$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/899362B4E46911EF9A0CA270C4F9AE02.roa File: 899362B4E46911EF9A0CA270C4F9AE02.roa (raw, json) Hash identifier: SKYJ100z4Hlhy9PHTSLCyqc60IX9TCFwam8fTs/fac8= Subject key identifier: F2:22:1D:F9:54:D0:E7:4E:EE:8C:C4:F3:DB:4F:E3:0E:FD:39:8B:B3 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: D4A5 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/899362B4E46911EF9A0CA270C4F9AE02.roa Signing time: Sun 01 Mar 2026 22:33:16 +0000 ROA not before: Thu 08 May 2025 16:12:08 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 138737 IP address blocks: 103.127.60.0/23 maxlen: 24 103.139.170.0/23 maxlen: 24 103.157.162.0/23 maxlen: 24 103.160.28.0/23 maxlen: 24 103.160.132.0/23 maxlen: 24 103.162.74.0/24 maxlen: 24 103.162.75.0/24 maxlen: 24 2001:df1:e840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 07:55:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54437 (0xd4a5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 8 16:12:08 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=69a4beac-3a3b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:c6:55:da:cb:0c:5b:86:2e:b4:42:9b:67:89: 93:0d:c6:33:7f:9e:a8:05:99:56:13:e5:e4:89:52: 19:3d:f2:c6:5d:e0:3b:7d:fa:da:c4:9e:0f:b2:bf: bd:1b:99:ae:58:c2:12:f9:0c:cf:31:2d:f5:b1:7c: e4:9f:46:09:31:17:34:a0:13:fd:2e:6b:cf:d5:a0: 53:ae:0e:3c:36:81:7b:95:c1:a5:fe:eb:92:51:96: d2:79:a2:39:0f:2f:53:6d:44:d7:a8:88:0f:34:64: 7e:db:e6:e3:66:a8:e4:ac:6d:bd:ad:bf:27:d4:84: 10:78:49:b6:67:b2:fd:8b:52:ac:c5:6d:d2:cb:a9: c6:10:e2:ad:03:82:bc:98:91:f7:5b:91:3c:9d:a0: a5:39:b3:89:80:a3:a6:9f:fa:a4:d5:1b:80:ac:24: 62:7b:a3:57:6a:e2:9f:46:ff:ab:dd:97:5c:94:fa: 21:d6:d8:97:44:e9:cc:26:f3:35:1d:75:eb:73:fe: 41:d8:a8:85:51:24:7f:a0:21:47:ea:d0:f5:80:7a: d3:40:67:7e:e9:f1:04:17:b3:f6:70:88:03:ce:cb: 31:18:2c:51:0c:6f:f1:b6:14:e0:ac:da:77:c7:e8: 17:9f:61:b7:92:4b:22:d1:ff:8e:04:59:03:8f:3d: e3:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:22:1D:F9:54:D0:E7:4E:EE:8C:C4:F3:DB:4F:E3:0E:FD:39:8B:B3 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/899362B4E46911EF9A0CA270C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.127.60.0/23 103.139.170.0/23 103.157.162.0/23 103.160.28.0/23 103.160.132.0/23 103.162.74.0/23 IPv6: 2001:df1:e840::/48 Signature Algorithm: sha256WithRSAEncryption 0b:37:eb:2b:fd:87:ab:1f:d1:7f:d9:38:31:c4:d1:f1:9f:98: 8a:5d:40:ae:a9:ac:bb:7c:39:b0:bb:e7:69:55:77:30:7a:31: c5:05:04:79:96:8f:b8:3f:fa:3a:e3:16:10:83:5d:1b:98:a4: f3:82:d3:d4:ce:b6:03:6c:cc:0f:dc:5d:5c:3e:e0:5b:d9:2b: 6b:42:d0:b3:5a:fe:6e:bf:e4:ca:4d:59:14:31:a9:8e:ac:de: 9a:af:f1:ea:3a:21:29:f2:24:fd:8c:6c:e8:be:66:36:60:5f: d8:b5:e0:a3:ed:ed:63:c6:6b:89:02:97:e7:a3:78:3c:cc:f3: 30:90:86:bf:e1:f0:58:9b:a3:09:b7:d5:f0:31:d4:4e:82:64: f4:7e:70:06:e3:f1:10:14:bc:b2:22:b5:0c:55:81:23:83:be: 45:6d:db:6e:c7:cd:b3:48:04:e0:ea:bf:35:93:4c:ee:e8:86: 04:da:6e:e2:91:8f:c4:c8:6f:60:31:9d:31:ad:75:e0:89:be: c8:28:4e:a7:12:71:3f:aa:17:90:df:a7:ae:7d:ae:ac:dd:2a: e0:5f:b7:3c:f1:d1:1f:c8:f7:23:81:b7:40:3b:0d:12:72:aa: 24:54:b6:fc:65:b2:ff:f4:e9:b1:5f:4b:b3:19:42:77:fc:c9: 51:34:92:0d -----BEGIN CERTIFICATE----- MIIFbDCCBFSgAwIBAgIDANSlMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDUwODE2MTIwOFoXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjlhNGJlYWMtM2EzYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANfGVdrLDFuGLrRCm2eJkw3GM3+eqAWZVhPl5IlSGT3yxl3gO3362sSeD7K/ vRuZrljCEvkMzzEt9bF85J9GCTEXNKAT/S5rz9WgU64OPDaBe5XBpf7rklGW0nmi OQ8vU21E16iIDzRkftvm42ao5Kxtva2/J9SEEHhJtmey/YtSrMVt0supxhDirQOC vJiR91uRPJ2gpTmziYCjpp/6pNUbgKwkYnujV2rin0b/q92XXJT6IdbYl0TpzCbz NR1163P+QdiohVEkf6AhR+rQ9YB600BnfunxBBez9nCIA87LMRgsUQxv8bYU4Kza d8foF59ht5JLItH/jgRZA48949cCAwEAAaOCAo8wggKLMB0GA1UdDgQWBBTyIh35 VNDnTu6MxPPbT+MO/TmLszAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzg5OTM2MkI0 RTQ2OTExRUY5QTBDQTI3MEM0RjlBRTAyLnJvYTBOBggrBgEFBQcBBwEB/wQ/MD0w KgQCAAEwJAMEAWd/PAMEAWeLqgMEAWedogMEAWegHAMEAWeghAMEAWeiSjAPBAIA AjAJAwcAIAEN8ehAMA0GCSqGSIb3DQEBCwUAA4IBAQALN+sr/YerH9F/2TgxxNHx n5iKXUCuqay7fDmwu+dpVXcwejHFBQR5lo+4P/o64xYQg10bmKTzgtPUzrYDbMwP 3F1cPuBb2StrQtCzWv5uv+TKTVkUMamOrN6ar/HqOiEp8iT9jGzovmY2YF/YteCj 7e1jxmuJApfno3g8zPMwkIa/4fBYm6MJt9XwMdROgmT0fnAG4/EQFLyyIrUMVYEj g75Fbdtux82zSATg6r81k0zu6IYE2m7ikY/EyG9gMZ0xrXXgib7IKE6nEnE/qheQ 36eufa6s3SrgX7c88dEfyPcjgbdAOw0ScqokVLb8ZbL/9OmxX0uzGUJ3/MlRNJIN -----END CERTIFICATE-----Generated at Mon Mar 2 15:37:17 2026 by rpki-client