$ rpki-client -vvf rpki.apnic.net/member_repository/A9161B4C/29799152043011EEB3732C5BC4F9AE02/3D940BFAC1A711EFAFD15F46C4F9AE02.roa File: 3D940BFAC1A711EFAFD15F46C4F9AE02.roa (raw, json) Hash identifier: BL9qZTPXZmQbBTS7H13H05Yag9DH+3PJ5ndAPjL9cnU= Subject key identifier: 18:68:DE:09:BE:45:65:95:C4:14:99:37:E7:0E:B4:C3:E5:2A:C5:17 Certificate issuer: /CN=A9161B4C/serialNumber=E384AA4025A106B547A7C089B1DDFEEE6CCBA22F Certificate serial: 0226 Authority key identifier: E3:84:AA:40:25:A1:06:B5:47:A7:C0:89:B1:DD:FE:EE:6C:CB:A2:2F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/44SqQCWhBrVHp8CJsd3-7mzLoi8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9161B4C/29799152043011EEB3732C5BC4F9AE02/3D940BFAC1A711EFAFD15F46C4F9AE02.roa Signing time: Sun 01 Mar 2026 07:32:00 +0000 ROA not before: Wed 09 Jul 2025 04:39:50 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 151396 IP address blocks: 103.134.216.0/24 maxlen: 24 103.134.217.0/24 maxlen: 24 103.134.218.0/24 maxlen: 24 103.134.219.0/24 maxlen: 24 103.146.218.0/23 maxlen: 24 103.214.0.0/23 maxlen: 24 2401:720::/36 maxlen: 36 2401:720:1000::/36 maxlen: 36 2401:720:2000::/36 maxlen: 36 2401:720:3000::/36 maxlen: 36 2401:720:4000::/36 maxlen: 36 2401:720:5000::/36 maxlen: 36 2401:720:6000::/36 maxlen: 36 2401:720:7000::/36 maxlen: 36 2401:720:8000::/36 maxlen: 36 2401:720:9000::/36 maxlen: 36 2401:720:a000::/36 maxlen: 36 2401:720:b000::/36 maxlen: 36 2401:720:c000::/36 maxlen: 36 2401:720:d000::/36 maxlen: 36 2401:720:e000::/36 maxlen: 36 2401:720:f000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9161B4C/29799152043011EEB3732C5BC4F9AE02/44SqQCWhBrVHp8CJsd3-7mzLoi8.crl rsync://rpki.apnic.net/member_repository/A9161B4C/29799152043011EEB3732C5BC4F9AE02/44SqQCWhBrVHp8CJsd3-7mzLoi8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/44SqQCWhBrVHp8CJsd3-7mzLoi8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:54:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 550 (0x226) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9161B4C, serialNumber=E384AA4025A106B547A7C089B1DDFEEE6CCBA22F Validity Not Before: Jul 9 04:39:50 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=69a3eb70-9810 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:2c:9d:69:1c:95:89:41:23:4d:63:6d:fc:eb: 87:1b:83:19:3b:1b:0c:85:46:26:0f:00:16:71:4f: 4d:3a:e7:bb:57:cf:3e:81:e9:ee:61:3a:9b:a7:6c: 2a:f6:38:f0:a3:44:25:67:29:cc:04:41:d1:e6:ab: 73:fa:b2:72:cc:5a:ee:7d:99:01:2e:fc:82:94:d8: b7:4b:5a:11:b9:b2:7b:5f:86:d3:7d:27:49:43:de: ef:c6:f5:b9:6f:c4:29:b2:9f:6c:66:f5:20:48:c4: a6:93:0e:ec:ca:c3:75:46:81:f0:a1:15:98:a4:67: 22:6b:70:54:24:f6:77:56:fb:ca:99:15:a2:8f:9b: a7:e7:e0:cf:d9:52:ab:80:49:73:2a:dc:b2:a0:86: 83:66:17:e0:f7:2f:8f:b0:57:a3:9f:80:c7:d8:00: c7:47:48:27:97:7d:48:d3:b5:bf:3e:38:e2:14:fc: 2c:66:d0:4e:00:c4:9f:48:81:8c:76:ef:13:8f:d5: c2:32:7b:9b:fb:94:78:11:15:dd:61:39:ce:ab:40: e8:75:aa:fe:db:4b:59:e1:69:3e:f1:75:44:d1:9a: be:cd:dd:6d:10:8a:47:d1:e8:d3:6a:96:50:da:f4: 72:87:b8:6f:bc:e1:da:eb:a7:cf:15:64:3f:a0:ea: 30:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:68:DE:09:BE:45:65:95:C4:14:99:37:E7:0E:B4:C3:E5:2A:C5:17 