$ rpki-client -vvf rpki.apnic.net/member_repository/A915D3E8/3F1F0DDAD28711EA9E73E646C4F9AE02/72603CD6D28811EAB7D79A47C4F9AE02.roa File: 72603CD6D28811EAB7D79A47C4F9AE02.roa (raw, json) Hash identifier: a0KJzFwwqv0lg3ULNBnJePGLp0NsrsB64/1kaRLoBG0= Subject key identifier: AA:F4:1E:C9:EF:12:FC:0B:CB:BC:37:92:69:90:FB:32:46:B0:40:09 Certificate issuer: /CN=A915D3E8/serialNumber=24BFA36352F84F1A8FA469DEB0E836E8035AE466 Certificate serial: 08CD Authority key identifier: 24:BF:A3:63:52:F8:4F:1A:8F:A4:69:DE:B0:E8:36:E8:03:5A:E4:66 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JL-jY1L4TxqPpGnesOg26ANa5GY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915D3E8/3F1F0DDAD28711EA9E73E646C4F9AE02/72603CD6D28811EAB7D79A47C4F9AE02.roa Signing time: Sun 01 Mar 2026 11:54:44 +0000 ROA not before: Fri 20 Jun 2025 10:03:07 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 55781 IP address blocks: 103.71.132.0/24 maxlen: 24 103.231.54.0/24 maxlen: 24 202.68.209.0/24 maxlen: 24 202.68.210.0/24 maxlen: 24 202.68.211.0/24 maxlen: 24 202.68.220.0/24 maxlen: 24 202.68.222.0/24 maxlen: 24 202.68.223.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915D3E8/3F1F0DDAD28711EA9E73E646C4F9AE02/JL-jY1L4TxqPpGnesOg26ANa5GY.crl rsync://rpki.apnic.net/member_repository/A915D3E8/3F1F0DDAD28711EA9E73E646C4F9AE02/JL-jY1L4TxqPpGnesOg26ANa5GY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JL-jY1L4TxqPpGnesOg26ANa5GY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:29:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2253 (0x8cd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915D3E8, serialNumber=24BFA36352F84F1A8FA469DEB0E836E8035AE466 Validity Not Before: Jun 20 10:03:07 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=69a42904-d7f5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:ee:b8:f1:45:b9:44:2d:1b:8d:49:57:fc:98: 57:70:ee:ad:6f:06:c5:e1:55:1e:f0:ab:f2:d0:4b: 18:6a:5e:5e:4c:85:98:a6:50:fb:6b:43:53:7f:7d: 2b:ef:15:51:34:31:0e:62:c6:0e:cf:ee:5d:4c:53: 4d:c8:ff:c1:d7:24:05:89:0e:3b:31:09:e1:b7:ac: 64:56:3d:d8:b6:0c:73:8f:34:de:b6:47:7d:7a:5f: 4a:8a:e9:97:51:96:49:6f:20:be:f7:df:b9:c0:36: 65:a8:0a:ef:a3:95:d8:4f:c6:73:70:31:41:b3:eb: 1d:04:3e:c7:a9:11:0c:4c:5e:5c:6f:4f:aa:01:27: ca:d3:c5:ac:d7:a1:18:cb:a6:06:7d:6e:d9:54:6d: dd:2f:7d:f3:6e:c8:94:bb:a3:19:09:65:e6:04:17: db:8b:41:a5:da:5a:04:c0:bf:a2:6d:03:41:c8:42: 52:65:72:c2:3b:7f:12:91:bb:fc:0a:ac:45:b3:d8: 9e:ce:15:88:38:e0:48:aa:bf:f1:7b:5d:48:87:26: 3b:9a:25:a7:12:b0:36:6e:9a:49:c1:aa:d0:06:54: 45:ca:0d:a6:80:e4:39:4f:5f:e3:d2:c1:e4:13:7e: 2b:25:c4:69:0d:fa:15:de:93:64:59:7d:de:1a:de: 32:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:F4:1E:C9:EF:12:FC:0B:CB:BC:37:92:69:90:FB:32:46:B0:40:09 X509v3 Authority Key Identifier: keyid:24:BF:A3:63:52:F8:4F:1A:8F:A4:69:DE:B0:E8:36:E8:03:5A:E4:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915D3E8/3F1F0DDAD28711EA9E73E646C4F9AE02/JL-jY1L4TxqPpGnesOg26ANa5GY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JL-jY1L4TxqPpGnesOg26ANa5GY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915D3E8/3F1F0DDAD28711EA9E73E646C4F9AE02/72603CD6D28811EAB7D79A47C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.71.132.0/24 103.231.54.0/24 202.68.209.0-202.68.211.255 202.68.220.0/24 202.68.222.0/23 Signature Algorithm: sha256WithRSAEncryption a7:03:59:9e:66:77:08:4e:ab:35:dd:93:3e:63:ea:55:92:07: 9b:08:f5:41:af:2e:83:c0:8c:37:02:14:ce:9d:db:52:ec:11: 6f:de:df:c4:30:cf:ba:96:bb:99:40:3c:a2:0a:09:ed:4f:95: e0:bf:99:f6:b2:c2:97:4b:ee:fb:69:bf:24:16:88:5d:2d:2b: 09:5f:b1:75:cd:35:d3:e8:78:16:ce:9a:6e:33:80:40:30:83: 02:56:7b:cd:7e:a3:ca:4c:8a:2c:9f:3b:0f:e8:11:b4:5e:7f: 0f:fd:dc:24:e3:b7:2e:4e:c6:76:2a:98:e2:9f:0a:b2:84:c2: 17:1a:1b:8d:f9:cb:fd:c4:8b:7b:c9:ea:2f:d6:0f:97:8b:8c: 23:fb:df:ff:ea:d4:28:78:97:9d:2b:bb:00:29:1e:52:1e:7a: 93:67:1d:67:c0:7c:0c:ed:9b:cf:86:7c:72:35:95:a5:1f:7c: 14:d1:11:e1:f4:4c:55:68:dc:bf:0c:4e:f3:aa:cb:95:5c:fb: 22:e1:0a:66:bc:22:63:b4:8d:a8:5f:a1:1f:49:31:6e:5f:00: 6b:16:13:6c:7d:14:22:74:44:2b:9f:e9:bd:88:f4:60:31:97: c7:67:e7:d6:d1:e9:86:e5:7f:56:af:6a:aa:84:d7:b9:70:48: 29:c6:41:66 -----BEGIN CERTIFICATE----- MIIFXDCCBESgAwIBAgICCM0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUQzRTgxMTAvBgNVBAUTKDI0QkZBMzYzNTJGODRGMUE4RkE0NjlERUIwRTgzNkU4 MDM1QUU0NjYwHhcNMjUwNjIwMTAwMzA3WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MjkwNC1kN2Y1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnu648UW5RC0bjUlX/JhXcO6tbwbF4VUe8Kvy0EsYal5eTIWYplD7a0NTf30r 7xVRNDEOYsYOz+5dTFNNyP/B1yQFiQ47MQnht6xkVj3YtgxzjzTetkd9el9KiumX UZZJbyC+99+5wDZlqArvo5XYT8ZzcDFBs+sdBD7HqREMTF5cb0+qASfK08Ws16EY y6YGfW7ZVG3dL33zbsiUu6MZCWXmBBfbi0Gl2loEwL+ibQNByEJSZXLCO38Skbv8 CqxFs9iezhWIOOBIqr/xe11IhyY7miWnErA2bppJwarQBlRFyg2mgOQ5T1/j0sHk E34rJcRpDfoV3pNkWX3eGt4yYwIDAQABo4ICgDCCAnwwHQYDVR0OBBYEFKr0Hsnv EvwLy7w3kmmQ+zJGsEAJMB8GA1UdIwQYMBaAFCS/o2NS+E8aj6Rp3rDoNugDWuRm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RDNFOC8zRjFGMEREQUQy ODcxMUVBOUU3M0U2NDZDNEY5QUUwMi9KTC1qWTFMNFR4cVBwR25lc09nMjZBTmE1 R1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0pMLWpZMUw0VHhxUHBHbmVzT2cyNkFOYTVHWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NUQzRTgvM0YxRjBEREFEMjg3MTFFQTlFNzNFNjQ2QzRGOUFFMDIvNzI2MDNDRDZE Mjg4MTFFQUI3RDc5QTQ3QzRGOUFFMDIucm9hMD8GCCsGAQUFBwEHAQH/BDAwLjAs BAIAATAmAwQAZ0eEAwQAZ+c2MAwDBADKRNEDBALKRNADBADKRNwDBAHKRN4wDQYJ KoZIhvcNAQELBQADggEBAKcDWZ5mdwhOqzXdkz5j6lWSB5sI9UGvLoPAjDcCFM6d 21LsEW/e38Qwz7qWu5lAPKIKCe1PleC/mfaywpdL7vtpvyQWiF0tKwlfsXXNNdPo eBbOmm4zgEAwgwJWe81+o8pMiiyfOw/oEbRefw/93CTjty5OxnYqmOKfCrKEwhca G435y/3Ei3vJ6i/WD5eLjCP73//q1Ch4l50ruwApHlIeepNnHWfAfAztm8+GfHI1 laUffBTREeH0TFVo3L8MTvOqy5Vc+yLhCma8ImO0jahfoR9JMW5fAGsWE2x9FCJ0 RCuf6b2I9GAxl8dn59bR6Yblf1avaqqE17lwSCnGQWY= -----END CERTIFICATE-----Generated at Mon Mar 2 21:24:16 2026 by rpki-client