$ rpki-client -vvf rpki.apnic.net/member_repository/A9182502/DA16C63A73CC11EAA3995326C4F9AE02/0A5773F6BBBC11ECB2E7FF46C4F9AE02.roa File: 0A5773F6BBBC11ECB2E7FF46C4F9AE02.roa (raw, json) Hash identifier: NMa7UpL5w1Txgsqxfm+5UqMg/zQgfsv4FmRfVL5Sn+c= Subject key identifier: B0:33:67:57:E9:F7:39:30:A9:B5:6F:08:50:7C:AD:37:05:99:5C:16 Certificate issuer: /CN=A9182502/serialNumber=8C3CCB4FFB89189C6EF5B34DFDAABE1806A5218A Certificate serial: 0B48 Authority key identifier: 8C:3C:CB:4F:FB:89:18:9C:6E:F5:B3:4D:FD:AA:BE:18:06:A5:21:8A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jDzLT_uJGJxu9bNN_aq-GAalIYo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9182502/DA16C63A73CC11EAA3995326C4F9AE02/0A5773F6BBBC11ECB2E7FF46C4F9AE02.roa Signing time: Sun 01 Mar 2026 18:07:16 +0000 ROA not before: Tue 12 Aug 2025 20:31:15 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 137969 IP address blocks: 39.109.66.0/23 maxlen: 23 39.109.66.0/24 maxlen: 24 39.109.67.0/24 maxlen: 24 39.109.68.0/22 maxlen: 22 39.109.68.0/24 maxlen: 24 39.109.69.0/24 maxlen: 24 39.109.70.0/24 maxlen: 24 39.109.71.0/24 maxlen: 24 39.109.72.0/21 maxlen: 21 39.109.72.0/24 maxlen: 24 39.109.73.0/24 maxlen: 24 39.109.74.0/24 maxlen: 24 39.109.75.0/24 maxlen: 24 39.109.79.0/24 maxlen: 24 39.109.80.0/21 maxlen: 21 39.109.80.0/24 maxlen: 24 39.109.88.0/22 maxlen: 22 39.109.88.0/24 maxlen: 24 39.109.89.0/24 maxlen: 24 103.82.216.0/24 maxlen: 24 103.82.217.0/24 maxlen: 24 103.82.218.0/24 maxlen: 24 103.82.219.0/24 maxlen: 24 103.98.14.0/24 maxlen: 24 103.119.132.0/23 maxlen: 23 103.119.132.0/24 maxlen: 24 103.119.133.0/24 maxlen: 24 2403:e840::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9182502/DA16C63A73CC11EAA3995326C4F9AE02/jDzLT_uJGJxu9bNN_aq-GAalIYo.crl rsync://rpki.apnic.net/member_repository/A9182502/DA16C63A73CC11EAA3995326C4F9AE02/jDzLT_uJGJxu9bNN_aq-GAalIYo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jDzLT_uJGJxu9bNN_aq-GAalIYo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:37:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2888 (0xb48) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9182502, serialNumber=8C3CCB4FFB89189C6EF5B34DFDAABE1806A5218A Validity Not Before: Aug 12 20:31:15 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=69a48054-c7cd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:05:bd:ba:ca:d3:8b:36:44:2d:43:19:da:ba: f3:e9:e1:f0:e8:62:91:15:5d:0d:7f:75:54:48:c9: 9b:9b:fe:5b:bd:a8:62:00:72:de:8b:a8:a4:3c:9a: 78:28:57:7f:b7:5f:79:51:ba:a5:29:8f:ba:4a:f5: 40:23:2e:14:c1:e2:bd:95:ad:6f:ed:be:39:97:79: 07:87:5c:f1:c6:b7:64:ff:6a:ca:63:52:80:02:61: 50:a1:3a:fb:49:a8:64:d8:cb:b3:10:7a:e9:98:0b: e8:b4:a0:7b:b6:65:07:64:0d:1b:6c:a8:08:99:7c: 0f:dc:a4:97:2a:d1:02:70:a2:12:28:f7:4b:d0:28: d8:a0:e1:0c:23:19:e6:91:34:b4:c6:0e:57:7d:e1: 08:05:6a:a9:5e:5b:15:fd:70:c0:10:4d:5f:63:ec: 96:ba:c0:46:5d:e6:32:e7:b6:3c:5c:b1:a8:f8:51: 16:ba:39:d9:3a:b3:5a:92:75:5b:14:37:2e:e7:97: c8:79:2b:9c:4d:bb:5b:18:1f:6d:dd:4f:4d:77:70: 2f:35:c5:ad:0c:c3:87:bb:d7:e3:58:8e:7f:79:fb: 17:d4:78:db:33:c2:cd:59:93:f5:39:db:c9:ac:6a: 2a:cd:11:87:a5:a9:b2:09:f0:db:2f:79:d7:2b:e6: 