$ rpki-client -vvf rpki.apnic.net/member_repository/A912FB1D/C684CA9C1DAB11E2A21E35AA08B02CD2/C098D762675111E9A0C4BB36C4F9AE02.roa File: C098D762675111E9A0C4BB36C4F9AE02.roa (raw, json) Hash identifier: naU1L3sA/vwcpXLmBU/QE/974IoqN32UsdXdqlCcaP4= Subject key identifier: 39:89:21:F8:14:37:1F:A4:2C:8C:28:81:67:A1:18:54:89:54:1E:CA Certificate issuer: /CN=A912FB1D/serialNumber=942F25D7350B203EA89EF2D1CC150B05B17B2B87 Certificate serial: 3542 Authority key identifier: 94:2F:25:D7:35:0B:20:3E:A8:9E:F2:D1:CC:15:0B:05:B1:7B:2B:87 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lC8l1zULID6onvLRzBULBbF7K4c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912FB1D/C684CA9C1DAB11E2A21E35AA08B02CD2/C098D762675111E9A0C4BB36C4F9AE02.roa Signing time: Sun 01 Mar 2026 13:37:35 +0000 ROA not before: Wed 24 Sep 2025 15:31:25 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 132423 IP address blocks: 103.21.124.0/22 maxlen: 22 103.21.124.0/24 maxlen: 24 103.21.125.0/24 maxlen: 24 103.21.126.0/24 maxlen: 24 103.21.127.0/24 maxlen: 24 2001:df0:413::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912FB1D/C684CA9C1DAB11E2A21E35AA08B02CD2/lC8l1zULID6onvLRzBULBbF7K4c.crl rsync://rpki.apnic.net/member_repository/A912FB1D/C684CA9C1DAB11E2A21E35AA08B02CD2/lC8l1zULID6onvLRzBULBbF7K4c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lC8l1zULID6onvLRzBULBbF7K4c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 02:54:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13634 (0x3542) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912FB1D, serialNumber=942F25D7350B203EA89EF2D1CC150B05B17B2B87 Validity Not Before: Sep 24 15:31:25 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=69a4411f-3689 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:e3:0d:25:fd:e1:df:97:63:ae:81:82:4a:05: 11:5b:51:54:d1:3c:0b:1c:9d:2e:b1:94:9d:fd:2f: cb:d0:d8:3f:60:a6:7f:9b:18:41:1a:6f:fe:76:31: a9:b3:57:74:31:a9:2e:e9:f3:90:a8:c0:1e:0e:a0: 25:b6:77:2c:2d:76:b4:1b:66:eb:b6:a7:1a:e1:17: 2d:a1:3d:61:b1:89:5f:19:e0:36:24:4a:00:b3:c2: 1e:f0:a7:ef:d2:01:72:7b:9f:b0:d7:74:e3:61:0f: a9:e0:31:af:8e:75:79:91:32:6a:7e:98:17:d4:e2: 88:98:73:d4:af:de:89:78:55:48:75:52:40:74:ea: b4:8c:02:9b:89:75:32:03:ff:8d:8d:be:99:65:8a: 54:d7:b9:6a:c6:33:b6:84:3c:ab:3a:ea:3a:e9:80: 89:74:4b:f6:2a:d5:c1:21:ab:26:de:81:32:1e:8f: e7:17:13:76:e8:76:8d:69:91:0a:73:b4:08:cd:f6: 3c:9a:56:1d:a5:5b:b4:b7:96:18:cb:e4:f2:6b:b3: e7:4b:15:bd:9e:96:d0:75:15:bc:3b:99:5b:1e:f1: 72:50:65:32:48:58:74:73:4f:93:ef:5a:08:36:29: b1:4a:05:3f:e7:0c:5f:93:22:ee:16:c8:90:4c:e1: 4f:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:89:21:F8:14:37:1F:A4:2C:8C:28:81:67:A1:18:54:89:54:1E:CA X509v3 Authority Key Identifier: keyid:94:2F:25:D7:35:0B:20:3E:A8:9E:F2:D1:CC:15:0B:05:B1:7B:2B:87 