$ rpki-client -vvf rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/93EE047E4BB511EE9309AA4EC4F9AE02.roa File: 93EE047E4BB511EE9309AA4EC4F9AE02.roa (raw, json) Hash identifier: TZoK6id0rUzh56KPEUCZAm7vzhoQKcumpCyH1Z185+Y= Subject key identifier: B0:AB:69:A3:E4:22:C9:2B:3C:67:A5:46:6B:30:A6:DD:9E:8F:D3:28 Certificate issuer: /CN=A9157D67/serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD Certificate serial: 0C23 Authority key identifier: 39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/93EE047E4BB511EE9309AA4EC4F9AE02.roa Signing time: Sun 01 Mar 2026 18:48:51 +0000 ROA not before: Thu 10 Jul 2025 09:17:46 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 21859 IP address blocks: 43.152.178.0/24 maxlen: 24 43.174.120.0/24 maxlen: 24 43.174.121.0/24 maxlen: 24 101.33.12.0/24 maxlen: 24 101.33.13.0/24 maxlen: 24 101.33.14.0/24 maxlen: 24 101.33.15.0/24 maxlen: 24 240d:c010:14b::/48 maxlen: 48 240d:c010:14c::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 03:02:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3107 (0xc23) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157D67, serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD Validity Not Before: Jul 10 09:17:46 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=69a48a13-21bf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:ad:49:cb:9a:28:5f:bd:dc:df:bf:82:f5:6e: 7b:ae:1d:21:36:f1:0c:3c:ce:82:9b:a4:c5:6c:c2: 31:59:85:1f:56:cd:4d:53:9b:6b:23:e0:ca:2f:d2: d5:24:66:c1:7b:b9:75:51:dd:fd:c1:e6:4c:86:4c: 16:21:4c:88:0c:53:e1:a0:09:e5:38:27:24:93:6d: 20:64:46:1b:c8:f9:82:ca:c4:ad:75:34:cc:8f:d1: c1:7f:8f:98:50:7f:6f:7c:5a:9b:a4:83:bd:76:6a: 62:de:bc:36:de:fe:32:8f:9b:ad:9f:14:62:6a:d9: 89:6f:d3:58:67:b6:81:d3:39:6e:a2:bf:6a:7a:5c: 9b:9c:f0:44:bf:f6:90:38:3f:af:07:d9:e0:74:80: 7c:9d:a5:c2:98:b0:92:9a:ab:95:5e:79:6e:30:22: e4:33:eb:fb:c3:b0:57:e3:5d:b4:34:05:45:15:06: 65:8a:bc:89:0b:ef:b7:b4:02:28:d2:79:2e:c8:0a: 88:c2:98:be:aa:a1:0b:dd:ea:04:62:3e:47:52:84: 39:a4:db:d3:4d:5a:7f:98:1e:2d:a6:e2:21:a4:77: 29:8b:f6:9b:c7:b8:06:7a:5c:77:a3:39:2a:78:34: 6d:9a:1d:ca:99:00:26:b8:e8:6b:66:bc:f2:ee:8a: 44:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:AB:69:A3:E4:22:C9:2B:3C:67:A5:46:6B:30:A6:DD:9E:8F:D3:28 X509v3 Authority Key Identifier: keyid:39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/93EE047E4BB511EE9309AA4EC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.152.178.0/24 43.174.120.0/23 101.33.12.0/22 IPv6: 240d:c010:14b::-240d:c010:14c:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 