$ rpki-client -vvf rpki.apnic.net/member_repository/A9158028/8A4ADEE4A11F11EB9339D50AC4F9AE02/687D7178B85D11EBB2E17F26C4F9AE02.roa File: 687D7178B85D11EBB2E17F26C4F9AE02.roa (raw, json) Hash identifier: M577gprOgopViMBlM2br8rPqwyVug+teBZ5+ccpEPA8= Subject key identifier: D0:CE:F9:3F:E3:A7:76:0C:FF:E9:96:AB:15:38:4F:87:2F:D3:2A:F6 Certificate issuer: /CN=A9158028/serialNumber=809EFF1F7819B81751F177AB5AFED82BCC32A569 Certificate serial: 06A8 Authority key identifier: 80:9E:FF:1F:78:19:B8:17:51:F1:77:AB:5A:FE:D8:2B:CC:32:A5:69 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gJ7_H3gZuBdR8XerWv7YK8wypWk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9158028/8A4ADEE4A11F11EB9339D50AC4F9AE02/687D7178B85D11EBB2E17F26C4F9AE02.roa Signing time: Sun 01 Mar 2026 12:35:02 +0000 ROA not before: Sat 04 Oct 2025 22:54:07 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 132296 IP address blocks: 103.72.72.0/22 maxlen: 22 103.72.72.0/24 maxlen: 24 103.72.73.0/24 maxlen: 24 103.72.74.0/24 maxlen: 24 103.72.75.0/24 maxlen: 24 103.233.140.0/23 maxlen: 23 103.233.140.0/24 maxlen: 24 103.233.141.0/24 maxlen: 24 103.248.202.0/23 maxlen: 24 2406:b580::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9158028/8A4ADEE4A11F11EB9339D50AC4F9AE02/gJ7_H3gZuBdR8XerWv7YK8wypWk.crl rsync://rpki.apnic.net/member_repository/A9158028/8A4ADEE4A11F11EB9339D50AC4F9AE02/gJ7_H3gZuBdR8XerWv7YK8wypWk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gJ7_H3gZuBdR8XerWv7YK8wypWk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 02:37:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1704 (0x6a8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9158028, serialNumber=809EFF1F7819B81751F177AB5AFED82BCC32A569 Validity Not Before: Oct 4 22:54:07 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=69a43276-84bc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:97:53:3b:3f:d8:31:56:6c:5e:a6:ef:b2:aa: 61:91:5f:23:c9:a3:31:26:1a:11:97:e8:48:52:e4: 4e:f1:f3:bf:f4:d3:bc:64:a6:e6:13:00:19:63:da: f8:46:65:c4:94:9b:b9:46:e8:7c:83:22:0b:0f:97: af:20:0d:26:ca:e8:29:59:5e:23:df:3b:43:76:63: 35:23:b7:f2:32:d4:f8:4b:39:29:b3:16:ff:93:c2: 85:8f:f7:e1:f1:ab:e5:24:8f:66:d6:7a:de:3f:47: 6e:da:cb:eb:3e:b9:f8:f9:26:e0:63:32:c4:94:da: cd:d5:1d:b1:5b:18:44:e2:5f:d6:1a:59:41:3f:c4: f5:d2:02:89:6b:a0:26:cc:1d:ca:d1:7b:57:b8:59: 23:d9:be:94:85:8f:42:37:2b:3a:81:91:eb:9f:97: a1:7f:53:ea:1d:ff:85:d9:93:2c:11:b4:af:c8:e1: de:74:48:b1:e0:78:73:33:1e:92:af:d7:4a:10:cb: 3d:fa:93:32:bd:88:3f:44:4d:bb:c0:76:5a:26:46: f3:7d:7b:b5:34:80:74:43:94:95:ea:f8:ed:51:77: 9d:41:9c:51:6b:d1:6e:88:c9:6f:61:73:cb:9f:76: a0:11:62:1f:eb:a7:3c:76:9e:de:d1:ae:81:8b:39: 56:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:CE:F9:3F:E3:A7:76:0C:FF:E9:96:AB:15:38:4F:87:2F:D3:2A:F6 X509v3 Authority Key Identifier: keyid:80:9E:FF:1F:78:19:B8:17:51:F1:77:AB:5A:FE:D8:2B:CC:32:A5:69 