$ rpki-client -vvf rpki.apnic.net/member_repository/A9136EC5/2DECAE560E5611E4B6F1953AC4F9AE02/8B903A32353211EBB3D0487FC4F9AE02.roa File: 8B903A32353211EBB3D0487FC4F9AE02.roa (raw, json) Hash identifier: 25oLu27CZ0gv2qJnkcUs4150C/CVxdIojsajwReLNXs= Subject key identifier: B9:A7:C8:BB:CD:FB:D6:24:2F:A3:A8:F8:A7:06:BA:E9:D6:07:93:9F Certificate issuer: /CN=A9136EC5/serialNumber=9FCE28914C50DC99755F108AB4334F772CBEA0E2 Certificate serial: 2BC1 Authority key identifier: 9F:CE:28:91:4C:50:DC:99:75:5F:10:8A:B4:33:4F:77:2C:BE:A0:E2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n84okUxQ3Jl1XxCKtDNPdyy-oOI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9136EC5/2DECAE560E5611E4B6F1953AC4F9AE02/8B903A32353211EBB3D0487FC4F9AE02.roa Signing time: Sun 01 Mar 2026 18:01:45 +0000 ROA not before: Fri 26 Sep 2025 15:42:41 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 38719 IP address blocks: 43.245.96.0/22 maxlen: 24 43.245.108.0/22 maxlen: 24 43.245.252.0/22 maxlen: 24 101.100.192.0/18 maxlen: 24 103.9.100.0/22 maxlen: 24 103.11.188.0/22 maxlen: 24 103.15.232.0/22 maxlen: 24 103.245.92.0/22 maxlen: 24 111.235.136.0/22 maxlen: 24 119.31.232.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9136EC5/2DECAE560E5611E4B6F1953AC4F9AE02/n84okUxQ3Jl1XxCKtDNPdyy-oOI.crl rsync://rpki.apnic.net/member_repository/A9136EC5/2DECAE560E5611E4B6F1953AC4F9AE02/n84okUxQ3Jl1XxCKtDNPdyy-oOI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n84okUxQ3Jl1XxCKtDNPdyy-oOI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 23:55:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11201 (0x2bc1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9136EC5, serialNumber=9FCE28914C50DC99755F108AB4334F772CBEA0E2 Validity Not Before: Sep 26 15:42:41 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=69a47f09-97a4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:fd:4c:ae:5e:b0:d8:8f:f5:90:ac:c4:45:cd: 1b:88:01:81:b3:e3:19:27:1b:72:99:af:16:29:bb: cb:0a:4c:f7:66:0b:fb:48:46:c9:ea:d2:b9:8e:95: 8a:68:43:81:86:66:2e:60:24:34:80:9f:7d:11:e6: 23:00:52:9d:26:20:89:e5:78:20:22:b9:c2:87:dc: 6c:81:2c:a0:d0:51:1c:13:4d:95:dc:49:5f:51:27: f8:c1:d6:d5:a5:35:de:c7:e0:07:91:a4:3b:af:98: f2:62:1d:95:5b:ef:11:07:29:02:5a:3d:ea:89:33: e9:78:0f:b4:02:9f:ca:be:a1:62:81:73:d0:97:77: a7:5b:9a:1c:d9:28:9e:93:d5:f3:0f:c2:5c:c1:52: db:2f:9e:31:65:69:d0:d8:ff:fe:c2:ba:9d:4c:88: 5d:a5:1b:c0:29:f0:35:15:dd:7e:a1:a5:60:20:38: 7a:1b:c0:2e:fd:b1:6b:f3:71:48:e0:10:ca:c0:79: cf:95:b1:a6:cb:17:c3:6d:84:5b:00:5f:bf:3e:41: 6e:51:1d:61:d2:c7:91:13:10:f7:5d:1b:8a:de:ac: 6e:0a:a9:70:ff:35:1b:05:72:3c:a7:51:a9:b5:e8: 0b:6a:04:53:5e:43:9b:fc:6f:b5:94:0e:4a:aa:c9: 93:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:A7:C8:BB:CD:FB:D6:24:2F:A3:A8:F8:A7:06:BA:E9:D6:07:93:9F X509v3 Authority Key Identifier: keyid:9F:CE:28:91:4C:50:DC:99:75:5F:10:8A:B4:33:4F:77:2C:BE:A0:E2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9136EC5/2DECAE560E5611E4B6F1953AC4F9AE02/n84okUxQ3Jl1XxCKtDNPdyy-oOI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n84okUxQ3Jl1XxCKtDNPdyy-oOI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9136EC5/2DECAE560E5611E4B6F1953AC4F9AE02/8B903A32353211EBB3D0487FC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.245.96.0/22 43.245.108.0/22 43.245.252.0/22 101.100.192.0/18 103.9.100.0/22 103.11.188.0/22 103.15.232.0/22 103.245.92.0/22 111.235.136.0/22 119.31.232.0/21 Signature Algorithm: sha256WithRSAEncryption cb:ca:46:0c:06:70:ae:b8:8a:18:bb:51:d5:a1:5a:65:9f:80: d2:7e:e1:c5:c7:0b:55:11:a2:54:f4:0a:5e:6f:7e:8c:63:a0: 10:f1:33:ab:9b:a3:39:5b:5c:80:21:eb:cb:72:63:39:25:ed: 5d:b8:6e:af:50:a8:1b:1f:e6:ac:f0:99:14:11:59:9e:39:f2: 6d:00:c5:05:ea:56:c1:1f:c8:b4:c4:36:85:b9:9b:4a:6f:8c: 48:a0:66:d6:c9:7d:99:46:fd:71:c7:0e:61:bc:1b:3f:3c:9e: 83:cf:16:69:32:7f:4d:ee:98:4b:94:00:59:5b:cd:5f:b8:32: 3f:70:f5:c0:49:53:04:fb:6c:57:7b:12:27:d2:d5:90:65:e0: ef:9f:5a:7b:27:35:eb:df:d3:8e:0c:52:ec:46:f9:a9:5b:97: 44:36:95:72:ec:02:6d:32:c9:8c:d1:51:2b:34:a9:d5:8b:1d: a1:44:a2:4c:41:c8:9c:f2:b5:78:39:90:fb:d9:e6:ae:05:aa: 9c:ce:f8:26:a6:ce:09:2e:39:d9:40:26:7f:07:29:32:6d:f5: bc:cf:34:05:cd:3b:8b:9b:c4:f6:7c:5e:42:68:83:75:c9:4d: 95:00:2e:1d:d9:37:5c:26:91:51:74:db:47:37:8d:76:0e:7c: 68:f4:b4:27 -----BEGIN CERTIFICATE----- MIIFcjCCBFqgAwIBAgICK8EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzZFQzUxMTAvBgNVBAUTKDlGQ0UyODkxNEM1MERDOTk3NTVGMTA4QUI0MzM0Rjc3 MkNCRUEwRTIwHhcNMjUwOTI2MTU0MjQxWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0N2YwOS05N2E0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApf1Mrl6w2I/1kKzERc0biAGBs+MZJxtyma8WKbvLCkz3Zgv7SEbJ6tK5jpWK aEOBhmYuYCQ0gJ99EeYjAFKdJiCJ5XggIrnCh9xsgSyg0FEcE02V3ElfUSf4wdbV pTXex+AHkaQ7r5jyYh2VW+8RBykCWj3qiTPpeA+0Ap/KvqFigXPQl3enW5oc2Sie k9XzD8JcwVLbL54xZWnQ2P/+wrqdTIhdpRvAKfA1Fd1+oaVgIDh6G8Au/bFr83FI 4BDKwHnPlbGmyxfDbYRbAF+/PkFuUR1h0seRExD3XRuK3qxuCqlw/zUbBXI8p1Gp tegLagRTXkOb/G+1lA5KqsmT5QIDAQABo4ICljCCApIwHQYDVR0OBBYEFLmnyLvN +9YkL6Oo+KcGuunWB5OfMB8GA1UdIwQYMBaAFJ/OKJFMUNyZdV8QirQzT3csvqDi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNkVDNS8yREVDQUU1NjBF NTYxMUU0QjZGMTk1M0FDNEY5QUUwMi9uODRva1V4UTNKbDFYeENLdEROUGR5eS1v T0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL244NG9rVXhRM0psMVh4Q0t0RE5QZHl5LW9PSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzZFQzUvMkRFQ0FFNTYwRTU2MTFFNEI2RjE5NTNBQzRGOUFFMDIvOEI5MDNBMzIz NTMyMTFFQkIzRDA0ODdGQzRGOUFFMDIucm9hMFUGCCsGAQUFBwEHAQH/BEYwRDBC BAIAATA8AwQCK/VgAwQCK/VsAwQCK/X8AwQGZWTAAwQCZwlkAwQCZwu8AwQCZw/o AwQCZ/VcAwQCb+uIAwQDdx/oMA0GCSqGSIb3DQEBCwUAA4IBAQDLykYMBnCuuIoY u1HVoVpln4DSfuHFxwtVEaJU9Apeb36MY6AQ8TOrm6M5W1yAIevLcmM5Je1duG6v UKgbH+as8JkUEVmeOfJtAMUF6lbBH8i0xDaFuZtKb4xIoGbWyX2ZRv1xxw5hvBs/ PJ6DzxZpMn9N7phLlABZW81fuDI/cPXASVME+2xXexIn0tWQZeDvn1p7JzXr39OO DFLsRvmpW5dENpVy7AJtMsmM0VErNKnVix2hRKJMQcic8rV4OZD72eauBaqczvgm ps4JLjnZQCZ/BykybfW8zzQFzTuLm8T2fF5CaIN1yU2VAC4d2TdcJpFRdNtHN412 Dnxo9LQn -----END CERTIFICATE-----Generated at Mon Mar 2 14:29:26 2026 by rpki-client