77:0b:b6:01:8f:44:e6:15:1d:86:58:87:2e:67:3c:02:fc:25: 2c:9b:45:f4:0f:35:5f:b4:dc:40:ca:6c:bc:35:fa:23:4a:4a: 7f:27:3b:b7:a6:8c:72:18:71:65:8d:3a:e4:d5:d5:e8:7d:9f: 44:2a:65:43:f4:a7:88:16:7a:42:8b:3d:fe:d2:5c:99:8b:a5: 72:6d:f1:e9:f0:57:5a:d8:3e:f9:2b:49:84:c8:7b:fd:0d:12: ea:30:1b:c2:41:4d:9f:89:5e:37:d5:55:d0:ec:44:50:d4:d7: 24:46:50:23:dd:76:46:54:ce:e1:fa:32:18:48:78:2e:22:45: 82:62:85:a8:65:c5:cf:76:56:9b:6d:b2:f8:e7:3b:8d:cf:01: 33:5e:5c:36:21:36:20:dc:cc:6d:9a:2a:fb:1d:37:04:80:70: 42:03:05:bf:c0:ac:d3:63:63:86:da:f0:de:dc:72:71:f7:3c: fc:d9:c8:59:ea:0c:51:a9:97:0e:0b:d1:c0:fd:aa:bb:8a:f8: ca:af:2f:51:d2:e0:70:a9:6a:75:24:25:c7:01:a5:54:a3:df: 8e:d7:1b:09:56:05:e1:d2:3e:bd:00:f0:40:b8:55:5b:ec:8b: 39:c5:45:ed:77:d2:d4:69:98:bc:6a:fa:a4:06:f2:67:43:6d: 5c:6a:81:e6 -----BEGIN CERTIFICATE----- MIIFZDCCBEygAwIBAgICDCMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdENjcxMTAvBgNVBAUTKDM5QzQzOTY3NTcwMDg3RjU4M0U0MjVBOUZFOUI2OUI5 NTA2QTU5QkQwHhcNMjUwNzEwMDkxNzQ2WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0OGExMy0yMWJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAq61Jy5ooX73c37+C9W57rh0hNvEMPM6Cm6TFbMIxWYUfVs1NU5trI+DKL9LV JGbBe7l1Ud39weZMhkwWIUyIDFPhoAnlOCckk20gZEYbyPmCysStdTTMj9HBf4+Y UH9vfFqbpIO9dmpi3rw23v4yj5utnxRiatmJb9NYZ7aB0zluor9qelybnPBEv/aQ OD+vB9ngdIB8naXCmLCSmquVXnluMCLkM+v7w7BX4120NAVFFQZliryJC++3tAIo 0nkuyAqIwpi+qqEL3eoEYj5HUoQ5pNvTTVp/mB4tpuIhpHcpi/abx7gGelx3ozkq eDRtmh3KmQAmuOhrZrzy7opE4wIDAQABo4ICiDCCAoQwHQYDVR0OBBYEFLCraaPk IskrPGelRmswpt2ej9MoMB8GA1UdIwQYMBaAFDnEOWdXAIf1g+Qlqf6bablQalm9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0Q2Ny82OUU2QzE2QTQ0 MkExMUVCOTU5OUFEMzhDNEY5QUUwMi9PY1E1WjFjQWhfV0Q1Q1dwX3B0cHVWQnFX YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09jUTVaMWNBaF9XRDVDV3BfcHRwdVZCcVdiMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTdENjcvNjlFNkMxNkE0NDJBMTFFQjk1OTlBRDM4QzRGOUFFMDIvOTNFRTA0N0U0 QkI1MTFFRTkzMDlBQTRFQzRGOUFFMDIucm9hMEcGCCsGAQUFBwEHAQH/BDgwNjAY BAIAATASAwQAK5iyAwQBK654AwQCZSEMMBoEAgACMBQwEgMHACQNwBABSwMHACQN wBABTDANBgkqhkiG9w0BAQsFAAOCAQEAdwu2AY9E5hUdhliHLmc8AvwlLJtF9A81 X7TcQMpsvDX6I0pKfyc7t6aMchhxZY065NXV6H2fRCplQ/SniBZ6Qos9/tJcmYul cm3x6fBXWtg++StJhMh7/Q0S6jAbwkFNn4leN9VV0OxEUNTXJEZQI912RlTO4foy GEh4LiJFgmKFqGXFz3ZWm22y+Oc7jc8BM15cNiE2INzMbZoq+x03BIBwQgMFv8Cs 02Njhtrw3txycfc8/NnIWeoMUamXDgvRwP2qu4r4yq8vUdLgcKlqdSQlxwGlVKPf jtcbCVYF4dI+vQDwQLhVW+yLOcVF7XfS1GmYvGr6pAbyZ0NtXGqB5g== -----END CERTIFICATE-----Generated at Mon Mar 2 05:45:21 2026 by rpki-client