$ rpki-client -vvf rpki.apnic.net/member_repository/A9136BFF/E42BEAC293F011E9BC0CFF71C4F9AE02/20AB43C81F9411F083A54B70C4F9AE02.roa File: 20AB43C81F9411F083A54B70C4F9AE02.roa (raw, json) Hash identifier: 7cDdADbTHZRG0bVfK6SUqFLI7wiUJaBfx2Pc8146GtM= Subject key identifier: CF:E0:EE:07:0D:1C:8E:BD:2C:40:D8:A3:EA:44:A4:FC:87:9A:72:A6 Certificate issuer: /CN=A9136BFF/serialNumber=C14389517F886805A2D485BA412DAD2B52776F72 Certificate serial: 0FDF Authority key identifier: C1:43:89:51:7F:88:68:05:A2:D4:85:BA:41:2D:AD:2B:52:77:6F:72 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wUOJUX-IaAWi1IW6QS2tK1J3b3I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9136BFF/E42BEAC293F011E9BC0CFF71C4F9AE02/20AB43C81F9411F083A54B70C4F9AE02.roa Signing time: Sun 01 Mar 2026 18:02:15 +0000 ROA not before: Tue 11 Nov 2025 09:24:02 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 132110 IP address blocks: 43.250.104.0/23 maxlen: 24 43.250.106.0/24 maxlen: 24 43.250.107.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9136BFF/E42BEAC293F011E9BC0CFF71C4F9AE02/wUOJUX-IaAWi1IW6QS2tK1J3b3I.crl rsync://rpki.apnic.net/member_repository/A9136BFF/E42BEAC293F011E9BC0CFF71C4F9AE02/wUOJUX-IaAWi1IW6QS2tK1J3b3I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wUOJUX-IaAWi1IW6QS2tK1J3b3I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 03:06:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4063 (0xfdf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9136BFF, serialNumber=C14389517F886805A2D485BA412DAD2B52776F72 Validity Not Before: Nov 11 09:24:02 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=69a47f26-763f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:6b:a5:da:3d:ba:4b:9d:d6:1d:21:3f:7f:bc: 6d:ce:eb:a2:a5:c3:1a:20:f1:43:22:ec:88:ec:9e: 0a:64:cd:a7:65:fc:69:f5:87:e1:aa:58:96:a2:06: fc:d6:9a:d6:3f:0b:85:51:0b:b1:47:7a:b4:64:86: 4a:54:63:3c:e8:84:b6:78:46:4b:2b:1c:61:8d:69: a2:24:aa:ad:ed:11:46:90:fe:64:c9:c1:d4:8f:59: 62:41:70:88:70:0a:b5:a2:47:ef:d1:26:19:c5:75: 7d:ae:39:cd:27:92:85:00:48:72:a9:ac:34:e3:7d: 29:59:f4:75:90:a0:17:95:eb:db:96:05:9a:dd:b8: ff:5f:af:7a:84:97:4c:97:e9:f4:9a:96:ea:86:34: 29:00:fa:4d:f9:d7:0a:3c:fa:80:06:5a:26:a3:33: 57:3d:44:18:6c:0f:5e:06:0b:df:5b:7a:48:d3:59: 88:98:a1:4f:a8:56:31:44:3f:fc:bb:cc:bc:a7:d1: 20:65:4e:39:92:ad:f4:85:45:94:cc:9f:99:d6:00: c0:1c:88:69:54:cf:41:ad:17:2a:a0:12:ad:bc:87: ea:4a:2d:84:8c:46:7a:bf:b9:12:55:c6:29:88:2d: 79:01:36:f6:66:d7:3e:9a:00:16:f8:3e:d1:47:36: 44:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:E0:EE:07:0D:1C:8E:BD:2C:40:D8:A3:EA:44:A4:FC:87:9A:72:A6 X509v3 Authority Key Identifier: