$ rpki-client -vvf rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/E52708AADFCE11EFBC4CD631C4F9AE02.roa File: E52708AADFCE11EFBC4CD631C4F9AE02.roa (raw, json) Hash identifier: luxeMc1iFSEcyyjFr507CvOQSLo907/TPZtOXtJ+QIM= Subject key identifier: 85:79:42:07:8A:F5:03:8C:CF:09:37:03:8A:45:EB:81:F9:01:31:29 Certificate issuer: /CN=A9157DA0/serialNumber=8887CF6CF5102F0FB713F4C4A1BDE389481F1C44 Certificate serial: 353B Authority key identifier: 88:87:CF:6C:F5:10:2F:0F:B7:13:F4:C4:A1:BD:E3:89:48:1F:1C:44 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/E52708AADFCE11EFBC4CD631C4F9AE02.roa Signing time: Sun 01 Mar 2026 13:34:29 +0000 ROA not before: Mon 14 Apr 2025 14:50:44 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 38875 IP address blocks: 43.248.156.0/23 maxlen: 23 119.252.120.0/23 maxlen: 23 119.252.120.0/24 maxlen: 24 119.252.121.0/24 maxlen: 24 124.109.12.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.crl rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:13:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13627 (0x353b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157DA0, serialNumber=8887CF6CF5102F0FB713F4C4A1BDE389481F1C44 Validity Not Before: Apr 14 14:50:44 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=69a44064-6e96 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:3e:58:ae:b5:11:92:43:90:0f:8a:7c:48:6e: cf:c8:22:10:51:9e:4e:54:17:c5:42:47:1c:48:ba: 58:6c:d4:ae:cd:76:35:7c:75:db:a4:d0:73:ac:fd: 7b:a2:d1:2f:46:f6:38:23:fc:9f:17:dd:54:08:9a: b2:be:64:06:18:13:87:98:65:78:76:51:ca:86:64: ce:dd:e8:09:3c:a0:96:66:64:4f:0e:5d:64:84:5c: 6b:80:23:8e:49:a0:df:6a:19:41:e2:a3:27:29:d0: c5:78:5a:cc:81:bf:56:bd:bb:1c:0c:88:7a:0a:06: 94:6c:c1:9c:8f:55:c8:4b:14:2c:d9:0c:a5:17:26: 0d:b4:1e:e8:db:5a:41:10:6f:82:50:e8:2b:67:b7: b3:14:16:8a:20:3b:03:af:94:d1:27:5f:49:b4:7a: ae:7a:41:17:90:ce:2b:3d:2d:42:2b:34:74:a6:e7: fd:48:0f:88:3e:d7:b8:a1:d3:bf:88:3f:50:ae:ee: 58:af:67:c9:fe:15:b6:2e:a5:4e:a0:fb:3b:04:ec: cd:2f:7f:11:65:0f:b9:d6:33:5d:af:f6:46:f8:32: 65:61:16:61:b7:b3:be:b1:7f:a7:76:07:bd:55:fa: 1b:4d:09:91:e7:dc:3b:9e:db:88:8d:73:82:b3:8b: d0:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:79:42:07:8A:F5:03:8C:CF:09:37:03:8A:45:EB:81:F9:01:31:29 X509v3 Authority Key Identifier: keyid:88:87:CF:6C:F5:10:2F:0F:B7:13:F4:C4:A1:BD:E3:89:48:1F:1C:44 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/E52708AADFCE11EFBC4CD631C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.248.156.0/23 119.252.120.0/23 