$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/587758E6DD3111EAB2EA1D0AC4F9AE02.roa File: 587758E6DD3111EAB2EA1D0AC4F9AE02.roa (raw, json) Hash identifier: 0+VlmtOGPplHBR8bknO+PhUul6e9xtjSCHxzePvmqGA= Subject key identifier: EE:7F:C4:5B:E5:18:9C:E5:22:0B:90:AA:DA:4B:84:EA:3B:86:F1:96 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: DAD6 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/587758E6DD3111EAB2EA1D0AC4F9AE02.roa Signing time: Sun 01 Mar 2026 23:05:45 +0000 ROA not before: Mon 12 Jan 2026 09:54:13 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 45815 IP address blocks: 45.249.252.0/22 maxlen: 24 103.54.136.0/22 maxlen: 24 103.75.56.0/22 maxlen: 24 103.134.160.0/22 maxlen: 24 103.154.75.0/24 maxlen: 24 103.249.97.0/24 maxlen: 24 2400:5300::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 05:15:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56022 (0xdad6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Jan 12 09:54:13 2026 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=69a4c649-0526 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:d8:7a:9c:e9:a6:dc:63:8e:f7:cc:b4:cb:8a: 4f:22:2c:25:96:15:1e:4b:06:61:93:79:cc:7c:06: 82:67:20:1e:60:24:17:7d:da:98:52:05:85:20:d3: c3:21:25:4a:d5:4c:00:88:e2:cc:d4:28:8c:23:f4: 22:b1:86:28:ea:d4:c0:a2:64:db:2e:a2:fb:c0:f9: 09:15:df:97:d8:e7:8f:4b:10:f8:11:46:e3:f5:83: 08:0e:cc:b4:ca:d7:24:35:31:1d:14:ce:70:4a:1d: 65:de:36:f9:07:4b:b9:f1:f9:62:99:63:e6:07:fe: f8:24:1f:1a:92:a3:75:53:d8:ad:5f:7f:a0:b9:c2: ae:95:a3:f0:02:ed:29:20:32:49:c6:b1:d3:a7:f8: 14:54:a7:9c:ed:0b:06:f7:f2:c6:08:e7:5e:c2:c5: cd:54:18:0f:dc:78:ef:38:f6:1c:30:81:e8:a1:61: 63:fe:49:23:76:a3:4c:73:70:3f:98:54:65:cf:70: c9:98:90:51:35:81:a6:ee:b0:d4:85:d9:3d:0b:94: 97:f5:5a:d9:08:d3:36:87:0b:39:36:bb:09:5c:a8: cc:5b:81:34:7c:ff:aa:b1:6f:32:d4:a6:4a:0a:ed: a5:93:4d:36:ff:d1:73:34:58:2f:eb:3e:68:cb:3d: 3e:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:7F:C4:5B:E5:18:9C:E5:22:0B:90:AA:DA:4B:84:EA:3B:86:F1:96 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/587758E6DD3111EAB2EA1D0AC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 45.249.252.0/22 103.54.136.0/22 103.75.56.0/22 103.134.160.0/22 103.154.75.0/24 103.249.97.0/24 IPv6: 2400:5300::/32 Signature Algorithm: sha256WithRSAEncryption aa:c4:0c:e3:05:64:b8:80:55:1f:3f:80:25:b2:29:a5:0c:d3: 60:ee:b8:25:e3:d7:dc:de:a7:d7:61:cd:53:1d:8b:c1:28:da: a9:f1:ca:94:1b:48:74:c9:ac:ca:ab:93:0b:4a:b7:3f:88:d0: 39:d0:69:d2:fa:46:95:6a:35:4d:b6:dc:52:f1:ed:6a:57:11: b2:bc:6a:08:37:3c:42:1d:90:a9:c9:40:97:96:05:89:30:73: 68:27:ef:bb:fa:94:f6:c7:42:da:8e:95:ea:0a:b6:36:70:aa: 74:49:83:42:b7:fc:13:f4:9a:7f:d7:f4:36:08:af:d6:b7:c4: d0:9d:d6:71:53:3e:fa:97:d1:0f:46:58:c9:de:69:da:0c:8e: dd:ee:bb:c5:76:9c:51:18:68:1d:ca:de:08:55:83:9e:f9:37: 44:8a:31:2d:a1:51:af:ef:cf:56:46:93:5b:37:94:14:56:c9: b0:02:b9:a7:f8:18:f8:90:8e:56:0c:d6:e3:30:1e:99:b7:ca: ba:9e:a0:0a:c9:34:bc:cc:b3:27:59:56:27:c5:b8:f5:02:f5: a3:00:19:57:fa:f8:bd:1f:c9:01:a5:10:cb:99:5a:1a:75:65: 1d:7c:57:0f:7a:ef:45:62:58:bd:bb:a9:f4:30:12:3e:f3:9a: 8c:75:d4:63 -----BEGIN CERTIFICATE----- MIIFajCCBFKgAwIBAgIDANrWMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI2MDExMjA5NTQxM1oXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjlhNGM2NDktMDUyNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMPYepzpptxjjvfMtMuKTyIsJZYVHksGYZN5zHwGgmcgHmAkF33amFIFhSDT wyElStVMAIjizNQojCP0IrGGKOrUwKJk2y6i+8D5CRXfl9jnj0sQ+BFG4/WDCA7M tMrXJDUxHRTOcEodZd42+QdLufH5Yplj5gf++CQfGpKjdVPYrV9/oLnCrpWj8ALt KSAyScax06f4FFSnnO0LBvfyxgjnXsLFzVQYD9x47zj2HDCB6KFhY/5JI3ajTHNw P5hUZc9wyZiQUTWBpu6w1IXZPQuUl/Va2QjTNocLOTa7CVyozFuBNHz/qrFvMtSm SgrtpZNNNv/RczRYL+s+aMs9PhsCAwEAAaOCAo0wggKJMB0GA1UdDgQWBBTuf8Rb 5Ric5SILkKraS4TqO4bxljAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzU4Nzc1OEU2 REQzMTExRUFCMkVBMUQwQUM0RjlBRTAyLnJvYTBMBggrBgEFBQcBBwEB/wQ9MDsw KgQCAAEwJAMEAi35/AMEAmc2iAMEAmdLOAMEAmeGoAMEAGeaSwMEAGf5YTANBAIA AjAHAwUAJABTADANBgkqhkiG9w0BAQsFAAOCAQEAqsQM4wVkuIBVHz+AJbIppQzT YO64JePX3N6n12HNUx2LwSjaqfHKlBtIdMmsyquTC0q3P4jQOdBp0vpGlWo1Tbbc UvHtalcRsrxqCDc8Qh2QqclAl5YFiTBzaCfvu/qU9sdC2o6V6gq2NnCqdEmDQrf8 E/Saf9f0Ngiv1rfE0J3WcVM++pfRD0ZYyd5p2gyO3e67xXacURhoHcreCFWDnvk3 RIoxLaFRr+/PVkaTWzeUFFbJsAK5p/gY+JCOVgzW4zAembfKup6gCsk0vMyzJ1lW J8W49QL1owAZV/r4vR/JAaUQy5laGnVlHXxXD3rvRWJYvbup9DASPvOajHXUYw== -----END CERTIFICATE-----Generated at Mon Mar 2 09:33:02 2026 by rpki-client