$ rpki-client -vvf rpki.apnic.net/member_repository/A918BDA2/70E69C18D0EE11ECBC5C4973C4F9AE02/4BBDE05299B011F0B174EC14C4F9AE02.roa File: 4BBDE05299B011F0B174EC14C4F9AE02.roa (raw, json) Hash identifier: l281WaGzYU7dCqEFuYzIN6MgvSUnWoKB+RqON01Yd2w= Subject key identifier: E8:84:4A:33:64:BC:99:CE:9C:E2:68:07:8A:1B:C2:98:09:A2:91:69 Certificate issuer: /CN=A918BDA2/serialNumber=DF677D8693477B92A1E9FE7C20422696CEA8609D Certificate serial: 03AF Authority key identifier: DF:67:7D:86:93:47:7B:92:A1:E9:FE:7C:20:42:26:96:CE:A8:60:9D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/32d9hpNHe5Kh6f58IEImls6oYJ0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918BDA2/70E69C18D0EE11ECBC5C4973C4F9AE02/4BBDE05299B011F0B174EC14C4F9AE02.roa Signing time: Sun 01 Mar 2026 17:06:36 +0000 ROA not before: Mon 09 Feb 2026 01:20:58 +0000 ROA not after: Sat 01 May 2027 00:00:00 +0000 asID: 59322 IP address blocks: 43.247.16.0/22 maxlen: 22 43.247.16.0/24 maxlen: 24 43.247.17.0/24 maxlen: 24 43.247.18.0/24 maxlen: 24 43.247.19.0/24 maxlen: 24 103.225.36.0/22 maxlen: 22 103.225.36.0/24 maxlen: 24 103.225.37.0/24 maxlen: 24 103.225.38.0/24 maxlen: 24 103.225.39.0/24 maxlen: 24 110.36.58.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918BDA2/70E69C18D0EE11ECBC5C4973C4F9AE02/32d9hpNHe5Kh6f58IEImls6oYJ0.crl rsync://rpki.apnic.net/member_repository/A918BDA2/70E69C18D0EE11ECBC5C4973C4F9AE02/32d9hpNHe5Kh6f58IEImls6oYJ0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/32d9hpNHe5Kh6f58IEImls6oYJ0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 03:09:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 943 (0x3af) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918BDA2, serialNumber=DF677D8693477B92A1E9FE7C20422696CEA8609D Validity Not Before: Feb 9 01:20:58 2026 GMT Not After : May 1 00:00:00 2027 GMT Subject: CN=69a4721c-d784 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:42:23:94:44:94:20:a7:0f:73:98:d1:45:78: a2:91:2a:e4:9a:fd:f2:08:46:8e:c4:fe:eb:ee:d3: 8e:87:25:bd:03:71:7d:66:56:10:8c:e3:30:f8:53: 1b:36:72:c7:f6:3b:6e:b5:7d:6f:88:7a:a6:a4:f6: 0a:28:3e:51:08:7e:8b:72:60:79:ec:cb:64:e2:08: 5e:6d:0b:75:62:0b:c4:ac:63:2a:75:92:c0:a5:fe: bd:af:c5:4c:0a:f7:f5:9c:f4:b9:39:7b:dc:6b:43: 94:48:87:46:98:c7:5d:8d:fe:1f:4a:ae:69:fb:e0: 52:5d:bf:2b:04:45:8f:1a:a2:0b:a8:2b:6f:55:39: 2a:a9:e2:45:62:98:5e:b8:bd:64:65:51:b1:b9:55: 83:b6:d8:59:4a:fb:8a:33:19:f0:84:8e:36:68:b1: 2f:ac:c7:22:7d:36:d6:87:54:d2:bd:06:0c:e1:28: 26:55:d8:b3:9f:bb:d2:01:4c:b5:6e:0d:57:c3:1e: 95:7e:b5:c6:99:2d:c2:f0:df:f9:ce:f0:87:66:ed: ce:40:54:6d:8f:ae:7b:d5:95:e8:89:08:2a:6d:30: 3f:03:af:4c:ea:c1:49:75:41:50:32:b7:6d:77:9e: fe:cb:f9:36:c7:51:b9:3f:f5:da:e8:20:fe:f3:d4: 46:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:84:4A:33:64:BC:99:CE:9C:E2:68:07:8A:1B:C2:98:09:A2:91:69 X509v3 Authority Key Identifier: