$ rpki-client -vvf rpki.apnic.net/member_repository/A91D087E/B019F1CA04FC11EA8CAED415C4F9AE02/8A7C342604FE11EAB778E81CC4F9AE02.roa File: 8A7C342604FE11EAB778E81CC4F9AE02.roa (raw, json) Hash identifier: 8onqQ0Hgne8VuBR8MMAfBmsUbYc+lMndFteIlBMEozQ= Subject key identifier: EB:F2:34:64:57:06:DF:BB:86:C6:BF:7E:95:C2:CF:C1:5A:96:7B:66 Certificate issuer: /CN=A91D087E/serialNumber=F07FB13EF91E2211B0FEBC855ADDAF301B0671A4 Certificate serial: 0CE4 Authority key identifier: F0:7F:B1:3E:F9:1E:22:11:B0:FE:BC:85:5A:DD:AF:30:1B:06:71:A4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8H-xPvkeIhGw_ryFWt2vMBsGcaQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D087E/B019F1CA04FC11EA8CAED415C4F9AE02/8A7C342604FE11EAB778E81CC4F9AE02.roa Signing time: Sun 01 Mar 2026 09:23:16 +0000 ROA not before: Sun 06 Apr 2025 18:28:01 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 24516 IP address blocks: 43.247.124.0/22 maxlen: 24 43.247.128.0/22 maxlen: 24 103.227.200.0/22 maxlen: 24 103.230.172.0/22 maxlen: 24 103.245.216.0/22 maxlen: 24 125.254.48.0/23 maxlen: 24 203.23.139.0/24 maxlen: 24 2402:fa80::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D087E/B019F1CA04FC11EA8CAED415C4F9AE02/8H-xPvkeIhGw_ryFWt2vMBsGcaQ.crl rsync://rpki.apnic.net/member_repository/A91D087E/B019F1CA04FC11EA8CAED415C4F9AE02/8H-xPvkeIhGw_ryFWt2vMBsGcaQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8H-xPvkeIhGw_ryFWt2vMBsGcaQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 01:14:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3300 (0xce4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D087E, serialNumber=F07FB13EF91E2211B0FEBC855ADDAF301B0671A4 Validity Not Before: Apr 6 18:28:01 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=69a40583-3427 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:fd:9e:fa:9a:c5:1c:f4:65:e2:23:6d:3f:5f: 7c:d2:06:e6:18:f2:34:7d:6e:1f:48:b3:93:0d:4a: c2:3b:f9:31:8d:11:32:3e:fe:f6:b0:d6:eb:2e:43: dd:ad:d9:ea:23:33:71:65:51:12:ff:1c:ce:88:1d: d6:11:dc:b5:c0:77:66:9e:c9:65:b7:f7:2d:ab:6a: 6c:f4:76:ec:73:4c:30:9b:1a:26:6d:13:40:f4:4f: 0d:d1:c4:0f:2f:77:f9:b0:6c:7c:37:d0:9d:25:31: c3:52:29:b4:7b:22:b3:6f:37:61:b9:e0:b9:8e:a0: 85:34:ab:81:66:17:a7:d1:7c:e5:4d:c4:e1:b3:79: fd:66:e2:1b:5a:fd:a3:33:da:3f:24:67:80:f2:d5: 38:43:7c:02:b4:b6:c8:93:6e:52:68:e1:38:cc:3b: ad:1a:00:8b:4b:62:6b:af:bb:de:48:0c:7e:76:f8: ba:40:ae:ad:b1:d1:63:c8:f2:99:53:89:09:a8:12: 84:9d:59:7c:31:c2:5c:07:6b:5f:2e:52:68:94:7a: 37:d9:09:70:bb:07:71:5a:a7:d1:e4:8e:a8:ed:93: b0:b9:63:93:19:4e:09:34:34:1c:c2:c8:99:3e:35: cb:2c:6a:f3:ef:55:6b:04:6e:1d:d8:52:df:cc:67: 69:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:F2:34:64:57:06:DF:BB:86:C6:BF:7E:95:C2:CF:C1:5A:96:7B:66 X509v3 Authority Key Identifier: keyid:F0:7F:B1:3E:F9:1E:22:11:B0:FE:BC:85:5A:DD:AF:30:1B:06:71:A4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D087E/B019F1CA04FC11EA8CAED415C4F9AE02/8H-xPvkeIhGw_ryFWt2vMBsGcaQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8H-xPvkeIhGw_ryFWt2vMBsGcaQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D087E/B019F1CA04FC11EA8CAED415C4F9AE02/8A7C342604FE11EAB778E81CC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.247.124.0-43.247.131.255 103.227.200.0/22 103.230.172.0/22 103.245.216.0/22 125.254.48.0/23 203.23.139.0/24 IPv6: 2402:fa80::/32 Signature Algorithm: sha256WithRSAEncryption 9e:c4:46:f0:16:34:1d:3f:a0:69:92:68:bd:37:15:59:fa:5b: 9c:ed:e7:07:44:1e:31:86:2e:7b:a5:ff:38:86:87:13:a9:b7: 00:24:8a:93:c6:9e:e0:db:91:64:dc:bc:ae:be:2a:7a:f9:9f: 73:30:f7:a3:b3:42:39:72:a9:df:13:62:a1:c4:b1:5a:9c:0e: 94:69:f2:f5:d5:60:86:1e:25:b2:86:5c:21:7e:22:01:2e:b9: 6f:12:b6:d0:fd:e7:72:18:51:ba:98:a1:da:55:07:35:c6:22: 54:4a:79:05:3d:4d:c4:d9:69:3e:73:7f:1b:b0:c6:b6:b7:2d: 56:fe:49:2d:57:d9:36:00:ad:3d:a2:b6:49:27:36:ec:58:0e: 43:b1:45:6c:de:39:b1:b0:f6:08:f7:31:85:15:0e:10:79:7a: 2a:bb:75:ed:a4:30:8a:ed:07:a3:5f:7c:8d:cd:2e:0b:6a:97: 71:26:9f:44:09:66:13:4d:c6:2c:ca:f6:20:c1:72:76:48:42: be:55:6e:54:fc:87:2d:0d:4c:4c:16:97:7c:a1:fc:1d:b3:a3: 89:df:9b:71:48:02:ca:4a:52:e9:9b:1e:69:93:11:d5:f6:91: a1:3f:bf:95:fb:8c:e4:d9:a4:b2:c4:e2:9d:43:fd:4e:a6:df: 06:35:3f:0e -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICDOQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDA4N0UxMTAvBgNVBAUTKEYwN0ZCMTNFRjkxRTIyMTFCMEZFQkM4NTVBRERBRjMw MUIwNjcxQTQwHhcNMjUwNDA2MTgyODAxWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MDU4My0zNDI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0P2e+prFHPRl4iNtP1980gbmGPI0fW4fSLOTDUrCO/kxjREyPv72sNbrLkPd rdnqIzNxZVES/xzOiB3WEdy1wHdmnsllt/ctq2ps9Hbsc0wwmxombRNA9E8N0cQP L3f5sGx8N9CdJTHDUim0eyKzbzdhueC5jqCFNKuBZhen0XzlTcThs3n9ZuIbWv2j M9o/JGeA8tU4Q3wCtLbIk25SaOE4zDutGgCLS2Jrr7veSAx+dvi6QK6tsdFjyPKZ U4kJqBKEnVl8McJcB2tfLlJolHo32QlwuwdxWqfR5I6o7ZOwuWOTGU4JNDQcwsiZ PjXLLGrz71VrBG4d2FLfzGdpbwIDAQABo4IClTCCApEwHQYDVR0OBBYEFOvyNGRX Bt+7hsa/fpXCz8FalntmMB8GA1UdIwQYMBaAFPB/sT75HiIRsP68hVrdrzAbBnGk MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMDg3RS9CMDE5RjFDQTA0 RkMxMUVBOENBRUQ0MTVDNEY5QUUwMi84SC14UHZrZUloR3dfcnlGV3Qydk1Cc0dj YVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzhILXhQdmtlSWhHd19yeUZXdDJ2TUJzR2NhUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDA4N0UvQjAxOUYxQ0EwNEZDMTFFQThDQUVENDE1QzRGOUFFMDIvOEE3QzM0MjYw NEZFMTFFQUI3NzhFODFDQzRGOUFFMDIucm9hMFQGCCsGAQUFBwEHAQH/BEUwQzAy BAIAATAsMAwDBAIr93wDBAIr94ADBAJn48gDBAJn5qwDBAJn9dgDBAF9/jADBADL F4swDQQCAAIwBwMFACQC+oAwDQYJKoZIhvcNAQELBQADggEBAJ7ERvAWNB0/oGmS aL03FVn6W5zt5wdEHjGGLnul/ziGhxOptwAkipPGnuDbkWTcvK6+Knr5n3Mw96Oz Qjlyqd8TYqHEsVqcDpRp8vXVYIYeJbKGXCF+IgEuuW8SttD953IYUbqYodpVBzXG IlRKeQU9TcTZaT5zfxuwxra3LVb+SS1X2TYArT2itkknNuxYDkOxRWzeObGw9gj3 MYUVDhB5eiq7de2kMIrtB6NffI3NLgtql3Emn0QJZhNNxizK9iDBcnZIQr5VblT8 hy0NTEwWl3yh/B2zo4nfm3FIAspKUumbHmmTEdX2kaE/v5X7jOTZpLLE4p1D/U6m 3wY1Pw4= -----END CERTIFICATE-----Generated at Mon Mar 2 18:12:42 2026 by rpki-client