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9158028/8A4ADEE4A11F11EB9339D50AC4F9AE02/gJ7_H3gZuBdR8XerWv7YK8wypWk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gJ7_H3gZuBdR8XerWv7YK8wypWk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158028/8A4ADEE4A11F11EB9339D50AC4F9AE02/687D7178B85D11EBB2E17F26C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.72.72.0/22 103.233.140.0/23 103.248.202.0/23 IPv6: 2406:b580::/32 Signature Algorithm: sha256WithRSAEncryption cd:a8:10:05:d9:70:a4:8f:44:bb:70:20:80:17:bb:fb:66:b5: e0:58:f8:88:c6:86:87:37:84:d7:bd:3a:59:2f:a3:5c:23:91: ec:b1:f4:bf:39:62:19:1b:23:e3:3f:09:fe:39:bd:1a:67:22: a7:b7:19:de:d4:85:86:2d:5f:49:42:34:5e:e1:e2:4f:6e:6f: 0f:b4:9e:5b:2f:f5:1f:1a:3a:7b:cd:f5:89:ce:12:a8:ce:15: fe:87:26:a4:c0:16:b9:64:81:23:9e:3d:98:ff:e7:4e:2b:ba: 50:03:98:c4:3e:e7:80:6f:b0:7a:dc:04:53:bc:d7:2b:be:e0: 04:b4:06:f7:9e:63:96:e2:fe:fc:e6:61:3d:6d:25:ae:7f:e2: 74:9e:00:31:fe:b8:c4:11:3a:e6:6a:42:8e:f2:b9:ac:10:84: 64:79:32:51:40:83:3d:70:6d:36:53:74:b4:23:04:da:3d:ff: 68:58:de:64:f2:5f:1e:cd:10:5e:11:a9:bd:5d:5f:da:00:08: 70:d9:27:65:07:6c:3b:26:e1:69:ee:36:9e:08:16:29:3d:1c: 86:c3:90:f9:80:72:e7:71:a9:b2:94:8b:5f:02:82:e4:23:6f: 2f:b0:9e:d2:89:e4:ac:14:ad:43:e0:84:af:09:9c:22:73:5d: 3b:50:c9:32 -----BEGIN CERTIFICATE----- MIIFVzCCBD+gAwIBAgICBqgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTgwMjgxMTAvBgNVBAUTKDgwOUVGRjFGNzgxOUI4MTc1MUYxNzdBQjVBRkVEODJC Q0MzMkE1NjkwHhcNMjUxMDA0MjI1NDA3WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MzI3Ni04NGJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3ZdTOz/YMVZsXqbvsqphkV8jyaMxJhoRl+hIUuRO8fO/9NO8ZKbmEwAZY9r4 RmXElJu5Ruh8gyILD5evIA0myugpWV4j3ztDdmM1I7fyMtT4Szkpsxb/k8KFj/fh 8avlJI9m1nreP0du2svrPrn4+SbgYzLElNrN1R2xWxhE4l/WGllBP8T10gKJa6Am zB3K0XtXuFkj2b6UhY9CNys6gZHrn5ehf1PqHf+F2ZMsEbSvyOHedEix4HhzMx6S r9dKEMs9+pMyvYg/RE27wHZaJkbzfXu1NIB0Q5SV6vjtUXedQZxRa9FuiMlvYXPL n3agEWIf66c8dp7e0a6BizlWMwIDAQABo4ICezCCAncwHQYDVR0OBBYEFNDO+T/j p3YM/+mWqxU4T4cv0yr2MB8GA1UdIwQYMBaAFICe/x94GbgXUfF3q1r+2CvMMqVp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODAyOC84QTRBREVFNEEx MUYxMUVCOTMzOUQ1MEFDNEY5QUUwMi9nSjdfSDNnWnVCZFI4WGVyV3Y3WUs4d3lw V2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2dKN19IM2dadUJkUjhYZXJXdjdZSzh3eXBXay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTgwMjgvOEE0QURFRTRBMTFGMTFFQjkzMzlENTBBQzRGOUFFMDIvNjg3RDcxNzhC ODVEMTFFQkIyRTE3RjI2QzRGOUFFMDIucm9hMDoGCCsGAQUFBwEHAQH/BCswKTAY BAIAATASAwQCZ0hIAwQBZ+mMAwQBZ/jKMA0EAgACMAcDBQAkBrWAMA0GCSqGSIb3 DQEBCwUAA4IBAQDNqBAF2XCkj0S7cCCAF7v7ZrXgWPiIxoaHN4TXvTpZL6NcI5Hs sfS/OWIZGyPjPwn+Ob0aZyKntxne1IWGLV9JQjRe4eJPbm8PtJ5bL/UfGjp7zfWJ zhKozhX+hyakwBa5ZIEjnj2Y/+dOK7pQA5jEPueAb7B63ARTvNcrvuAEtAb3nmOW 4v785mE9bSWuf+J0ngAx/rjEETrmakKO8rmsEIRkeTJRQIM9cG02U3S0IwTaPf9o WN5k8l8ezRBeEam9XV/aAAhw2SdlB2w7JuFp7jaeCBYpPRyGw5D5gHLncamylItf AoLkI28vsJ7SieSsFK1D4ISvCZwic107UMky -----END CERTIFICATE-----Generated at Mon Mar 2 12:51:20 2026 by rpki-client