$ rpki-client -vvf rpki.apnic.net/member_repository/A912F17E/FCFF84661DA311E281EAAF9908B02CD2/FFCDED80FFE111EFB1C18E52C4F9AE02.roa File: FFCDED80FFE111EFB1C18E52C4F9AE02.roa (raw, json) Hash identifier: B4XkvDFGFvCBprc68a89D+sBKVil4nMYyWnc/DYPRx8= Subject key identifier: 52:98:BA:58:22:36:D0:07:98:94:BA:66:63:76:81:70:09:EA:02:CB Certificate issuer: /CN=A912F17E/serialNumber=1F3E8B01D841CBE6220D02D2CD111354F19C47B2 Certificate serial: 3532 Authority key identifier: 1F:3E:8B:01:D8:41:CB:E6:22:0D:02:D2:CD:11:13:54:F1:9C:47:B2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hz6LAdhBy-YiDQLSzRETVPGcR7I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912F17E/FCFF84661DA311E281EAAF9908B02CD2/FFCDED80FFE111EFB1C18E52C4F9AE02.roa Signing time: Tue 31 Mar 2026 15:13:31 +0000 ROA not before: Tue 31 Mar 2026 15:13:31 +0000 ROA not after: Sat 01 Aug 2026 00:00:00 +0000 asID: 10102 IP address blocks: 27.0.8.0/22 maxlen: 22 27.0.8.0/24 maxlen: 24 27.0.9.0/24 maxlen: 24 27.0.10.0/24 maxlen: 24 27.0.11.0/24 maxlen: 24 103.4.108.0/22 maxlen: 24 114.141.208.0/21 maxlen: 24 182.16.140.0/22 maxlen: 24 2404:a100::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912F17E/FCFF84661DA311E281EAAF9908B02CD2/Hz6LAdhBy-YiDQLSzRETVPGcR7I.crl rsync://rpki.apnic.net/member_repository/A912F17E/FCFF84661DA311E281EAAF9908B02CD2/Hz6LAdhBy-YiDQLSzRETVPGcR7I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hz6LAdhBy-YiDQLSzRETVPGcR7I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Apr 2026 15:06:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13618 (0x3532) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912F17E, serialNumber=1F3E8B01D841CBE6220D02D2CD111354F19C47B2 Validity Not Before: Mar 31 15:13:31 2026 GMT Not After : Aug 1 00:00:00 2026 GMT Subject: CN=69cbe49b-e8a6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:63:2e:90:64:f5:74:b3:4e:87:2b:ee:46:ee: 3d:4b:3c:dc:31:72:a7:97:4c:4f:c7:d4:2f:e0:f9: c9:92:5e:c7:a5:db:da:35:41:10:54:eb:5a:9e:62: de:36:56:18:3e:3d:e3:08:87:e8:74:e2:4e:1e:98: e3:ac:1d:97:75:36:74:3a:98:21:7c:43:ef:04:70: c1:29:b0:87:9b:93:c0:96:36:d3:2f:14:c9:da:2b: 66:3b:d4:db:b1:fd:f2:b8:bf:c7:20:85:b6:d4:1f: b1:30:ee:54:0e:ad:a6:30:b3:00:8c:51:ac:0b:a1: a2:db:a8:6c:36:ea:de:04:ff:66:e6:8a:1c:44:27: 51:4d:e1:e1:09:bd:57:2a:d0:d2:20:1f:b6:d1:16: ef:fd:e8:5a:88:db:f5:56:73:c0:b2:81:30:0a:7b: 5a:83:73:58:8a:1b:b7:98:0c:d2:f5:da:f3:6e:bc: da:bb:60:d9:f9:89:d8:dd:07:f6:03:8a:61:64:36: 5e:16:23:eb:24:31:f1:95:d5:75:0e:01:67:db:41: ad:34:1f:d3:04:23:0d:50:5f:d4:60:95:bc:e7:f1: 5d:8c:f2:01:08:58:27:66:77:72:1d:36:a7:0b:13: a3:88:a1:e1:8a:88:12:77:63:83:ee:c9:49:c3:12: 57:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:98:BA:58:22:36:D0:07:98:94:BA:66:63:76:81:70:09:EA:02:CB X509v3 Authority Key Identifier: keyid:1F:3E:8B:01:D8:41:CB:E6:22:0D:02:D2:CD:11:13:54:F1:9C:47:B2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912F17E/FCFF84661DA311E281EAAF9908B02CD2/Hz6LAdhBy-YiDQLSzRETVPGcR7I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hz6LAdhBy-YiDQLSzRETVPGcR7I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912F17E/FCFF84661DA311E281EAAF9908B02CD2/FFCDED80FFE111EFB1C18E52C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 27.0.8.0/22 103.4.108.0/22 114.141.208.0/21 182.16.140.0/22 IPv6: 2404:a100::/32 Signature Algorithm: sha256WithRSAEncryption d5:2f:df:b5:14:10:c3:9d:b3:fb:80:f9:05:93:9f:36:c3:64: 50:73:10:f5:22:34:41:f4:84:eb:48:53:c7:35:89:7b:10:d4: 2d:15:81:f7:39:9a:e5:10:a4:de:4d:d0:38:74:2d:7d:1e:e1: 99:9b:ef:c0:25:e5:fc:28:9a:b5:39:3e:1f:b4:af:b5:34:a2: c1:bf:99:d4:8e:e3:ce:9b:60:2a:d7:fb:d6:09:ce:a7:e2:70: 93:26:46:29:51:d6:6c:e0:69:4c:5b:71:8f:f8:94:31:02:82: 20:c8:01:09:fe:3e:15:8a:70:ff:1e:6b:cf:96:f4:45:d5:69: 2c:ef:7c:9e:d1:7b:11:26:84:46:95:b8:cc:f5:11:84:52:31: 38:54:d8:47:d7:45:fb:76:ec:4e:12:b0:3d:1f:85:a4:d4:fe: 66:aa:5f:7e:77:96:23:ad:9a:02:76:b1:51:f6:2e:a4:24:19: fd:64:dc:f8:04:0d:8f:ea:7a:a2:d2:c0:fb:94:28:10:77:6a: a8:d3:0c:25:b2:97:bd:d1:18:11:c5:e0:48:61:b8:46:87:c1: e4:0c:79:4a:68:ff:a6:65:e4:ed:71:fc:91:78:59:24:a1:fe: 02:ba:ea:3f:6e:1f:2d:c5:75:b4:64:4d:9a:fd:01:05:43:82: 7b:c8:d4:d7 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgICNTIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkYxN0UxMTAvBgNVBAUTKDFGM0U4QjAxRDg0MUNCRTYyMjBEMDJEMkNEMTExMzU0 RjE5QzQ3QjIwHhcNMjYwMzMxMTUxMzMxWhcNMjYwODAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWNiZTQ5Yi1lOGE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsWMukGT1dLNOhyvuRu49SzzcMXKnl0xPx9Qv4PnJkl7HpdvaNUEQVOtanmLe NlYYPj3jCIfodOJOHpjjrB2XdTZ0OpghfEPvBHDBKbCHm5PAljbTLxTJ2itmO9Tb sf3yuL/HIIW21B+xMO5UDq2mMLMAjFGsC6Gi26hsNureBP9m5oocRCdRTeHhCb1X KtDSIB+20Rbv/ehaiNv1VnPAsoEwCntag3NYihu3mAzS9drzbrzau2DZ+YnY3Qf2 A4phZDZeFiPrJDHxldV1DgFn20GtNB/TBCMNUF/UYJW85/FdjPIBCFgnZndyHTan CxOjiKHhiogSd2OD7slJwxJXBwIDAQABo4ICgTCCAn0wHQYDVR0OBBYEFFKYulgi NtAHmJS6ZmN2gXAJ6gLLMB8GA1UdIwQYMBaAFB8+iwHYQcvmIg0C0s0RE1TxnEey MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRjE3RS9GQ0ZGODQ2NjFE QTMxMUUyODFFQUFGOTkwOEIwMkNEMi9IejZMQWRoQnktWWlEUUxTelJFVFZQR2NS N0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0h6NkxBZGhCeS1ZaURRTFN6UkVUVlBHY1I3SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MkYxN0UvRkNGRjg0NjYxREEzMTFFMjgxRUFBRjk5MDhCMDJDRDIvRkZDREVEODBG RkUxMTFFRkIxQzE4RTUyQzRGOUFFMDIucm9hMEAGCCsGAQUFBwEHAQH/BDEwLzAe BAIAATAYAwQCGwAIAwQCZwRsAwQDco3QAwQCthCMMA0EAgACMAcDBQAkBKEAMA0G CSqGSIb3DQEBCwUAA4IBAQDVL9+1FBDDnbP7gPkFk582w2RQcxD1IjRB9ITrSFPH NYl7ENQtFYH3OZrlEKTeTdA4dC19HuGZm+/AJeX8KJq1OT4ftK+1NKLBv5nUjuPO m2Aq1/vWCc6n4nCTJkYpUdZs4GlMW3GP+JQxAoIgyAEJ/j4VinD/HmvPlvRF1Wks 73ye0XsRJoRGlbjM9RGEUjE4VNhH10X7duxOErA9H4Wk1P5mql9+d5YjrZoCdrFR 9i6kJBn9ZNz4BA2P6nqi0sD7lCgQd2qo0wwlspe90RgRxeBIYbhGh8HkDHlKaP+m ZeTtcfyReFkkof4Cuuo/bh8txXW0ZE2a/QEFQ4J7yNTX -----END CERTIFICATE-----Generated at Fri Apr 17 15:26:30 2026 by rpki-client