keyid:DF:67:7D:86:93:47:7B:92:A1:E9:FE:7C:20:42:26:96:CE:A8:60:9D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918BDA2/70E69C18D0EE11ECBC5C4973C4F9AE02/32d9hpNHe5Kh6f58IEImls6oYJ0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/32d9hpNHe5Kh6f58IEImls6oYJ0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918BDA2/70E69C18D0EE11ECBC5C4973C4F9AE02/4BBDE05299B011F0B174EC14C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.247.16.0/22 103.225.36.0/22 110.36.58.0/23 Signature Algorithm: sha256WithRSAEncryption 86:ca:dc:71:f7:80:a0:39:66:23:29:e6:83:62:05:a4:24:54: 83:d3:c0:12:55:24:db:71:1b:09:fc:9a:d2:3d:e4:3e:2c:be: 13:f0:82:64:e6:c5:54:e1:43:11:26:bb:db:dd:05:06:b9:d9: 60:23:15:da:87:cd:3f:6b:ef:f8:2f:36:9c:41:08:01:99:66: 59:3e:87:d8:39:6b:26:4c:a6:c0:26:a1:0b:48:b2:29:d3:af: e2:31:4f:4d:ff:9f:8d:ca:0f:2c:2a:e1:73:57:fc:39:4e:b3: 3e:91:bf:3b:c8:9f:0e:5c:90:17:10:86:58:80:5e:8f:5c:8b: 71:78:f9:de:f4:d4:32:a4:ca:f1:37:ac:50:89:19:bc:02:bd: 72:7f:f2:32:5f:41:90:d3:06:57:07:17:f8:4b:f6:aa:36:d9: 15:37:bd:29:91:f5:26:46:b7:e3:62:f5:02:81:5f:81:a3:4f: b6:c9:54:08:12:13:59:9f:9b:03:62:3a:02:4c:c0:ee:45:e5: 89:46:8c:2d:98:e7:48:b8:b8:ad:28:1f:03:df:e6:8e:50:2d: 34:d0:4b:86:12:78:73:44:80:da:bf:b5:a1:76:67:a9:06:d3: 04:73:1b:5d:01:02:09:ad:74:7a:b0:b3:78:85:66:f9:3d:56: 8c:7e:5f:63 -----BEGIN CERTIFICATE----- MIIFSDCCBDCgAwIBAgICA68wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEJEQTIxMTAvBgNVBAUTKERGNjc3RDg2OTM0NzdCOTJBMUU5RkU3QzIwNDIyNjk2 Q0VBODYwOUQwHhcNMjYwMjA5MDEyMDU4WhcNMjcwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NzIxYy1kNzg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtUIjlESUIKcPc5jRRXiikSrkmv3yCEaOxP7r7tOOhyW9A3F9ZlYQjOMw+FMb NnLH9jtutX1viHqmpPYKKD5RCH6LcmB57Mtk4ghebQt1YgvErGMqdZLApf69r8VM Cvf1nPS5OXvca0OUSIdGmMddjf4fSq5p++BSXb8rBEWPGqILqCtvVTkqqeJFYphe uL1kZVGxuVWDtthZSvuKMxnwhI42aLEvrMcifTbWh1TSvQYM4SgmVdizn7vSAUy1 bg1Xwx6VfrXGmS3C8N/5zvCHZu3OQFRtj6571ZXoiQgqbTA/A69M6sFJdUFQMrdt d57+y/k2x1G5P/Xa6CD+89RGvQIDAQABo4ICbDCCAmgwHQYDVR0OBBYEFOiESjNk vJnOnOJoB4obwpgJopFpMB8GA1UdIwQYMBaAFN9nfYaTR3uSoen+fCBCJpbOqGCd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QkRBMi83MEU2OUMxOEQw RUUxMUVDQkM1QzQ5NzNDNEY5QUUwMi8zMmQ5aHBOSGU1S2g2ZjU4SUVJbWxzNm9Z SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzMyZDlocE5IZTVLaDZmNThJRUltbHM2b1lKMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEJEQTIvNzBFNjlDMThEMEVFMTFFQ0JDNUM0OTczQzRGOUFFMDIvNEJCREUwNTI5 OUIwMTFGMEIxNzRFQzE0QzRGOUFFMDIucm9hMCsGCCsGAQUFBwEHAQH/BBwwGjAY BAIAATASAwQCK/cQAwQCZ+EkAwQBbiQ6MA0GCSqGSIb3DQEBCwUAA4IBAQCGytxx 94CgOWYjKeaDYgWkJFSD08ASVSTbcRsJ/JrSPeQ+LL4T8IJk5sVU4UMRJrvb3QUG udlgIxXah80/a+/4LzacQQgBmWZZPofYOWsmTKbAJqELSLIp06/iMU9N/5+Nyg8s KuFzV/w5TrM+kb87yJ8OXJAXEIZYgF6PXItxePne9NQypMrxN6xQiRm8Ar1yf/Iy X0GQ0wZXBxf4S/aqNtkVN70pkfUmRrfjYvUCgV+Bo0+2yVQIEhNZn5sDYjoCTMDu ReWJRowtmOdIuLitKB8D3+aOUC000EuGEnhzRIDav7WhdmepBtMEcxtdAQIJrXR6 sLN4hWb5PVaMfl9j -----END CERTIFICATE-----Generated at Tue Mar 3 00:41:53 2026 by rpki-client