$ rpki-client -vvf rpki.apnic.net/member_repository/A9158D75/7434940EF25E11E99130B181C4F9AE02/B4B32D509EDD11EC85676D09C4F9AE02.roa File: B4B32D509EDD11EC85676D09C4F9AE02.roa (raw, json) Hash identifier: Ovbz8WfF+7T9XaocM/UJK9R5ceRemZg3T+1seHybZC0= Subject key identifier: 2F:E7:CB:4A:58:F0:FC:8D:36:91:27:8B:F9:E7:AE:7F:03:94:13:52 Certificate issuer: /CN=A9158D75/serialNumber=F4345C314D6EBEDEB45FE0755F8FFEACF363CB8A Certificate serial: 0D50 Authority key identifier: F4:34:5C:31:4D:6E:BE:DE:B4:5F:E0:75:5F:8F:FE:AC:F3:63:CB:8A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9DRcMU1uvt60X-B1X4_-rPNjy4o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9158D75/7434940EF25E11E99130B181C4F9AE02/B4B32D509EDD11EC85676D09C4F9AE02.roa Signing time: Sun 01 Mar 2026 13:51:57 +0000 ROA not before: Fri 28 Mar 2025 18:29:23 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 38031 IP address blocks: 43.254.96.0/22 maxlen: 24 61.247.176.0/20 maxlen: 24 103.245.96.0/22 maxlen: 22 103.245.98.0/23 maxlen: 24 111.221.0.0/21 maxlen: 24 114.134.88.0/21 maxlen: 24 203.112.72.0/21 maxlen: 24 2401:d380::/32 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9158D75/7434940EF25E11E99130B181C4F9AE02/9DRcMU1uvt60X-B1X4_-rPNjy4o.crl rsync://rpki.apnic.net/member_repository/A9158D75/7434940EF25E11E99130B181C4F9AE02/9DRcMU1uvt60X-B1X4_-rPNjy4o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9DRcMU1uvt60X-B1X4_-rPNjy4o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 17:58:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3408 (0xd50) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9158D75, serialNumber=F4345C314D6EBEDEB45FE0755F8FFEACF363CB8A Validity Not Before: Mar 28 18:29:23 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=69a4447d-6f8b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:89:81:14:b1:a4:66:47:1d:61:a0:44:5d:fb: 40:24:d3:36:11:12:be:48:69:09:3a:20:d6:12:99: 56:34:5a:79:91:1a:4a:53:ae:f1:0c:13:00:d1:45: ea:b0:30:c0:ce:18:e8:cf:ed:4f:f9:86:1b:5e:8a: 46:8a:ad:ae:b7:eb:6d:92:2f:21:7f:73:c1:54:72: e3:07:b5:b2:43:49:5d:f7:ff:ae:56:8f:f8:2d:64: 5e:f1:bf:33:a4:01:dc:f5:68:ac:1d:2e:db:9c:18: 2d:7f:18:f7:08:ec:85:a3:c5:79:e2:c0:cd:36:86: d5:f9:6e:6c:eb:28:1d:0c:56:1f:d0:b8:fa:2c:e9: 4d:e6:6a:50:7f:65:c4:5c:3e:48:bd:ac:38:42:6f: 0b:20:b2:db:69:bb:70:85:05:13:95:93:1d:e1:57: f2:19:f4:28:46:14:3a:d9:3d:06:15:e9:79:40:c0: fb:e2:db:68:c2:90:83:40:c0:1d:e3:5a:81:0e:76: 16:be:06:54:52:34:80:28:a6:17:9f:c7:30:c7:2a: 00:d3:97:70:c7:32:9a:a4:1f:6d:5b:0d:bb:91:ab: 2a:e3:04:8b:46:47:c4:2b:84:b9:0f:a2:5b:b6:33: ed:4e:99:65:cb:c0:91:32:f9:92:06:89:47:c5:51: 96:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:E7:CB:4A:58:F0:FC:8D:36:91:27:8B:F9:E7:AE:7F:03:94:13:52 X509v3 Authority Key Identifier: keyid:F4:34:5C:31:4D:6E:BE:DE:B4:5F:E0:75:5F:8F:FE:AC:F3:63:CB:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9158D75/7434940EF25E11E99130B181C4F9AE02/9DRcMU1uvt60X-B1X4_-rPNjy4o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9DRcMU1uvt60X-B1X4_-rPNjy4o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158D75/7434940EF25E11E99130B181C4F9AE02/B4B32D509EDD11EC85676D09C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.254.96.0/22 61.247.176.0/20 103.245.96.0/22 111.221.0.0/21 114.134.88.0/21 203.112.72.0/21 IPv6: 2401:d380::/32 Signature Algorithm: sha256WithRSAEncryption a8:02:df:bd:0a:67:87:ab:26:3b:79:4b:18:00:3d:76:cb:37: d9:32:20:5d:1e:06:94:c3:16:df:57:42:3e:3c:41:de:24:3b: a9:97:05:95:a7:ec:ec:95:13:c9:9e:67:77:0a:93:b6:f8:e6: cb:90:e7:f9:6f:b9:f0:c3:97:08:cb:ba:38:a8:95:dc:63:32: 5f:e6:db:2d:51:5c:ec:12:e9:43:f3:c2:8d:6d:0f:6b:c6:08: 03:4c:12:e3:2a:4f:b8:be:ae:e8:0c:cb:e1:25:c2:9f:2c:84: 80:6f:e7:85:ed:5a:6f:48:42:4c:86:20:b7:cf:6f:9c:7b:b7: 80:87:96:2d:9d:3c:74:d8:13:8d:6c:9a:ba:5e:8d:f0:e5:79: 10:06:20:e7:67:6c:db:63:90:a4:e7:84:cf:f0:6a:5c:84:f1: ca:ca:59:ef:52:e0:3b:34:b0:3b:fb:f9:cc:a9:97:d7:c7:72: fb:6d:b6:89:a6:a7:21:79:7e:a8:d8:b7:d0:73:d8:f9:4f:1b: 19:24:52:b0:8b:a1:85:bf:36:bb:47:08:50:d0:c1:d2:86:0f: 0a:9a:f3:11:44:32:4c:0d:b9:29:e9:b3:18:50:39:c5:49:8a: e0:0a:16:88:84:64:f1:aa:50:38:9b:ee:e8:29:63:9b:21:d7: 49:19:90:c3 -----BEGIN CERTIFICATE----- MIIFaTCCBFGgAwIBAgICDVAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NThENzUxMTAvBgNVBAUTKEY0MzQ1QzMxNEQ2RUJFREVCNDVGRTA3NTVGOEZGRUFD RjM2M0NCOEEwHhcNMjUwMzI4MTgyOTIzWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NDQ3ZC02ZjhiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwYmBFLGkZkcdYaBEXftAJNM2ERK+SGkJOiDWEplWNFp5kRpKU67xDBMA0UXq sDDAzhjoz+1P+YYbXopGiq2ut+ttki8hf3PBVHLjB7WyQ0ld9/+uVo/4LWRe8b8z pAHc9WisHS7bnBgtfxj3COyFo8V54sDNNobV+W5s6ygdDFYf0Lj6LOlN5mpQf2XE XD5Ivaw4Qm8LILLbabtwhQUTlZMd4VfyGfQoRhQ62T0GFel5QMD74ttowpCDQMAd 41qBDnYWvgZUUjSAKKYXn8cwxyoA05dwxzKapB9tWw27kasq4wSLRkfEK4S5D6Jb tjPtTplly8CRMvmSBolHxVGWjwIDAQABo4ICjTCCAokwHQYDVR0OBBYEFC/ny0pY 8PyNNpEni/nnrn8DlBNSMB8GA1UdIwQYMBaAFPQ0XDFNbr7etF/gdV+P/qzzY8uK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OEQ3NS83NDM0OTQwRUYy NUUxMUU5OTEzMEIxODFDNEY5QUUwMi85RFJjTVUxdXZ0NjBYLUIxWDRfLXJQTmp5 NG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzlEUmNNVTF1dnQ2MFgtQjFYNF8tclBOank0by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NThENzUvNzQzNDk0MEVGMjVFMTFFOTkxMzBCMTgxQzRGOUFFMDIvQjRCMzJENTA5 RUREMTFFQzg1Njc2RDA5QzRGOUFFMDIucm9hMEwGCCsGAQUFBwEHAQH/BD0wOzAq BAIAATAkAwQCK/5gAwQEPfewAwQCZ/VgAwQDb90AAwQDcoZYAwQDy3BIMA0EAgAC MAcDBQAkAdOAMA0GCSqGSIb3DQEBCwUAA4IBAQCoAt+9CmeHqyY7eUsYAD12yzfZ MiBdHgaUwxbfV0I+PEHeJDuplwWVp+zslRPJnmd3CpO2+ObLkOf5b7nww5cIy7o4 qJXcYzJf5tstUVzsEulD88KNbQ9rxggDTBLjKk+4vq7oDMvhJcKfLISAb+eF7Vpv SEJMhiC3z2+ce7eAh5YtnTx02BONbJq6Xo3w5XkQBiDnZ2zbY5Ck54TP8GpchPHK ylnvUuA7NLA7+/nMqZfXx3L7bbaJpqcheX6o2LfQc9j5TxsZJFKwi6GFvza7RwhQ 0MHShg8KmvMRRDJMDbkp6bMYUDnFSYrgChaIhGTxqlA4m+7oKWObIddJGZDD -----END CERTIFICATE-----Generated at Tue Mar 3 00:41:06 2026 by rpki-client