$ rpki-client -vvf rpki.apnic.net/member_repository/A9150845/DC7100EA5A5511E8BE3E0B68C4F9AE02/2A3E123A5A5711E8B29BFE6AC4F9AE02.roa File: 2A3E123A5A5711E8B29BFE6AC4F9AE02.roa (raw, json) Hash identifier: jcuZ4Nc01vH43/ruJvx8vALimlUCU5+5s5pzICb3qBI= Subject key identifier: 07:D9:0C:7C:55:31:3E:D8:1E:BF:38:06:7D:1E:C1:7D:FC:83:3E:F3 Certificate issuer: /CN=A9150845/serialNumber=F7D33F455EDABE3D4CB63FB92E4CA076119C34A6 Certificate serial: 158E Authority key identifier: F7:D3:3F:45:5E:DA:BE:3D:4C:B6:3F:B9:2E:4C:A0:76:11:9C:34:A6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/99M_RV7avj1Mtj-5LkygdhGcNKY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9150845/DC7100EA5A5511E8BE3E0B68C4F9AE02/2A3E123A5A5711E8B29BFE6AC4F9AE02.roa Signing time: Sun 01 Mar 2026 16:25:49 +0000 ROA not before: Tue 02 Sep 2025 17:06:15 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 63528 IP address blocks: 203.159.68.0/22 maxlen: 22 203.159.70.0/23 maxlen: 24 2001:deb::/48 maxlen: 48 2001:df5:b880::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9150845/DC7100EA5A5511E8BE3E0B68C4F9AE02/99M_RV7avj1Mtj-5LkygdhGcNKY.crl rsync://rpki.apnic.net/member_repository/A9150845/DC7100EA5A5511E8BE3E0B68C4F9AE02/99M_RV7avj1Mtj-5LkygdhGcNKY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/99M_RV7avj1Mtj-5LkygdhGcNKY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 01:40:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5518 (0x158e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9150845, serialNumber=F7D33F455EDABE3D4CB63FB92E4CA076119C34A6 Validity Not Before: Sep 2 17:06:15 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=69a4688d-399c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:18:23:3f:d1:4e:11:53:91:da:ec:96:1f:d1: f8:64:f8:36:41:08:6d:18:c8:61:11:a2:0a:98:5b: 9b:04:fa:d8:7f:76:69:a7:b4:f6:c1:7d:cc:95:e7: 6b:02:17:ab:d1:2d:ef:b5:f6:1e:61:03:84:58:8a: 48:8b:36:7f:d7:ab:70:b0:88:c0:0a:89:5d:f9:d7: 64:ba:5e:ea:1c:3d:53:25:b5:69:37:f3:58:f1:5a: 60:ec:80:bf:2e:27:b9:88:a1:a1:8c:7e:5b:cc:eb: af:8e:0f:44:17:d9:3c:92:d0:dd:fc:39:c3:18:a9: e5:a6:10:e1:c8:4a:60:a0:e9:59:25:ff:a8:6a:9a: 01:3c:45:0e:52:82:42:46:a7:03:32:9e:83:ba:32: 16:29:d8:3a:b2:db:71:bb:5a:63:a2:90:93:6d:b6: 07:fb:22:6e:18:81:c4:cb:a4:69:34:de:a0:89:6a: ac:0c:a2:d4:0b:97:f3:6d:51:05:58:f2:88:0e:61: 62:11:54:02:c2:68:4c:ed:0e:f5:45:b6:bc:ea:6a: 2b:21:00:b9:79:c3:d4:4d:37:8a:09:c6:b1:58:06: 9b:f9:a3:6f:08:93:c3:f5:fe:35:b7:54:b6:54:f0: 13:ab:db:3e:b0:cc:a4:c1:36:3e:ed:52:33:1b:81: 52:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:D9:0C:7C:55:31:3E:D8:1E:BF:38:06:7D:1E:C1:7D:FC:83:3E:F3 X509v3 Authority Key Identifier: