$ rpki-client -vvf rpki.apnic.net/member_repository/A913DF3B/CDBA812EF03A11EB8D30E058C4F9AE02/8D7E9B7EF03D11EB804DF61FC4F9AE02.roa File: 8D7E9B7EF03D11EB804DF61FC4F9AE02.roa (raw, json) Hash identifier: ma+DNS3MZoAgjxWhTTX9baQIdHEsD5fkm6hMo1qHO0U= Subject key identifier: C2:95:34:6C:24:04:F4:92:23:04:B7:4A:02:34:D2:36:91:CF:9D:94 Certificate issuer: /CN=A913DF3B/serialNumber=A896B170BF0D88723F36C7AC2087854AA284BD71 Certificate serial: 05DC Authority key identifier: A8:96:B1:70:BF:0D:88:72:3F:36:C7:AC:20:87:85:4A:A2:84:BD:71 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qJaxcL8NiHI_NsesIIeFSqKEvXE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913DF3B/CDBA812EF03A11EB8D30E058C4F9AE02/8D7E9B7EF03D11EB804DF61FC4F9AE02.roa Signing time: Sun 01 Mar 2026 09:53:36 +0000 ROA not before: Wed 20 Aug 2025 23:35:30 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 139781 IP address blocks: 103.170.136.0/23 maxlen: 23 103.170.136.0/24 maxlen: 24 103.170.137.0/24 maxlen: 24 2001:df7:1b80::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913DF3B/CDBA812EF03A11EB8D30E058C4F9AE02/qJaxcL8NiHI_NsesIIeFSqKEvXE.crl rsync://rpki.apnic.net/member_repository/A913DF3B/CDBA812EF03A11EB8D30E058C4F9AE02/qJaxcL8NiHI_NsesIIeFSqKEvXE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qJaxcL8NiHI_NsesIIeFSqKEvXE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 01:22:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1500 (0x5dc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913DF3B, serialNumber=A896B170BF0D88723F36C7AC2087854AA284BD71 Validity Not Before: Aug 20 23:35:30 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=69a40ca0-3282 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:71:0d:e3:8b:f3:52:46:29:2d:64:80:a8:eb: 20:93:db:2d:31:7d:27:73:1c:6f:c7:88:05:84:d7: 72:4a:84:70:cc:74:40:8c:ae:3c:88:76:17:74:ce: d0:28:6e:bc:48:a7:b3:f3:7b:c3:95:64:bd:20:8d: 84:25:97:59:ea:46:17:ac:3d:19:ad:bc:a0:b6:f8: ee:ee:b0:13:58:da:dd:67:53:3f:33:20:da:3d:a8: ea:ad:f4:b3:e5:d2:91:16:9d:7c:c3:c9:b8:af:a6: 31:1f:66:b0:97:bf:1d:80:c2:ef:d5:ad:9d:1e:9e: b2:90:b5:a1:94:b6:d5:d1:3a:02:bd:fb:e6:09:a4: e8:25:07:4d:e9:0b:da:82:a7:18:e8:d5:f8:9e:bf: a6:46:6e:5e:77:4b:7f:af:3a:ab:3b:b1:66:bd:95: 4c:26:36:5b:84:08:59:6d:31:6b:65:96:ab:23:6f: f6:e8:3d:da:d5:e1:51:6f:3d:57:c5:3f:d3:4e:aa: 53:de:c9:95:58:15:53:8a:e1:2d:3e:f6:e4:b2:34: 52:11:bd:5e:e1:9b:bd:ea:32:cb:89:7c:ff:a0:7e: cc:25:fe:86:6b:51:c8:b7:3a:56:61:ab:fd:f7:70: 4f:03:51:d0:f8:35:69:83:4b:8c:c3:b5:4a:ab:dc: 90:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:95:34:6C:24:04:F4:92:23:04:B7:4A:02:34:D2:36:91:CF:9D:94 X509v3 Authority Key Identifier: keyid:A8:96:B1:70:BF:0D:88:72:3F:36:C7:AC:20:87:85:4A:A2:84:BD:71 