$ rpki-client -vvf rpki.apnic.net/member_repository/A914B5BD/33CB117AB5A911E79C74CB72C4F9AE02/609B8BC27D7B11EDB6B77173C4F9AE02.roa File: 609B8BC27D7B11EDB6B77173C4F9AE02.roa (raw, json) Hash identifier: lCIe/jXkg4rN1KsDsytQ0JDHRzjYIhUkGHJLYrtlAfM= Subject key identifier: 97:A9:DD:50:8A:00:92:44:85:35:5D:84:4C:7F:C3:62:B1:8B:CF:7A Certificate issuer: /CN=A914B5BD/serialNumber=22E81B327CB1FB3501E05AFAB94121918FDB5B5E Certificate serial: 1913 Authority key identifier: 22:E8:1B:32:7C:B1:FB:35:01:E0:5A:FA:B9:41:21:91:8F:DB:5B:5E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IugbMnyx-zUB4Fr6uUEhkY_bW14.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914B5BD/33CB117AB5A911E79C74CB72C4F9AE02/609B8BC27D7B11EDB6B77173C4F9AE02.roa Signing time: Sun 01 Mar 2026 17:54:45 +0000 ROA not before: Tue 10 Feb 2026 15:06:23 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 60064 IP address blocks: 43.239.140.0/24 maxlen: 24 43.239.141.0/24 maxlen: 24 43.239.142.0/24 maxlen: 24 43.239.143.0/24 maxlen: 24 103.71.175.0/24 maxlen: 24 103.194.170.0/24 maxlen: 24 103.252.220.0/24 maxlen: 24 103.252.221.0/24 maxlen: 24 103.252.222.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914B5BD/33CB117AB5A911E79C74CB72C4F9AE02/IugbMnyx-zUB4Fr6uUEhkY_bW14.crl rsync://rpki.apnic.net/member_repository/A914B5BD/33CB117AB5A911E79C74CB72C4F9AE02/IugbMnyx-zUB4Fr6uUEhkY_bW14.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IugbMnyx-zUB4Fr6uUEhkY_bW14.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 01:32:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6419 (0x1913) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914B5BD, serialNumber=22E81B327CB1FB3501E05AFAB94121918FDB5B5E Validity Not Before: Feb 10 15:06:23 2026 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=69a47d65-674b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:69:63:59:29:21:2a:4a:3c:79:72:a8:da:c8: 06:74:fa:18:73:fc:33:64:e8:37:15:88:89:ad:25: 02:0b:8c:1a:37:f9:63:6c:30:aa:85:fa:a5:de:6b: c7:a7:bf:7d:62:b7:9d:7d:c1:81:a3:d7:98:6a:bb: 05:8d:4d:13:5d:33:85:ec:b1:00:b2:64:38:a1:74: 00:fc:30:11:cc:36:b1:43:74:fe:21:3c:d3:c7:02: 75:c6:0b:5e:fe:bb:a3:b7:76:50:a6:aa:35:48:45: 78:4a:b1:33:89:11:ad:d6:c9:ea:7d:a2:3c:1f:f2: c1:87:c3:e0:08:6a:fb:c4:c4:fc:4b:87:32:81:5f: 71:ff:9c:cc:32:aa:e4:b0:23:43:07:7c:27:27:c4: ae:55:9a:76:3b:94:3e:09:e9:1b:73:c8:67:4f:ed: 7b:58:8c:9d:77:c7:3e:6b:0a:25:04:30:79:21:80: 82:ac:64:de:97:74:99:f3:e3:57:a0:fe:e3:3b:d2: b0:65:c6:25:f5:b0:c9:1f:91:d3:3b:12:92:6f:8d: 21:4a:39:03:c5:0e:ef:7b:a2:2a:65:69:31:a0:a1: a6:e1:c8:30:77:a4:f4:a6:4e:8f:82:4c:48:61:5d: e0:04:c9:da:ab:05:35:7c:c1:43:10:39:a1:0e:b9: 1a:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:A9:DD:50:8A:00:92:44:85:35:5D:84:4C:7F:C3:62:B1:8B:CF:7A X509v3 Authority Key Identifier: keyid:22:E8:1B:32:7C:B1:FB:35:01:E0:5A:FA:B9:41:21:91:8F:DB:5B:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914B5BD/33CB117AB5A911E79C74CB72C4F9AE02/IugbMnyx-zUB4Fr6uUEhkY_bW14.