$ rpki-client -vvf rpki.apnic.net/member_repository/A9151C9D/73ACA5E4CF4511E4B6B7A211C4F9AE02/A23207FEB14111E5A3B46B15C4F9AE02.roa File: A23207FEB14111E5A3B46B15C4F9AE02.roa (raw, json) Hash identifier: UoiiEzLnXbuz106riRIB93AjQPyqVHDJf4WEesl0hdc= Subject key identifier: 1B:21:4B:64:EA:77:EC:F8:F6:69:F2:84:10:4E:20:C5:67:1B:F9:31 Certificate issuer: /CN=A9151C9D/serialNumber=FC655A21543ECF57BFA3EBDF7946A99561EC52F5 Certificate serial: 2778 Authority key identifier: FC:65:5A:21:54:3E:CF:57:BF:A3:EB:DF:79:46:A9:95:61:EC:52:F5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_GVaIVQ-z1e_o-vfeUaplWHsUvU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9151C9D/73ACA5E4CF4511E4B6B7A211C4F9AE02/A23207FEB14111E5A3B46B15C4F9AE02.roa Signing time: Sun 01 Mar 2026 09:13:09 +0000 ROA not before: Thu 06 Mar 2025 16:02:45 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 133498 IP address blocks: 103.231.240.0/22 maxlen: 22 103.231.240.0/24 maxlen: 24 103.231.241.0/24 maxlen: 24 103.231.242.0/24 maxlen: 24 103.231.243.0/24 maxlen: 24 2001:df5:e800::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9151C9D/73ACA5E4CF4511E4B6B7A211C4F9AE02/_GVaIVQ-z1e_o-vfeUaplWHsUvU.crl rsync://rpki.apnic.net/member_repository/A9151C9D/73ACA5E4CF4511E4B6B7A211C4F9AE02/_GVaIVQ-z1e_o-vfeUaplWHsUvU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_GVaIVQ-z1e_o-vfeUaplWHsUvU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:16:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10104 (0x2778) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9151C9D, serialNumber=FC655A21543ECF57BFA3EBDF7946A99561EC52F5 Validity Not Before: Mar 6 16:02:45 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=69a40325-71d8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:fc:a7:80:87:67:07:7f:53:47:e0:2b:fd:3a: 6c:3d:02:85:a3:7d:e7:e9:15:2c:65:7f:32:4f:a1: f8:c7:29:fe:78:72:42:9e:54:2f:7d:ff:e2:4f:e2: d1:ce:61:bc:31:3a:77:47:5b:a1:1e:d6:0e:81:66: be:ce:cb:0d:3f:a8:99:31:41:66:12:87:3f:20:43: e9:f3:fa:5d:d3:d2:7e:db:0a:37:21:94:6e:b0:90: 01:98:3c:aa:47:03:3a:84:4b:79:77:eb:4a:ed:0d: d6:d8:ca:66:f7:6d:8d:b6:c0:7e:f9:c1:a7:3a:23: 18:80:bc:4a:a9:e1:8f:8b:e5:65:45:75:60:49:2d: fc:63:e0:4c:a4:6c:f1:4d:ab:cb:88:9b:2c:7a:58: d2:71:e5:5d:4a:70:8a:02:5b:b4:6a:d9:9d:ec:9d: 9c:03:f4:50:53:dc:99:42:f4:9d:8a:c5:3e:9c:c8: cc:10:2d:80:04:df:cd:2d:8e:8c:2c:16:e1:e5:62: 18:4c:60:a7:3d:32:6d:df:ca:5e:b5:ee:a5:49:3c: 30:db:77:c4:bb:7d:c8:72:59:0a:9c:fe:9c:46:d5: 25:e0:04:43:67:3c:a8:4f:94:d4:2e:ba:0b:27:2d: 62:30:ba:38:05:7a:33:ec:20:b7:9d:55:b5:1b:4a: db:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:21:4B:64:EA:77:EC:F8:F6:69:F2:84:10:4E:20:C5:67:1B:F9:31 X509v3 Authority Key Identifier: keyid:FC:65:5A:21:54:3E:CF:57:BF:A3:EB:DF:79:46:A9:95:61:EC:52:F5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9151C9D/73ACA5E4CF4511E4B6B7A211C4F9AE02/_GVaIVQ-z1e_o-vfeUaplWHsUvU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_GVaIVQ-z1e_o-vfeUaplWHsUvU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9151C9D/73ACA5E4CF4511E4B6B7A211C4F9AE02/A23207FEB14111E5A3B46B15C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.231.240.0/22 IPv6: 2001:df5:e800::/48 Signature Algorithm: sha256WithRSAEncryption 56:93:fb:a8:37:00:c5:8c:c1:18:8e:c1:e5:ba:0f:ef:d7:10: 22:f2:96:d8:7e:7d:48:df:69:21:fb:b4:dd:08:9e:5b:eb:95: d7:2f:f8:a4:4d:30:d4:67:72:4c:a1:b5:38:84:55:8c:ad:3e: 57:43:7a:6c:c4:28:ab:0e:d9:10:1a:43:c1:c8:94:de:0e:4e: 69:03:b3:e2:b8:5f:8a:8f:91:b3:79:11:49:fc:4b:f6:7d:62: 00:4e:f2:6b:99:21:88:99:c9:5b:1b:ce:ef:c9:34:39:5e:77: 6b:32:0d:fc:f2:1c:e1:29:c6:62:fc:67:eb:cb:08:28:5f:36: 11:a9:d9:61:79:6a:4f:c5:0c:c9:34:b7:b9:fc:18:88:6a:d1: cc:55:9b:d2:04:18:d5:ed:ee:a9:ce:07:07:e0:fd:f1:a4:73: e0:a6:e7:a6:bd:e5:da:39:f4:1a:c9:ea:14:cd:79:8d:74:f2: 86:6d:aa:3a:f6:61:a0:42:f4:50:f8:4b:ec:64:89:4c:13:37: 9a:71:4c:f5:bc:04:f4:ed:81:f0:8a:19:f2:c4:23:3e:78:83: ef:0d:57:24:ce:63:56:a3:f4:66:2f:6b:14:d3:42:40:3d:ed: 11:00:da:03:0b:59:d4:4e:04:36:6b:75:48:ff:7e:41:70:9b: ad:55:0e:5e -----BEGIN CERTIFICATE----- MIIFTTCCBDWgAwIBAgICJ3gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTFDOUQxMTAvBgNVBAUTKEZDNjU1QTIxNTQzRUNGNTdCRkEzRUJERjc5NDZBOTk1 NjFFQzUyRjUwHhcNMjUwMzA2MTYwMjQ1WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MDMyNS03MWQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuvyngIdnB39TR+Ar/TpsPQKFo33n6RUsZX8yT6H4xyn+eHJCnlQvff/iT+LR zmG8MTp3R1uhHtYOgWa+zssNP6iZMUFmEoc/IEPp8/pd09J+2wo3IZRusJABmDyq RwM6hEt5d+tK7Q3W2Mpm922NtsB++cGnOiMYgLxKqeGPi+VlRXVgSS38Y+BMpGzx TavLiJsseljSceVdSnCKAlu0atmd7J2cA/RQU9yZQvSdisU+nMjMEC2ABN/NLY6M LBbh5WIYTGCnPTJt38pete6lSTww23fEu33IclkKnP6cRtUl4ARDZzyoT5TULroL Jy1iMLo4BXoz7CC3nVW1G0rbSQIDAQABo4ICcTCCAm0wHQYDVR0OBBYEFBshS2Tq d+z49mnyhBBOIMVnG/kxMB8GA1UdIwQYMBaAFPxlWiFUPs9Xv6Pr33lGqZVh7FL1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MUM5RC83M0FDQTVFNENG NDUxMUU0QjZCN0EyMTFDNEY5QUUwMi9fR1ZhSVZRLXoxZV9vLXZmZVVhcGxXSHNV dlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL19HVmFJVlEtejFlX28tdmZlVWFwbFdIc1V2VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTFDOUQvNzNBQ0E1RTRDRjQ1MTFFNEI2QjdBMjExQzRGOUFFMDIvQTIzMjA3RkVC MTQxMTFFNUEzQjQ2QjE1QzRGOUFFMDIucm9hMDAGCCsGAQUFBwEHAQH/BCEwHzAM BAIAATAGAwQCZ+fwMA8EAgACMAkDBwAgAQ316AAwDQYJKoZIhvcNAQELBQADggEB AFaT+6g3AMWMwRiOweW6D+/XECLylth+fUjfaSH7tN0Inlvrldcv+KRNMNRnckyh tTiEVYytPldDemzEKKsO2RAaQ8HIlN4OTmkDs+K4X4qPkbN5EUn8S/Z9YgBO8muZ IYiZyVsbzu/JNDled2syDfzyHOEpxmL8Z+vLCChfNhGp2WF5ak/FDMk0t7n8GIhq 0cxVm9IEGNXt7qnOBwfg/fGkc+Cm56a95do59BrJ6hTNeY108oZtqjr2YaBC9FD4 S+xkiUwTN5pxTPW8BPTtgfCKGfLEIz54g+8NVyTOY1aj9GYvaxTTQkA97REA2gML WdROBDZrdUj/fkFwm61VDl4= -----END CERTIFICATE-----Generated at Mon Mar 2 07:48:13 2026 by rpki-client