$ rpki-client -vvf rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/075152B253CB11F09DA22358C4F9AE02.roa File: 075152B253CB11F09DA22358C4F9AE02.roa (raw, json) Hash identifier: V/vNgubvS8VhZ02alSGIOgT1eX/zOWVpq8npKoZuG7w= Subject key identifier: 74:1B:E4:A1:0B:5B:20:67:3B:34:B4:7E:C0:0F:D6:C6:6A:7D:46:62 Certificate issuer: /CN=A9157DA0/serialNumber=8887CF6CF5102F0FB713F4C4A1BDE389481F1C44 Certificate serial: 353D Authority key identifier: 88:87:CF:6C:F5:10:2F:0F:B7:13:F4:C4:A1:BD:E3:89:48:1F:1C:44 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/075152B253CB11F09DA22358C4F9AE02.roa Signing time: Sun 01 Mar 2026 13:34:30 +0000 ROA not before: Sat 28 Jun 2025 02:53:12 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 45193 IP address blocks: 103.39.252.0/22 maxlen: 22 119.252.123.0/24 maxlen: 24 119.252.124.0/23 maxlen: 23 119.252.124.0/24 maxlen: 24 119.252.125.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.crl rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:13:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13629 (0x353d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157DA0, serialNumber=8887CF6CF5102F0FB713F4C4A1BDE389481F1C44 Validity Not Before: Jun 28 02:53:12 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=69a44066-4f38 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:f6:7e:5c:d8:3c:01:e6:6c:ae:b2:35:22:c3: 62:7b:b8:bc:9a:42:76:d8:bf:38:c4:56:a5:cb:bd: de:01:4c:ae:ed:e8:32:10:2a:d2:96:28:66:c9:d9: 33:3d:fa:8a:37:7a:cf:96:a5:0d:76:85:e9:d0:24: 54:ff:25:5c:8e:30:58:44:64:6a:16:d9:50:0b:91: 56:76:3e:f5:dd:af:5c:46:85:dd:fd:d5:c4:ee:c8: 63:d7:1c:72:2d:c9:d6:b0:8d:cd:4b:95:a9:9a:c2: 1e:2f:ef:42:e6:90:75:cf:eb:4e:59:45:b1:aa:7d: af:d6:a7:89:32:cf:93:06:fc:2f:0e:f7:a2:66:d2: a9:1e:61:70:a2:88:f8:f2:a7:98:9f:24:4d:41:38: f0:8f:29:68:9a:f9:16:55:5e:b7:42:9f:73:36:fb: 4e:72:5c:94:93:4c:0e:d4:bc:a3:94:1b:a9:74:63: 3c:04:20:53:7f:82:a7:78:cd:fd:d6:7b:92:99:cd: 75:83:0d:9b:bc:1d:a5:1a:80:4d:62:6a:b2:f5:36: de:31:95:4d:af:ea:6b:dc:23:a0:68:ae:f5:9b:55: 6d:a5:8f:87:0b:cb:5a:f6:fa:b5:4b:81:9e:0b:b1: bf:2f:5a:dc:b9:3b:40:c1:a8:a6:4b:84:03:e4:fb: 1c:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:1B:E4:A1:0B:5B:20:67:3B:34:B4:7E:C0:0F:D6:C6:6A:7D:46:62 X509v3 Authority Key Identifier: keyid:88:87:CF:6C:F5:10:2F:0F:B7:13:F4:C4:A1:BD:E3:89:48:1F:1C:44 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/075152B253CB11F09DA22358C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.39.252.0/22 119.252.123.0-119.252.125.255 