$ rpki-client -vvf rpki.apnic.net/member_repository/A917B83F/3DB3DBEA554F11E89BC2E857C4F9AE02/0964A56EF35511E8AC1ECA17C4F9AE02.roa File: 0964A56EF35511E8AC1ECA17C4F9AE02.roa (raw, json) Hash identifier: eG2+Dg5b/oCUqgZG7mXNqvSu0hsi4Mr+XueozIi6Lxg= Subject key identifier: 38:5F:60:6F:78:28:8C:58:5D:78:EA:4F:BA:32:75:4B:FF:A6:0D:02 Certificate issuer: /CN=A917B83F/serialNumber=1980355299B6C2237B4235000F723597BFEB33DA Certificate serial: 1577 Authority key identifier: 19:80:35:52:99:B6:C2:23:7B:42:35:00:0F:72:35:97:BF:EB:33:DA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GYA1Upm2wiN7QjUAD3I1l7_rM9o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917B83F/3DB3DBEA554F11E89BC2E857C4F9AE02/0964A56EF35511E8AC1ECA17C4F9AE02.roa Signing time: Sun 01 Mar 2026 11:32:18 +0000 ROA not before: Sat 02 Aug 2025 17:26:10 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 2635 IP address blocks: 45.121.180.0/24 maxlen: 24 45.121.181.0/24 maxlen: 24 45.121.182.0/24 maxlen: 24 45.121.183.0/24 maxlen: 24 103.62.32.0/24 maxlen: 24 103.62.33.0/24 maxlen: 24 103.62.34.0/24 maxlen: 24 103.62.35.0/24 maxlen: 24 2403:6b80::/40 maxlen: 48 2403:6b80:ff00::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917B83F/3DB3DBEA554F11E89BC2E857C4F9AE02/GYA1Upm2wiN7QjUAD3I1l7_rM9o.crl rsync://rpki.apnic.net/member_repository/A917B83F/3DB3DBEA554F11E89BC2E857C4F9AE02/GYA1Upm2wiN7QjUAD3I1l7_rM9o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GYA1Upm2wiN7QjUAD3I1l7_rM9o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:09:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5495 (0x1577) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917B83F, serialNumber=1980355299B6C2237B4235000F723597BFEB33DA Validity Not Before: Aug 2 17:26:10 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=69a423c1-afa2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:13:e0:1c:70:f1:72:4e:13:bc:52:fd:67:b7: 9a:86:59:b6:45:41:b1:a2:13:8b:40:4d:b5:93:fd: 35:c4:a5:f3:63:03:30:8e:85:49:40:55:77:ae:bb: 65:93:03:7c:99:d1:7c:08:2a:a4:c0:90:21:3c:ca: 0e:ba:fc:1a:92:11:d7:ef:fb:da:2d:0e:22:ff:71: e3:d5:f7:aa:e1:fc:33:35:dd:49:41:7d:ab:86:20: 65:d1:f8:e6:f2:6d:6a:0a:59:57:7b:b3:67:4c:0e: a0:90:9c:b6:4b:ef:29:da:75:5f:96:f9:64:28:64: 2d:3a:b3:ec:e4:fc:d2:d4:01:47:4e:d9:20:8e:87: 94:e9:6c:16:cc:ef:c4:c3:28:1a:36:9c:a3:a5:0d: 90:1d:a7:ef:eb:ca:59:a1:b8:71:8c:35:f1:20:86: e2:86:23:86:f3:09:1f:9d:c7:b4:6a:2a:f9:19:02: d5:69:73:db:c9:b0:6a:25:a0:12:55:96:c1:14:4a: 9b:3d:6c:26:ff:a3:41:fe:58:fa:18:29:04:39:9c: f4:9e:c8:55:01:c1:1f:71:bd:c7:59:a6:dc:00:d6: 4a:43:d7:c6:78:9a:95:20:83:95:b2:5b:5c:7b:62: b2:b3:a7:9d:32:15:54:a1:3e:1e:fe:28:ad:0b:4b: a7:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:5F:60:6F:78:28:8C:58:5D:78:EA:4F:BA:32:75:4B:FF:A6:0D:02 X509v3 Authority Key Identifier: keyid:19:80:35:52:99:B6:C2:23:7B:42:35:00:0F:72:35:97:BF:EB:33:DA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917B83F/3DB3DBEA554F11E89BC2E857C4F9AE02/GYA1Upm2wiN7QjUAD3I1l7_rM9o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GYA1Upm2wiN7QjUAD3I1l7_rM9o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917B83F/3DB3DBEA554F11E89BC2E857C4F9AE02/0964A56EF35511E8AC1ECA17C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 45.121.180.0/22 103.62.32.0/22 IPv6: 2403:6b80::/40 2403:6b80:ff00::/40 Signature Algorithm: sha256WithRSAEncryption 14:f0:ad:f4:a3:46:cf:19:7b:7d:56:5e:8c:95:86:76:f4:ec: 86:a3:fa:0d:e5:ec:a3:b7:59:04:e8:4f:b0:e4:5d:e8:ed:e2: 2b:b2:5e:c4:e8:92:9e:f7:83:a4:83:b8:33:96:b6:49:5a:76: 5a:10:14:69:55:d3:12:e8:98:2d:c0:df:21:73:e1:77:3a:23: 87:59:2b:18:e0:a7:fb:7c:b0:1e:c9:ce:66:0b:8a:6f:12:6c: 04:d5:54:0e:3a:3f:fd:48:4f:12:f2:3d:a5:28:3c:3b:9f:6c: 81:96:cf:ef:61:97:f0:2f:09:e2:bd:40:34:a8:de:83:22:24: 62:64:6a:84:24:3c:00:34:cd:28:92:dd:53:4d:36:88:1b:c4: e5:44:3e:2c:85:95:77:78:06:ec:2d:79:af:2b:32:1d:19:a7: 1e:48:f6:2a:c1:63:40:2e:40:e1:8f:40:db:b2:82:68:42:2b: 77:56:40:b0:71:06:a4:9a:01:3c:d1:c0:b9:c3:30:87:9f:53: 74:17:e3:df:89:ce:6f:9c:f3:24:ed:9f:07:1b:8d:30:bd:c1: ea:35:d7:ba:60:ea:d8:a7:cf:c0:4c:ef:89:27:d7:07:e9:de: 15:8a:fa:ee:d5:fa:5c:1c:2b:6b:09:e3:39:16:59:f3:63:8a: 4a:e2:84:79 -----BEGIN CERTIFICATE----- MIIFWjCCBEKgAwIBAgICFXcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0I4M0YxMTAvBgNVBAUTKDE5ODAzNTUyOTlCNkMyMjM3QjQyMzUwMDBGNzIzNTk3 QkZFQjMzREEwHhcNMjUwODAyMTcyNjEwWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MjNjMS1hZmEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7hPgHHDxck4TvFL9Z7eahlm2RUGxohOLQE21k/01xKXzYwMwjoVJQFV3rrtl kwN8mdF8CCqkwJAhPMoOuvwakhHX7/vaLQ4i/3Hj1feq4fwzNd1JQX2rhiBl0fjm 8m1qCllXe7NnTA6gkJy2S+8p2nVflvlkKGQtOrPs5PzS1AFHTtkgjoeU6WwWzO/E wygaNpyjpQ2QHafv68pZobhxjDXxIIbihiOG8wkfnce0air5GQLVaXPbybBqJaAS VZbBFEqbPWwm/6NB/lj6GCkEOZz0nshVAcEfcb3HWabcANZKQ9fGeJqVIIOVsltc e2Kys6edMhVUoT4e/iitC0unqwIDAQABo4ICfjCCAnowHQYDVR0OBBYEFDhfYG94 KIxYXXjqT7oydUv/pg0CMB8GA1UdIwQYMBaAFBmANVKZtsIje0I1AA9yNZe/6zPa MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QjgzRi8zREIzREJFQTU1 NEYxMUU4OUJDMkU4NTdDNEY5QUUwMi9HWUExVXBtMndpTjdRalVBRDNJMWw3X3JN OW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0dZQTFVcG0yd2lON1FqVUFEM0kxbDdfck05by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0I4M0YvM0RCM0RCRUE1NTRGMTFFODlCQzJFODU3QzRGOUFFMDIvMDk2NEE1NkVG MzU1MTFFOEFDMUVDQTE3QzRGOUFFMDIucm9hMD0GCCsGAQUFBwEHAQH/BC4wLDAS BAIAATAMAwQCLXm0AwQCZz4gMBYEAgACMBADBgAkA2uAAAMGACQDa4D/MA0GCSqG SIb3DQEBCwUAA4IBAQAU8K30o0bPGXt9Vl6MlYZ29OyGo/oN5eyjt1kE6E+w5F3o 7eIrsl7E6JKe94Okg7gzlrZJWnZaEBRpVdMS6JgtwN8hc+F3OiOHWSsY4Kf7fLAe yc5mC4pvEmwE1VQOOj/9SE8S8j2lKDw7n2yBls/vYZfwLwnivUA0qN6DIiRiZGqE JDwANM0okt1TTTaIG8TlRD4shZV3eAbsLXmvKzIdGaceSPYqwWNALkDhj0DbsoJo Qit3VkCwcQakmgE80cC5wzCHn1N0F+Pfic5vnPMk7Z8HG40wvcHqNde6YOrYp8/A TO+JJ9cH6d4Vivru1fpcHCtrCeM5FlnzY4pK4oR5 -----END CERTIFICATE-----Generated at Mon Mar 2 11:55:01 2026 by rpki-client