$ rpki-client -vvf rpki.apnic.net/member_repository/A9160D0A/564A135ED22211ED9A206C46C4F9AE02/42EC5F02D2B711EDAF6DC017C4F9AE02.roa File: 42EC5F02D2B711EDAF6DC017C4F9AE02.roa (raw, json) Hash identifier: pkC+D8p7TNYzPBnocLkHTaXfdgtNXvj2i4jRd1Gl3NY= Subject key identifier: FA:97:4C:83:0A:40:CB:CE:7E:D5:D1:18:59:9F:B2:93:F3:BA:3C:40 Certificate issuer: /CN=A9160D0A/serialNumber=AC6385ED563E1FD6A66B3E4B510DCC6930CD4B0C Certificate serial: 0252 Authority key identifier: AC:63:85:ED:56:3E:1F:D6:A6:6B:3E:4B:51:0D:CC:69:30:CD:4B:0C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rGOF7VY-H9amaz5LUQ3MaTDNSww.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9160D0A/564A135ED22211ED9A206C46C4F9AE02/42EC5F02D2B711EDAF6DC017C4F9AE02.roa Signing time: Sun 01 Mar 2026 15:18:23 +0000 ROA not before: Sun 21 Dec 2025 02:23:02 +0000 ROA not after: Tue 02 Mar 2027 00:00:00 +0000 asID: 131283 IP address blocks: 103.120.104.0/22 maxlen: 22 103.120.104.0/24 maxlen: 24 103.120.105.0/24 maxlen: 24 103.120.106.0/24 maxlen: 24 103.120.107.0/24 maxlen: 24 175.100.160.0/24 maxlen: 24 175.100.161.0/24 maxlen: 24 175.100.162.0/24 maxlen: 24 175.100.163.0/24 maxlen: 24 2405:a100:10::/44 maxlen: 44 2405:a100:20::/44 maxlen: 44 2405:a100:30::/44 maxlen: 44 2405:a100:40::/44 maxlen: 44 2405:a100:50::/44 maxlen: 44 2405:a100:60::/44 maxlen: 44 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9160D0A/564A135ED22211ED9A206C46C4F9AE02/rGOF7VY-H9amaz5LUQ3MaTDNSww.crl rsync://rpki.apnic.net/member_repository/A9160D0A/564A135ED22211ED9A206C46C4F9AE02/rGOF7VY-H9amaz5LUQ3MaTDNSww.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rGOF7VY-H9amaz5LUQ3MaTDNSww.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 02:12:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 594 (0x252) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9160D0A, serialNumber=AC6385ED563E1FD6A66B3E4B510DCC6930CD4B0C Validity Not Before: Dec 21 02:23:02 2025 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=69a458bf-8759 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:87:a9:57:fb:e0:5d:71:c8:b0:d6:f9:fb:7e:33: 20:a5:9a:c9:87:90:10:55:3a:c7:91:58:2a:a4:e9: d6:d0:06:c7:c0:0e:96:cc:c0:c6:80:a4:5d:2e:90: 81:9e:38:16:df:2e:91:39:26:cd:fb:f4:5d:c3:e4: 06:e1:c4:c4:3b:41:11:a3:5a:7f:4e:09:aa:8b:32: 3b:09:b4:50:84:46:40:d5:bd:ef:03:ea:a3:68:91: b7:92:d6:29:8b:a9:33:96:03:d0:b7:b6:21:76:39: c5:b7:52:ca:96:05:fc:9b:2f:08:20:00:7d:f9:03: 9e:80:11:1e:c7:dc:91:5b:b0:74:da:10:dd:41:b4: 1f:72:d8:58:de:3f:4a:ab:6f:22:6c:e9:f7:c9:5f: a5:b3:a0:ee:01:f0:d8:b3:4b:89:ab:3e:6f:5f:c8: f7:82:4c:05:d8:3a:e9:9c:3f:49:c2:78:28:24:7c: f9:3a:17:19:e6:d8:e9:97:8a:a7:46:47:a0:97:1b: 77:3d:ee:ee:05:80:4f:9e:a9:e0:9a:4c:04:af:d4: f4:ff:76:63:e9:8d:31:eb:ba:ef:a7:55:c5:2e:4d: b4:12:f6:27:a0:35:b8:b4:9e:df:af:c2:6c:05:45: 6a:ae:1f:2a:7a:aa:58:4f:6b:6d:0b:f3:f1:87:33: 50:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:97:4C:83:0A:40:CB:CE:7E:D5:D1:18:59:9F:B2:93:F3:BA:3C:40 X509v3 Authority Key Identifier: keyid:AC:63:85:ED:56:3E:1F:D6:A6:6B:3E:4B:51:0D:CC:69:30:CD:4B:0C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9160D0A/564A135ED22211ED9A206C46C4F9AE02/rGOF7VY-H9amaz5LUQ3MaTDNSww.