X509v3 Authority Key Identifier: keyid:E3:84:AA:40:25:A1:06:B5:47:A7:C0:89:B1:DD:FE:EE:6C:CB:A2:2F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9161B4C/29799152043011EEB3732C5BC4F9AE02/44SqQCWhBrVHp8CJsd3-7mzLoi8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/44SqQCWhBrVHp8CJsd3-7mzLoi8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9161B4C/29799152043011EEB3732C5BC4F9AE02/3D940BFAC1A711EFAFD15F46C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.134.216.0/22 103.146.218.0/23 103.214.0.0/23 IPv6: 2401:720::/32 Signature Algorithm: sha256WithRSAEncryption 4f:e6:df:5a:fc:17:95:2e:f0:a7:4f:87:df:a0:87:10:2d:08: 40:5c:ff:73:a3:ca:c7:30:74:74:c9:00:d3:33:f6:34:e3:70: f9:e5:22:5d:fa:69:ca:c4:7b:1c:5c:e4:9f:1a:d5:29:ad:db: 1c:8b:38:a1:56:29:42:49:b0:d8:f0:79:dd:77:0f:88:25:d7: 76:d5:69:64:97:3c:af:a1:11:49:8d:62:f2:1f:74:f6:a8:a2: 32:60:40:7c:53:16:6f:56:4e:bc:40:a4:35:10:7f:b9:ca:89: 48:5c:c8:e7:97:96:1c:2c:68:80:5e:60:e7:74:03:69:90:27: 05:40:be:4e:83:2a:29:d7:ab:18:f0:4f:44:35:88:58:07:c7: e3:da:1a:ac:7c:09:77:68:7e:be:21:73:51:3d:cd:9a:f1:15: b0:db:84:41:4f:6c:76:bc:b6:72:f8:d9:24:d5:96:c3:56:24: 15:f8:52:1b:dd:a6:4c:38:28:44:29:66:b9:69:18:98:04:0d: 3e:21:60:ce:25:b8:7b:4a:75:49:ef:1b:71:c7:c9:73:78:44: bd:f2:37:4c:1d:5b:92:10:4a:43:7c:1e:16:ca:0b:29:a5:e5: 13:c7:12:0b:e5:b4:2f:72:f4:8a:16:34:81:76:45:1b:9e:5b: 17:c0:7e:4a -----BEGIN CERTIFICATE----- MIIFVzCCBD+gAwIBAgICAiYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjFCNEMxMTAvBgNVBAUTKEUzODRBQTQwMjVBMTA2QjU0N0E3QzA4OUIxRERGRUVF NkNDQkEyMkYwHhcNMjUwNzA5MDQzOTUwWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWEzZWI3MC05ODEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1iydaRyViUEjTWNt/OuHG4MZOxsMhUYmDwAWcU9NOue7V88+genuYTqbp2wq 9jjwo0QlZynMBEHR5qtz+rJyzFrufZkBLvyClNi3S1oRubJ7X4bTfSdJQ97vxvW5 b8Qpsp9sZvUgSMSmkw7sysN1RoHwoRWYpGcia3BUJPZ3VvvKmRWij5un5+DP2VKr gElzKtyyoIaDZhfg9y+PsFejn4DH2ADHR0gnl31I07W/PjjiFPwsZtBOAMSfSIGM du8Tj9XCMnub+5R4ERXdYTnOq0Dodar+20tZ4Wk+8XVE0Zq+zd1tEIpH0ejTapZQ 2vRyh7hvvOHa66fPFWQ/oOowMwIDAQABo4ICezCCAncwHQYDVR0OBBYEFBho3gm+ RWWVxBSZN+cOtMPlKsUXMB8GA1UdIwQYMBaAFOOEqkAloQa1R6fAibHd/u5sy6Iv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MUI0Qy8yOTc5OTE1MjA0 MzAxMUVFQjM3MzJDNUJDNEY5QUUwMi80NFNxUUNXaEJyVkhwOENKc2QzLTdtekxv aTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzQ0U3FRQ1doQnJWSHA4Q0pzZDMtN216TG9pOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NjFCNEMvMjk3OTkxNTIwNDMwMTFFRUIzNzMyQzVCQzRGOUFFMDIvM0Q5NDBCRkFD MUE3MTFFRkFGRDE1RjQ2QzRGOUFFMDIucm9hMDoGCCsGAQUFBwEHAQH/BCswKTAY BAIAATASAwQCZ4bYAwQBZ5LaAwQBZ9YAMA0EAgACMAcDBQAkAQcgMA0GCSqGSIb3 DQEBCwUAA4IBAQBP5t9a/BeVLvCnT4ffoIcQLQhAXP9zo8rHMHR0yQDTM/Y043D5 5SJd+mnKxHscXOSfGtUprdscizihVilCSbDY8Hnddw+IJdd21WlklzyvoRFJjWLy H3T2qKIyYEB8UxZvVk68QKQ1EH+5yolIXMjnl5YcLGiAXmDndANpkCcFQL5Ogyop 16sY8E9ENYhYB8fj2hqsfAl3aH6+IXNRPc2a8RWw24RBT2x2vLZy+Nkk1ZbDViQV +FIb3aZMOChEKWa5aRiYBA0+IWDOJbh7SnVJ7xtxx8lzeES98jdMHVuSEEpDfB4W ygsppeUTxxIL5bQvcvSKFjSBdkUbnlsXwH5K -----END CERTIFICATE-----Generated at Mon Mar 2 19:08:42 2026 by rpki-client