$ rpki-client -vvf rpki.apnic.net/member_repository/A9185CED/1AAF7D94922711EBBE734F40C4F9AE02/3A84DC2C44E411EFB0C1A135C4F9AE02.roa File: 3A84DC2C44E411EFB0C1A135C4F9AE02.roa (raw, json) Hash identifier: ANO9ATvmrYILQmlhem8z7fcbouBAL7kvJgnxQnAu8ss= Subject key identifier: 79:93:20:7A:1F:CC:79:BA:8E:1D:3D:45:B1:BF:E5:9D:19:94:C2:18 Certificate issuer: /CN=A9185CED/serialNumber=954A701BAA0C931D0176E485B7A287C13165260E Certificate serial: 06C9 Authority key identifier: 95:4A:70:1B:AA:0C:93:1D:01:76:E4:85:B7:A2:87:C1:31:65:26:0E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lUpwG6oMkx0BduSFt6KHwTFlJg4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9185CED/1AAF7D94922711EBBE734F40C4F9AE02/3A84DC2C44E411EFB0C1A135C4F9AE02.roa Signing time: Sun 01 Mar 2026 09:46:49 +0000 ROA not before: Sun 06 Jul 2025 23:04:18 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 55352 IP address blocks: 45.127.88.0/22 maxlen: 22 45.127.88.0/24 maxlen: 24 45.127.89.0/24 maxlen: 24 45.127.90.0/24 maxlen: 24 45.127.91.0/24 maxlen: 24 103.248.72.0/22 maxlen: 22 103.248.72.0/24 maxlen: 24 103.248.73.0/24 maxlen: 24 103.248.74.0/24 maxlen: 24 103.248.75.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9185CED/1AAF7D94922711EBBE734F40C4F9AE02/lUpwG6oMkx0BduSFt6KHwTFlJg4.crl rsync://rpki.apnic.net/member_repository/A9185CED/1AAF7D94922711EBBE734F40C4F9AE02/lUpwG6oMkx0BduSFt6KHwTFlJg4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lUpwG6oMkx0BduSFt6KHwTFlJg4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 23:07:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1737 (0x6c9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9185CED, serialNumber=954A701BAA0C931D0176E485B7A287C13165260E Validity Not Before: Jul 6 23:04:18 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=69a40b09-4f9f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:ca:e5:f2:b6:59:d3:91:9b:a6:12:e5:e9:7d: cf:fc:5b:5a:ad:ed:fb:37:44:15:b2:2f:88:0f:4f: a5:fa:89:4a:e9:c8:11:3a:cb:56:ca:de:25:aa:d6: 25:28:d8:f2:61:05:f2:7a:13:55:00:4e:d8:be:ce: df:96:b5:8a:12:8c:42:7e:74:eb:f4:e5:a5:8d:09: 9c:92:43:39:fd:3e:76:84:2d:51:48:c4:7b:90:be: 6b:d3:f9:a8:1b:b2:ab:b1:65:e9:9c:84:7d:1b:09: c3:10:15:49:68:33:15:7d:2c:be:dd:6b:8a:d7:96: c4:d6:cf:aa:62:e8:70:bc:9e:20:6d:b7:61:80:16: df:d1:b4:91:1b:2f:92:af:a6:d9:71:e2:1f:d3:2d: a6:28:b0:fe:41:94:61:fd:e4:f9:47:80:24:dd:ce: b6:37:e1:cf:a2:9e:66:2a:8a:cc:59:b9:5c:1f:1f: b6:3b:e8:3f:17:e9:fe:3e:65:28:76:7e:98:81:5a: 69:1f:fc:bc:57:c9:fb:33:e7:b3:3e:89:e0:9f:c0: 13:87:b5:57:d0:8c:4e:b8:3d:eb:32:3d:04:ea:45: ff:42:22:c7:99:44:9c:9b:b4:f9:ef:67:b2:46:6a: ee:ff:4d:46:63:d7:16:4c:78:b2:10:23:f4:12:37: e0:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:93:20:7A:1F:CC:79:BA:8E:1D:3D:45:B1:BF:E5:9D:19:94:C2:18 X509v3 Authority Key Identifier: keyid:95:4A:70:1B:AA:0C:93:1D:01:76:E4:85:B7:A2:87:C1:31:65:26:0E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9185CED/1AAF7D94922711EBBE734F40C4F9AE02/lUpwG6oMkx0BduSFt6KHwTFlJg4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lUpwG6oMkx0BduSFt6KHwTFlJg4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9185CED/1AAF7D94922711EBBE734F40C4F9AE02/3A84DC2C44E411EFB0C1A135C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 45.127.88.0/22 103.248.72.0/22 Signature Algorithm: sha256WithRSAEncryption 48:9d:cb:ec:66:b8:47:04:1c:06:8b:c9:02:98:4d:c9:94:87: 52:6e:65:46:1a:40:77:81:fb:16:50:28:4f:0f:ac:f2:ed:e5: d4:42:60:ab:82:d5:d0:4e:0b:f5:22:51:6d:64:f8:43:8c:17: 72:9f:74:cf:9c:1b:22:f4:dd:89:47:65:60:fc:cc:89:68:f6: dd:17:a0:7a:ab:d4:75:8d:55:89:8f:b1:83:bc:bd:2f:16:11: d3:3e:ef:9b:41:fa:5a:bd:af:96:23:30:2e:a3:8a:20:44:c0: f8:91:eb:d7:82:5d:dd:2e:59:5d:65:7a:c4:da:88:67:5e:9e: fd:89:14:57:68:b7:3b:53:e0:0a:54:92:92:bb:d5:57:48:d8: 3d:70:66:10:50:92:a9:02:26:76:9e:c3:3b:62:c9:ac:12:1b: 40:4e:8e:a0:b3:0e:2f:ff:1b:1e:d1:df:d1:e0:d9:9a:d2:f8: 98:3d:b7:76:ce:4c:a4:f5:bc:1d:39:e4:c1:0f:3a:22:e1:4c: b5:29:fa:28:ee:2d:48:0b:79:01:94:c5:89:ab:2d:cb:08:af: 29:08:ff:18:bd:6a:34:95:bf:78:35:8c:72:a4:5e:2d:62:04: 1a:d4:ba:ad:56:6e:63:3a:b9:80:cc:f8:0b:59:7b:e9:8b:78: b7:c6:b8:44 -----BEGIN CERTIFICATE----- MIIFQjCCBCqgAwIBAgICBskwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODVDRUQxMTAvBgNVBAUTKDk1NEE3MDFCQUEwQzkzMUQwMTc2RTQ4NUI3QTI4N0Mx MzE2NTI2MEUwHhcNMjUwNzA2MjMwNDE4WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MGIwOS00ZjlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsMrl8rZZ05GbphLl6X3P/Ftare37N0QVsi+ID0+l+olK6cgROstWyt4lqtYl KNjyYQXyehNVAE7Yvs7flrWKEoxCfnTr9OWljQmckkM5/T52hC1RSMR7kL5r0/mo G7KrsWXpnIR9GwnDEBVJaDMVfSy+3WuK15bE1s+qYuhwvJ4gbbdhgBbf0bSRGy+S r6bZceIf0y2mKLD+QZRh/eT5R4Ak3c62N+HPop5mKorMWblcHx+2O+g/F+n+PmUo dn6YgVppH/y8V8n7M+ezPongn8ATh7VX0IxOuD3rMj0E6kX/QiLHmUScm7T572ey Rmru/01GY9cWTHiyECP0EjfgKwIDAQABo4ICZjCCAmIwHQYDVR0OBBYEFHmTIHof zHm6jh09RbG/5Z0ZlMIYMB8GA1UdIwQYMBaAFJVKcBuqDJMdAXbkhbeih8ExZSYO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NUNFRC8xQUFGN0Q5NDky MjcxMUVCQkU3MzRGNDBDNEY5QUUwMi9sVXB3RzZvTWt4MEJkdVNGdDZLSHdURmxK ZzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xVcHdHNm9Na3gwQmR1U0Z0NktId1RGbEpnNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODVDRUQvMUFBRjdEOTQ5MjI3MTFFQkJFNzM0RjQwQzRGOUFFMDIvM0E4NERDMkM0 NEU0MTFFRkIwQzFBMTM1QzRGOUFFMDIucm9hMCUGCCsGAQUFBwEHAQH/BBYwFDAS BAIAATAMAwQCLX9YAwQCZ/hIMA0GCSqGSIb3DQEBCwUAA4IBAQBIncvsZrhHBBwG i8kCmE3JlIdSbmVGGkB3gfsWUChPD6zy7eXUQmCrgtXQTgv1IlFtZPhDjBdyn3TP nBsi9N2JR2Vg/MyJaPbdF6B6q9R1jVWJj7GDvL0vFhHTPu+bQfpava+WIzAuo4og RMD4kevXgl3dLlldZXrE2ohnXp79iRRXaLc7U+AKVJKSu9VXSNg9cGYQUJKpAiZ2 nsM7YsmsEhtATo6gsw4v/xse0d/R4Nma0viYPbd2zkyk9bwdOeTBDzoi4Uy1Kfoo 7i1IC3kBlMWJqy3LCK8pCP8YvWo0lb94NYxypF4tYgQa1LqtVm5jOrmAzPgLWXvp i3i3xrhE -----END CERTIFICATE-----Generated at Mon Mar 2 13:02:27 2026 by rpki-client