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913DF3B/CDBA812EF03A11EB8D30E058C4F9AE02/qJaxcL8NiHI_NsesIIeFSqKEvXE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qJaxcL8NiHI_NsesIIeFSqKEvXE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913DF3B/CDBA812EF03A11EB8D30E058C4F9AE02/8D7E9B7EF03D11EB804DF61FC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.170.136.0/23 IPv6: 2001:df7:1b80::/48 Signature Algorithm: sha256WithRSAEncryption 58:dc:36:c4:0e:3c:34:58:fd:40:bb:28:12:49:09:a5:e3:1b: 0f:09:8c:50:1e:5c:b2:42:50:2e:bd:2b:64:0e:f1:3a:f4:b3: 40:b2:d8:92:a6:db:fa:2e:f6:e3:04:64:2e:2d:9c:ad:ed:b5: 7d:2a:a1:b6:84:3c:9d:32:7b:99:75:22:81:c8:66:df:27:ca: b8:2f:91:c1:a3:a8:72:19:9e:d8:c5:ea:95:23:c8:69:c2:45: c6:a7:d8:74:fb:73:c7:27:11:18:78:ff:3c:1c:95:47:9b:76: 27:e1:17:d9:9b:91:68:20:ff:74:c5:c7:42:64:0f:cc:d4:8f: 2f:b0:7b:93:60:57:91:44:9d:11:0b:d6:91:a0:d0:e4:3f:db: e1:eb:3b:fb:67:bc:6a:42:0c:a6:08:77:4b:ce:85:e8:21:43: 09:58:0e:aa:4f:e8:c4:2c:1c:61:0f:3d:a2:a1:e3:ef:6a:9a: c5:76:62:64:a0:1e:05:9b:d3:40:c2:f7:4f:9c:58:3c:a2:3c: 3c:6e:cc:fd:87:90:e3:4a:e6:14:66:24:f6:08:e9:d7:43:16: 16:b8:a9:73:ca:a0:9a:67:a9:dd:db:09:65:bd:66:67:cd:5c: 74:45:c3:23:4b:35:36:81:d2:8d:ac:40:0d:ce:97:c5:0e:49: 31:c6:3c:1b -----BEGIN CERTIFICATE----- MIIFTTCCBDWgAwIBAgICBdwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0RGM0IxMTAvBgNVBAUTKEE4OTZCMTcwQkYwRDg4NzIzRjM2QzdBQzIwODc4NTRB QTI4NEJENzEwHhcNMjUwODIwMjMzNTMwWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MGNhMC0zMjgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs3EN44vzUkYpLWSAqOsgk9stMX0ncxxvx4gFhNdySoRwzHRAjK48iHYXdM7Q KG68SKez83vDlWS9II2EJZdZ6kYXrD0Zrbygtvju7rATWNrdZ1M/MyDaPajqrfSz 5dKRFp18w8m4r6YxH2awl78dgMLv1a2dHp6ykLWhlLbV0ToCvfvmCaToJQdN6Qva gqcY6NX4nr+mRm5ed0t/rzqrO7FmvZVMJjZbhAhZbTFrZZarI2/26D3a1eFRbz1X xT/TTqpT3smVWBVTiuEtPvbksjRSEb1e4Zu96jLLiXz/oH7MJf6Ga1HItzpWYav9 93BPA1HQ+DVpg0uMw7VKq9yQmwIDAQABo4ICcTCCAm0wHQYDVR0OBBYEFMKVNGwk BPSSIwS3SgI00jaRz52UMB8GA1UdIwQYMBaAFKiWsXC/DYhyPzbHrCCHhUqihL1x MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzREYzQi9DREJBODEyRUYw M0ExMUVCOEQzMEUwNThDNEY5QUUwMi9xSmF4Y0w4TmlISV9Oc2VzSUllRlNxS0V2 WEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3FKYXhjTDhOaUhJX05zZXNJSWVGU3FLRXZYRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx M0RGM0IvQ0RCQTgxMkVGMDNBMTFFQjhEMzBFMDU4QzRGOUFFMDIvOEQ3RTlCN0VG MDNEMTFFQjgwNERGNjFGQzRGOUFFMDIucm9hMDAGCCsGAQUFBwEHAQH/BCEwHzAM BAIAATAGAwQBZ6qIMA8EAgACMAkDBwAgAQ33G4AwDQYJKoZIhvcNAQELBQADggEB AFjcNsQOPDRY/UC7KBJJCaXjGw8JjFAeXLJCUC69K2QO8Tr0s0Cy2JKm2/ou9uME ZC4tnK3ttX0qobaEPJ0ye5l1IoHIZt8nyrgvkcGjqHIZntjF6pUjyGnCRcan2HT7 c8cnERh4/zwclUebdifhF9mbkWgg/3TFx0JkD8zUjy+we5NgV5FEnREL1pGg0OQ/ 2+HrO/tnvGpCDKYId0vOheghQwlYDqpP6MQsHGEPPaKh4+9qmsV2YmSgHgWb00DC 90+cWDyiPDxuzP2HkONK5hRmJPYI6ddDFha4qXPKoJpnqd3bCWW9ZmfNXHRFwyNL NTaB0o2sQA3Ol8UOSTHGPBs= -----END CERTIFICATE-----Generated at Mon Mar 2 12:34:51 2026 by rpki-client