$ rpki-client -vvf rpki.apnic.net/member_repository/A9171A1B/DC58CC5A5C4111EB81D7C60BC4F9AE02/9F00C9325C6111EB9FAD600FC4F9AE02.roa File: 9F00C9325C6111EB9FAD600FC4F9AE02.roa (raw, json) Hash identifier: AVHjOo/UrE4RIu/UGGKNS+wB7XI6SMjM5Z9Qu4YFYdc= Subject key identifier: 81:3A:3D:1C:2D:00:75:43:BE:6E:3E:43:20:08:72:DD:D9:06:14:F1 Certificate issuer: /CN=A9171A1B/serialNumber=4C349C51CA598907D5C07CB1F24851FC048DAD1A Certificate serial: 0778 Authority key identifier: 4C:34:9C:51:CA:59:89:07:D5:C0:7C:B1:F2:48:51:FC:04:8D:AD:1A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TDScUcpZiQfVwHyx8khR_ASNrRo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9171A1B/DC58CC5A5C4111EB81D7C60BC4F9AE02/9F00C9325C6111EB9FAD600FC4F9AE02.roa Signing time: Sun 01 Mar 2026 16:04:16 +0000 ROA not before: Thu 04 Dec 2025 21:04:45 +0000 ROA not after: Sun 31 Jan 2027 00:00:00 +0000 asID: 16509 IP address blocks: 103.124.134.0/24 maxlen: 24 103.124.135.0/24 maxlen: 24 2403:e040:8000::/34 maxlen: 34 2403:e040:c000::/34 maxlen: 34 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9171A1B/DC58CC5A5C4111EB81D7C60BC4F9AE02/TDScUcpZiQfVwHyx8khR_ASNrRo.crl rsync://rpki.apnic.net/member_repository/A9171A1B/DC58CC5A5C4111EB81D7C60BC4F9AE02/TDScUcpZiQfVwHyx8khR_ASNrRo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TDScUcpZiQfVwHyx8khR_ASNrRo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 23:25:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1912 (0x778) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9171A1B, serialNumber=4C349C51CA598907D5C07CB1F24851FC048DAD1A Validity Not Before: Dec 4 21:04:45 2025 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=69a46380-b54f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:5d:ab:dc:a9:ee:24:16:6e:9f:f1:42:5a:04: 42:0c:1e:9f:26:81:35:6f:00:e6:8e:a7:c5:72:04: a8:9b:f9:8d:16:52:ce:b5:f7:99:47:5f:1a:9d:5f: a5:af:34:b2:7b:f5:8a:22:75:d3:e1:2b:f6:fb:8e: 39:8c:c0:f4:99:a1:79:6a:7e:f7:08:d0:07:12:93: ee:4d:00:c7:55:0a:84:b5:82:9e:0e:37:eb:2d:2f: 68:81:86:bf:bb:25:b1:ba:a7:9f:87:33:d6:26:9f: d0:a2:e9:53:05:24:b2:29:0f:05:49:43:b9:42:c6: 49:4d:4e:04:73:5f:e4:6f:6c:3a:bd:b6:3e:30:d2: 15:c8:02:3c:0a:cb:4b:76:38:e7:77:22:c8:68:ed: ab:89:8e:e0:21:b1:6c:5a:5f:bc:5e:62:43:65:91: fd:dd:78:f8:07:af:2b:65:d4:c6:dd:4d:ce:7c:ae: ca:55:da:48:b1:1b:92:9e:b8:1f:a1:47:d4:d1:51: 49:1d:97:c9:c7:6e:65:73:a1:b1:f7:1c:e5:cd:eb: 3d:be:63:f0:66:44:db:35:27:7c:d4:fb:4d:b9:40: a9:73:7f:ca:4c:bb:00:7e:b8:e8:2d:dd:5f:65:52: e1:63:1a:68:b6:76:8d:66:63:4b:d1:75:e9:b3:24: 99:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:3A:3D:1C:2D:00:75:43:BE:6E:3E:43:20:08:72:DD:D9:06:14:F1 X509v3 Authority Key Identifier: keyid:4C:34:9C:51:CA:59:89:07:D5:C0:7C:B1:F2:48:51:FC:04:8D:AD:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9171A1B/DC58CC5A5C4111EB81D7C60BC4F9AE02/TDScUcpZiQfVwHyx8khR_ASNrRo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TDScUcpZiQfVwHyx8khR_ASNrRo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171A1B/DC58CC5A5C4111EB81D7C60BC4F9AE02/9F00C9325C6111EB9FAD600FC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.124.134.0/23 IPv6: 2403:e040:8000::/33 Signature Algorithm: sha256WithRSAEncryption 13:76:bb:7a:80:8e:ef:e5:24:19:a9:37:6e:4e:f4:22:5a:6e: 4f:63:e6:d4:51:2e:e2:25:d7:73:34:68:0c:e8:40:bc:40:f0: 8e:45:a4:dc:ac:79:ae:69:9f:ea:73:29:8a:9d:4e:aa:40:a4: 1e:8a:77:fc:c7:ae:8e:b2:ee:24:c7:67:1d:ac:cc:18:30:4e: 08:8e:5f:32:81:79:7a:e6:c5:93:1e:f1:5d:58:46:50:bd:13: df:a0:2d:ef:ab:de:f8:91:ac:d8:3e:a7:77:85:8f:61:54:80: 94:d3:08:d4:0b:28:ff:d7:af:92:d6:88:c8:7d:5e:7e:eb:72: ed:cd:61:b0:6e:34:1c:6b:7a:31:90:f6:f2:57:8c:d4:b4:ed: 9c:36:fe:f4:88:a6:8d:da:47:95:93:17:ce:1f:e1:72:38:b8: e3:56:e6:c3:f5:c2:cb:92:d8:e4:f9:82:66:76:f2:8c:75:48: d7:53:ae:51:ea:d8:e9:0a:94:8f:2a:1f:fb:b4:1a:3e:24:0f: d6:53:cc:f7:77:b5:f6:30:9a:9d:01:8a:82:6d:ee:76:b0:d8: d4:2d:01:27:69:05:f2:7c:f6:22:a0:c3:08:e7:57:f6:92:18: d9:69:e6:4e:b7:6e:8a:dc:78:26:58:9b:ee:a2:47:3c:9b:c7: 51:00:08:61 -----BEGIN CERTIFICATE----- MIIFTDCCBDSgAwIBAgICB3gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzFBMUIxMTAvBgNVBAUTKDRDMzQ5QzUxQ0E1OTg5MDdENUMwN0NCMUYyNDg1MUZD MDQ4REFEMUEwHhcNMjUxMjA0MjEwNDQ1WhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NjM4MC1iNTRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA312r3KnuJBZun/FCWgRCDB6fJoE1bwDmjqfFcgSom/mNFlLOtfeZR18anV+l rzSye/WKInXT4Sv2+445jMD0maF5an73CNAHEpPuTQDHVQqEtYKeDjfrLS9ogYa/ uyWxuqefhzPWJp/QoulTBSSyKQ8FSUO5QsZJTU4Ec1/kb2w6vbY+MNIVyAI8CstL djjndyLIaO2riY7gIbFsWl+8XmJDZZH93Xj4B68rZdTG3U3OfK7KVdpIsRuSnrgf oUfU0VFJHZfJx25lc6Gx9xzlzes9vmPwZkTbNSd81PtNuUCpc3/KTLsAfrjoLd1f ZVLhYxpotnaNZmNL0XXpsySZ/QIDAQABo4ICcDCCAmwwHQYDVR0OBBYEFIE6PRwt AHVDvm4+QyAIct3ZBhTxMB8GA1UdIwQYMBaAFEw0nFHKWYkH1cB8sfJIUfwEja0a MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MUExQi9EQzU4Q0M1QTVD NDExMUVCODFEN0M2MEJDNEY5QUUwMi9URFNjVWNwWmlRZlZ3SHl4OGtoUl9BU05y Um8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1REU2NVY3BaaVFmVndIeXg4a2hSX0FTTnJSby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzFBMUIvREM1OENDNUE1QzQxMTFFQjgxRDdDNjBCQzRGOUFFMDIvOUYwMEM5MzI1 QzYxMTFFQjlGQUQ2MDBGQzRGOUFFMDIucm9hMC8GCCsGAQUFBwEHAQH/BCAwHjAM BAIAATAGAwQBZ3yGMA4EAgACMAgDBgckA+BAgDANBgkqhkiG9w0BAQsFAAOCAQEA E3a7eoCO7+UkGak3bk70IlpuT2Pm1FEu4iXXczRoDOhAvEDwjkWk3Kx5rmmf6nMp ip1OqkCkHop3/MeujrLuJMdnHazMGDBOCI5fMoF5eubFkx7xXVhGUL0T36At76ve +JGs2D6nd4WPYVSAlNMI1Aso/9evktaIyH1efuty7c1hsG40HGt6MZD28leM1LTt nDb+9IimjdpHlZMXzh/hcji441bmw/XCy5LY5PmCZnbyjHVI11OuUerY6QqUjyof +7QaPiQP1lPM93e19jCanQGKgm3udrDY1C0BJ2kF8nz2IqDDCOdX9pIY2WnmTrdu itx4Jlib7qJHPJvHUQAIYQ== -----END CERTIFICATE-----Generated at Mon Mar 2 03:45:05 2026 by rpki-client