$ rpki-client -vvf rpki.apnic.net/member_repository/A916A071/280B09A483BE11EA8E1DF384C4F9AE02/9BAC68CC83C211EABCB66612C4F9AE02.roa File: 9BAC68CC83C211EABCB66612C4F9AE02.roa (raw, json) Hash identifier: cZrqWOQatMkIn2VzGfcaWDnVlXfxEpjr06H/3z6i31k= Subject key identifier: F5:9D:C0:03:EF:6F:59:9E:52:04:7F:5E:FC:B0:08:57:99:3A:A8:95 Certificate issuer: /CN=A916A071/serialNumber=CCF2A525C0901444CA78F05B9392C00457956761 Certificate serial: 0A51 Authority key identifier: CC:F2:A5:25:C0:90:14:44:CA:78:F0:5B:93:92:C0:04:57:95:67:61 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zPKlJcCQFETKePBbk5LABFeVZ2E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916A071/280B09A483BE11EA8E1DF384C4F9AE02/9BAC68CC83C211EABCB66612C4F9AE02.roa Signing time: Sun 01 Mar 2026 14:01:44 +0000 ROA not before: Mon 08 Dec 2025 19:29:57 +0000 ROA not after: Tue 02 Mar 2027 00:00:00 +0000 asID: 58744 IP address blocks: 103.31.96.0/24 maxlen: 24 103.31.97.0/24 maxlen: 24 103.31.98.0/24 maxlen: 24 2402:9880:100::/40 maxlen: 40 2402:9880:200::/40 maxlen: 40 2402:9880:300::/40 maxlen: 40 2402:9880:400::/40 maxlen: 40 2402:9880:500::/40 maxlen: 40 2402:9880:600::/40 maxlen: 40 2402:9880:700::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916A071/280B09A483BE11EA8E1DF384C4F9AE02/zPKlJcCQFETKePBbk5LABFeVZ2E.crl rsync://rpki.apnic.net/member_repository/A916A071/280B09A483BE11EA8E1DF384C4F9AE02/zPKlJcCQFETKePBbk5LABFeVZ2E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zPKlJcCQFETKePBbk5LABFeVZ2E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 23:38:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2641 (0xa51) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916A071, serialNumber=CCF2A525C0901444CA78F05B9392C00457956761 Validity Not Before: Dec 8 19:29:57 2025 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=69a446c8-bf84 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:c6:9c:5e:7f:8f:63:d4:6e:e7:0a:d3:0e:69: 4c:97:b1:af:92:27:37:b1:84:38:23:a3:18:1f:51: 8e:5d:69:d0:5b:ef:4b:0a:ef:69:f3:3e:51:11:30: 60:95:ed:6b:a3:4a:b0:bb:d1:85:76:30:b7:fc:ee: bf:96:67:12:48:58:ed:17:8a:55:a8:76:c8:bf:06: 60:ab:4e:cb:9d:85:7b:28:5b:84:fa:f8:2d:58:7c: 1e:0c:c8:64:61:3f:1d:19:f1:fd:85:c3:0c:94:ff: 3a:a4:e6:80:57:8b:40:a7:9b:55:af:ab:ff:33:e5: 14:05:87:ed:ea:51:e1:9d:a7:9f:b5:e1:b7:4c:5a: 86:ba:b1:fd:c4:ba:0b:38:3c:1e:a1:f4:e9:71:6c: 42:61:f5:95:42:b1:a5:70:42:33:0e:68:94:4c:67: 4f:cc:aa:ba:7a:a7:35:58:6f:0a:f9:65:b7:58:02: 5e:88:ee:44:a0:2f:46:c7:19:fe:6d:16:30:89:cb: 11:3a:f0:0b:bf:ee:ab:13:81:0f:6e:c0:22:fa:6e: 10:d1:f9:dd:09:8f:da:e0:30:4e:5e:04:7f:98:2e: 42:83:e5:ca:1d:1a:75:d2:a8:be:62:b7:0f:30:f2: 34:c2:33:4d:cd:52:03:ce:d5:b2:3a:e8:15:ca:89: 2d:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:9D:C0:03:EF:6F:59:9E:52:04:7F:5E:FC:B0:08:57:99:3A:A8:95 X509v3 Authority Key Identifier: keyid:CC:F2:A5:25:C0:90:14:44:CA:78:F0:5B:93:92:C0:04:57:95:67:61 