Signature Algorithm: sha256WithRSAEncryption 88:84:77:df:b2:34:ca:a4:2a:14:51:59:c1:bd:b6:af:e4:a9: c7:f3:e0:12:7d:d7:bf:af:d9:1e:20:f9:70:26:f1:84:5f:e4: 9d:f4:d5:fd:86:8b:32:3d:d1:d6:ee:a9:16:d3:6e:53:83:e1: 1e:be:33:cc:38:d1:42:82:e7:ca:fe:e9:a5:ed:e1:0c:e0:74: b7:99:6e:2c:fe:f9:a4:23:38:8c:46:3d:be:ef:22:2d:26:90: 6e:f7:6e:17:26:2b:2e:d5:3b:a3:5e:dc:f6:0a:2a:e4:02:0e: 7b:f2:02:d7:8b:60:40:07:bb:f5:c5:d9:45:f9:d9:f5:fe:89: 64:7a:a3:dd:13:fd:36:41:2c:ab:43:93:8c:af:5c:ff:fa:40: 57:1b:28:22:c8:f0:47:ee:4e:0a:c6:bc:eb:68:de:b2:9c:40: bd:2a:59:4b:f2:04:8f:50:59:c7:e6:8d:9c:72:11:3a:6c:79: 2e:70:a6:97:0a:25:db:97:16:4d:fd:32:ec:e7:fe:d9:49:84: eb:db:d8:f2:4f:bf:a3:e6:8d:6c:a0:25:ac:0d:cc:97:74:b2: 82:fd:b0:98:55:b6:63:8f:a1:0b:b6:5d:83:8f:06:1b:b2:9d: a8:3b:77:67:e3:6f:36:79:2a:63:d5:45:f7:c9:74:d3:79:75: da:1b:4b:68 -----BEGIN CERTIFICATE----- MIIFSjCCBDKgAwIBAgICNT0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdEQTAxMTAvBgNVBAUTKDg4ODdDRjZDRjUxMDJGMEZCNzEzRjRDNEExQkRFMzg5 NDgxRjFDNDQwHhcNMjUwNjI4MDI1MzEyWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NDA2Ni00ZjM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAn/Z+XNg8AeZsrrI1IsNie7i8mkJ22L84xFaly73eAUyu7egyECrSlihmydkz PfqKN3rPlqUNdoXp0CRU/yVcjjBYRGRqFtlQC5FWdj713a9cRoXd/dXE7shj1xxy LcnWsI3NS5WpmsIeL+9C5pB1z+tOWUWxqn2v1qeJMs+TBvwvDveiZtKpHmFwooj4 8qeYnyRNQTjwjylomvkWVV63Qp9zNvtOclyUk0wO1LyjlBupdGM8BCBTf4KneM39 1nuSmc11gw2bvB2lGoBNYmqy9TbeMZVNr+pr3COgaK71m1VtpY+HC8ta9vq1S4Ge C7G/L1rcuTtAwaimS4QD5PscKQIDAQABo4ICbjCCAmowHQYDVR0OBBYEFHQb5KEL WyBnOzS0fsAP1sZqfUZiMB8GA1UdIwQYMBaAFIiHz2z1EC8PtxP0xKG944lIHxxE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0RBMC8zQTBEOTMxMDFE OEMxMUUyOEVGRjU3RTcwOEIwMkNEMi9pSWZQYlBVUUx3LTNFX1RFb2IzamlVZ2ZI RVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lJZlBiUFVRTHctM0VfVEVvYjNqaVVnZkhFUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTdEQTAvM0EwRDkzMTAxRDhDMTFFMjhFRkY1N0U3MDhCMDJDRDIvMDc1MTUyQjI1 M0NCMTFGMDlEQTIyMzU4QzRGOUFFMDIucm9hMC0GCCsGAQUFBwEHAQH/BB4wHDAa BAIAATAUAwQCZyf8MAwDBAB3/HsDBAF3/HwwDQYJKoZIhvcNAQELBQADggEBAIiE d9+yNMqkKhRRWcG9tq/kqcfz4BJ917+v2R4g+XAm8YRf5J301f2GizI90dbuqRbT blOD4R6+M8w40UKC58r+6aXt4QzgdLeZbiz++aQjOIxGPb7vIi0mkG73bhcmKy7V O6Ne3PYKKuQCDnvyAteLYEAHu/XF2UX52fX+iWR6o90T/TZBLKtDk4yvXP/6QFcb KCLI8EfuTgrGvOto3rKcQL0qWUvyBI9QWcfmjZxyETpseS5wppcKJduXFk39Muzn /tlJhOvb2PJPv6PmjWygJawNzJd0soL9sJhVtmOPoQu2XYOPBhuynag7d2fjbzZ5 KmPVRffJdNN5ddobS2g= -----END CERTIFICATE-----Generated at Mon Mar 2 10:53:44 2026 by rpki-client