$ rpki-client -vvf rpki.apnic.net/member_repository/A912BCAC/0152258E82F411EE9ED1F611C4F9AE02/43C5BAA282F411EE99AAAB12C4F9AE02.roa File: 43C5BAA282F411EE99AAAB12C4F9AE02.roa (raw, json) Hash identifier: a1wzRh8XwhAFQd8Ja2EntSNyYcs9nQlwwooXA0U/t20= Subject key identifier: 08:08:D1:CE:9E:4B:40:C3:9A:2C:E8:41:CF:31:C4:20:6A:A3:7A:3D Certificate issuer: /CN=A912BCAC/serialNumber=9CBE10D7C1DD44B7E590B5078BFC4F86CF8DB25A Certificate serial: 01BF Authority key identifier: 9C:BE:10:D7:C1:DD:44:B7:E5:90:B5:07:8B:FC:4F:86:CF:8D:B2:5A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nL4Q18HdRLflkLUHi_xPhs-Nslo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912BCAC/0152258E82F411EE9ED1F611C4F9AE02/43C5BAA282F411EE99AAAB12C4F9AE02.roa Signing time: Sun 01 Mar 2026 11:01:29 +0000 ROA not before: Wed 03 Dec 2025 02:33:39 +0000 ROA not after: Tue 02 Mar 2027 00:00:00 +0000 asID: 152098 IP address blocks: 36.50.40.0/24 maxlen: 24 36.50.41.0/24 maxlen: 24 2001:df3:1ec0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912BCAC/0152258E82F411EE9ED1F611C4F9AE02/nL4Q18HdRLflkLUHi_xPhs-Nslo.crl rsync://rpki.apnic.net/member_repository/A912BCAC/0152258E82F411EE9ED1F611C4F9AE02/nL4Q18HdRLflkLUHi_xPhs-Nslo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nL4Q18HdRLflkLUHi_xPhs-Nslo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 02:04:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 447 (0x1bf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912BCAC, serialNumber=9CBE10D7C1DD44B7E590B5078BFC4F86CF8DB25A Validity Not Before: Dec 3 02:33:39 2025 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=69a41c89-7f3b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:81:55:c0:11:81:96:4a:79:4f:a6:d2:ad:fe: 49:02:53:f3:aa:4f:83:da:a6:7f:1f:bc:5d:3b:4e: 99:7f:42:67:b4:36:d3:75:a1:8d:ec:62:6a:88:25: f3:32:b5:46:34:f6:cf:91:a4:b0:9d:22:7e:4e:97: d8:1c:36:d0:7d:f7:27:0e:12:a0:eb:e3:fe:0c:da: 30:c3:d5:41:25:8e:c7:70:9f:09:27:70:ad:46:30: dd:f6:92:72:ac:72:5b:d8:f0:1f:31:74:5a:a0:23: 7f:e9:35:7d:40:aa:86:91:5d:ef:ac:92:97:d5:8a: a2:c8:1d:4a:57:7f:90:16:92:41:99:b2:7a:1c:a4: ec:e9:17:d9:c0:c5:62:c7:4c:67:b9:37:37:ab:f2: b8:7e:b3:d1:59:09:0b:50:be:7c:3d:01:03:47:80: 62:ca:ed:11:37:7b:ae:2d:3c:c2:a4:ce:1a:1b:61: c1:ed:95:e6:11:88:53:f0:09:ca:fb:68:93:3d:51: 29:bc:ab:e2:2d:1b:26:cf:f7:cf:2f:94:46:4a:fb: a1:35:b7:52:7f:f8:9d:fc:de:cd:ed:5c:d6:4a:4b: 81:5e:a3:a5:58:04:7f:4f:87:e5:3b:b4:a8:a4:73: 02:aa:73:fc:35:09:77:af:71:bc:0d:f3:c1:54:09: 13:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:08:D1:CE:9E:4B:40:C3:9A:2C:E8:41:CF:31:C4:20:6A:A3:7A:3D X509v3 Authority Key Identifier: keyid:9C:BE:10:D7:C1:DD:44:B7:E5:90:B5:07:8B:FC:4F:86:CF:8D:B2:5A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912BCAC/0152258E82F411EE9ED1F611C4F9AE02/nL4Q18HdRLflkLUHi_xPhs-Nslo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nL4Q18HdRLflkLUHi_xPhs-Nslo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912BCAC/0152258E82F411EE9ED1F611C4F9AE02/43C5BAA282F411EE99AAAB12C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 36.50.40.0/23 IPv6: 2001:df3:1ec0::/48 Signature Algorithm: sha256WithRSAEncryption 42:be:dc:fe:bd:9d:57:57:ec:82:d3:aa:f3:80:25:8e:90:c1: 08:09:34:ec:ba:f9:37:a2:15:37:86:f2:dd:e8:82:0b:a9:02: a4:e8:8d:a4:be:0f:53:f3:c3:94:eb:ff:b4:e5:bc:c2:fa:ee: f9:27:86:48:48:1c:e2:e9:eb:bf:0e:84:ee:5d:30:91:0b:fb: 21:e7:db:9d:a0:91:c5:71:50:27:79:fd:6a:1a:85:c6:de:26: 07:46:1d:ef:a0:27:4d:8a:62:6e:31:db:6b:e8:76:32:81:86: 5b:1f:9e:3b:8e:c4:28:75:44:ad:66:46:a3:5d:93:cf:74:c7: 92:8e:54:9e:6e:6b:f3:1c:4d:24:7b:38:8c:84:2e:d6:b4:1e: 22:fd:ce:5d:43:3f:21:91:3c:88:47:b2:51:a1:ef:ac:35:c9: 48:be:06:e7:a9:21:22:af:e5:3b:8d:0e:20:c4:f7:86:5b:f5: 0c:60:ab:e8:b8:61:3d:41:10:c3:33:72:04:3a:40:45:b5:dc: 71:01:1a:2c:70:ef:80:53:28:a9:af:9f:07:4f:8b:97:cc:a2: 43:66:03:72:26:1e:76:0a:10:5d:6c:4f:54:51:f6:ff:69:8b: 20:f6:01:0a:dd:d2:73:c2:94:c1:17:05:2d:54:b1:96:a3:c9: a1:de:33:9f -----BEGIN CERTIFICATE----- MIIFTTCCBDWgAwIBAgICAb8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkJDQUMxMTAvBgNVBAUTKDlDQkUxMEQ3QzFERDQ0QjdFNTkwQjUwNzhCRkM0Rjg2 Q0Y4REIyNUEwHhcNMjUxMjAzMDIzMzM5WhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MWM4OS03ZjNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAq4FVwBGBlkp5T6bSrf5JAlPzqk+D2qZ/H7xdO06Zf0JntDbTdaGN7GJqiCXz MrVGNPbPkaSwnSJ+TpfYHDbQffcnDhKg6+P+DNoww9VBJY7HcJ8JJ3CtRjDd9pJy rHJb2PAfMXRaoCN/6TV9QKqGkV3vrJKX1YqiyB1KV3+QFpJBmbJ6HKTs6RfZwMVi x0xnuTc3q/K4frPRWQkLUL58PQEDR4Biyu0RN3uuLTzCpM4aG2HB7ZXmEYhT8AnK +2iTPVEpvKviLRsmz/fPL5RGSvuhNbdSf/id/N7N7VzWSkuBXqOlWAR/T4flO7So pHMCqnP8NQl3r3G8DfPBVAkTwQIDAQABo4ICcTCCAm0wHQYDVR0OBBYEFAgI0c6e S0DDmizoQc8xxCBqo3o9MB8GA1UdIwQYMBaAFJy+ENfB3US35ZC1B4v8T4bPjbJa MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQkNBQy8wMTUyMjU4RTgy RjQxMUVFOUVEMUY2MTFDNEY5QUUwMi9uTDRRMThIZFJMZmxrTFVIaV94UGhzLU5z bG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL25MNFExOEhkUkxmbGtMVUhpX3hQaHMtTnNsby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MkJDQUMvMDE1MjI1OEU4MkY0MTFFRTlFRDFGNjExQzRGOUFFMDIvNDNDNUJBQTI4 MkY0MTFFRTk5QUFBQjEyQzRGOUFFMDIucm9hMDAGCCsGAQUFBwEHAQH/BCEwHzAM BAIAATAGAwQBJDIoMA8EAgACMAkDBwAgAQ3zHsAwDQYJKoZIhvcNAQELBQADggEB AEK+3P69nVdX7ILTqvOAJY6QwQgJNOy6+TeiFTeG8t3oggupAqTojaS+D1Pzw5Tr /7TlvML67vknhkhIHOLp678OhO5dMJEL+yHn252gkcVxUCd5/WoahcbeJgdGHe+g J02KYm4x22vodjKBhlsfnjuOxCh1RK1mRqNdk890x5KOVJ5ua/McTSR7OIyELta0 HiL9zl1DPyGRPIhHslGh76w1yUi+BuepISKv5TuNDiDE94Zb9Qxgq+i4YT1BEMMz cgQ6QEW13HEBGixw74BTKKmvnwdPi5fMokNmA3ImHnYKEF1sT1RR9v9piyD2AQrd 0nPClMEXBS1UsZajyaHeM58= -----END CERTIFICATE-----Generated at Mon Mar 2 09:06:04 2026 by rpki-client