$ rpki-client -vvf rpki.apnic.net/member_repository/A91250FA/AAA0EBE0368E11EAA768FC7EC4F9AE02/2A08F1A4369211EAA64E320BC4F9AE02.roa File: 2A08F1A4369211EAA64E320BC4F9AE02.roa (raw, json) Hash identifier: t5BPrYt2d7moj5Igyw76SgGR8OK2DAEcIiFq4FzUOVE= Subject key identifier: 0C:26:B4:A1:7D:CE:CC:38:42:1E:D9:B9:29:0D:DE:95:48:5D:22:15 Certificate issuer: /CN=A91250FA/serialNumber=1283A2F4C7BA11706C66E17BF1BD3E99627A1813 Certificate serial: 0BEC Authority key identifier: 12:83:A2:F4:C7:BA:11:70:6C:66:E1:7B:F1:BD:3E:99:62:7A:18:13 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EoOi9Me6EXBsZuF78b0-mWJ6GBM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91250FA/AAA0EBE0368E11EAA768FC7EC4F9AE02/2A08F1A4369211EAA64E320BC4F9AE02.roa Signing time: Sun 01 Mar 2026 17:02:16 +0000 ROA not before: Wed 08 Oct 2025 19:19:54 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 58895 IP address blocks: 103.72.84.0/22 maxlen: 22 103.72.84.0/24 maxlen: 24 103.72.85.0/24 maxlen: 24 103.72.86.0/24 maxlen: 24 103.72.87.0/24 maxlen: 24 203.3.132.0/24 maxlen: 24 203.11.65.0/24 maxlen: 24 203.142.218.0/24 maxlen: 24 203.161.179.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91250FA/AAA0EBE0368E11EAA768FC7EC4F9AE02/EoOi9Me6EXBsZuF78b0-mWJ6GBM.crl rsync://rpki.apnic.net/member_repository/A91250FA/AAA0EBE0368E11EAA768FC7EC4F9AE02/EoOi9Me6EXBsZuF78b0-mWJ6GBM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EoOi9Me6EXBsZuF78b0-mWJ6GBM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 01:09:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3052 (0xbec) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91250FA, serialNumber=1283A2F4C7BA11706C66E17BF1BD3E99627A1813 Validity Not Before: Oct 8 19:19:54 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=69a47118-3d04 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:79:f3:90:3b:1d:fe:3e:be:fc:e9:35:37:ca: b7:d2:0b:5d:29:b0:3f:00:f3:72:5e:a0:f1:a9:0d: 49:cf:a2:fb:2d:c4:1f:5b:35:3a:18:53:77:6d:33: 0a:50:0e:ca:12:f6:11:da:21:b3:6a:22:ef:f0:41: f5:47:c1:a4:5f:0c:8a:ca:33:87:e0:a4:45:9d:d2: c4:3c:09:c5:b4:fa:53:fa:85:55:54:49:09:5b:d5: 2b:a5:fd:3a:27:31:3b:c8:2f:f5:7d:a8:f2:cc:d5: 17:8f:28:dd:3f:8d:9b:c2:f5:c7:e1:4a:a5:8a:0c: 10:d1:05:94:c1:92:2b:c7:72:90:52:6a:8d:bb:f5: b9:b1:ba:e0:80:66:b6:ff:4a:d8:23:e7:79:2b:d5: f0:57:99:fb:2e:fc:1b:02:c9:f6:97:28:ff:93:a7: c5:21:44:7d:ff:8f:d6:2e:1b:05:58:8f:82:02:35: ab:16:65:dc:88:7f:58:71:72:97:17:19:f2:bd:f5: f6:dc:90:7d:57:c6:b3:67:a1:2b:91:37:b5:3b:8f: 69:3b:e6:de:a5:e2:e3:6b:7d:25:ee:60:4b:12:0e: af:4c:76:36:35:9b:6c:9f:a3:24:e1:28:98:d5:62: e8:62:f5:04:04:54:57:58:06:5b:60:07:66:43:c6: 40:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:26:B4:A1:7D:CE:CC:38:42:1E:D9:B9:29:0D:DE:95:48:5D:22:15 X509v3 Authority Key Identifier: keyid:12:83:A2:F4:C7:BA:11:70:6C:66:E1:7B:F1:BD:3E:99:62:7A:18:13 