keyid:F7:D3:3F:45:5E:DA:BE:3D:4C:B6:3F:B9:2E:4C:A0:76:11:9C:34:A6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9150845/DC7100EA5A5511E8BE3E0B68C4F9AE02/99M_RV7avj1Mtj-5LkygdhGcNKY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/99M_RV7avj1Mtj-5LkygdhGcNKY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9150845/DC7100EA5A5511E8BE3E0B68C4F9AE02/2A3E123A5A5711E8B29BFE6AC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 203.159.68.0/22 IPv6: 2001:deb::/48 2001:df5:b880::/48 Signature Algorithm: sha256WithRSAEncryption 77:3f:b9:10:f4:86:58:51:bf:39:2a:e7:38:13:12:90:86:3a: 1e:a1:9e:f2:1e:4f:b2:04:55:40:3a:f7:1b:8b:5c:c1:e8:26: ae:31:20:c8:bf:40:f8:89:bc:af:f1:0e:16:ce:0c:f8:b7:b5: 64:54:26:7a:1e:a9:e4:b7:4e:4a:83:48:d8:4e:b1:85:4d:f4: 88:b0:f1:79:e6:5e:fd:6f:90:57:bc:fc:e3:d9:a3:97:a6:80: 72:7d:94:36:5e:eb:90:a6:ce:93:f9:f7:04:eb:13:f3:24:cf: bf:20:6f:cc:85:a1:89:1c:0b:0a:5b:6b:0d:f4:ec:ac:44:df: 84:e2:9f:08:10:f8:6a:3f:08:1e:e8:bc:fa:b4:92:98:1d:44: 55:ac:0d:ba:8d:ed:f9:50:d9:81:04:51:95:5b:f3:70:ec:b5: ae:78:48:c2:20:04:c2:87:01:b7:ba:a9:d2:61:23:ef:cd:63: 41:e9:0c:1b:83:ab:cb:9c:ae:a7:64:b0:5f:e7:9b:5e:1f:bc: b6:23:33:0d:c2:4b:93:ea:c9:2b:68:87:6f:80:e7:73:e6:a9: dd:98:05:19:99:2f:23:97:3e:f2:b0:7e:54:d8:96:be:6c:d6: cd:2b:e4:43:5f:f0:04:1d:fb:4f:38:93:0a:ce:ef:27:28:a8: 48:9c:45:db -----BEGIN CERTIFICATE----- MIIFVjCCBD6gAwIBAgICFY4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTA4NDUxMTAvBgNVBAUTKEY3RDMzRjQ1NUVEQUJFM0Q0Q0I2M0ZCOTJFNENBMDc2 MTE5QzM0QTYwHhcNMjUwOTAyMTcwNjE1WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0Njg4ZC0zOTljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvBgjP9FOEVOR2uyWH9H4ZPg2QQhtGMhhEaIKmFubBPrYf3Zpp7T2wX3Mledr Aher0S3vtfYeYQOEWIpIizZ/16twsIjACold+ddkul7qHD1TJbVpN/NY8Vpg7IC/ Lie5iKGhjH5bzOuvjg9EF9k8ktDd/DnDGKnlphDhyEpgoOlZJf+oapoBPEUOUoJC RqcDMp6DujIWKdg6sttxu1pjopCTbbYH+yJuGIHEy6RpNN6giWqsDKLUC5fzbVEF WPKIDmFiEVQCwmhM7Q71Rba86morIQC5ecPUTTeKCcaxWAab+aNvCJPD9f41t1S2 VPATq9s+sMykwTY+7VIzG4FS8QIDAQABo4ICejCCAnYwHQYDVR0OBBYEFAfZDHxV MT7YHr84Bn0ewX38gz7zMB8GA1UdIwQYMBaAFPfTP0Ve2r49TLY/uS5MoHYRnDSm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MDg0NS9EQzcxMDBFQTVB NTUxMUU4QkUzRTBCNjhDNEY5QUUwMi85OU1fUlY3YXZqMU10ai01TGt5Z2RoR2NO S1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzk5TV9SVjdhdmoxTXRqLTVMa3lnZGhHY05LWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTA4NDUvREM3MTAwRUE1QTU1MTFFOEJFM0UwQjY4QzRGOUFFMDIvMkEzRTEyM0E1 QTU3MTFFOEIyOUJGRTZBQzRGOUFFMDIucm9hMDkGCCsGAQUFBwEHAQH/BCowKDAM BAIAATAGAwQCy59EMBgEAgACMBIDBwAgAQ3rAAADBwAgAQ31uIAwDQYJKoZIhvcN AQELBQADggEBAHc/uRD0hlhRvzkq5zgTEpCGOh6hnvIeT7IEVUA69xuLXMHoJq4x IMi/QPiJvK/xDhbODPi3tWRUJnoeqeS3TkqDSNhOsYVN9Iiw8XnmXv1vkFe8/OPZ o5emgHJ9lDZe65CmzpP59wTrE/Mkz78gb8yFoYkcCwpbaw307KxE34TinwgQ+Go/ CB7ovPq0kpgdRFWsDbqN7flQ2YEEUZVb83Dsta54SMIgBMKHAbe6qdJhI+/NY0Hp DBuDq8ucrqdksF/nm14fvLYjMw3CS5PqyStoh2+A53Pmqd2YBRmZLyOXPvKwflTY lr5s1s0r5ENf8AQd+084kwrO7ycoqEicRds= -----END CERTIFICATE-----Generated at Mon Mar 2 12:48:46 2026 by rpki-client