$ rpki-client -vvf rpki.apnic.net/member_repository/A9135F86/88ED5C84EF2C11EF9C3F3C7BC4F9AE02/4A41D220EF2D11EF8502717CC4F9AE02.roa File: 4A41D220EF2D11EF8502717CC4F9AE02.roa (raw, json) Hash identifier: Kxx+PtkPXfyVdg9I82qa2ErkJuiHNMRm7tcBcDGXSbE= Subject key identifier: 4E:BB:C6:22:51:33:97:14:B6:16:FD:AE:33:59:39:B5:A4:49:D7:5B Certificate issuer: /CN=A9135F86/serialNumber=67412F0C730D9F45467A526C3825EC38FE700B63 Certificate serial: C4 Authority key identifier: 67:41:2F:0C:73:0D:9F:45:46:7A:52:6C:38:25:EC:38:FE:70:0B:63 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z0EvDHMNn0VGelJsOCXsOP5wC2M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9135F86/88ED5C84EF2C11EF9C3F3C7BC4F9AE02/4A41D220EF2D11EF8502717CC4F9AE02.roa Signing time: Sun 01 Mar 2026 08:04:56 +0000 ROA not before: Sat 01 Mar 2025 10:39:54 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 58530 IP address blocks: 103.225.156.0/24 maxlen: 24 103.225.157.0/24 maxlen: 24 103.225.158.0/24 maxlen: 24 103.225.159.0/24 maxlen: 24 103.247.248.0/24 maxlen: 24 103.247.249.0/24 maxlen: 24 103.247.250.0/24 maxlen: 24 103.247.251.0/24 maxlen: 24 103.254.140.0/24 maxlen: 24 103.254.141.0/24 maxlen: 24 103.254.142.0/24 maxlen: 24 103.254.143.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9135F86/88ED5C84EF2C11EF9C3F3C7BC4F9AE02/Z0EvDHMNn0VGelJsOCXsOP5wC2M.crl rsync://rpki.apnic.net/member_repository/A9135F86/88ED5C84EF2C11EF9C3F3C7BC4F9AE02/Z0EvDHMNn0VGelJsOCXsOP5wC2M.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z0EvDHMNn0VGelJsOCXsOP5wC2M.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 08:09:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 196 (0xc4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9135F86, serialNumber=67412F0C730D9F45467A526C3825EC38FE700B63 Validity Not Before: Mar 1 10:39:54 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=69a3f328-9597 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:4c:f4:f8:41:05:4f:86:c3:93:95:14:29:92: 3b:a3:5e:db:78:60:1c:31:af:8f:bd:87:b6:99:d6: 21:d6:0d:45:93:61:ee:8a:1a:c3:a8:b9:a3:eb:ed: a4:2b:6e:42:33:af:d0:c5:5b:38:33:9e:d2:cb:7f: 5e:e0:de:35:98:d7:e5:a7:d0:35:4c:fd:0e:99:30: 84:ad:83:0b:21:4b:30:54:f0:99:c8:23:da:6c:22: 69:51:e9:45:63:eb:4e:40:93:53:ff:c9:33:de:9f: 36:59:6e:c4:bf:55:53:73:7e:d2:21:62:a5:86:cf: ba:d8:5d:99:54:2e:61:1b:0c:6d:e0:3f:72:43:1b: 24:1a:cb:f9:79:4f:a3:cd:05:7d:c2:6d:8d:d5:ed: d4:6e:77:71:40:1e:ba:60:fb:d0:b7:5d:5c:a4:9e: 95:61:f7:86:e9:2f:85:2d:d3:a7:27:00:28:f1:9e: 8a:cc:7d:82:19:1c:d2:6e:68:e2:42:0a:73:65:a2: fb:0d:50:06:ba:6a:45:a0:bd:d0:ab:4e:71:59:10: ba:33:02:f0:f0:b7:49:7f:d5:84:bd:a1:c5:d8:85: d2:fe:be:ca:3a:35:7b:ed:b9:f4:d9:ec:15:7c:b7: 83:42:9a:5f:34:8d:fc:2f:b1:85:5b:76:5b:53:86: fb:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:BB:C6:22:51:33:97:14:B6:16:FD:AE:33:59:39:B5:A4:49:D7:5B X509v3 Authority Key Identifier: keyid:67:41:2F:0C:73:0D:9F:45:46:7A:52:6C:38:25:EC:38:FE:70:0B:63 