$ rpki-client -vvf rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/10BC8836509B11F0A1C78F35C4F9AE02.roa File: 10BC8836509B11F0A1C78F35C4F9AE02.roa (raw, json) Hash identifier: BK/+8KX02VPddxHBzpeJG/jz59w+FAXuRrqelBqXlEQ= Subject key identifier: FC:F2:D9:7D:EE:06:69:4F:57:B0:D2:87:1B:36:5E:41:FD:1F:5C:FC Certificate issuer: /CN=A9157DA0/serialNumber=8887CF6CF5102F0FB713F4C4A1BDE389481F1C44 Certificate serial: 353C Authority key identifier: 88:87:CF:6C:F5:10:2F:0F:B7:13:F4:C4:A1:BD:E3:89:48:1F:1C:44 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/10BC8836509B11F0A1C78F35C4F9AE02.roa Signing time: Sun 01 Mar 2026 13:34:29 +0000 ROA not before: Tue 24 Jun 2025 01:32:18 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 58524 IP address blocks: 43.248.158.0/23 maxlen: 24 119.252.126.0/23 maxlen: 23 2407:4800:c000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.crl rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:13:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13628 (0x353c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157DA0, serialNumber=8887CF6CF5102F0FB713F4C4A1BDE389481F1C44 Validity Not Before: Jun 24 01:32:18 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=69a44065-2444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:ec:0e:76:6b:18:fe:22:32:b5:54:1b:36:f4: 74:f1:e6:c9:14:41:aa:d2:8a:55:33:bd:26:8c:47: 40:f4:1e:12:7c:e3:85:8c:5d:71:3e:d3:cb:c2:61: 21:b2:7e:ec:83:de:d0:56:96:14:39:33:a4:4e:89: 52:ef:f6:94:44:b8:45:1c:c8:7c:c9:55:dd:c6:2f: 76:7b:b1:99:ee:04:41:4e:76:0c:97:d0:bd:cc:c0: a7:3f:40:35:26:de:78:f4:b0:ce:fc:40:39:e0:09: 28:f1:e5:ac:94:d5:f8:c4:39:7d:3b:02:53:4c:81: 44:ef:55:5a:3a:3f:5c:d5:8b:83:97:0c:62:9f:fe: 5b:4d:37:47:76:0c:ba:31:08:11:ca:2f:12:6c:9d: 67:90:63:1c:5b:36:9f:9d:a1:85:80:46:19:ec:05: ed:ad:ae:a0:c9:27:c1:c6:4d:c1:7f:15:95:0e:53: 29:66:04:11:a0:ed:93:4b:d0:72:09:73:13:16:de: 84:96:5a:e6:cc:bd:32:3c:24:a1:30:b9:47:80:5b: a7:af:35:d8:56:db:c8:ec:73:8e:94:88:ab:4f:17: 73:28:4b:10:dc:36:88:e3:c9:a5:73:43:2b:8a:c2: d6:b4:60:23:31:80:fd:3c:ae:49:1d:64:3e:a0:af: d8:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:F2:D9:7D:EE:06:69:4F:57:B0:D2:87:1B:36:5E:41:FD:1F:5C:FC X509v3 Authority Key Identifier: keyid:88:87:CF:6C:F5:10:2F:0F:B7:13:F4:C4:A1:BD:E3:89:48:1F:1C:44 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/10BC8836509B11F0A1C78F35C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.248.158.0/23 119.252.126.0/23 IPv6: 2407:4800:c000::/36 Signature Algorithm: sha256WithRSAEncryption 4d:cd:d0:1d:62:2b:c9:cb:cb:23:8d:d9:87:ea:11:c1:e7:a6: 9b:7b:c9:1c:c6:fa:6c:e9:20:e6:80:f1:71:93:21:f6:cc:b6: 29:e7:91:23:7f:3f:e6:e5:eb:c0:99:64:dd:ce:83:b2:df:16: 28:6c:e2:28:c6:7c:60:a4:f4:dd:21:44:25:78:05:44:ce:d6: 79:35:1f:2c:db:cf:fe:41:fa:ba:b4:f0:f6:44:6f:21:be:6d: f4:e9:77:67:38:8f:6a:58:17:f5:bb:ec:81:80:fd:5c:9b:3d: 84:bb:09:0c:ae:ca:db:56:32:ca:eb:31:b1:b2:4a:a4:6c:1c: 42:22:4a:14:a6:ee:5f:b8:d6:35:8a:e2:9f:76:82:9a:48:93: bd:a3:62:23:36:63:c7:61:aa:a0:88:b8:e7:db:d2:b7:ae:f5: 77:72:4a:28:b0:35:f7:c0:0b:be:4a:1a:7c:b4:6c:f8:94:36: a0:d9:ea:a8:bd:4a:c1:1f:9d:4b:d9:83:3b:7b:e3:c9:84:b1: bc:89:c0:e6:9b:9a:a9:62:32:ea:af:80:62:ae:36:38:d2:42: 1b:e1:14:02:86:2c:45:af:3c:25:be:b5:30:95:1a:69:fb:02: 04:89:cf:9d:71:48:79:b4:90:8d:e1:1e:ff:02:c1:9a:81:75: 39:65:7f:e6 -----BEGIN CERTIFICATE----- MIIFUjCCBDqgAwIBAgICNTwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdEQTAxMTAvBgNVBAUTKDg4ODdDRjZDRjUxMDJGMEZCNzEzRjRDNEExQkRFMzg5 NDgxRjFDNDQwHhcNMjUwNjI0MDEzMjE4WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NDA2NS0yNDQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxuwOdmsY/iIytVQbNvR08ebJFEGq0opVM70mjEdA9B4SfOOFjF1xPtPLwmEh sn7sg97QVpYUOTOkTolS7/aURLhFHMh8yVXdxi92e7GZ7gRBTnYMl9C9zMCnP0A1 Jt549LDO/EA54Ako8eWslNX4xDl9OwJTTIFE71VaOj9c1YuDlwxin/5bTTdHdgy6 MQgRyi8SbJ1nkGMcWzafnaGFgEYZ7AXtra6gySfBxk3BfxWVDlMpZgQRoO2TS9By CXMTFt6EllrmzL0yPCShMLlHgFunrzXYVtvI7HOOlIirTxdzKEsQ3DaI48mlc0Mr isLWtGAjMYD9PK5JHWQ+oK/YCwIDAQABo4ICdjCCAnIwHQYDVR0OBBYEFPzy2X3u BmlPV7DShxs2XkH9H1z8MB8GA1UdIwQYMBaAFIiHz2z1EC8PtxP0xKG944lIHxxE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0RBMC8zQTBEOTMxMDFE OEMxMUUyOEVGRjU3RTcwOEIwMkNEMi9pSWZQYlBVUUx3LTNFX1RFb2IzamlVZ2ZI RVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lJZlBiUFVRTHctM0VfVEVvYjNqaVVnZkhFUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTdEQTAvM0EwRDkzMTAxRDhDMTFFMjhFRkY1N0U3MDhCMDJDRDIvMTBCQzg4MzY1 MDlCMTFGMEExQzc4RjM1QzRGOUFFMDIucm9hMDUGCCsGAQUFBwEHAQH/BCYwJDAS BAIAATAMAwQBK/ieAwQBd/x+MA4EAgACMAgDBgQkB0gAwDANBgkqhkiG9w0BAQsF AAOCAQEATc3QHWIrycvLI43Zh+oRweemm3vJHMb6bOkg5oDxcZMh9sy2KeeRI38/ 5uXrwJlk3c6Dst8WKGziKMZ8YKT03SFEJXgFRM7WeTUfLNvP/kH6urTw9kRvIb5t 9Ol3ZziPalgX9bvsgYD9XJs9hLsJDK7K21YyyusxsbJKpGwcQiJKFKbuX7jWNYri n3aCmkiTvaNiIzZjx2GqoIi459vSt671d3JKKLA198ALvkoafLRs+JQ2oNnqqL1K wR+dS9mDO3vjyYSxvInA5puaqWIy6q+AYq42ONJCG+EUAoYsRa88Jb61MJUaafsC BInPnXFIebSQjeEe/wLBmoF1OWV/5g== -----END CERTIFICATE-----Generated at Mon Mar 2 14:27:05 2026 by rpki-client