$ rpki-client -vvf rpki.apnic.net/member_repository/A9138E67/279CBF08EDCF11ECB5E74D7CC4F9AE02/3889BE2CEDD611EC8E98151DC4F9AE02.roa File: 3889BE2CEDD611EC8E98151DC4F9AE02.roa (raw, json) Hash identifier: bL7OIrkXDLMggpL9N/pxg/g9qzrZatjb01uzVRx5kqw= Subject key identifier: 78:69:D7:94:BA:0A:F4:15:09:7A:5B:37:42:B9:12:3C:F4:5A:8D:33 Certificate issuer: /CN=A9138E67/serialNumber=B6589BAC56A5DC8A26DB0727FAD44A903A63C4CF Certificate serial: 0362 Authority key identifier: B6:58:9B:AC:56:A5:DC:8A:26:DB:07:27:FA:D4:4A:90:3A:63:C4:CF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tlibrFal3Iom2wcn-tRKkDpjxM8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9138E67/279CBF08EDCF11ECB5E74D7CC4F9AE02/3889BE2CEDD611EC8E98151DC4F9AE02.roa Signing time: Sun 01 Mar 2026 12:52:23 +0000 ROA not before: Wed 07 Jan 2026 00:20:30 +0000 ROA not after: Tue 02 Mar 2027 00:00:00 +0000 asID: 7575 IP address blocks: 203.29.104.0/21 maxlen: 21 203.57.160.0/19 maxlen: 19 2406:bac0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9138E67/279CBF08EDCF11ECB5E74D7CC4F9AE02/tlibrFal3Iom2wcn-tRKkDpjxM8.crl rsync://rpki.apnic.net/member_repository/A9138E67/279CBF08EDCF11ECB5E74D7CC4F9AE02/tlibrFal3Iom2wcn-tRKkDpjxM8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tlibrFal3Iom2wcn-tRKkDpjxM8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 03:12:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 866 (0x362) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9138E67, serialNumber=B6589BAC56A5DC8A26DB0727FAD44A903A63C4CF Validity Not Before: Jan 7 00:20:30 2026 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=69a43687-8806 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:86:e4:35:2e:1b:d5:9a:65:9b:59:c0:f0:17: f8:01:a3:53:3a:c4:fa:b3:88:b4:3f:10:d6:b3:48: 7d:73:11:3b:65:25:7a:8f:7a:d4:73:2d:a0:e8:5f: e2:9f:00:39:f1:1b:ca:74:fe:f5:2a:48:e6:28:bf: 97:3e:77:4a:56:16:af:3f:f9:02:e7:ca:21:b0:40: 02:35:42:3e:ed:9d:67:fd:f6:49:a3:4d:17:24:f3: cd:87:a6:85:9b:5e:c9:13:71:20:14:fc:08:6b:ec: 57:6a:0c:e4:fe:27:0c:85:17:fd:56:0c:18:6a:d9: f8:0a:da:16:fc:59:c4:9f:c5:07:b2:76:f3:1c:e7: 93:ba:ef:0d:47:d4:b4:71:a7:90:2c:87:10:2c:ec: e5:6b:27:4f:88:2a:85:88:91:34:88:39:97:8e:d0: d2:9b:3d:01:25:65:8a:bb:ae:f5:a8:0a:f9:b0:f0: bb:fe:24:9a:ed:26:e3:bc:ef:d3:6c:70:4b:5c:cd: 3c:b3:70:01:e9:c1:be:6b:2d:04:e4:7c:f7:47:0a: 62:2f:48:1f:26:47:33:a6:06:e3:71:ff:eb:68:93: 62:89:a6:22:0b:a8:a0:33:85:79:41:25:38:1a:d8: e0:b3:da:08:11:b0:9c:db:f6:a7:11:9b:cb:03:1c: 9b:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:69:D7:94:BA:0A:F4:15:09:7A:5B:37:42:B9:12:3C:F4:5A:8D:33 X509v3 Authority Key Identifier: keyid:B6:58:9B:AC:56:A5:DC:8A:26:DB:07:27:FA:D4:4A:90:3A:63:C4:CF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9138E67/279CBF08EDCF11ECB5E74D7CC4F9AE02/tlibrFal3Iom2wcn-tRKkDpjxM8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tlibrFal3Iom2wcn-tRKkDpjxM8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9138E67/279CBF08EDCF11ECB5E74D7CC4F9AE02/3889BE2CEDD611EC8E98151DC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 203.29.104.0/21 203.57.160.0/19 IPv6: 2406:bac0::/32 Signature Algorithm: sha256WithRSAEncryption 5b:8b:97:e5:5d:90:3c:52:05:e1:98:69:0f:82:7c:4c:06:45: af:ef:c0:37:aa:f9:2c:1a:ae:e1:bd:37:74:5d:32:a6:0f:ff: 31:3e:f2:d3:47:6b:3f:ab:56:0b:9f:a5:72:bd:5e:c3:18:5a: 36:c4:46:59:d4:0c:5b:57:60:e3:e2:95:88:a4:48:47:fc:21: 92:45:c0:4d:5f:f8:c6:31:05:62:4d:90:aa:49:c8:66:11:76: d2:ed:54:f9:3e:d0:70:89:36:4e:58:05:01:23:c0:75:e9:30: ab:41:88:ed:fe:dc:e9:c0:b8:02:96:49:59:51:17:98:33:ac: b3:e5:00:22:61:3e:bf:fa:b8:1c:de:d3:3a:50:4e:73:53:b6: 23:54:b1:1a:71:ea:08:9a:4b:b1:e7:3b:4c:57:36:0d:bb:93: d3:82:5c:c5:0d:17:a2:bb:b3:1d:3b:3c:d1:95:e3:d9:03:76: 33:8f:88:53:9d:be:73:71:3c:ba:37:6e:59:ad:33:ca:eb:07: 3b:28:e8:d5:22:af:9c:2a:fb:51:22:f3:7c:a6:89:aa:70:6e: 08:fe:10:7a:c6:b4:ab:b5:0a:b8:75:cf:26:09:71:35:1a:03: 3f:17:03:83:33:59:20:69:81:3a:de:6c:2c:e5:5e:20:8d:de: 41:bc:cc:d4 -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgICA2IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzhFNjcxMTAvBgNVBAUTKEI2NTg5QkFDNTZBNURDOEEyNkRCMDcyN0ZBRDQ0QTkw M0E2M0M0Q0YwHhcNMjYwMTA3MDAyMDMwWhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MzY4Ny04ODA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvYbkNS4b1Zplm1nA8Bf4AaNTOsT6s4i0PxDWs0h9cxE7ZSV6j3rUcy2g6F/i nwA58RvKdP71KkjmKL+XPndKVhavP/kC58ohsEACNUI+7Z1n/fZJo00XJPPNh6aF m17JE3EgFPwIa+xXagzk/icMhRf9VgwYatn4CtoW/FnEn8UHsnbzHOeTuu8NR9S0 caeQLIcQLOzlaydPiCqFiJE0iDmXjtDSmz0BJWWKu671qAr5sPC7/iSa7SbjvO/T bHBLXM08s3AB6cG+ay0E5Hz3RwpiL0gfJkczpgbjcf/raJNiiaYiC6igM4V5QSU4 Gtjgs9oIEbCc2/anEZvLAxybWQIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFHhp15S6 CvQVCXpbN0K5Ejz0Wo0zMB8GA1UdIwQYMBaAFLZYm6xWpdyKJtsHJ/rUSpA6Y8TP MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOEU2Ny8yNzlDQkYwOEVE Q0YxMUVDQjVFNzREN0NDNEY5QUUwMi90bGlickZhbDNJb20yd2NuLXRSS2tEcGp4 TTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3RsaWJyRmFsM0lvbTJ3Y24tdFJLa0RwanhNOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzhFNjcvMjc5Q0JGMDhFRENGMTFFQ0I1RTc0RDdDQzRGOUFFMDIvMzg4OUJFMkNF REQ2MTFFQzhFOTgxNTFEQzRGOUFFMDIucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS BAIAATAMAwQDyx1oAwQFyzmgMA0EAgACMAcDBQAkBrrAMA0GCSqGSIb3DQEBCwUA A4IBAQBbi5flXZA8UgXhmGkPgnxMBkWv78A3qvksGq7hvTd0XTKmD/8xPvLTR2s/ q1YLn6VyvV7DGFo2xEZZ1AxbV2Dj4pWIpEhH/CGSRcBNX/jGMQViTZCqSchmEXbS 7VT5PtBwiTZOWAUBI8B16TCrQYjt/tzpwLgClklZUReYM6yz5QAiYT6/+rgc3tM6 UE5zU7YjVLEaceoImkux5ztMVzYNu5PTglzFDReiu7MdOzzRlePZA3Yzj4hTnb5z cTy6N25ZrTPK6wc7KOjVIq+cKvtRIvN8pomqcG4I/hB6xrSrtQq4dc8mCXE1GgM/ FwODM1kgaYE63mws5V4gjd5BvMzU -----END CERTIFICATE-----Generated at Mon Mar 2 17:54:34 2026 by rpki-client