$ rpki-client -vvf rpki.apnic.net/member_repository/A916A447/D2075814A09C11E4B50E7B15C4F9AE02/7F3D1128DC7811EFA7D7DB49C4F9AE02.roa File: 7F3D1128DC7811EFA7D7DB49C4F9AE02.roa (raw, json) Hash identifier: snv+Ao7h3D4AtoNcirglnIxXsbyuBKIZBJZQbsSHXrE= Subject key identifier: 91:0A:F7:42:88:DB:85:4C:8A:56:88:B6:0F:6B:CA:63:B7:0E:AE:67 Certificate issuer: /CN=A916A447/serialNumber=1F68258C526C5DBC715434357D380020146440EF Certificate serial: 2955 Authority key identifier: 1F:68:25:8C:52:6C:5D:BC:71:54:34:35:7D:38:00:20:14:64:40:EF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H2gljFJsXbxxVDQ1fTgAIBRkQO8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916A447/D2075814A09C11E4B50E7B15C4F9AE02/7F3D1128DC7811EFA7D7DB49C4F9AE02.roa Signing time: Sun 01 Mar 2026 12:13:13 +0000 ROA not before: Thu 06 Mar 2025 16:02:29 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 132045 IP address blocks: 101.2.190.0/24 maxlen: 24 103.227.245.0/24 maxlen: 24 103.227.247.0/24 maxlen: 24 203.153.220.0/24 maxlen: 24 203.153.222.0/24 maxlen: 24 223.224.12.0/24 maxlen: 24 223.224.22.0/24 maxlen: 24 223.224.29.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916A447/D2075814A09C11E4B50E7B15C4F9AE02/H2gljFJsXbxxVDQ1fTgAIBRkQO8.crl rsync://rpki.apnic.net/member_repository/A916A447/D2075814A09C11E4B50E7B15C4F9AE02/H2gljFJsXbxxVDQ1fTgAIBRkQO8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H2gljFJsXbxxVDQ1fTgAIBRkQO8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 02:35:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10581 (0x2955) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916A447, serialNumber=1F68258C526C5DBC715434357D380020146440EF Validity Not Before: Mar 6 16:02:29 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=69a42d59-7230 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:60:b8:3f:f2:e4:b2:d9:58:61:de:9e:f4:dc: 5a:c3:ed:fd:be:19:ca:e8:2e:b1:b1:97:4a:09:08: b1:93:63:92:fe:a1:11:f8:79:bb:cb:d1:be:85:2e: eb:e1:a4:43:36:d4:6c:83:2d:fb:3f:ba:73:4f:19: 64:b1:0e:47:c6:18:f8:9b:52:b4:96:d0:b4:75:ca: c5:1c:ef:9b:8b:8c:49:fe:ca:6f:ad:c4:a3:d1:39: 8d:d1:f9:65:dc:a9:7c:df:ad:94:f6:2a:a7:b2:04: 2e:03:77:1d:6a:28:b6:ca:d2:30:78:73:8a:52:3a: bf:27:6f:0e:47:d9:5c:95:6a:0e:98:b7:ed:fa:4c: 34:fc:e2:ea:41:cd:d3:75:64:c2:28:2b:75:b7:e3: e5:40:f9:cd:a0:7d:fb:ce:3d:5a:3c:43:80:27:cb: 12:c0:5b:f9:3b:d9:a0:cb:07:1b:ea:eb:eb:8b:cd: e6:1b:7b:c1:ea:4a:68:0c:79:ed:a1:2e:d8:58:32: 2e:6d:10:c4:18:64:83:c8:3f:e1:1e:fd:98:a8:5b: 54:29:7d:59:9d:db:d2:50:08:c5:47:b2:33:d0:91: 05:2d:f2:f3:e9:83:77:e7:01:49:e3:67:22:46:52: c7:8b:94:62:0e:d7:47:97:28:2c:c8:e4:72:c6:b1: 83:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:0A:F7:42:88:DB:85:4C:8A:56:88:B6:0F:6B:CA:63:B7:0E:AE:67 X509v3 Authority Key Identifier: keyid:1F:68:25:8C:52:6C:5D:BC:71:54:34:35:7D:38:00:20:14:64:40:EF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916A447/D2075814A09C11E4B50E7B15C4F9AE02/H2gljFJsXbxxVDQ1fTgAIBRkQO8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H2gljFJsXbxxVDQ1fTgAIBRkQO8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916A447/D2075814A09C11E4B50E7B15C4F9AE02/7F3D1128DC7811EFA7D7DB49C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 101.2.190.0/24 103.227.245.0/24 103.227.247.0/24 203.153.220.0/24 203.153.222.0/24 223.224.12.0/24 223.224.22.0/24 223.224.29.0/24 Signature Algorithm: sha256WithRSAEncryption 4e:0c:14:97:f4:fa:c2:32:20:99:63:c3:ae:66:fd:8b:ea:62: 5b:6d:79:74:39:29:e1:c5:b9:4b:cd:34:6b:ae:90:82:90:a9: b2:48:21:61:a9:f6:a8:2f:c9:ae:7b:1c:5d:a4:77:7f:86:42: b3:1b:94:10:0e:af:1d:71:64:0f:d8:9d:da:dc:c5:fa:a8:b7: fa:42:8e:87:e6:57:2d:d2:9b:c0:3e:fc:30:d7:a0:2c:6f:99: 89:15:73:0a:be:76:86:bf:7c:ed:13:68:78:37:6e:ef:d5:52: c3:d4:34:94:93:19:53:54:3f:8a:56:c5:d4:b0:52:25:cf:17: 2e:9a:37:30:f6:61:fb:02:42:87:1f:88:75:3d:37:3c:22:cf: ed:e4:19:88:9a:3e:2d:ab:7f:bb:a9:5e:7a:a2:7b:3f:1a:24: dc:d3:30:05:d7:1f:b1:c3:6e:76:d7:06:1b:5c:19:f9:e5:1b: 40:44:53:b1:97:ca:02:21:29:1b:9c:3c:83:15:47:dc:a7:ac: fe:5c:b8:02:fc:d3:bb:06:40:40:4d:21:ea:4e:4a:13:02:ad: 3e:87:e5:cb:96:1a:b3:8a:2e:4f:73:f2:e0:e8:61:37:4b:c4: e9:3a:41:5c:14:79:f7:8e:61:b6:15:00:20:e7:e0:d4:db:02: 23:15:5e:8b -----BEGIN CERTIFICATE----- MIIFZjCCBE6gAwIBAgICKVUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkE0NDcxMTAvBgNVBAUTKDFGNjgyNThDNTI2QzVEQkM3MTU0MzQzNTdEMzgwMDIw MTQ2NDQwRUYwHhcNMjUwMzA2MTYwMjI5WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MmQ1OS03MjMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnWC4P/LkstlYYd6e9Nxaw+39vhnK6C6xsZdKCQixk2OS/qER+Hm7y9G+hS7r 4aRDNtRsgy37P7pzTxlksQ5Hxhj4m1K0ltC0dcrFHO+bi4xJ/spvrcSj0TmN0fll 3Kl8362U9iqnsgQuA3cdaii2ytIweHOKUjq/J28OR9lclWoOmLft+kw0/OLqQc3T dWTCKCt1t+PlQPnNoH37zj1aPEOAJ8sSwFv5O9mgywcb6uvri83mG3vB6kpoDHnt oS7YWDIubRDEGGSDyD/hHv2YqFtUKX1ZndvSUAjFR7Iz0JEFLfLz6YN35wFJ42ci RlLHi5RiDtdHlygsyORyxrGDbwIDAQABo4ICijCCAoYwHQYDVR0OBBYEFJEK90KI 24VMilaItg9rymO3Dq5nMB8GA1UdIwQYMBaAFB9oJYxSbF28cVQ0NX04ACAUZEDv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QTQ0Ny9EMjA3NTgxNEEw OUMxMUU0QjUwRTdCMTVDNEY5QUUwMi9IMmdsakZKc1hieHhWRFExZlRnQUlCUmtR TzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0gyZ2xqRkpzWGJ4eFZEUTFmVGdBSUJSa1FPOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NkE0NDcvRDIwNzU4MTRBMDlDMTFFNEI1MEU3QjE1QzRGOUFFMDIvN0YzRDExMjhE Qzc4MTFFRkE3RDdEQjQ5QzRGOUFFMDIucm9hMEkGCCsGAQUFBwEHAQH/BDowODA2 BAIAATAwAwQAZQK+AwQAZ+P1AwQAZ+P3AwQAy5ncAwQAy5neAwQA3+AMAwQA3+AW AwQA3+AdMA0GCSqGSIb3DQEBCwUAA4IBAQBODBSX9PrCMiCZY8OuZv2L6mJbbXl0 OSnhxblLzTRrrpCCkKmySCFhqfaoL8muexxdpHd/hkKzG5QQDq8dcWQP2J3a3MX6 qLf6Qo6H5lct0pvAPvww16Asb5mJFXMKvnaGv3ztE2h4N27v1VLD1DSUkxlTVD+K VsXUsFIlzxcumjcw9mH7AkKHH4h1PTc8Is/t5BmImj4tq3+7qV56ons/GiTc0zAF 1x+xw2521wYbXBn55RtARFOxl8oCISkbnDyDFUfcp6z+XLgC/NO7BkBATSHqTkoT Aq0+h+XLlhqzii5Pc/Lg6GE3S8TpOkFcFHn3jmG2FQAg5+DU2wIjFV6L -----END CERTIFICATE-----Generated at Mon Mar 2 11:58:19 2026 by rpki-client