$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8E84D27A66FA11EC82AB9E32C4F9AE02.roa File: 8E84D27A66FA11EC82AB9E32C4F9AE02.roa (raw, json) Hash identifier: gaprj8xSmQ3OKrIqWUttLIkcCdeyVQpTrC9LHWGyZy8= Subject key identifier: 41:AF:E1:74:66:86:CB:29:FD:AA:07:11:39:E6:9D:63:50:65:67:56 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: D21A Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8E84D27A66FA11EC82AB9E32C4F9AE02.roa Signing time: Sun 01 Mar 2026 22:18:11 +0000 ROA not before: Thu 08 May 2025 15:59:26 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 133711 IP address blocks: 43.227.224.0/22 maxlen: 24 103.47.16.0/24 maxlen: 24 103.47.17.0/24 maxlen: 24 103.47.18.0/24 maxlen: 24 103.47.19.0/24 maxlen: 24 103.106.232.0/24 maxlen: 24 103.106.233.0/24 maxlen: 24 103.106.234.0/24 maxlen: 24 103.106.235.0/24 maxlen: 24 103.159.66.0/23 maxlen: 24 2400:55a0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 07:55:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53786 (0xd21a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 8 15:59:26 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=69a4bb23-477a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:a8:03:22:fa:48:5c:c4:45:3a:37:c3:49:39: 7c:01:b8:6d:f7:66:5e:26:cd:51:29:49:66:6a:eb: c7:6f:92:75:d1:c1:ca:24:9f:8e:6b:5f:5f:48:92: c5:54:ce:45:81:d3:88:52:87:00:1c:98:99:0f:05: 32:28:41:a1:7c:d1:95:ea:38:ca:f2:df:ed:08:aa: 69:da:b5:be:99:9a:ae:23:60:c6:a1:4f:0a:c4:88: c1:fe:07:39:f4:ae:3b:05:b4:23:c1:63:78:73:4e: 7f:08:10:9f:fd:ce:42:7a:16:f6:23:76:9c:8a:9d: 9e:0a:b3:6e:88:70:6a:c8:3c:21:2a:b7:ea:4d:34: 49:6c:94:e7:35:9b:5d:b4:16:32:05:15:93:4b:12: 03:d3:13:66:c9:c7:b5:c2:cc:fc:8a:ec:29:6f:7f: fd:b7:c6:36:ab:bc:da:25:c4:c0:50:ab:33:d6:dd: c6:4a:5d:f7:0c:2b:d5:d3:b7:9b:a2:06:8c:11:86: 6f:07:67:87:19:14:a2:d7:b8:74:5c:d8:a0:cf:db: c7:2e:7f:92:87:0d:ce:17:49:ea:df:4a:67:08:74: 3a:49:20:9a:bd:e1:99:b7:fc:bb:dd:da:1b:06:de: 01:d8:d6:4b:ee:94:e9:01:3c:32:c6:d6:e0:e8:c2: fa:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:AF:E1:74:66:86:CB:29:FD:AA:07:11:39:E6:9D:63:50:65:67:56 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8E84D27A66FA11EC82AB9E32C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.227.224.0/22 103.47.16.0/22 103.106.232.0/22 103.159.66.0/23 IPv6: 2400:55a0::/32 Signature Algorithm: sha256WithRSAEncryption 33:fe:6e:87:0f:1a:d4:56:27:d5:8a:ff:be:72:ba:91:16:4f: a7:a5:91:3e:de:84:34:08:be:4c:6b:8e:ba:7a:95:d5:51:f8: 29:18:62:90:20:97:c9:3e:a6:ff:8e:ae:16:6c:3e:41:3c:26: 09:98:27:83:9f:e1:20:45:44:f9:27:0c:61:79:c8:1c:6d:85: f6:49:40:7d:5a:20:b3:dc:61:9c:5e:9c:36:3b:98:76:3b:ff: c3:e6:4c:eb:1a:78:79:e7:41:d0:b0:1d:ce:e9:9e:9e:c6:ef: 32:01:e1:2d:81:25:b0:b7:0d:2b:9c:ed:1c:c8:ab:ce:eb:0f: bf:ce:a9:e1:3e:c4:8f:16:c6:66:78:9c:36:b8:6d:82:66:0e: 22:51:fb:3c:89:1a:9e:64:49:f1:a0:f0:33:2c:eb:2d:5b:7f: 53:b0:99:b3:88:8d:36:0b:43:e3:e1:00:aa:fd:e5:17:c6:92: 97:26:08:e9:7b:e6:eb:ae:0a:a3:34:44:7e:f1:74:e6:51:57: 8d:1d:c3:dc:fc:9e:db:85:d8:07:db:18:d6:8f:ff:af:39:6a: a2:10:f1:bc:60:e9:37:f3:28:3a:28:ab:73:6b:9b:5c:3e:78: 13:1b:fd:73:cc:53:c9:ea:b1:f6:aa:94:a2:30:12:52:d5:02: 12:b7:6d:27 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIDANIaMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDUwODE1NTkyNloXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjlhNGJiMjMtNDc3YTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALWoAyL6SFzERTo3w0k5fAG4bfdmXibNUSlJZmrrx2+SddHByiSfjmtfX0iS xVTORYHTiFKHAByYmQ8FMihBoXzRleo4yvLf7Qiqadq1vpmariNgxqFPCsSIwf4H OfSuOwW0I8FjeHNOfwgQn/3OQnoW9iN2nIqdngqzbohwasg8ISq36k00SWyU5zWb XbQWMgUVk0sSA9MTZsnHtcLM/IrsKW9//bfGNqu82iXEwFCrM9bdxkpd9wwr1dO3 m6IGjBGGbwdnhxkUote4dFzYoM/bxy5/kocNzhdJ6t9KZwh0Okkgmr3hmbf8u93a GwbeAdjWS+6U6QE8MsbW4OjC+gsCAwEAAaOCAoEwggJ9MB0GA1UdDgQWBBRBr+F0 ZobLKf2qBxE55p1jUGVnVjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzhFODREMjdB NjZGQTExRUM4MkFCOUUzMkM0RjlBRTAyLnJvYTBABggrBgEFBQcBBwEB/wQxMC8w HgQCAAEwGAMEAivj4AMEAmcvEAMEAmdq6AMEAWefQjANBAIAAjAHAwUAJABVoDAN BgkqhkiG9w0BAQsFAAOCAQEAM/5uhw8a1FYn1Yr/vnK6kRZPp6WRPt6ENAi+TGuO unqV1VH4KRhikCCXyT6m/46uFmw+QTwmCZgng5/hIEVE+ScMYXnIHG2F9klAfVog s9xhnF6cNjuYdjv/w+ZM6xp4eedB0LAdzumensbvMgHhLYElsLcNK5ztHMirzusP v86p4T7EjxbGZnicNrhtgmYOIlH7PIkanmRJ8aDwMyzrLVt/U7CZs4iNNgtD4+EA qv3lF8aSlyYI6Xvm664KozREfvF05lFXjR3D3Pye24XYB9sY1o//rzlqohDxvGDp N/MoOiirc2ubXD54Exv9c8xTyeqx9qqUojASUtUCErdtJw== -----END CERTIFICATE-----Generated at Mon Mar 2 13:38:40 2026 by rpki-client