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9135F86/88ED5C84EF2C11EF9C3F3C7BC4F9AE02/Z0EvDHMNn0VGelJsOCXsOP5wC2M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z0EvDHMNn0VGelJsOCXsOP5wC2M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9135F86/88ED5C84EF2C11EF9C3F3C7BC4F9AE02/4A41D220EF2D11EF8502717CC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.225.156.0/22 103.247.248.0/22 103.254.140.0/22 Signature Algorithm: sha256WithRSAEncryption ab:4d:52:ce:7f:a2:c4:61:2b:d6:46:a6:d9:9c:89:79:9c:65: c4:60:78:84:f1:5f:bf:c7:e1:86:43:81:97:ed:b8:26:47:70: cb:15:f2:13:78:bd:d1:b8:23:93:92:11:fa:99:37:bf:1d:87: d5:2b:f4:32:aa:54:96:f8:ca:d5:52:65:72:06:9d:30:d5:fc: 10:7f:16:d2:6a:de:5f:24:11:5c:f9:c5:3d:27:74:16:c0:53: ec:44:7d:ff:90:f3:e8:e9:65:4f:1c:a6:8b:a3:5a:c9:df:4c: 8c:a3:d0:93:1b:f7:bb:f0:14:1b:d9:53:26:4a:09:01:e4:4f: 77:52:0a:23:44:16:56:6b:5c:1f:a9:b3:a7:fa:10:d5:fc:51: 5e:52:6e:97:da:fc:5c:03:9e:bc:fb:fd:04:50:74:e0:f0:40: 82:aa:5c:5c:8f:31:c8:36:3d:e8:e4:70:db:a5:77:3d:d3:9a: df:69:f2:1b:c9:5b:f6:62:2d:29:40:f3:14:5c:17:59:a0:9f: ef:dc:17:ad:c6:42:da:6a:0d:d1:2a:15:9c:62:59:53:81:a7: cb:31:ad:a4:dd:77:6a:92:c6:6b:e0:ea:b5:c9:14:c2:30:2e: 0a:79:70:ed:d2:03:e4:f6:8f:77:7e:79:52:81:e5:ce:16:1e: 1d:2d:d3:bb -----BEGIN CERTIFICATE----- MIIFSDCCBDCgAwIBAgICAMQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzVGODYxMTAvBgNVBAUTKDY3NDEyRjBDNzMwRDlGNDU0NjdBNTI2QzM4MjVFQzM4 RkU3MDBCNjMwHhcNMjUwMzAxMTAzOTU0WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWEzZjMyOC05NTk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAlUz0+EEFT4bDk5UUKZI7o17beGAcMa+PvYe2mdYh1g1Fk2HuihrDqLmj6+2k K25CM6/QxVs4M57Sy39e4N41mNflp9A1TP0OmTCErYMLIUswVPCZyCPabCJpUelF Y+tOQJNT/8kz3p82WW7Ev1VTc37SIWKlhs+62F2ZVC5hGwxt4D9yQxskGsv5eU+j zQV9wm2N1e3UbndxQB66YPvQt11cpJ6VYfeG6S+FLdOnJwAo8Z6KzH2CGRzSbmji QgpzZaL7DVAGumpFoL3Qq05xWRC6MwLw8LdJf9WEvaHF2IXS/r7KOjV77bn02ewV fLeDQppfNI38L7GFW3ZbU4b7PwIDAQABo4ICbDCCAmgwHQYDVR0OBBYEFE67xiJR M5cUthb9rjNZObWkSddbMB8GA1UdIwQYMBaAFGdBLwxzDZ9FRnpSbDgl7Dj+cAtj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNUY4Ni84OEVENUM4NEVG MkMxMUVGOUMzRjNDN0JDNEY5QUUwMi9aMEV2REhNTm4wVkdlbEpzT0NYc09QNXdD Mk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1owRXZESE1ObjBWR2VsSnNPQ1hzT1A1d0MyTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzVGODYvODhFRDVDODRFRjJDMTFFRjlDM0YzQzdCQzRGOUFFMDIvNEE0MUQyMjBF RjJEMTFFRjg1MDI3MTdDQzRGOUFFMDIucm9hMCsGCCsGAQUFBwEHAQH/BBwwGjAY BAIAATASAwQCZ+GcAwQCZ/f4AwQCZ/6MMA0GCSqGSIb3DQEBCwUAA4IBAQCrTVLO f6LEYSvWRqbZnIl5nGXEYHiE8V+/x+GGQ4GX7bgmR3DLFfITeL3RuCOTkhH6mTe/ HYfVK/QyqlSW+MrVUmVyBp0w1fwQfxbSat5fJBFc+cU9J3QWwFPsRH3/kPPo6WVP HKaLo1rJ30yMo9CTG/e78BQb2VMmSgkB5E93UgojRBZWa1wfqbOn+hDV/FFeUm6X 2vxcA568+/0EUHTg8ECCqlxcjzHINj3o5HDbpXc905rfafIbyVv2Yi0pQPMUXBdZ oJ/v3BetxkLaag3RKhWcYllTgafLMa2k3XdqksZr4Oq1yRTCMC4KeXDt0gPk9o93 fnlSgeXOFh4dLdO7 -----END CERTIFICATE-----Generated at Mon Mar 2 09:06:47 2026 by rpki-client