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912FB1D/C684CA9C1DAB11E2A21E35AA08B02CD2/lC8l1zULID6onvLRzBULBbF7K4c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lC8l1zULID6onvLRzBULBbF7K4c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912FB1D/C684CA9C1DAB11E2A21E35AA08B02CD2/C098D762675111E9A0C4BB36C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.21.124.0/22 IPv6: 2001:df0:413::/48 Signature Algorithm: sha256WithRSAEncryption 85:bd:1d:8b:c7:8e:1f:64:0c:d5:19:42:42:1c:f1:e2:95:ad: b3:f2:21:a5:32:f5:c2:5c:2d:1b:bd:d6:a5:7e:4e:94:27:fe: 4c:c3:dd:d9:26:33:c8:1e:76:f4:c0:43:54:b6:2a:ef:f8:6a: a2:07:40:92:e2:fb:9e:69:b9:4a:e0:8a:a9:8d:15:ee:35:b6: 22:73:40:75:33:a9:ed:6a:3b:a8:09:93:55:af:1b:ed:04:90: 6d:ca:96:f4:b1:19:37:88:e6:08:59:3e:fe:65:d8:b6:b9:f6: 50:69:d0:ae:38:ad:7f:c1:d7:90:e5:bb:b8:e6:33:c2:0a:b8: e2:04:05:4d:7a:79:e1:e0:d0:3e:0a:ea:22:68:e9:50:2c:8b: 40:57:9a:87:9c:04:4c:91:d2:d4:bc:e5:99:ca:67:14:cf:42: 8d:02:9f:3a:ec:43:46:9b:f9:63:9f:c3:5b:41:74:c1:e5:c6: 41:4d:c8:9c:7d:89:c7:3f:68:9d:6b:dd:48:b9:fc:b0:56:41: 44:4f:a9:87:82:1c:e9:83:44:9a:d1:f1:0e:c8:30:a8:d0:11: 79:50:f2:0c:9b:ff:50:ab:71:52:b3:a3:f9:30:85:88:3e:24: b4:16:bd:ab:e3:d0:be:fd:ea:cc:6f:51:19:0b:5a:4c:e3:2c: 7f:67:2a:bf -----BEGIN CERTIFICATE----- MIIFTTCCBDWgAwIBAgICNUIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkZCMUQxMTAvBgNVBAUTKDk0MkYyNUQ3MzUwQjIwM0VBODlFRjJEMUNDMTUwQjA1 QjE3QjJCODcwHhcNMjUwOTI0MTUzMTI1WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NDExZi0zNjg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApeMNJf3h35djroGCSgURW1FU0TwLHJ0usZSd/S/L0Ng/YKZ/mxhBGm/+djGp s1d0Maku6fOQqMAeDqAltncsLXa0G2brtqca4RctoT1hsYlfGeA2JEoAs8Ie8Kfv 0gFye5+w13TjYQ+p4DGvjnV5kTJqfpgX1OKImHPUr96JeFVIdVJAdOq0jAKbiXUy A/+Njb6ZZYpU17lqxjO2hDyrOuo66YCJdEv2KtXBIasm3oEyHo/nFxN26HaNaZEK c7QIzfY8mlYdpVu0t5YYy+Tya7PnSxW9npbQdRW8O5lbHvFyUGUySFh0c0+T71oI NimxSgU/5wxfkyLuFsiQTOFPcwIDAQABo4ICcTCCAm0wHQYDVR0OBBYEFDmJIfgU Nx+kLIwogWehGFSJVB7KMB8GA1UdIwQYMBaAFJQvJdc1CyA+qJ7y0cwVCwWxeyuH MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRkIxRC9DNjg0Q0E5QzFE QUIxMUUyQTIxRTM1QUEwOEIwMkNEMi9sQzhsMXpVTElENm9udkxSekJVTEJiRjdL NGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xDOGwxelVMSUQ2b252TFJ6QlVMQmJGN0s0Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MkZCMUQvQzY4NENBOUMxREFCMTFFMkEyMUUzNUFBMDhCMDJDRDIvQzA5OEQ3NjI2 NzUxMTFFOUEwQzRCQjM2QzRGOUFFMDIucm9hMDAGCCsGAQUFBwEHAQH/BCEwHzAM BAIAATAGAwQCZxV8MA8EAgACMAkDBwAgAQ3wBBMwDQYJKoZIhvcNAQELBQADggEB AIW9HYvHjh9kDNUZQkIc8eKVrbPyIaUy9cJcLRu91qV+TpQn/kzD3dkmM8gedvTA Q1S2Ku/4aqIHQJLi+55puUrgiqmNFe41tiJzQHUzqe1qO6gJk1WvG+0EkG3KlvSx GTeI5ghZPv5l2La59lBp0K44rX/B15Dlu7jmM8IKuOIEBU16eeHg0D4K6iJo6VAs i0BXmoecBEyR0tS85ZnKZxTPQo0CnzrsQ0ab+WOfw1tBdMHlxkFNyJx9icc/aJ1r 3Ui5/LBWQURPqYeCHOmDRJrR8Q7IMKjQEXlQ8gyb/1CrcVKzo/kwhYg+JLQWvavj 0L796sxvURkLWkzjLH9nKr8= -----END CERTIFICATE-----Generated at Mon Mar 2 13:00:46 2026 by rpki-client