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916A071/280B09A483BE11EA8E1DF384C4F9AE02/zPKlJcCQFETKePBbk5LABFeVZ2E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zPKlJcCQFETKePBbk5LABFeVZ2E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916A071/280B09A483BE11EA8E1DF384C4F9AE02/9BAC68CC83C211EABCB66612C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.31.96.0-103.31.98.255 IPv6: 2402:9880:100::-2402:9880:7ff:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 64:79:25:1c:a9:bd:a1:ee:69:f7:cb:d5:c6:ce:0c:5b:d8:1c: 4c:be:7b:fe:e4:f2:aa:d9:ec:fb:ac:a0:aa:ab:0b:eb:a2:eb: 83:dc:22:0e:a0:f0:ca:83:b0:3f:01:50:ec:2a:e7:4a:ef:a7: 81:4a:24:8f:59:42:01:b3:63:27:2a:19:f3:5f:9f:88:11:d9: c6:15:6f:92:88:ad:c7:6a:2c:14:59:3d:4d:ea:e3:17:5c:47: 1f:d1:ca:96:da:a6:c2:1b:07:0a:ce:b6:e9:ad:a2:e1:2a:cd: 42:bf:9d:84:33:ae:e6:1c:7b:ff:8b:07:35:e7:4e:d4:27:b7: 06:83:a2:18:e3:75:c3:a3:9b:59:e9:9f:cd:f2:b1:41:77:97: 4e:b5:f4:e9:2c:4b:50:85:72:ef:07:48:2a:39:98:64:ff:8c: b3:a1:4d:73:7e:91:75:b9:db:27:97:ae:b5:da:24:03:6e:67: 05:5d:83:e2:0e:b6:36:fd:fd:4a:17:55:69:cd:4b:1f:f3:05: fd:06:89:fa:cb:43:51:d2:1b:a3:98:d8:f7:04:94:bb:35:8d: 01:96:92:c6:25:33:81:c4:63:3e:67:71:bb:c8:2c:11:a8:6e: 63:09:41:fa:61:6b:b0:52:bb:86:1d:be:c8:c0:da:76:d8:6b: ea:e6:cf:6c -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgICClEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkEwNzExMTAvBgNVBAUTKENDRjJBNTI1QzA5MDE0NDRDQTc4RjA1QjkzOTJDMDA0 NTc5NTY3NjEwHhcNMjUxMjA4MTkyOTU3WhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NDZjOC1iZjg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArMacXn+PY9Ru5wrTDmlMl7Gvkic3sYQ4I6MYH1GOXWnQW+9LCu9p8z5RETBg le1ro0qwu9GFdjC3/O6/lmcSSFjtF4pVqHbIvwZgq07LnYV7KFuE+vgtWHweDMhk YT8dGfH9hcMMlP86pOaAV4tAp5tVr6v/M+UUBYft6lHhnaefteG3TFqGurH9xLoL ODweofTpcWxCYfWVQrGlcEIzDmiUTGdPzKq6eqc1WG8K+WW3WAJeiO5EoC9Gxxn+ bRYwicsROvALv+6rE4EPbsAi+m4Q0fndCY/a4DBOXgR/mC5Cg+XKHRp10qi+YrcP MPI0wjNNzVIDztWyOugVyoktswIDAQABo4ICgjCCAn4wHQYDVR0OBBYEFPWdwAPv b1meUgR/XvywCFeZOqiVMB8GA1UdIwQYMBaAFMzypSXAkBREynjwW5OSwARXlWdh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QTA3MS8yODBCMDlBNDgz QkUxMUVBOEUxREYzODRDNEY5QUUwMi96UEtsSmNDUUZFVEtlUEJiazVMQUJGZVZa MkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3pQS2xKY0NRRkVUS2VQQmJrNUxBQkZlVloyRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NkEwNzEvMjgwQjA5QTQ4M0JFMTFFQThFMURGMzg0QzRGOUFFMDIvOUJBQzY4Q0M4 M0MyMTFFQUJDQjY2NjEyQzRGOUFFMDIucm9hMEEGCCsGAQUFBwEHAQH/BDIwMDAU BAIAATAOMAwDBAVnH2ADBABnH2IwGAQCAAIwEjAQAwYAJAKYgAEDBgMkApiAADAN BgkqhkiG9w0BAQsFAAOCAQEAZHklHKm9oe5p98vVxs4MW9gcTL57/uTyqtns+6yg qqsL66Lrg9wiDqDwyoOwPwFQ7CrnSu+ngUokj1lCAbNjJyoZ81+fiBHZxhVvkoit x2osFFk9TerjF1xHH9HKltqmwhsHCs626a2i4SrNQr+dhDOu5hx7/4sHNedO1Ce3 BoOiGON1w6ObWemfzfKxQXeXTrX06SxLUIVy7wdIKjmYZP+Ms6FNc36RdbnbJ5eu tdokA25nBV2D4g62Nv39ShdVac1LH/MF/QaJ+stDUdIbo5jY9wSUuzWNAZaSxiUz gcRjPmdxu8gsEahuYwlB+mFrsFK7hh2+yMDadthr6ubPbA== -----END CERTIFICATE-----Generated at Mon Mar 2 12:26:09 2026 by rpki-client