$ rpki-client -vvf rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/4221CE240EC211EB9F6B1914C4F9AE02.roa File: 4221CE240EC211EB9F6B1914C4F9AE02.roa (raw, json) Hash identifier: 98d7Szz1xVrKOjRtTK04BwOwzNCfjc24NwJ5XcHSo3Y= Subject key identifier: C6:47:69:8E:D9:ED:BA:D8:C0:39:59:3A:89:A7:0D:1E:F1:B5:14:B6 Certificate issuer: /CN=A9127523/serialNumber=8A681DD0C43731D0F4763A4DBDD5D4CC01FD64C2 Certificate serial: 2E35 Authority key identifier: 8A:68:1D:D0:C4:37:31:D0:F4:76:3A:4D:BD:D5:D4:CC:01:FD:64:C2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/imgd0MQ3MdD0djpNvdXUzAH9ZMI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/4221CE240EC211EB9F6B1914C4F9AE02.roa Signing time: Sun 01 Mar 2026 15:27:38 +0000 ROA not before: Thu 28 Aug 2025 16:02:38 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 58656 IP address blocks: 103.12.176.0/22 maxlen: 24 118.179.8.0/21 maxlen: 21 118.179.9.0/24 maxlen: 24 118.179.12.0/24 maxlen: 24 118.179.14.0/24 maxlen: 24 118.179.15.0/24 maxlen: 24 118.179.16.0/20 maxlen: 20 118.179.16.0/24 maxlen: 24 118.179.17.0/24 maxlen: 24 118.179.18.0/24 maxlen: 24 118.179.19.0/24 maxlen: 24 118.179.20.0/23 maxlen: 24 118.179.22.0/24 maxlen: 24 118.179.23.0/24 maxlen: 24 118.179.24.0/23 maxlen: 23 118.179.24.0/24 maxlen: 24 118.179.25.0/24 maxlen: 24 118.179.26.0/24 maxlen: 24 118.179.27.0/24 maxlen: 24 118.179.28.0/24 maxlen: 24 118.179.29.0/24 maxlen: 24 118.179.30.0/23 maxlen: 23 118.179.30.0/24 maxlen: 24 118.179.31.0/24 maxlen: 24 2404:d900::/32 maxlen: 32 2404:d900::/48 maxlen: 48 2404:d900:50::/48 maxlen: 48 2404:d900:51::/48 maxlen: 48 2404:d900:1000::/48 maxlen: 48 2404:d900:2000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/imgd0MQ3MdD0djpNvdXUzAH9ZMI.crl rsync://rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/imgd0MQ3MdD0djpNvdXUzAH9ZMI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/imgd0MQ3MdD0djpNvdXUzAH9ZMI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 15:35:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11829 (0x2e35) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9127523, serialNumber=8A681DD0C43731D0F4763A4DBDD5D4CC01FD64C2 Validity Not Before: Aug 28 16:02:38 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=69a45aea-5165 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:82:fb:06:3d:32:a9:be:45:8a:66:df:31:b3: d9:57:64:54:f9:5f:42:87:3b:27:bb:7e:5f:ab:2b: a4:9f:e7:a3:37:77:34:3d:67:90:f4:b3:fc:00:56: 55:1c:63:bc:bf:a9:f4:bc:4a:60:70:ae:57:5b:9a: 67:d4:c9:52:ba:00:55:ef:74:72:45:9b:d2:1b:21: d2:69:cc:5d:6a:90:7a:51:a0:b0:aa:74:ec:c7:e8: 56:2b:9b:e2:f0:f8:86:e0:c0:48:90:98:c4:f1:f7: ef:bd:8b:29:ac:2e:5e:4f:89:7c:6d:9d:16:35:74: d6:18:61:44:a2:7d:0a:04:d5:1b:72:97:2b:2e:a6: 7c:b2:91:8e:c1:3d:94:77:5e:38:58:9b:01:07:d7: d9:16:1f:b0:f1:b5:ef:42:1a:d3:e7:57:61:5d:b5: 52:bd:dd:b7:ee:6c:7b:c1:1c:7b:75:a5:7d:2a:92: 8c:5c:07:66:87:ae:72:2e:78:75:8a:4b:7a:4c:d7: 09:84:5b:40:77:80:56:d7:52:bd:9c:c0:d6:5d:cd: 49:12:21:19:65:34:41:60:8d:25:97:1e:46:19:d0: 72:95:9f:11:28:70:3e:72:cd:82:25:64:61:b4:48: fa:d6:17:f6:27:75:b0:60:cc:05:33:57:a4:e1:f7: 16:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:47:69:8E:D9:ED:BA:D8:C0:39:59:3A:89:A7:0D:1E:F1:B5:14:B6 X509v3 Authority Key Identifier: keyid:8A:68:1D:D0:C4:37:31:D0:F4:76:3A:4D:BD:D5:D4:CC:01:FD:64:C2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/imgd0MQ3MdD0djpNvdXUzAH9ZMI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/imgd0MQ3MdD0djpNvdXUzAH9ZMI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/4221CE240EC211EB9F6B1914C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.12.176.0/22 118.179.8.0-118.179.31.255 IPv6: 2404:d900::/32 Signature Algorithm: sha256WithRSAEncryption db:62:44:29:bd:23:94:e3:c4:01:46:a4:6d:1c:ce:8a:0f:da: a8:5d:a6:c9:fc:27:a7:5e:f4:d1:ef:bc:ea:a1:87:50:b2:10: 38:89:9f:e9:4d:49:aa:34:36:a7:24:97:d9:03:e7:35:7a:84: 46:67:99:8c:06:c9:74:29:35:01:bf:e2:b7:f2:00:07:da:65: 2e:6b:de:08:f0:18:fd:bc:71:34:a3:31:ad:90:53:c0:86:e8: be:d2:34:4f:c3:61:f6:be:81:b0:40:7b:be:3f:15:7f:aa:d9: d1:94:06:b5:44:41:61:43:f3:10:26:6a:57:5c:3e:aa:51:32: d2:34:79:0b:19:35:07:73:02:85:b8:68:67:68:83:cd:63:c4: 48:aa:36:9c:c3:58:72:ae:22:3a:75:b1:53:2f:11:b2:5d:88: 89:4a:cc:91:39:a1:c4:be:06:81:f3:7f:d5:ca:a2:84:98:64: 07:f8:66:cb:7a:2c:46:25:bd:3c:42:08:f8:53:91:a7:76:45: 50:49:25:c0:79:4c:c2:49:05:45:6d:01:e0:64:d4:fb:a9:c5: ba:e0:46:d4:86:24:6f:63:18:97:a3:81:e4:11:ac:11:f9:83: c3:2a:87:75:1a:23:00:d3:90:dc:e7:3d:52:8e:30:8b:27:cb: fb:52:a1:5b -----BEGIN CERTIFICATE----- MIIFWTCCBEGgAwIBAgICLjUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Mjc1MjMxMTAvBgNVBAUTKDhBNjgxREQwQzQzNzMxRDBGNDc2M0E0REJERDVENEND MDFGRDY0QzIwHhcNMjUwODI4MTYwMjM4WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NWFlYS01MTY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0IL7Bj0yqb5FimbfMbPZV2RU+V9Chzsnu35fqyukn+ejN3c0PWeQ9LP8AFZV HGO8v6n0vEpgcK5XW5pn1MlSugBV73RyRZvSGyHSacxdapB6UaCwqnTsx+hWK5vi 8PiG4MBIkJjE8ffvvYsprC5eT4l8bZ0WNXTWGGFEon0KBNUbcpcrLqZ8spGOwT2U d144WJsBB9fZFh+w8bXvQhrT51dhXbVSvd237mx7wRx7daV9KpKMXAdmh65yLnh1 ikt6TNcJhFtAd4BW11K9nMDWXc1JEiEZZTRBYI0llx5GGdBylZ8RKHA+cs2CJWRh tEj61hf2J3WwYMwFM1ek4fcWNwIDAQABo4ICfTCCAnkwHQYDVR0OBBYEFMZHaY7Z 7brYwDlZOomnDR7xtRS2MB8GA1UdIwQYMBaAFIpoHdDENzHQ9HY6Tb3V1MwB/WTC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNzUyMy8xMkI5OTdFODlB RTMxMUUzQTVBMjU3QTc1OTExRUEzMi9pbWdkME1RM01kRDBkanBOdmRYVXpBSDla TUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ltZ2QwTVEzTWREMGRqcE52ZFhVekFIOVpNSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Mjc1MjMvMTJCOTk3RTg5QUUzMTFFM0E1QTI1N0E3NTkxMUVBMzIvNDIyMUNFMjQw RUMyMTFFQjlGNkIxOTE0QzRGOUFFMDIucm9hMDwGCCsGAQUFBwEHAQH/BC0wKzAa BAIAATAUAwQCZwywMAwDBAN2swgDBAV2swAwDQQCAAIwBwMFACQE2QAwDQYJKoZI hvcNAQELBQADggEBANtiRCm9I5TjxAFGpG0czooP2qhdpsn8J6de9NHvvOqhh1Cy EDiJn+lNSao0Nqckl9kD5zV6hEZnmYwGyXQpNQG/4rfyAAfaZS5r3gjwGP28cTSj Ma2QU8CG6L7SNE/DYfa+gbBAe74/FX+q2dGUBrVEQWFD8xAmaldcPqpRMtI0eQsZ NQdzAoW4aGdog81jxEiqNpzDWHKuIjp1sVMvEbJdiIlKzJE5ocS+BoHzf9XKooSY ZAf4Zst6LEYlvTxCCPhTkad2RVBJJcB5TMJJBUVtAeBk1PupxbrgRtSGJG9jGJej geQRrBH5g8Mqh3UaIwDTkNznPVKOMIsny/tSoVs= -----END CERTIFICATE-----Generated at Mon Mar 2 20:39:13 2026 by rpki-client