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91250FA/AAA0EBE0368E11EAA768FC7EC4F9AE02/EoOi9Me6EXBsZuF78b0-mWJ6GBM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EoOi9Me6EXBsZuF78b0-mWJ6GBM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91250FA/AAA0EBE0368E11EAA768FC7EC4F9AE02/2A08F1A4369211EAA64E320BC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.72.84.0/22 203.3.132.0/24 203.11.65.0/24 203.142.218.0/24 203.161.179.0/24 Signature Algorithm: sha256WithRSAEncryption 45:26:75:9f:d0:f8:69:bf:03:22:70:82:c4:38:61:78:0f:57: 7d:f0:ee:3a:02:af:cb:18:83:6d:00:22:78:e9:77:7d:08:f3: 95:2d:0f:df:af:0a:d2:74:bc:ee:04:a6:15:46:8f:46:c9:f2: 19:eb:cb:ca:36:9a:3f:a6:da:c5:fc:d4:04:c8:d5:ea:5f:78: 87:fb:f3:e8:3c:2a:14:a3:bc:ba:21:f6:40:5f:d0:af:9c:0d: b2:5d:cb:f0:89:68:a6:14:53:2c:91:1d:3b:77:b2:8d:82:21: d8:a5:48:9e:64:3f:e2:c1:74:11:8f:a3:c7:79:f3:8b:eb:87: ae:06:e4:19:a8:13:d2:1c:fd:d2:17:7f:ed:b2:9c:8c:88:f7: 45:c3:08:cb:47:6e:48:b2:10:ef:f6:07:ba:1a:40:2c:bd:6a: 1e:b0:84:03:e9:4e:fa:c4:66:db:d8:b9:f2:c3:56:02:03:be: 54:42:69:14:a9:1f:67:70:2c:46:df:13:1e:ea:66:58:27:9a: 23:21:5e:3c:5a:7f:9d:74:11:c1:00:70:ab:e8:f9:f1:25:38: 76:1e:99:67:13:01:48:b5:30:e8:59:12:e2:8b:69:89:8f:bc: bd:3b:2f:5c:36:33:95:03:83:96:b8:ce:7b:5f:a6:39:45:f9: 24:28:5d:56 -----BEGIN CERTIFICATE----- MIIFVDCCBDygAwIBAgICC+wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjUwRkExMTAvBgNVBAUTKDEyODNBMkY0QzdCQTExNzA2QzY2RTE3QkYxQkQzRTk5 NjI3QTE4MTMwHhcNMjUxMDA4MTkxOTU0WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NzExOC0zZDA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA33nzkDsd/j6+/Ok1N8q30gtdKbA/APNyXqDxqQ1Jz6L7LcQfWzU6GFN3bTMK UA7KEvYR2iGzaiLv8EH1R8GkXwyKyjOH4KRFndLEPAnFtPpT+oVVVEkJW9Urpf06 JzE7yC/1fajyzNUXjyjdP42bwvXH4UqligwQ0QWUwZIrx3KQUmqNu/W5sbrggGa2 /0rYI+d5K9XwV5n7LvwbAsn2lyj/k6fFIUR9/4/WLhsFWI+CAjWrFmXciH9YcXKX FxnyvfX23JB9V8azZ6ErkTe1O49pO+bepeLja30l7mBLEg6vTHY2NZtsn6Mk4SiY 1WLoYvUEBFRXWAZbYAdmQ8ZAPwIDAQABo4ICeDCCAnQwHQYDVR0OBBYEFAwmtKF9 zsw4Qh7ZuSkN3pVIXSIVMB8GA1UdIwQYMBaAFBKDovTHuhFwbGbhe/G9PpliehgT MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNTBGQS9BQUEwRUJFMDM2 OEUxMUVBQTc2OEZDN0VDNEY5QUUwMi9Fb09pOU1lNkVYQnNadUY3OGIwLW1XSjZH Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0VvT2k5TWU2RVhCc1p1Rjc4YjAtbVdKNkdCTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MjUwRkEvQUFBMEVCRTAzNjhFMTFFQUE3NjhGQzdFQzRGOUFFMDIvMkEwOEYxQTQz NjkyMTFFQUE2NEUzMjBCQzRGOUFFMDIucm9hMDcGCCsGAQUFBwEHAQH/BCgwJjAk BAIAATAeAwQCZ0hUAwQAywOEAwQAywtBAwQAy47aAwQAy6GzMA0GCSqGSIb3DQEB CwUAA4IBAQBFJnWf0PhpvwMicILEOGF4D1d98O46Aq/LGINtACJ46Xd9CPOVLQ/f rwrSdLzuBKYVRo9GyfIZ68vKNpo/ptrF/NQEyNXqX3iH+/PoPCoUo7y6IfZAX9Cv nA2yXcvwiWimFFMskR07d7KNgiHYpUieZD/iwXQRj6PHefOL64euBuQZqBPSHP3S F3/tspyMiPdFwwjLR25IshDv9ge6GkAsvWoesIQD6U76xGbb2Lnyw1YCA75UQmkU qR9ncCxG3xMe6mZYJ5ojIV48Wn+ddBHBAHCr6PnxJTh2HplnEwFItTDoWRLii2mJ j7y9Oy9cNjOVA4OWuM57X6Y5RfkkKF1W -----END CERTIFICATE-----Generated at Mon Mar 2 06:32:24 2026 by rpki-client