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rGOF7VY-H9amaz5LUQ3MaTDNSww.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9160D0A/564A135ED22211ED9A206C46C4F9AE02/42EC5F02D2B711EDAF6DC017C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.120.104.0/22 175.100.160.0/22 IPv6: 2405:a100:10::-2405:a100:6f:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 28:d3:4d:81:ce:5b:cf:52:5f:23:c0:5a:dc:fb:06:e1:9b:26: 52:ee:3b:ec:58:36:12:73:1f:c9:c8:cd:7a:20:b4:c1:a3:fd: d5:57:12:03:44:f3:9f:cc:99:06:ef:e9:a9:68:57:2a:e8:86: 2b:3e:25:85:6b:34:60:25:1a:0c:36:f7:cb:15:e9:74:d8:60: 85:b0:9d:9b:25:0f:14:d2:cd:d1:a2:d2:c4:68:e7:c8:3d:02: 87:82:1b:a4:1f:bd:47:ae:37:d9:b9:d5:e4:2c:9e:b6:de:5e: da:d6:32:7d:2e:a4:a1:ad:b7:29:0b:75:12:1c:c6:d9:79:2d: 1d:50:90:bf:65:26:ab:93:6e:00:f8:e4:d5:15:a6:ef:50:ea: dc:7a:06:d4:34:7c:34:41:20:bd:12:23:88:ba:3b:67:ef:a1: a3:12:46:e5:dd:a4:73:b5:e9:bf:e0:10:41:33:24:9e:35:2b: fc:ef:95:ef:82:4a:ce:7d:dc:19:92:fd:e0:c0:3a:4e:92:ac: 30:39:e3:40:bd:09:9b:b7:79:9d:a9:01:61:08:39:ba:9d:4d: d4:0a:b3:39:fe:6e:82:fd:67:7d:9b:fd:1f:48:3e:c8:a2:05: 74:30:05:7a:b0:ef:d8:19:f1:df:a6:5d:0c:ce:15:8e:bb:82: 8d:10:88:43 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgICAlIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjBEMEExMTAvBgNVBAUTKEFDNjM4NUVENTYzRTFGRDZBNjZCM0U0QjUxMERDQzY5 MzBDRDRCMEMwHhcNMjUxMjIxMDIyMzAyWhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NThiZi04NzU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAh6lX++Bdcciw1vn7fjMgpZrJh5AQVTrHkVgqpOnW0AbHwA6WzMDGgKRdLpCB njgW3y6ROSbN+/Rdw+QG4cTEO0ERo1p/TgmqizI7CbRQhEZA1b3vA+qjaJG3ktYp i6kzlgPQt7YhdjnFt1LKlgX8my8IIAB9+QOegBEex9yRW7B02hDdQbQfcthY3j9K q28ibOn3yV+ls6DuAfDYs0uJqz5vX8j3gkwF2DrpnD9JwngoJHz5OhcZ5tjpl4qn Rkeglxt3Pe7uBYBPnqngmkwEr9T0/3Zj6Y0x67rvp1XFLk20EvYnoDW4tJ7fr8Js BUVqrh8qeqpYT2ttC/PxhzNQwwIDAQABo4ICgjCCAn4wHQYDVR0OBBYEFPqXTIMK QMvOftXRGFmfspPzujxAMB8GA1UdIwQYMBaAFKxjhe1WPh/Wpms+S1ENzGkwzUsM MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MEQwQS81NjRBMTM1RUQy MjIxMUVEOUEyMDZDNDZDNEY5QUUwMi9yR09GN1ZZLUg5YW1hejVMVVEzTWFURE5T d3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JHT0Y3VlktSDlhbWF6NUxVUTNNYVRETlN3dy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NjBEMEEvNTY0QTEzNUVEMjIyMTFFRDlBMjA2QzQ2QzRGOUFFMDIvNDJFQzVGMDJE MkI3MTFFREFGNkRDMDE3QzRGOUFFMDIucm9hMEEGCCsGAQUFBwEHAQH/BDIwMDAS BAIAATAMAwQCZ3hoAwQCr2SgMBoEAgACMBQwEgMHBCQFoQAAEAMHBCQFoQAAYDAN BgkqhkiG9w0BAQsFAAOCAQEAKNNNgc5bz1JfI8Ba3PsG4ZsmUu477Fg2EnMfycjN eiC0waP91VcSA0Tzn8yZBu/pqWhXKuiGKz4lhWs0YCUaDDb3yxXpdNhghbCdmyUP FNLN0aLSxGjnyD0Ch4IbpB+9R6432bnV5Cyett5e2tYyfS6koa23KQt1EhzG2Xkt HVCQv2Umq5NuAPjk1RWm71Dq3HoG1DR8NEEgvRIjiLo7Z++hoxJG5d2kc7Xpv+AQ QTMknjUr/O+V74JKzn3cGZL94MA6TpKsMDnjQL0Jm7d5nakBYQg5up1N1AqzOf5u gv1nfZv9H0g+yKIFdDAFerDv2Bnx36ZdDM4VjruCjRCIQw== -----END CERTIFICATE-----Generated at Mon Mar 2 17:04:57 2026 by rpki-client