F99B2C2A811F5C201570 Validity Not Before: Dec 2 23:59:16 2025 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=69a48a54-fd65 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:cb:fe:a7:57:cf:fa:4b:95:b4:2d:3c:59:d5: 45:4e:bb:9f:a9:66:bb:51:0e:cc:be:09:4b:13:ac: 24:e8:1c:54:38:76:36:e2:93:c3:8d:19:d2:fa:2c: 04:f2:74:f4:18:e5:b0:d5:fe:fc:e7:fe:59:43:25: 7f:9e:93:0a:a1:0a:5c:df:27:22:fe:83:07:e6:75: e0:f4:05:95:59:9e:90:51:c0:d2:39:5c:f8:a5:10: 11:ba:a2:61:25:ba:48:0f:f5:09:64:58:64:75:c5: 3d:ee:66:39:e2:15:1b:80:98:32:a5:b9:1a:68:d9: 62:13:99:7b:8b:d0:ab:f8:c1:f5:3c:8a:83:c8:af: a1:ca:89:50:20:33:2e:2f:38:2a:79:d9:5e:8d:4f: a9:44:f5:8e:f6:e7:53:e5:80:c8:17:f6:eb:1a:b2: 82:94:c4:4c:05:cf:94:36:fd:7d:d8:4b:22:73:00: a7:5e:fb:da:a9:26:fb:a9:af:ed:c2:b4:df:51:ef: d5:e1:1d:26:b0:40:1e:ee:56:75:82:11:47:59:ad: a0:70:95:64:c4:5e:1e:be:e1:39:5d:80:64:c5:92: ef:dc:2d:1f:c3:f9:16:02:ac:4b:ec:ab:45:8e:29: a7:74:16:85:5f:d7:ec:db:e3:14:b6:90:6b:d9:ef: 05:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:B1:EC:2B:FE:FA:53:DD:5D:90:8B:76:BE:74:84:06:63:19:97:C9 X509v3 Authority Key Identifier: keyid:84:85:A3:9E:D6:B6:21:28:ED:F4:F9:9B:2C:2A:81:1F:5C:20:15:70 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/hIWjnta2ISjt9PmbLCqBH1wgFXA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hIWjnta2ISjt9PmbLCqBH1wgFXA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/ABC651E668F611EFBDC1C345C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.23.120.0/22 115.31.158.0/24 115.31.164.0/24 223.27.200.0/24 223.27.232.0/24 223.27.237.0/24 IPv6: 2402:9b00::/32 Signature Algorithm: sha256WithRSAEncryption 3b:e8:76:6b:c4:94:e6:78:ae:12:51:09:56:5b:12:f7:47:48: 9f:cd:2e:9c:12:92:b3:17:62:46:2f:4f:f3:7b:b6:ce:a5:8d: e4:4b:3a:2d:97:c1:a3:ec:33:fb:4d:12:94:f1:00:c1:cd:9b: 82:dd:6f:e7:15:64:52:53:ee:a2:d0:c7:da:15:ec:71:91:6b: ba:8f:7c:b5:e1:7a:c8:1f:0c:d4:30:fb:8b:85:32:0a:0b:e4: 6d:75:5d:cd:5e:bb:d2:ce:bb:44:01:7f:9b:51:92:63:2b:3c: e1:cc:38:ed:31:ae:2b:c0:df:df:33:17:a4:59:cb:da:76:7e: 72:26:3c:16:08:53:ac:54:91:45:93:68:15:a5:0a:ce:ae:4f: e0:56:3d:67:8b:26:c5:f7:8f:24:8f:d7:35:88:10:9a:c2:21: fd:52:0b:a7:06:1b:05:39:66:1f:2f:65:93:a7:5d:5a:6c:11: 22:bc:f4:23:4c:d1:23:d2:8f:f4:0d:f3:22:af:5d:b1:dd:44: e6:86:fe:f8:3e:7d:2f:3a:25:9a:bb:4c:3e:24:08:b8:08:e1: 7d:30:f1:1e:f7:5a:14:a3:05:f6:bc:da:54:d8:f2:5b:08:4c: 07:8a:72:63:84:50:42:51:19:e9:13:85:6b:94:1b:54:7b:e4: 33:4c:d8:5c -----BEGIN CERTIFICATE----- MIIFaTCCBFGgAwIBAgICBEkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjQ0MkExMTAvBgNVBAUTKDg0ODVBMzlFRDZCNjIxMjhFREY0Rjk5QjJDMkE4MTFG NUMyMDE1NzAwHhcNMjUxMjAyMjM1OTE2WhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0OGE1NC1mZDY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAosv+p1fP+kuVtC08WdVFTrufqWa7UQ7MvglLE6wk6BxUOHY24pPDjRnS+iwE 8nT0GOWw1f785/5ZQyV/npMKoQpc3yci/oMH5nXg9AWVWZ6QUcDSOVz4pRARuqJh JbpID/UJZFhkdcU97mY54hUbgJgypbkaaNliE5l7i9Cr+MH1PIqDyK+hyolQIDMu LzgqedlejU+pRPWO9udT5YDIF/brGrKClMRMBc+UNv192EsicwCnXvvaqSb7qa/t wrTfUe/V4R0msEAe7lZ1ghFHWa2gcJVkxF4evuE5XYBkxZLv3C0fw/kWAqxL7KtF jimndBaFX9fs2+MUtpBr2e8FnQIDAQABo4ICjTCCAokwHQYDVR0OBBYEFHOx7Cv+ +lPdXZCLdr50hAZjGZfJMB8GA1UdIwQYMBaAFISFo57WtiEo7fT5mywqgR9cIBVw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNDQyQS8yMEYyQ0IwMEVC OUMxMUVDQTY4MjEyMENDNEY5QUUwMi9oSVdqbnRhMklTanQ5UG1iTENxQkgxd2dG WEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hJV2pudGEySVNqdDlQbWJMQ3FCSDF3Z0ZYQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MjQ0MkEvMjBGMkNCMDBFQjlDMTFFQ0E2ODIxMjBDQzRGOUFFMDIvQUJDNjUxRTY2 OEY2MTFFRkJEQzFDMzQ1QzRGOUFFMDIucm9hMEwGCCsGAQUFBwEHAQH/BD0wOzAq BAIAATAkAwQCZxd4AwQAcx+eAwQAcx+kAwQA3xvIAwQA3xvoAwQA3xvtMA0EAgAC MAcDBQAkApsAMA0GCSqGSIb3DQEBCwUAA4IBAQA76HZrxJTmeK4SUQlWWxL3R0if zS6cEpKzF2JGL0/ze7bOpY3kSzotl8Gj7DP7TRKU8QDBzZuC3W/nFWRSU+6i0Mfa FexxkWu6j3y14XrIHwzUMPuLhTIKC+RtdV3NXrvSzrtEAX+bUZJjKzzhzDjtMa4r wN/fMxekWcvadn5yJjwWCFOsVJFFk2gVpQrOrk/gVj1niybF948kj9c1iBCawiH9 UgunBhsFOWYfL2WTp11abBEivPQjTNEj0o/0DfMir12x3UTmhv74Pn0vOiWau0w+ JAi4COF9MPEe91oUowX2vNpU2PJbCEwHinJjhFBCURnpE4VrlBtUe+QzTNhc -----END CERTIFICATE-----Generated at Mon Mar 2 09:05:07 2026 by rpki-client