$ rpki-client -vvf rpki.apnic.net/member_repository/A9158F8D/A179E53C647711EFA82DE93DC4F9AE02/B9574A322C1311F0B642882AC4F9AE02.roa File: B9574A322C1311F0B642882AC4F9AE02.roa (raw, json) Hash identifier: vOf/o1JHkb8wuECkMMHoKSsb6jXZeHUN4IdzhUHE9fc= Subject key identifier: 9E:22:1B:32:7E:DC:A4:12:88:5D:C5:31:A0:47:21:D4:9F:82:E2:F8 Certificate issuer: /CN=A9158F8D/serialNumber=2A01C8FE967969447831EC01C02BC4E9CB9ACE2C Certificate serial: 012F Authority key identifier: 2A:01:C8:FE:96:79:69:44:78:31:EC:01:C0:2B:C4:E9:CB:9A:CE:2C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KgHI_pZ5aUR4MewBwCvE6cuaziw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9158F8D/A179E53C647711EFA82DE93DC4F9AE02/B9574A322C1311F0B642882AC4F9AE02.roa Signing time: Mon 02 Mar 2026 13:54:49 +0000 ROA not before: Sat 11 Oct 2025 09:03:29 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 138199 IP address blocks: 103.122.52.0/24 maxlen: 24 202.37.80.0/22 maxlen: 24 2001:df6:8d00::/48 maxlen: 48 2401:42a0::/32 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9158F8D/A179E53C647711EFA82DE93DC4F9AE02/KgHI_pZ5aUR4MewBwCvE6cuaziw.crl rsync://rpki.apnic.net/member_repository/A9158F8D/A179E53C647711EFA82DE93DC4F9AE02/KgHI_pZ5aUR4MewBwCvE6cuaziw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KgHI_pZ5aUR4MewBwCvE6cuaziw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 13:54:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 303 (0x12f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9158F8D, serialNumber=2A01C8FE967969447831EC01C02BC4E9CB9ACE2C Validity Not Before: Oct 11 09:03:29 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=69a596a9-3584 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:89:91:85:e6:01:34:ec:5a:2e:d3:69:4e:20: bb:9c:b8:37:e3:26:39:d1:f8:19:82:28:41:b9:6a: ea:0b:40:24:b1:2a:23:d5:48:f5:84:b0:b2:02:23: fb:fd:ab:60:cc:7b:a5:1a:14:60:03:84:eb:d6:cd: 31:3f:75:d8:0b:95:9f:4e:e0:50:e2:e4:43:98:ad: 78:66:a6:07:83:d0:7b:a9:73:01:1b:a5:f6:b1:74: 8c:3d:71:ca:2e:00:41:3d:82:16:6b:3e:ec:c2:60: 8c:ba:5e:f8:13:33:ca:0c:42:e8:a1:71:12:fe:36: e9:32:64:3e:46:06:ed:bf:b7:12:04:fc:15:7a:4c: 13:06:e5:b3:d4:9f:9b:03:bd:23:ba:fa:a9:bf:a0: d4:be:74:93:d4:82:dc:0f:3a:40:40:df:69:10:3d: c0:f9:cb:a8:01:e1:f3:a6:34:14:48:f0:3e:c9:9e: 82:78:af:e9:28:b4:82:d0:52:76:f1:14:77:1c:40: 7f:92:91:3d:82:2a:66:9e:97:f1:13:71:36:59:74: 52:70:2a:37:5c:0b:b0:77:16:18:74:3c:25:fb:fd: 77:61:7a:5a:70:37:fc:36:e5:77:ce:91:e0:72:00: fa:e9:61:2b:b8:cb:b4:4e:74:82:20:fa:18:19:ff: 6d:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:22:1B:32:7E:DC:A4:12:88:5D:C5:31:A0:47:21:D4:9F:82:E2:F8 X509v3 Authority Key Identifier: keyid:2A:01:C8:FE:96:79:69:44:78:31:EC:01:C0:2B:C4:E9:CB:9A:CE:2C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9158F8D/A179E53C647711EFA82DE93DC4F9AE02/KgHI_pZ5aUR4MewBwCvE6cuaziw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KgHI_pZ5aUR4MewBwCvE6cuaziw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158F8D/A179E53C647711EFA82DE93DC4F9AE02/B9574A322C1311F0B642882AC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.122.52.0/24 202.37.80.0/22 IPv6: 2001:df6:8d00::/48 2401:42a0::/32 Signature Algorithm: sha256WithRSAEncryption d4:c4:fb:d1:b9:10:74:86:5e:82:30:88:ee:02:ee:ea:5a:71: bb:07:0e:ad:c9:0a:30:d6:bf:bd:3e:51:8d:cd:c4:2f:88:69: e4:d2:5c:ce:4b:a1:d2:b3:3d:de:02:24:e2:33:c4:3f:ee:65: 5e:a0:5c:5e:2c:6a:3f:44:82:b0:db:e6:5a:d9:94:19:e3:b0: 0c:60:71:5c:1a:62:dc:16:57:e4:27:82:b1:dc:03:80:3c:b9: c0:06:88:50:67:31:8a:b8:3a:79:91:c6:c2:34:30:a1:58:df: b6:40:87:ee:30:8e:78:44:ee:70:21:39:ba:53:fe:1d:23:97: 48:53:b4:ef:1a:3b:ee:4d:52:84:14:bd:db:72:c4:14:44:62: e0:11:80:22:97:e7:07:49:79:e1:45:d4:04:2d:50:b7:e8:15: 17:73:da:08:89:1d:d8:2e:f9:ff:80:04:e7:80:5b:63:9b:bc: 3a:26:6f:7c:4f:ec:0c:eb:6e:ad:c9:a4:25:ef:96:c9:68:c7: ff:28:11:54:37:f4:58:ab:53:e4:d5:26:a6:5d:4b:3b:f2:85: ed:b9:21:3e:de:9b:12:09:80:59:dc:6a:b2:0c:7b:39:e0:be: e3:bc:58:6c:76:96:04:9e:13:d0:0c:ea:26:4b:d1:d7:56:a9: 08:ee:7a:a1 -----BEGIN CERTIFICATE----- MIIFWjCCBEKgAwIBAgICAS8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NThGOEQxMTAvBgNVBAUTKDJBMDFDOEZFOTY3OTY5NDQ3ODMxRUMwMUMwMkJDNEU5 Q0I5QUNFMkMwHhcNMjUxMDExMDkwMzI5WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE1OTZhOS0zNTg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA34mRheYBNOxaLtNpTiC7nLg34yY50fgZgihBuWrqC0AksSoj1Uj1hLCyAiP7 /atgzHulGhRgA4Tr1s0xP3XYC5WfTuBQ4uRDmK14ZqYHg9B7qXMBG6X2sXSMPXHK LgBBPYIWaz7swmCMul74EzPKDELooXES/jbpMmQ+Rgbtv7cSBPwVekwTBuWz1J+b A70juvqpv6DUvnST1ILcDzpAQN9pED3A+cuoAeHzpjQUSPA+yZ6CeK/pKLSC0FJ2 8RR3HEB/kpE9gipmnpfxE3E2WXRScCo3XAuwdxYYdDwl+/13YXpacDf8NuV3zpHg cgD66WEruMu0TnSCIPoYGf9tFQIDAQABo4ICfjCCAnowHQYDVR0OBBYEFJ4iGzJ+ 3KQSiF3FMaBHIdSfguL4MB8GA1UdIwQYMBaAFCoByP6WeWlEeDHsAcArxOnLms4s MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OEY4RC9BMTc5RTUzQzY0 NzcxMUVGQTgyREU5M0RDNEY5QUUwMi9LZ0hJX3BaNWFVUjRNZXdCd0N2RTZjdWF6 aXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tnSElfcFo1YVVSNE1ld0J3Q3ZFNmN1YXppdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NThGOEQvQTE3OUU1M0M2NDc3MTFFRkE4MkRFOTNEQzRGOUFFMDIvQjk1NzRBMzIy QzEzMTFGMEI2NDI4ODJBQzRGOUFFMDIucm9hMD0GCCsGAQUFBwEHAQH/BC4wLDAS BAIAATAMAwQAZ3o0AwQCyiVQMBYEAgACMBADBwAgAQ32jQADBQAkAUKgMA0GCSqG SIb3DQEBCwUAA4IBAQDUxPvRuRB0hl6CMIjuAu7qWnG7Bw6tyQow1r+9PlGNzcQv iGnk0lzOS6HSsz3eAiTiM8Q/7mVeoFxeLGo/RIKw2+Za2ZQZ47AMYHFcGmLcFlfk J4Kx3AOAPLnABohQZzGKuDp5kcbCNDChWN+2QIfuMI54RO5wITm6U/4dI5dIU7Tv GjvuTVKEFL3bcsQURGLgEYAil+cHSXnhRdQELVC36BUXc9oIiR3YLvn/gATngFtj m7w6Jm98T+wM626tyaQl75bJaMf/KBFUN/RYq1Pk1SamXUs78oXtuSE+3psSCYBZ 3GqyDHs54L7jvFhsdpYEnhPQDOomS9HXVqkI7nqh -----END CERTIFICATE-----Generated at Mon Mar 2 21:12:09 2026 by rpki-client