7e:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:33:67:57:E9:F7:39:30:A9:B5:6F:08:50:7C:AD:37:05:99:5C:16 X509v3 Authority Key Identifier: keyid:8C:3C:CB:4F:FB:89:18:9C:6E:F5:B3:4D:FD:AA:BE:18:06:A5:21:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9182502/DA16C63A73CC11EAA3995326C4F9AE02/jDzLT_uJGJxu9bNN_aq-GAalIYo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jDzLT_uJGJxu9bNN_aq-GAalIYo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9182502/DA16C63A73CC11EAA3995326C4F9AE02/0A5773F6BBBC11ECB2E7FF46C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 39.109.66.0-39.109.91.255 103.82.216.0/22 103.98.14.0/24 103.119.132.0/23 IPv6: 2403:e840::/32 Signature Algorithm: sha256WithRSAEncryption 03:0b:87:26:af:c5:91:05:5a:5c:b5:e6:f2:6e:82:3e:4e:a7: e3:3b:bc:82:97:c0:a1:ad:10:f3:d5:2d:ef:dd:ab:5d:bc:86: ba:87:09:07:58:55:c9:c6:b2:45:7a:f2:73:c4:f2:8d:3e:e7: 50:48:fd:4d:47:52:d2:c2:45:a8:49:a4:97:f9:34:23:ac:ba: cc:5e:fa:28:d3:18:9c:04:12:e4:45:8e:6b:8a:6c:d8:e1:dd: 0e:14:ec:1f:31:bf:d6:e0:4c:63:5e:bc:62:68:53:14:90:55: fa:b3:7b:f1:72:da:74:a8:26:f7:4d:ba:a3:a3:e0:a2:27:94: 30:90:18:8b:ab:85:e4:fd:ef:51:58:ef:46:a2:d1:b6:62:db: 3d:a2:2f:e3:30:6d:26:ca:31:6c:eb:3a:41:0d:5c:b8:3e:97: 15:1e:b8:92:84:d6:55:d7:fd:73:9b:ea:78:d1:2a:55:a4:cc: ee:1d:b1:7d:cb:87:b4:9b:a6:f9:7d:29:28:2e:64:5a:b1:66: 92:04:38:7b:4a:d1:2e:bf:1a:1d:1d:16:9b:0e:c6:21:4c:1f: 24:0c:0d:25:ca:c4:8c:1f:23:ce:b2:bc:91:84:f4:55:cc:63: ef:ac:ac:5f:c4:57:b4:67:4d:45:dc:b1:e1:85:88:1a:cc:b0: 21:91:6c:59 -----BEGIN CERTIFICATE----- MIIFZTCCBE2gAwIBAgICC0gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODI1MDIxMTAvBgNVBAUTKDhDM0NDQjRGRkI4OTE4OUM2RUY1QjM0REZEQUFCRTE4 MDZBNTIxOEEwHhcNMjUwODEyMjAzMTE1WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0ODA1NC1jN2NkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAswW9usrTizZELUMZ2rrz6eHw6GKRFV0Nf3VUSMmbm/5bvahiAHLei6ikPJp4 KFd/t195UbqlKY+6SvVAIy4UweK9la1v7b45l3kHh1zxxrdk/2rKY1KAAmFQoTr7 Sahk2MuzEHrpmAvotKB7tmUHZA0bbKgImXwP3KSXKtECcKISKPdL0CjYoOEMIxnm kTS0xg5XfeEIBWqpXlsV/XDAEE1fY+yWusBGXeYy57Y8XLGo+FEWujnZOrNaknVb FDcu55fIeSucTbtbGB9t3U9Nd3AvNcWtDMOHu9fjWI5/efsX1HjbM8LNWZP1OdvJ rGoqzRGHpamyCfDbL3nXK+Z++QIDAQABo4ICiTCCAoUwHQYDVR0OBBYEFLAzZ1fp 9zkwqbVvCFB8rTcFmVwWMB8GA1UdIwQYMBaAFIw8y0/7iRicbvWzTf2qvhgGpSGK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MjUwMi9EQTE2QzYzQTcz Q0MxMUVBQTM5OTUzMjZDNEY5QUUwMi9qRHpMVF91SkdKeHU5Yk5OX2FxLUdBYWxJ WW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2pEekxUX3VKR0p4dTliTk5fYXEtR0FhbElZby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODI1MDIvREExNkM2M0E3M0NDMTFFQUEzOTk1MzI2QzRGOUFFMDIvMEE1NzczRjZC QkJDMTFFQ0IyRTdGRjQ2QzRGOUFFMDIucm9hMEgGCCsGAQUFBwEHAQH/BDkwNzAm BAIAATAgMAwDBAEnbUIDBAInbVgDBAJnUtgDBABnYg4DBAFnd4QwDQQCAAIwBwMF ACQD6EAwDQYJKoZIhvcNAQELBQADggEBAAMLhyavxZEFWly15vJugj5Op+M7vIKX wKGtEPPVLe/dq128hrqHCQdYVcnGskV68nPE8o0+51BI/U1HUtLCRahJpJf5NCOs usxe+ijTGJwEEuRFjmuKbNjh3Q4U7B8xv9bgTGNevGJoUxSQVfqze/Fy2nSoJvdN uqOj4KInlDCQGIurheT971FY70ai0bZi2z2iL+MwbSbKMWzrOkENXLg+lxUeuJKE 1lXX/XOb6njRKlWkzO4dsX3Lh7Sbpvl9KSguZFqxZpIEOHtK0S6/Gh0dFpsOxiFM HyQMDSXKxIwfI86yvJGE9FXMY++srF/EV7RnTUXcseGFiBrMsCGRbFk= -----END CERTIFICATE-----Generated at Mon Mar 2 11:21:28 2026 by rpki-client