124.109.12.0/22 Signature Algorithm: sha256WithRSAEncryption 02:09:0e:bd:9c:e6:c0:f2:0d:ce:b5:57:d7:4e:31:7c:68:29: a8:c8:af:97:03:37:63:3f:74:40:ca:22:05:b6:7b:c2:52:f2: 86:3d:20:00:22:83:e4:92:a7:2e:26:ab:c5:28:5d:1d:c2:24: 33:f9:43:e1:70:88:17:0c:84:e1:d4:16:57:0c:c4:aa:9f:23: 0e:6b:e6:64:a4:61:da:6f:6e:d0:d2:c9:ca:39:69:a3:60:7b: 35:bb:3a:0e:a7:c4:d1:54:80:f9:cd:58:ab:29:b9:0a:da:9c: 16:b1:f8:2a:44:f3:ad:88:7f:fc:9e:5b:4f:af:32:38:49:a2: 9e:5e:22:b5:af:cd:ea:fc:57:54:24:ca:0f:4d:23:f0:ee:d7: e1:63:df:60:a8:19:27:40:bd:1a:95:39:01:29:2f:3e:6f:fc: f9:63:4c:20:fa:7f:58:de:5a:95:37:df:30:96:81:7c:fb:fc: 1a:7d:c6:25:ac:b4:b6:0a:81:7f:7c:8b:f2:04:82:ac:d7:90: 94:9a:69:3a:61:6e:5b:be:ae:13:9d:30:25:19:d8:76:44:b4: 77:25:30:8b:f4:53:da:33:5d:1b:32:cf:63:03:84:e1:14:e8: 85:75:7c:fb:70:76:78:49:ee:86:fc:f2:89:df:33:87:11:af: 96:77:24:b5 -----BEGIN CERTIFICATE----- MIIFSDCCBDCgAwIBAgICNTswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdEQTAxMTAvBgNVBAUTKDg4ODdDRjZDRjUxMDJGMEZCNzEzRjRDNEExQkRFMzg5 NDgxRjFDNDQwHhcNMjUwNDE0MTQ1MDQ0WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NDA2NC02ZTk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0z5YrrURkkOQD4p8SG7PyCIQUZ5OVBfFQkccSLpYbNSuzXY1fHXbpNBzrP17 otEvRvY4I/yfF91UCJqyvmQGGBOHmGV4dlHKhmTO3egJPKCWZmRPDl1khFxrgCOO SaDfahlB4qMnKdDFeFrMgb9WvbscDIh6CgaUbMGcj1XISxQs2QylFyYNtB7o21pB EG+CUOgrZ7ezFBaKIDsDr5TRJ19JtHquekEXkM4rPS1CKzR0puf9SA+IPte4odO/ iD9Qru5Yr2fJ/hW2LqVOoPs7BOzNL38RZQ+51jNdr/ZG+DJlYRZht7O+sX+ndge9 VfobTQmR59w7ntuIjXOCs4vQAQIDAQABo4ICbDCCAmgwHQYDVR0OBBYEFIV5QgeK 9QOMzwk3A4pF64H5ATEpMB8GA1UdIwQYMBaAFIiHz2z1EC8PtxP0xKG944lIHxxE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0RBMC8zQTBEOTMxMDFE OEMxMUUyOEVGRjU3RTcwOEIwMkNEMi9pSWZQYlBVUUx3LTNFX1RFb2IzamlVZ2ZI RVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lJZlBiUFVRTHctM0VfVEVvYjNqaVVnZkhFUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTdEQTAvM0EwRDkzMTAxRDhDMTFFMjhFRkY1N0U3MDhCMDJDRDIvRTUyNzA4QUFE RkNFMTFFRkJDNENENjMxQzRGOUFFMDIucm9hMCsGCCsGAQUFBwEHAQH/BBwwGjAY BAIAATASAwQBK/icAwQBd/x4AwQCfG0MMA0GCSqGSIb3DQEBCwUAA4IBAQACCQ69 nObA8g3OtVfXTjF8aCmoyK+XAzdjP3RAyiIFtnvCUvKGPSAAIoPkkqcuJqvFKF0d wiQz+UPhcIgXDITh1BZXDMSqnyMOa+ZkpGHab27Q0snKOWmjYHs1uzoOp8TRVID5 zVirKbkK2pwWsfgqRPOtiH/8nltPrzI4SaKeXiK1r83q/FdUJMoPTSPw7tfhY99g qBknQL0alTkBKS8+b/z5Y0wg+n9Y3lqVN98wloF8+/wafcYlrLS2CoF/fIvyBIKs 15CUmmk6YW5bvq4TnTAlGdh2RLR3JTCL9FPaM10bMs9jA4ThFOiFdXz7cHZ4Se6G /PKJ3zOHEa+WdyS1 -----END CERTIFICATE-----Generated at Mon Mar 2 09:05:36 2026 by rpki-client