keyid:C1:43:89:51:7F:88:68:05:A2:D4:85:BA:41:2D:AD:2B:52:77:6F:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9136BFF/E42BEAC293F011E9BC0CFF71C4F9AE02/wUOJUX-IaAWi1IW6QS2tK1J3b3I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wUOJUX-IaAWi1IW6QS2tK1J3b3I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9136BFF/E42BEAC293F011E9BC0CFF71C4F9AE02/20AB43C81F9411F083A54B70C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.250.104.0/22 Signature Algorithm: sha256WithRSAEncryption 97:86:24:99:55:bc:db:42:a1:2c:f0:fe:0c:09:21:97:c3:85: 62:16:9d:48:b7:ee:78:cb:0d:43:fa:6b:cf:1b:91:d5:4a:ec: fd:2b:d5:ca:a7:38:1f:f7:ed:0c:fa:e3:36:9e:df:47:75:8c: 18:4d:53:85:ad:47:ee:0b:b8:30:08:ba:4f:0d:65:61:e8:28: d9:9d:ce:3c:bf:1e:fb:ee:5f:a3:73:78:6a:e4:f4:d0:d8:1a: 8e:01:85:f4:73:e0:fb:dd:d7:a3:eb:c5:dd:2d:61:35:7b:54: d2:4e:48:af:af:58:4c:fe:b8:f6:d8:56:c5:fe:fb:51:0d:91: cc:27:1a:b2:36:8b:a4:68:48:55:11:1e:89:86:dc:63:fc:62: 53:92:c1:95:e3:64:68:31:4b:8d:d7:71:40:ad:4e:e9:d0:47: 06:ee:d9:20:36:0f:45:c2:c7:b4:f0:7c:88:51:90:6e:70:06: 97:94:c6:ad:f8:3f:be:fc:fa:e8:bc:d5:3d:bd:36:32:18:85: 43:df:5a:ad:07:62:29:80:67:ae:1f:76:26:97:f4:f7:74:96: a7:08:54:98:65:e7:18:0b:9d:71:65:06:21:90:46:61:9a:44: 53:99:a3:6f:a0:24:3e:48:97:2f:d3:02:17:51:bb:d3:c8:af: 22:f9:8d:a3 -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgICD98wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzZCRkYxMTAvBgNVBAUTKEMxNDM4OTUxN0Y4ODY4MDVBMkQ0ODVCQTQxMkRBRDJC NTI3NzZGNzIwHhcNMjUxMTExMDkyNDAyWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0N2YyNi03NjNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsGul2j26S53WHSE/f7xtzuuipcMaIPFDIuyI7J4KZM2nZfxp9YfhqliWogb8 1prWPwuFUQuxR3q0ZIZKVGM86IS2eEZLKxxhjWmiJKqt7RFGkP5kycHUj1liQXCI cAq1okfv0SYZxXV9rjnNJ5KFAEhyqaw0430pWfR1kKAXlevblgWa3bj/X696hJdM l+n0mpbqhjQpAPpN+dcKPPqABlomozNXPUQYbA9eBgvfW3pI01mImKFPqFYxRD/8 u8y8p9EgZU45kq30hUWUzJ+Z1gDAHIhpVM9BrRcqoBKtvIfqSi2EjEZ6v7kSVcYp iC15ATb2Ztc+mgAW+D7RRzZEYwIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFM/g7gcN HI69LEDYo+pEpPyHmnKmMB8GA1UdIwQYMBaAFMFDiVF/iGgFotSFukEtrStSd29y MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNkJGRi9FNDJCRUFDMjkz RjAxMUU5QkMwQ0ZGNzFDNEY5QUUwMi93VU9KVVgtSWFBV2kxSVc2UVMydEsxSjNi M0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3dVT0pVWC1JYUFXaTFJVzZRUzJ0SzFKM2IzSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzZCRkYvRTQyQkVBQzI5M0YwMTFFOUJDMENGRjcxQzRGOUFFMDIvMjBBQjQzQzgx Rjk0MTFGMDgzQTU0QjcwQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/poMA0GCSqGSIb3DQEBCwUAA4IBAQCXhiSZVbzbQqEs8P4MCSGX w4ViFp1It+54yw1D+mvPG5HVSuz9K9XKpzgf9+0M+uM2nt9HdYwYTVOFrUfuC7gw CLpPDWVh6CjZnc48vx777l+jc3hq5PTQ2BqOAYX0c+D73dej68XdLWE1e1TSTkiv r1hM/rj22FbF/vtRDZHMJxqyNoukaEhVER6Jhtxj/GJTksGV42RoMUuN13FArU7p 0EcG7tkgNg9Fwse08HyIUZBucAaXlMat+D++/ProvNU9vTYyGIVD31qtB2IpgGeu H3Yml/T3dJanCFSYZecYC51xZQYhkEZhmkRTmaNvoCQ+SJcv0wIXUbvTyK8i+Y2j -----END CERTIFICATE-----Generated at Mon Mar 2 14:11:46 2026 by rpki-client