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IugbMnyx-zUB4Fr6uUEhkY_bW14.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914B5BD/33CB117AB5A911E79C74CB72C4F9AE02/609B8BC27D7B11EDB6B77173C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.239.140.0/22 103.71.175.0/24 103.194.170.0/24 103.252.220.0-103.252.222.255 Signature Algorithm: sha256WithRSAEncryption 28:dc:34:4f:70:ac:bc:88:b8:c3:4c:f8:36:d4:b8:91:86:29: 55:83:e4:37:a5:e6:45:33:4f:b5:06:1a:93:53:36:36:8a:69: 52:5a:85:93:e5:c2:2f:4e:bc:47:8c:93:0d:e5:7a:b5:59:11: 60:f6:17:55:2f:41:c0:44:d8:40:82:0f:f0:86:21:e7:05:0f: d3:1b:33:d1:34:64:1e:44:37:df:1b:e7:7d:2f:af:bb:e0:aa: 04:47:b4:15:a0:fd:17:e5:71:af:6a:af:fe:f1:f8:b3:3e:c1: 15:08:a5:65:97:be:6d:92:ed:ec:1f:6d:67:fc:0e:89:8d:d6: 4b:20:e9:ae:37:24:3d:24:e1:ef:36:e8:fa:cd:d7:ea:78:89: 18:5b:6c:fe:45:7f:1b:b8:9b:92:10:6e:63:aa:62:7d:a6:3c: 11:0f:b9:48:24:3f:31:ca:e7:8d:d4:0c:30:89:a4:a7:7b:8e: df:07:1b:54:ce:76:ab:f7:10:c9:84:d1:34:38:d6:70:2c:04: c1:4f:97:61:27:9d:ac:60:69:a7:20:15:4a:e6:3e:70:56:62: 5a:e8:81:a7:47:61:6a:b6:26:3f:64:59:09:a7:74:50:bb:18: ce:14:0f:5c:cc:44:79:b2:a8:d3:cb:6d:76:4d:28:ee:73:0e: a4:00:8e:2c -----BEGIN CERTIFICATE----- MIIFVjCCBD6gAwIBAgICGRMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEI1QkQxMTAvBgNVBAUTKDIyRTgxQjMyN0NCMUZCMzUwMUUwNUFGQUI5NDEyMTkx OEZEQjVCNUUwHhcNMjYwMjEwMTUwNjIzWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0N2Q2NS02NzRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv2ljWSkhKko8eXKo2sgGdPoYc/wzZOg3FYiJrSUCC4waN/ljbDCqhfql3mvH p799YredfcGBo9eYarsFjU0TXTOF7LEAsmQ4oXQA/DARzDaxQ3T+ITzTxwJ1xgte /rujt3ZQpqo1SEV4SrEziRGt1snqfaI8H/LBh8PgCGr7xMT8S4cygV9x/5zMMqrk sCNDB3wnJ8SuVZp2O5Q+Cekbc8hnT+17WIydd8c+awolBDB5IYCCrGTel3SZ8+NX oP7jO9KwZcYl9bDJH5HTOxKSb40hSjkDxQ7ve6IqZWkxoKGm4cgwd6T0pk6PgkxI YV3gBMnaqwU1fMFDEDmhDrka0QIDAQABo4ICejCCAnYwHQYDVR0OBBYEFJep3VCK AJJEhTVdhEx/w2Kxi896MB8GA1UdIwQYMBaAFCLoGzJ8sfs1AeBa+rlBIZGP21te MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QjVCRC8zM0NCMTE3QUI1 QTkxMUU3OUM3NENCNzJDNEY5QUUwMi9JdWdiTW55eC16VUI0RnI2dVVFaGtZX2JX MTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0l1Z2JNbnl4LXpVQjRGcjZ1VUVoa1lfYlcxNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NEI1QkQvMzNDQjExN0FCNUE5MTFFNzlDNzRDQjcyQzRGOUFFMDIvNjA5QjhCQzI3 RDdCMTFFREI2Qjc3MTczQzRGOUFFMDIucm9hMDkGCCsGAQUFBwEHAQH/BCowKDAm BAIAATAgAwQCK++MAwQAZ0evAwQAZ8KqMAwDBAJn/NwDBABn/N4wDQYJKoZIhvcN AQELBQADggEBACjcNE9wrLyIuMNM+DbUuJGGKVWD5Del5kUzT7UGGpNTNjaKaVJa hZPlwi9OvEeMkw3lerVZEWD2F1UvQcBE2ECCD/CGIecFD9MbM9E0ZB5EN98b530v r7vgqgRHtBWg/Rflca9qr/7x+LM+wRUIpWWXvm2S7ewfbWf8DomN1ksg6a43JD0k 4e826PrN1+p4iRhbbP5Ffxu4m5IQbmOqYn2mPBEPuUgkPzHK543UDDCJpKd7jt8H G1TOdqv3EMmE0TQ41nAsBMFPl2EnnaxgaacgFUrmPnBWYlrogadHYWq2Jj9kWQmn dFC7GM4UD1zMRHmyqNPLbXZNKO5zDqQAjiw= -----END CERTIFICATE-----Generated at Mon Mar 2 12:19:09 2026 by rpki-client