$ rpki-client -vvf rpki.apnic.net/member_repository/A912F17E/FCFF84661DA311E281EAAF9908B02CD2/FFCDED80FFE111EFB1C18E52C4F9AE02.roa File: FFCDED80FFE111EFB1C18E52C4F9AE02.roa (raw, json) Hash identifier: iPhOjlBD3f7GvwAVSRYP0vVFYxPQo14yXS2WkJSFj28= Subject key identifier: 3C:25:B9:23:42:18:0A:08:FB:A5:D4:2B:B8:26:E0:C1:08:B7:89:07 Certificate issuer: /CN=A912F17E/serialNumber=1F3E8B01D841CBE6220D02D2CD111354F19C47B2 Certificate serial: 351E Authority key identifier: 1F:3E:8B:01:D8:41:CB:E6:22:0D:02:D2:CD:11:13:54:F1:9C:47:B2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hz6LAdhBy-YiDQLSzRETVPGcR7I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912F17E/FCFF84661DA311E281EAAF9908B02CD2/FFCDED80FFE111EFB1C18E52C4F9AE02.roa Signing time: Sun 01 Mar 2026 09:34:08 +0000 ROA not before: Thu 13 Mar 2025 08:09:06 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 10102 IP address blocks: 27.0.8.0/22 maxlen: 22 27.0.8.0/24 maxlen: 24 27.0.9.0/24 maxlen: 24 27.0.10.0/24 maxlen: 24 27.0.11.0/24 maxlen: 24 103.4.108.0/22 maxlen: 24 114.141.208.0/21 maxlen: 24 182.16.140.0/22 maxlen: 24 2404:a100::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912F17E/FCFF84661DA311E281EAAF9908B02CD2/Hz6LAdhBy-YiDQLSzRETVPGcR7I.crl rsync://rpki.apnic.net/member_repository/A912F17E/FCFF84661DA311E281EAAF9908B02CD2/Hz6LAdhBy-YiDQLSzRETVPGcR7I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hz6LAdhBy-YiDQLSzRETVPGcR7I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 02:42:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13598 (0x351e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912F17E, serialNumber=1F3E8B01D841CBE6220D02D2CD111354F19C47B2 Validity Not Before: Mar 13 08:09:06 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=69a40810-5bbe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:a8:28:a5:b9:fb:df:1b:fc:0a:42:4e:76:70: b6:2e:59:13:ec:1e:c2:1e:de:5c:3d:3c:d3:d4:7a: 0a:c1:bf:f7:4c:1a:0d:7d:bb:80:a9:ef:4a:b4:13: 1e:e2:5b:b5:a6:8f:22:9c:43:06:c6:6a:7c:83:d1: 1f:3f:81:70:5f:5a:08:ee:17:48:e2:83:fd:ea:06: 6b:54:cc:11:4d:5c:dc:31:3c:cf:27:44:86:39:06: 07:a3:4c:62:05:27:38:9f:f7:72:37:e7:2c:53:bb: 9b:ed:4f:b3:de:47:d0:bb:d2:9b:e1:36:3f:79:8f: a4:81:34:41:09:22:7b:14:09:1e:9d:83:e9:3b:3f: 22:8d:7c:7d:2a:1f:81:94:ef:7f:ad:c5:b9:1d:36: a5:af:ac:22:50:c6:6b:6d:ae:b2:d3:d6:53:9e:d0: c5:6c:7a:cb:f2:ff:0e:70:4e:39:7d:09:cb:c5:46: 52:7a:10:0a:53:f9:0b:c9:5f:cf:58:18:ae:71:a9: 4a:39:f6:dc:c9:77:5c:ae:b7:09:8f:c7:55:d3:c4: 10:9a:55:ac:dc:46:d5:84:e7:ec:aa:08:15:e9:5d: b4:0c:c0:82:62:57:05:e4:86:87:fd:71:98:e4:46: d3:d1:ac:b3:06:79:d4:dc:92:8a:55:cb:e1:35:c8: 49:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:25:B9:23:42:18:0A:08:FB:A5:D4:2B:B8:26:E0:C1:08:B7:89:07 X509v3 Authority Key Identifier: keyid:1F:3E:8B:01:D8:41:CB:E6:22:0D:02:D2:CD:11:13:54:F1:9C:47:B2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912F17E/FCFF84661DA311E281EAAF9908B02CD2/Hz6LAdhBy-YiDQLSzRETVPGcR7I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hz6LAdhBy-YiDQLSzRETVPGcR7I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912F17E/FCFF84661DA311E281EAAF9908B02CD2/FFCDED80FFE111EFB1C18E52C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 27.0.8.0/22 103.4.108.0/22 114.141.208.0/21 182.16.140.0/22 IPv6: 2404:a100::/32 Signature Algorithm: sha256WithRSAEncryption 28:4d:07:6d:52:82:65:9e:34:f9:7d:c9:b5:50:53:e1:3f:b3: ee:de:34:a0:0e:06:12:69:1e:b9:7b:c4:60:2b:be:e0:67:99: 74:24:d1:a0:51:dd:86:7c:48:af:d0:6c:56:bc:98:2a:57:28: ed:80:43:95:26:ed:1b:bc:1b:79:84:76:c0:bd:f2:c7:27:bf: d5:24:dc:8b:fe:6c:2f:5a:91:a1:b9:fb:16:ae:02:d5:23:96: f1:21:93:0c:6f:55:cf:2d:0a:5a:84:dd:0a:62:f4:95:ee:58: e7:5d:fa:cc:8b:ff:d5:56:3f:f2:c8:34:05:fd:df:f0:92:b1: 87:e9:28:b2:d2:29:74:b5:fe:d3:ac:56:c8:c1:3a:8b:66:9a: cd:ee:d7:65:5b:06:2c:5c:51:69:38:20:78:d2:07:fa:87:c7: df:0a:5b:82:02:84:f2:d7:55:d1:fc:a1:a7:81:98:a7:17:07: 61:3a:86:b3:dd:5a:12:af:3f:49:cf:71:d0:28:ed:d3:b6:a8: 74:2a:17:1e:ae:47:df:c2:ac:47:26:2e:2f:04:22:d4:5c:5b: aa:97:86:af:ca:b1:80:a4:e9:cc:68:43:72:1c:d5:1f:32:34: b6:96:44:b9:c5:28:02:b7:28:75:ea:a4:49:97:84:da:8e:10: 30:4e:30:49 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgICNR4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkYxN0UxMTAvBgNVBAUTKDFGM0U4QjAxRDg0MUNCRTYyMjBEMDJEMkNEMTExMzU0 RjE5QzQ3QjIwHhcNMjUwMzEzMDgwOTA2WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MDgxMC01YmJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuagopbn73xv8CkJOdnC2LlkT7B7CHt5cPTzT1HoKwb/3TBoNfbuAqe9KtBMe 4lu1po8inEMGxmp8g9EfP4FwX1oI7hdI4oP96gZrVMwRTVzcMTzPJ0SGOQYHo0xi BSc4n/dyN+csU7ub7U+z3kfQu9Kb4TY/eY+kgTRBCSJ7FAkenYPpOz8ijXx9Kh+B lO9/rcW5HTalr6wiUMZrba6y09ZTntDFbHrL8v8OcE45fQnLxUZSehAKU/kLyV/P WBiucalKOfbcyXdcrrcJj8dV08QQmlWs3EbVhOfsqggV6V20DMCCYlcF5IaH/XGY 5EbT0ayzBnnU3JKKVcvhNchJAQIDAQABo4ICgTCCAn0wHQYDVR0OBBYEFDwluSNC GAoI+6XUK7gm4MEIt4kHMB8GA1UdIwQYMBaAFB8+iwHYQcvmIg0C0s0RE1TxnEey MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRjE3RS9GQ0ZGODQ2NjFE QTMxMUUyODFFQUFGOTkwOEIwMkNEMi9IejZMQWRoQnktWWlEUUxTelJFVFZQR2NS N0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0h6NkxBZGhCeS1ZaURRTFN6UkVUVlBHY1I3SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MkYxN0UvRkNGRjg0NjYxREEzMTFFMjgxRUFBRjk5MDhCMDJDRDIvRkZDREVEODBG RkUxMTFFRkIxQzE4RTUyQzRGOUFFMDIucm9hMEAGCCsGAQUFBwEHAQH/BDEwLzAe BAIAATAYAwQCGwAIAwQCZwRsAwQDco3QAwQCthCMMA0EAgACMAcDBQAkBKEAMA0G CSqGSIb3DQEBCwUAA4IBAQAoTQdtUoJlnjT5fcm1UFPhP7Pu3jSgDgYSaR65e8Rg K77gZ5l0JNGgUd2GfEiv0GxWvJgqVyjtgEOVJu0bvBt5hHbAvfLHJ7/VJNyL/mwv WpGhufsWrgLVI5bxIZMMb1XPLQpahN0KYvSV7ljnXfrMi//VVj/yyDQF/d/wkrGH 6Siy0il0tf7TrFbIwTqLZprN7tdlWwYsXFFpOCB40gf6h8ffCluCAoTy11XR/KGn gZinFwdhOoaz3VoSrz9Jz3HQKO3Ttqh0KhcerkffwqxHJi4vBCLUXFuql4avyrGA pOnMaENyHNUfMjS2lkS5xSgCtyh16qRJl4TajhAwTjBJ -----END CERTIFICATE-----Generated at Mon Mar 2 09:29:11 2026 by rpki-client