$ rpki-client -vvf rpki.apnic.net/member_repository/A9136EC5/2DECAE560E5611E4B6F1953AC4F9AE02/F1BA2EAC353311EBB895B082C4F9AE02.roa File: F1BA2EAC353311EBB895B082C4F9AE02.roa (raw, json) Hash identifier: XMn1rTIy3jaeKDZE05M5b8eeprfjm2rfHPZwQzTw2V8= Subject key identifier: 42:45:F5:01:CB:D6:5F:4A:0C:EB:C1:3C:98:13:01:77:FE:22:A2:8A Certificate issuer: /CN=A9136EC5/serialNumber=9FCE28914C50DC99755F108AB4334F772CBEA0E2 Certificate serial: 2BC3 Authority key identifier: 9F:CE:28:91:4C:50:DC:99:75:5F:10:8A:B4:33:4F:77:2C:BE:A0:E2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n84okUxQ3Jl1XxCKtDNPdyy-oOI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9136EC5/2DECAE560E5611E4B6F1953AC4F9AE02/F1BA2EAC353311EBB895B082C4F9AE02.roa Signing time: Sun 01 Mar 2026 18:01:47 +0000 ROA not before: Fri 26 Sep 2025 15:42:42 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 58621 IP address blocks: 43.245.96.0/22 maxlen: 24 43.245.108.0/22 maxlen: 24 43.245.252.0/22 maxlen: 24 101.100.192.0/18 maxlen: 24 103.9.100.0/22 maxlen: 24 103.11.188.0/22 maxlen: 24 103.15.232.0/22 maxlen: 24 103.104.196.0/24 maxlen: 24 103.245.92.0/22 maxlen: 24 111.235.136.0/22 maxlen: 24 119.31.232.0/21 maxlen: 24 2001:df0:454::/48 maxlen: 48 2001:df3:4f00::/48 maxlen: 48 2403:cb00::/32 maxlen: 36 2403:cb00::/32 maxlen: 96 2403:cb00:300::/48 maxlen: 48 2403:cb00:301::/48 maxlen: 48 2403:cb00:302::/48 maxlen: 48 2403:cb00:cb00::/48 maxlen: 48 2403:cb00:cb01::/48 maxlen: 48 2403:cb00:cb02::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9136EC5/2DECAE560E5611E4B6F1953AC4F9AE02/n84okUxQ3Jl1XxCKtDNPdyy-oOI.crl rsync://rpki.apnic.net/member_repository/A9136EC5/2DECAE560E5611E4B6F1953AC4F9AE02/n84okUxQ3Jl1XxCKtDNPdyy-oOI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n84okUxQ3Jl1XxCKtDNPdyy-oOI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 15:37:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11203 (0x2bc3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9136EC5, serialNumber=9FCE28914C50DC99755F108AB4334F772CBEA0E2 Validity Not Before: Sep 26 15:42:42 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=69a47f0b-27e4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:51:8b:7f:da:f1:7e:02:01:e6:cf:7b:9a:c6: 05:d8:bb:6e:e5:bf:67:9a:30:1e:a3:c2:2e:8e:6a: 48:9f:1e:68:34:74:86:10:7b:e6:73:c4:a8:1d:72: 4b:23:e7:46:79:cc:7a:ac:ab:e8:53:69:8a:8a:8b: 31:d5:88:6b:a6:ba:30:46:19:40:7b:11:f2:24:d7: 44:4e:f2:74:96:15:bf:26:8c:ad:3d:20:07:92:62: 17:49:af:88:64:26:93:1e:2b:e7:86:90:ec:0c:20: ac:1b:9d:d7:38:a4:dd:a2:3b:28:81:43:87:2f:3b: db:5e:de:42:72:01:49:cd:51:da:d9:e6:b4:e2:57: 36:71:dd:c2:a7:a4:09:49:db:bb:1a:8d:e5:62:99: 6c:4a:9a:a1:f6:de:04:95:8e:5b:d5:45:27:20:4c: 48:41:d3:29:e5:c3:3b:d6:5d:06:3a:81:61:46:1f: 26:b8:df:97:c1:2e:93:87:f9:7e:32:ec:15:8c:a0: f3:b8:94:e6:dd:05:43:09:9a:7e:25:aa:87:ad:49: 54:4d:52:41:10:f1:95:ca:e4:91:e0:69:11:d1:ca: e2:26:9c:fa:bf:b8:11:72:61:5d:98:8f:8a:4c:f2: 45:97:18:c0:fb:8e:19:c3:bf:52:77:c1:2b:3b:78: 2a:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:45:F5:01:CB:D6:5F:4A:0C:EB:C1:3C:98:13:01:77:FE:22:A2:8A X509v3 Authority Key Identifier: keyid:9F:CE:28:91:4C:50:DC:99:75:5F:10:8A:B4:33:4F:77:2C:BE:A0:E2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9136EC5/2DECAE560E5611E4B6F1953AC4F9AE02/n84okUxQ3Jl1XxCKtDNPdyy-oOI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n84okUxQ3Jl1XxCKtDNPdyy-oOI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9136EC5/2DECAE560E5611E4B6F1953AC4F9AE02/F1BA2EAC353311EBB895B082C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.245.96.0/22 43.245.108.0/22 43.245.252.0/22 101.100.192.0/18 103.9.100.0/22 103.11.188.0/22 103.15.232.0/22 103.104.196.0/24 103.245.92.0/22 111.235.136.0/22 119.31.232.0/21 IPv6: 2001:df0:454::/48 2001:df3:4f00::/48 2403:cb00::/32 Signature Algorithm: sha256WithRSAEncryption 3f:8e:ef:bd:7f:e5:5f:f0:2c:b0:42:a2:66:9e:78:1f:f8:c5: fe:91:38:cd:52:b8:e8:95:b8:ca:cd:cd:e4:db:dd:f6:e5:2f: 2e:c5:85:8c:49:dc:c7:6d:b9:24:75:56:bf:e3:d5:94:1d:07: 13:50:5a:c5:b6:3e:7a:d2:86:2e:ac:dd:07:23:3a:c4:a0:93: 06:6f:14:d3:cf:2a:9a:dc:a7:65:ae:e7:d9:1f:18:40:70:0b: d9:45:c2:86:26:46:a3:4a:90:20:df:cc:14:7e:89:9d:46:45: d9:f1:19:40:26:0f:98:80:07:6a:82:7b:d7:d3:bf:94:3e:bb: 54:6d:43:75:78:98:4d:30:41:e1:cb:b0:8e:55:8b:36:96:fe: b7:2a:4a:79:87:cf:e9:4e:01:5c:d8:9e:71:52:b7:1b:c5:91: 2e:f1:01:e3:28:7f:a8:b8:82:86:82:73:32:5d:cb:ac:10:7a: e5:a4:42:40:67:c3:df:30:60:ce:d6:84:86:6a:e2:44:de:ee: 34:50:15:c0:fe:2b:a7:26:30:4c:03:23:81:e6:e1:4e:a7:aa: 9e:4d:86:b4:80:24:47:b3:c0:13:fa:b0:97:9d:a0:20:13:da: 5c:4e:b7:dc:9d:52:3c:d4:dd:97:f1:5b:1e:85:bb:ee:0c:d1: fa:4e:8b:4d -----BEGIN CERTIFICATE----- MIIFmTCCBIGgAwIBAgICK8MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzZFQzUxMTAvBgNVBAUTKDlGQ0UyODkxNEM1MERDOTk3NTVGMTA4QUI0MzM0Rjc3 MkNCRUEwRTIwHhcNMjUwOTI2MTU0MjQyWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0N2YwYi0yN2U0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs1GLf9rxfgIB5s97msYF2Ltu5b9nmjAeo8IujmpInx5oNHSGEHvmc8SoHXJL I+dGecx6rKvoU2mKiosx1YhrprowRhlAexHyJNdETvJ0lhW/JoytPSAHkmIXSa+I ZCaTHivnhpDsDCCsG53XOKTdojsogUOHLzvbXt5CcgFJzVHa2ea04lc2cd3Cp6QJ Sdu7Go3lYplsSpqh9t4ElY5b1UUnIExIQdMp5cM71l0GOoFhRh8muN+XwS6Th/l+ MuwVjKDzuJTm3QVDCZp+JaqHrUlUTVJBEPGVyuSR4GkR0criJpz6v7gRcmFdmI+K TPJFlxjA+44Zw79Sd8ErO3gqHQIDAQABo4ICvTCCArkwHQYDVR0OBBYEFEJF9QHL 1l9KDOvBPJgTAXf+IqKKMB8GA1UdIwQYMBaAFJ/OKJFMUNyZdV8QirQzT3csvqDi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNkVDNS8yREVDQUU1NjBF NTYxMUU0QjZGMTk1M0FDNEY5QUUwMi9uODRva1V4UTNKbDFYeENLdEROUGR5eS1v T0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL244NG9rVXhRM0psMVh4Q0t0RE5QZHl5LW9PSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzZFQzUvMkRFQ0FFNTYwRTU2MTFFNEI2RjE5NTNBQzRGOUFFMDIvRjFCQTJFQUMz NTMzMTFFQkI4OTVCMDgyQzRGOUFFMDIucm9hMHwGCCsGAQUFBwEHAQH/BG0wazBI BAIAATBCAwQCK/VgAwQCK/VsAwQCK/X8AwQGZWTAAwQCZwlkAwQCZwu8AwQCZw/o AwQAZ2jEAwQCZ/VcAwQCb+uIAwQDdx/oMB8EAgACMBkDBwAgAQ3wBFQDBwAgAQ3z TwADBQAkA8sAMA0GCSqGSIb3DQEBCwUAA4IBAQA/ju+9f+Vf8CywQqJmnngf+MX+ kTjNUrjolbjKzc3k29325S8uxYWMSdzHbbkkdVa/49WUHQcTUFrFtj560oYurN0H IzrEoJMGbxTTzyqa3KdlrufZHxhAcAvZRcKGJkajSpAg38wUfomdRkXZ8RlAJg+Y gAdqgnvX07+UPrtUbUN1eJhNMEHhy7COVYs2lv63Kkp5h8/pTgFc2J5xUrcbxZEu 8QHjKH+ouIKGgnMyXcusEHrlpEJAZ8PfMGDO1oSGauJE3u40UBXA/iunJjBMAyOB 5uFOp6qeTYa0gCRHs8AT+rCXnaAgE9pcTrfcnVI81N2X8VsehbvuDNH6TotN -----END CERTIFICATE-----Generated at Mon Mar 2 20:56:35 2026 by rpki-client