$ rpki-client -vvf rpki.apnic.net/member_repository/A9147DCA/1C75EDA67D6A11EBA4A5980CC4F9AE02/F100A1207F9911EBAFB6C91BC4F9AE02.roa File: F100A1207F9911EBAFB6C91BC4F9AE02.roa (raw, json) Hash identifier: HAOp0TvVsReYpfNF7VS+ecQ+ronnpAxEat5elqg2RPs= Subject key identifier: 2D:FB:A8:08:18:09:E3:F9:D3:A1:09:E8:8B:36:DA:41:61:A4:36:90 Certificate issuer: /CN=A9147DCA/serialNumber=2C3A2A8121CCF8A9BFC7CB6691854AF5E4D219F9 Certificate serial: 070D Authority key identifier: 2C:3A:2A:81:21:CC:F8:A9:BF:C7:CB:66:91:85:4A:F5:E4:D2:19:F9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LDoqgSHM-Km_x8tmkYVK9eTSGfk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9147DCA/1C75EDA67D6A11EBA4A5980CC4F9AE02/F100A1207F9911EBAFB6C91BC4F9AE02.roa Signing time: Sun 01 Mar 2026 14:13:12 +0000 ROA not before: Wed 02 Jul 2025 23:02:26 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 131476 IP address blocks: 43.245.168.0/22 maxlen: 22 43.245.169.0/24 maxlen: 24 43.245.170.0/24 maxlen: 24 43.245.171.0/24 maxlen: 24 103.4.236.0/24 maxlen: 24 103.4.237.0/24 maxlen: 24 103.4.238.0/24 maxlen: 24 103.4.239.0/24 maxlen: 24 202.81.4.0/22 maxlen: 22 202.81.4.0/24 maxlen: 24 202.81.5.0/24 maxlen: 24 202.81.6.0/24 maxlen: 24 202.81.7.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9147DCA/1C75EDA67D6A11EBA4A5980CC4F9AE02/LDoqgSHM-Km_x8tmkYVK9eTSGfk.crl rsync://rpki.apnic.net/member_repository/A9147DCA/1C75EDA67D6A11EBA4A5980CC4F9AE02/LDoqgSHM-Km_x8tmkYVK9eTSGfk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LDoqgSHM-Km_x8tmkYVK9eTSGfk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:09:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1805 (0x70d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9147DCA, serialNumber=2C3A2A8121CCF8A9BFC7CB6691854AF5E4D219F9 Validity Not Before: Jul 2 23:02:26 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=69a44978-bfe1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:0f:d8:ca:bf:e2:2d:fc:18:77:b2:f4:ce:c1: 8a:ec:4c:22:bb:0d:11:a0:18:91:82:11:c3:57:0f: 3a:c1:52:d8:14:51:e2:36:1e:65:09:77:ee:6e:ec: e4:ae:13:70:da:de:1c:20:03:bc:e1:5b:52:32:db: b9:a3:67:15:64:af:54:a7:27:c2:df:ff:03:a9:d5: 89:35:80:61:44:41:f5:d3:cc:90:b9:1e:88:c2:d9: a3:97:c3:e5:2a:60:53:f0:fe:2b:00:e8:2f:f0:54: 49:98:7c:ed:d8:9a:e6:f9:9a:16:0a:38:a0:1f:66: f2:fe:b5:a6:89:ce:7b:83:1c:55:49:ed:86:38:4a: 3c:aa:2a:13:e4:2c:5f:2c:3b:3f:72:09:c2:86:ed: 11:ac:4f:dc:81:26:6e:aa:a4:d9:ba:58:f7:4a:96: 6c:05:e7:75:98:33:f9:8f:5a:8a:b9:84:f9:cd:04: c8:b3:54:37:e3:25:90:57:70:1d:78:24:42:16:17: 8a:d1:be:7f:92:48:3c:9c:e6:4a:60:ae:76:b2:c9: 63:ef:8c:02:10:d1:2c:1a:ca:28:e4:17:de:ec:d6: 0e:47:ca:27:0b:f1:15:e6:9f:c3:26:4c:2f:9f:70: 8e:da:2e:38:00:f1:10:ed:14:de:60:af:41:bf:77: 64:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:FB:A8:08:18:09:E3:F9:D3:A1:09:E8:8B:36:DA:41:61:A4:36:90 X509v3 Authority Key Identifier: keyid:2C:3A:2A:81:21:CC:F8:A9:BF:C7:CB:66:91:85:4A:F5:E4:D2:19:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9147DCA/1C75EDA67D6A11EBA4A5980CC4F9AE02/LDoqgSHM-Km_x8tmkYVK9eTSGfk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LDoqgSHM-Km_x8tmkYVK9eTSGfk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9147DCA/1C75EDA67D6A11EBA4A5980CC4F9AE02/F100A1207F9911EBAFB6C91BC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.245.168.0/22 103.4.236.0/22 202.81.4.0/22 Signature Algorithm: sha256WithRSAEncryption 11:e2:3d:81:10:33:e7:50:9b:7a:f2:11:30:43:8c:78:f1:bb: 82:a9:ec:fb:2e:fd:7d:0a:0d:47:50:a5:70:ea:4a:a0:f4:01: 3e:94:d7:70:ec:28:e0:14:fd:09:d2:29:5b:47:ae:71:c7:d3: f1:26:c1:93:9c:bc:ca:9a:29:7a:4b:8f:70:01:f9:b6:37:b5: bf:a2:7b:2f:5a:51:13:48:a5:77:35:d7:7a:d6:0b:6f:10:66: 65:91:f5:42:ba:2a:4c:06:54:48:c0:e7:e5:36:eb:87:25:06: 8f:4c:cb:f4:a8:84:30:90:3a:5a:37:96:83:e4:8e:6e:e9:7e: 8e:61:97:90:f2:3b:34:13:a7:80:8c:9f:0a:39:bd:c9:33:71: a5:c0:20:c1:46:d1:a7:f0:e7:e8:52:95:07:9b:37:59:f6:ab: bf:88:19:cd:7a:6b:9f:73:4e:be:f3:f0:46:8b:44:cf:83:45: d3:16:a5:af:b2:c8:6f:a6:77:60:65:dc:2f:ff:cc:41:ef:06: 13:94:e9:46:24:d9:38:ab:31:9e:a2:7d:42:7f:f7:2d:f8:48: f4:74:4d:64:7a:bc:1b:3b:35:c4:6a:27:e4:a1:2e:74:e9:8e: a8:46:e7:8e:09:ee:30:03:52:c2:c5:40:59:96:a3:ae:9d:73: b0:83:64:ef -----BEGIN CERTIFICATE----- MIIFSDCCBDCgAwIBAgICBw0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDdEQ0ExMTAvBgNVBAUTKDJDM0EyQTgxMjFDQ0Y4QTlCRkM3Q0I2NjkxODU0QUY1 RTREMjE5RjkwHhcNMjUwNzAyMjMwMjI2WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NDk3OC1iZmUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2A/Yyr/iLfwYd7L0zsGK7Ewiuw0RoBiRghHDVw86wVLYFFHiNh5lCXfubuzk rhNw2t4cIAO84VtSMtu5o2cVZK9UpyfC3/8DqdWJNYBhREH108yQuR6Iwtmjl8Pl KmBT8P4rAOgv8FRJmHzt2Jrm+ZoWCjigH2by/rWmic57gxxVSe2GOEo8qioT5Cxf LDs/cgnChu0RrE/cgSZuqqTZulj3SpZsBed1mDP5j1qKuYT5zQTIs1Q34yWQV3Ad eCRCFheK0b5/kkg8nOZKYK52sslj74wCENEsGsoo5Bfe7NYOR8onC/EV5p/DJkwv n3CO2i44APEQ7RTeYK9Bv3dknwIDAQABo4ICbDCCAmgwHQYDVR0OBBYEFC37qAgY CeP506EJ6Is22kFhpDaQMB8GA1UdIwQYMBaAFCw6KoEhzPipv8fLZpGFSvXk0hn5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0N0RDQS8xQzc1RURBNjdE NkExMUVCQTRBNTk4MENDNEY5QUUwMi9MRG9xZ1NITS1LbV94OHRta1lWSzllVFNH ZmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xEb3FnU0hNLUttX3g4dG1rWVZLOWVUU0dmay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDdEQ0EvMUM3NUVEQTY3RDZBMTFFQkE0QTU5ODBDQzRGOUFFMDIvRjEwMEExMjA3 Rjk5MTFFQkFGQjZDOTFCQzRGOUFFMDIucm9hMCsGCCsGAQUFBwEHAQH/BBwwGjAY BAIAATASAwQCK/WoAwQCZwTsAwQCylEEMA0GCSqGSIb3DQEBCwUAA4IBAQAR4j2B EDPnUJt68hEwQ4x48buCqez7Lv19Cg1HUKVw6kqg9AE+lNdw7CjgFP0J0ilbR65x x9PxJsGTnLzKmil6S49wAfm2N7W/onsvWlETSKV3Ndd61gtvEGZlkfVCuipMBlRI wOflNuuHJQaPTMv0qIQwkDpaN5aD5I5u6X6OYZeQ8js0E6eAjJ8KOb3JM3GlwCDB RtGn8OfoUpUHmzdZ9qu/iBnNemufc06+8/BGi0TPg0XTFqWvsshvpndgZdwv/8xB 7wYTlOlGJNk4qzGeon1Cf/ct+Ej0dE1kerwbOzXEaifkoS506Y6oRueOCe4wA1LC xUBZlqOunXOwg2Tv -----END CERTIFICATE-----Generated at Mon Mar 2 07:39:28 2026 by rpki-client