$ rpki-client -vvf rpki.apnic.net/member_repository/A916D687/76B43B649F4511EA9E523563C4F9AE02/33CDE41E5A4711EFA5ED8487C4F9AE02.roa File: 33CDE41E5A4711EFA5ED8487C4F9AE02.roa (raw, json) Hash identifier: fay/JELjYgS3QhNYNRW2VHw728nS5DEnngJONGdEkuQ= Subject key identifier: 71:1A:57:D2:3A:A3:DF:28:BC:9F:E4:FD:23:AD:C1:E5:F7:7F:74:27 Certificate issuer: /CN=A916D687/serialNumber=DABB169D9E9D77E6576C018101252CB0B4857F62 Certificate serial: 09CA Authority key identifier: DA:BB:16:9D:9E:9D:77:E6:57:6C:01:81:01:25:2C:B0:B4:85:7F:62 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2rsWnZ6dd-ZXbAGBASUssLSFf2I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916D687/76B43B649F4511EA9E523563C4F9AE02/33CDE41E5A4711EFA5ED8487C4F9AE02.roa Signing time: Sun 01 Mar 2026 11:50:30 +0000 ROA not before: Tue 08 Jul 2025 21:01:02 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 38084 IP address blocks: 45.113.36.0/22 maxlen: 24 103.9.60.0/22 maxlen: 24 2402:6c40::/32 maxlen: 33 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916D687/76B43B649F4511EA9E523563C4F9AE02/2rsWnZ6dd-ZXbAGBASUssLSFf2I.crl rsync://rpki.apnic.net/member_repository/A916D687/76B43B649F4511EA9E523563C4F9AE02/2rsWnZ6dd-ZXbAGBASUssLSFf2I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2rsWnZ6dd-ZXbAGBASUssLSFf2I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:10:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2506 (0x9ca) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916D687, serialNumber=DABB169D9E9D77E6576C018101252CB0B4857F62 Validity Not Before: Jul 8 21:01:02 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=69a42806-d4e4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:94:8c:e5:2f:40:33:b9:9d:36:63:b3:02:80: e0:d4:ac:63:44:ee:dc:5d:a7:f7:86:64:96:98:e2: e5:48:99:be:c8:64:a7:20:4e:ad:3f:b3:88:ec:4f: db:70:cf:05:b0:80:35:57:77:ef:da:55:2d:a8:81: 30:36:96:5a:63:5f:14:9b:7d:66:90:97:fd:38:d5: f7:c1:cb:84:3a:6e:37:51:a0:2e:c6:88:a6:38:29: 77:f6:49:15:1d:9f:0b:ff:2d:00:91:52:20:d7:c1: 08:de:b4:fa:e7:b6:98:d5:80:87:f7:dd:0b:94:27: 16:4a:9a:b4:68:2c:9f:09:a4:4d:35:f2:e2:82:14: 35:2b:63:45:01:ed:3b:6d:a9:72:59:9b:16:1e:4a: 97:81:74:05:da:fc:83:44:21:b0:81:a8:78:dc:1b: cc:8e:40:be:63:b4:68:fd:05:42:8a:c6:1b:a0:6b: ad:da:bf:a9:2a:c5:47:9f:c0:93:9c:d2:41:a2:a6: 1e:2b:81:f2:07:04:3a:92:80:52:f1:b9:f7:26:70: 4c:5e:ca:c8:3e:4b:99:88:3f:02:c5:37:30:f6:c9: 5f:8b:0b:61:07:af:42:e3:1b:e2:e4:58:37:bb:88: 57:42:6e:a2:56:60:a1:d0:b6:be:37:da:39:9c:e0: e7:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:1A:57:D2:3A:A3:DF:28:BC:9F:E4:FD:23:AD:C1:E5:F7:7F:74:27 X509v3 Authority Key Identifier: keyid:DA:BB:16:9D:9E:9D:77:E6:57:6C:01:81:01:25:2C:B0:B4:85:7F:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916D687/76B43B649F4511EA9E523563C4F9AE02/2rsWnZ6dd-ZXbAGBASUssLSFf2I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2rsWnZ6dd-ZXbAGBASUssLSFf2I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916D687/76B43B649F4511EA9E523563C4F9AE02/33CDE41E5A4711EFA5ED8487C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 45.113.36.0/22 103.9.60.0/22 IPv6: 2402:6c40::/32 Signature Algorithm: sha256WithRSAEncryption 2d:b9:ee:c9:3e:88:72:a7:ed:60:36:02:21:dc:54:23:86:4f: 8d:d1:4e:74:98:09:8d:b7:34:5c:2d:c0:cf:b6:c9:ec:41:1f: 1d:73:b2:3c:a1:75:4d:36:f0:6c:be:83:26:47:c9:87:7c:f1: 46:d9:a0:8a:59:4f:74:a9:6f:f3:c7:11:ed:2c:11:50:4a:23: a5:60:17:b1:a4:89:3f:37:5a:21:6c:3e:77:09:01:89:bc:aa: 69:b2:d4:c5:1b:13:49:95:ca:93:f8:08:ac:34:31:36:d8:65: 6d:3b:1e:d3:90:7b:43:2b:57:c5:89:55:37:d8:77:0d:eb:4b: 07:46:2a:39:56:ac:87:32:9a:16:27:0f:64:7c:ae:b6:6f:ea: 05:5c:92:e6:61:28:9b:33:88:4d:b9:84:a5:cf:6b:d2:8a:f1: 75:7a:e8:8d:88:b4:28:18:5f:94:f4:c4:3e:1a:c8:4f:7d:3d: 6a:14:3f:82:dc:16:49:da:e9:ca:29:81:32:06:98:b8:87:1d: 8d:e7:62:78:0d:fe:22:b1:05:4e:8e:9d:4e:fe:6a:bc:c2:f4: 02:6b:31:19:5f:76:12:43:d8:bb:c9:6b:12:77:51:f8:74:6b: 9c:e9:d2:9e:78:ef:20:ab:64:1c:df:1d:64:35:56:ad:9f:4b: 4f:33:14:86 -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgICCcowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkQ2ODcxMTAvBgNVBAUTKERBQkIxNjlEOUU5RDc3RTY1NzZDMDE4MTAxMjUyQ0Iw QjQ4NTdGNjIwHhcNMjUwNzA4MjEwMTAyWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MjgwNi1kNGU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsJSM5S9AM7mdNmOzAoDg1KxjRO7cXaf3hmSWmOLlSJm+yGSnIE6tP7OI7E/b cM8FsIA1V3fv2lUtqIEwNpZaY18Um31mkJf9ONX3wcuEOm43UaAuxoimOCl39kkV HZ8L/y0AkVIg18EI3rT657aY1YCH990LlCcWSpq0aCyfCaRNNfLighQ1K2NFAe07 balyWZsWHkqXgXQF2vyDRCGwgah43BvMjkC+Y7Ro/QVCisYboGut2r+pKsVHn8CT nNJBoqYeK4HyBwQ6koBS8bn3JnBMXsrIPkuZiD8CxTcw9slfiwthB69C4xvi5Fg3 u4hXQm6iVmCh0La+N9o5nODnhQIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFHEaV9I6 o98ovJ/k/SOtweX3f3QnMB8GA1UdIwQYMBaAFNq7Fp2enXfmV2wBgQElLLC0hX9i MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RDY4Ny83NkI0M0I2NDlG NDUxMUVBOUU1MjM1NjNDNEY5QUUwMi8ycnNXblo2ZGQtWlhiQUdCQVNVc3NMU0Zm MkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJyc1duWjZkZC1aWGJBR0JBU1Vzc0xTRmYySS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NkQ2ODcvNzZCNDNCNjQ5RjQ1MTFFQTlFNTIzNTYzQzRGOUFFMDIvMzNDREU0MUU1 QTQ3MTFFRkE1RUQ4NDg3QzRGOUFFMDIucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS BAIAATAMAwQCLXEkAwQCZwk8MA0EAgACMAcDBQAkAmxAMA0GCSqGSIb3DQEBCwUA A4IBAQAtue7JPohyp+1gNgIh3FQjhk+N0U50mAmNtzRcLcDPtsnsQR8dc7I8oXVN NvBsvoMmR8mHfPFG2aCKWU90qW/zxxHtLBFQSiOlYBexpIk/N1ohbD53CQGJvKpp stTFGxNJlcqT+AisNDE22GVtOx7TkHtDK1fFiVU32HcN60sHRio5VqyHMpoWJw9k fK62b+oFXJLmYSibM4hNuYSlz2vSivF1euiNiLQoGF+U9MQ+GshPfT1qFD+C3BZJ 2unKKYEyBpi4hx2N52J4Df4isQVOjp1O/mq8wvQCazEZX3YSQ9i7yWsSd1H4dGuc 6dKeeO8gq2Qc3x1kNVatn0tPMxSG -----END CERTIFICATE-----Generated at Mon Mar 2 13:25:47 2026 by rpki-client