$ rpki-client -vvf rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/25E6E72899FE11EAB3E30513C4F9AE02.roa File: 25E6E72899FE11EAB3E30513C4F9AE02.roa (raw, json) Hash identifier: vExenB8r5VLDvagQcEg/ivOJqZUrJV0ln/r+0QlZHXg= Subject key identifier: 28:C8:88:8E:65:39:02:7B:B1:99:6E:BA:84:CD:6C:CF:2C:90:DD:C4 Certificate issuer: /CN=A913ACF4/serialNumber=387BDCF8E947A1A04E2F4387FBDF70654A44D1BD Certificate serial: 09E4 Authority key identifier: 38:7B:DC:F8:E9:47:A1:A0:4E:2F:43:87:FB:DF:70:65:4A:44:D1:BD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OHvc-OlHoaBOL0OH-99wZUpE0b0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/25E6E72899FE11EAB3E30513C4F9AE02.roa Signing time: Sun 01 Mar 2026 14:48:56 +0000 ROA not before: Thu 08 Jan 2026 20:16:36 +0000 ROA not after: Wed 31 Mar 2027 00:00:00 +0000 asID: 137419 IP address blocks: 103.107.228.0/24 maxlen: 24 103.107.229.0/24 maxlen: 24 103.107.230.0/24 maxlen: 24 103.107.231.0/24 maxlen: 24 2402:5fc0::/32 maxlen: 32 2402:5fc0:1::/48 maxlen: 48 2402:5fc0:2::/48 maxlen: 48 2402:5fc0:3::/48 maxlen: 48 2402:5fc0:4::/48 maxlen: 48 2402:5fc0:5::/48 maxlen: 48 2402:5fc0:6::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.crl rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OHvc-OlHoaBOL0OH-99wZUpE0b0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:41:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2532 (0x9e4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913ACF4, serialNumber=387BDCF8E947A1A04E2F4387FBDF70654A44D1BD Validity Not Before: Jan 8 20:16:36 2026 GMT Not After : Mar 31 00:00:00 2027 GMT Subject: CN=69a451d8-c4f9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:d0:74:3e:47:fb:f5:a7:79:c9:54:c0:d2:c4: 58:14:64:52:29:96:4f:6e:5e:f6:f1:2a:7e:46:e8: 6f:ce:63:0a:d1:f6:03:c3:30:4d:e6:5a:b4:72:93: 85:d0:5a:c3:67:14:62:1c:7c:4d:26:1b:d2:98:19: 76:6e:1a:71:75:b8:10:06:fd:6c:09:18:f8:07:a3: 2b:15:fd:f0:42:b4:c2:f2:c7:ff:67:92:f1:73:21: b6:b5:6e:a3:6b:f2:f8:1d:81:af:4b:08:61:c1:3d: 60:dd:35:5f:50:a6:b1:20:b0:81:3c:27:66:47:44: f8:d1:69:2f:c6:ea:be:c7:c0:c0:03:7a:58:2e:4c: f9:e1:72:d3:07:06:3d:0c:0c:4c:59:25:6c:b6:8d: e4:f0:2a:c4:2d:a2:37:d3:e7:6a:10:c7:c9:2c:f7: b7:aa:c8:84:d6:31:54:71:b8:44:8e:a6:eb:cd:c9: 1b:94:0a:61:4b:8f:c3:1f:f3:45:1e:5f:41:cc:36: 45:a6:90:37:75:1e:63:d6:e5:44:24:13:5e:79:ea: e9:41:ca:b9:f4:51:1a:8a:0a:43:ba:4d:cb:b5:83: 3e:1c:2a:dd:9a:ae:89:54:6b:1e:b4:b3:ef:77:5e: e4:7f:7f:13:55:17:ec:8f:e1:9a:46:45:a8:74:77: 2a:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:C8:88:8E:65:39:02:7B:B1:99:6E:BA:84:CD:6C:CF:2C:90:DD:C4 X509v3 Authority Key Identifier: keyid:38:7B:DC:F8:E9:47:A1:A0:4E:2F:43:87:FB:DF:70:65:4A:44:D1:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OHvc-OlHoaBOL0OH-99wZUpE0b0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/25E6E72899FE11EAB3E30513C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.107.228.0/22 IPv6: 2402:5fc0::/32 Signature Algorithm: sha256WithRSAEncryption 92:b7:4b:3e:d7:6b:47:10:72:d2:86:48:8d:30:86:85:64:21: c9:7e:3f:fe:7d:45:d7:80:43:34:34:3b:18:ed:d4:93:fd:6e: 06:4f:b3:86:77:a8:16:ff:92:f6:b4:38:e7:d3:33:8d:67:51: d1:d2:68:8f:07:85:10:11:ba:6c:c5:aa:b6:3d:bb:60:58:c1: ed:46:4c:a4:ca:21:e9:33:2d:dd:4c:89:be:d2:d2:d4:3e:c8: ec:4a:46:33:0c:70:07:b9:61:df:67:c0:1c:29:56:39:fb:37: 0e:b0:a6:ce:2b:9c:e1:09:56:9f:aa:ea:a5:01:9d:22:01:a2: fe:9a:f5:9d:c9:88:57:1d:fd:cc:db:35:9a:ce:79:d1:3b:76: cf:c6:91:ab:b3:bd:7f:2c:66:17:7f:6e:72:f7:df:59:93:d2: b8:4e:be:20:1c:3a:bd:56:1a:c9:0f:08:15:00:6f:03:b0:e0: ef:3b:f1:b2:99:6d:7f:bb:a5:53:e3:3b:8a:61:7e:78:41:1d: ec:67:63:cf:b4:bd:5c:9e:22:dc:d5:e7:8f:67:2b:3e:26:db: 66:dc:ae:f6:eb:e1:a0:1c:0c:72:47:df:91:d6:ae:f8:21:f2: da:1c:3e:e9:80:70:cc:0e:00:18:fb:03:6e:47:97:56:76:87: b1:05:49:6a -----BEGIN CERTIFICATE----- MIIFSzCCBDOgAwIBAgICCeQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0FDRjQxMTAvBgNVBAUTKDM4N0JEQ0Y4RTk0N0ExQTA0RTJGNDM4N0ZCREY3MDY1 NEE0NEQxQkQwHhcNMjYwMTA4MjAxNjM2WhcNMjcwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NTFkOC1jNGY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApdB0Pkf79ad5yVTA0sRYFGRSKZZPbl728Sp+RuhvzmMK0fYDwzBN5lq0cpOF 0FrDZxRiHHxNJhvSmBl2bhpxdbgQBv1sCRj4B6MrFf3wQrTC8sf/Z5LxcyG2tW6j a/L4HYGvSwhhwT1g3TVfUKaxILCBPCdmR0T40Wkvxuq+x8DAA3pYLkz54XLTBwY9 DAxMWSVsto3k8CrELaI30+dqEMfJLPe3qsiE1jFUcbhEjqbrzckblAphS4/DH/NF Hl9BzDZFppA3dR5j1uVEJBNeeerpQcq59FEaigpDuk3LtYM+HCrdmq6JVGsetLPv d17kf38TVRfsj+GaRkWodHcqowIDAQABo4ICbzCCAmswHQYDVR0OBBYEFCjIiI5l OQJ7sZluuoTNbM8skN3EMB8GA1UdIwQYMBaAFDh73PjpR6GgTi9Dh/vfcGVKRNG9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQUNGNC83MEUzMDM2Qzk5 RkMxMUVBOTY1NTQ1MTBDNEY5QUUwMi9PSHZjLU9sSG9hQk9MME9ILTk5d1pVcEUw YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09IdmMtT2xIb2FCT0wwT0gtOTl3WlVwRTBiMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx M0FDRjQvNzBFMzAzNkM5OUZDMTFFQTk2NTU0NTEwQzRGOUFFMDIvMjVFNkU3Mjg5 OUZFMTFFQUIzRTMwNTEzQzRGOUFFMDIucm9hMC4GCCsGAQUFBwEHAQH/BB8wHTAM BAIAATAGAwQCZ2vkMA0EAgACMAcDBQAkAl/AMA0GCSqGSIb3DQEBCwUAA4IBAQCS t0s+12tHEHLShkiNMIaFZCHJfj/+fUXXgEM0NDsY7dST/W4GT7OGd6gW/5L2tDjn 0zONZ1HR0miPB4UQEbpsxaq2PbtgWMHtRkykyiHpMy3dTIm+0tLUPsjsSkYzDHAH uWHfZ8AcKVY5+zcOsKbOK5zhCVafquqlAZ0iAaL+mvWdyYhXHf3M2zWaznnRO3bP xpGrs71/LGYXf25y999Zk9K4Tr4gHDq9VhrJDwgVAG8DsODvO/GymW1/u6VT4zuK YX54QR3sZ2PPtL1cniLc1eePZys+Jttm3K726+GgHAxyR9+R1q74IfLaHD7pgHDM DgAY+wNuR5dWdoexBUlq -----END CERTIFICATE-----Generated at Mon Mar 2 11:57:48 2026 by rpki-client