$ rpki-client -vvf rpki.apnic.net/member_repository/A9118EB2/7AC767DE066911EDB0AE8E37C4F9AE02/208C7D2E066C11EDB31C2239C4F9AE02.roa File: 208C7D2E066C11EDB31C2239C4F9AE02.roa (raw, json) Hash identifier: 384lM558CG+awOCq+Jp4xJkMm0eBCvPqegdL9GG+nvU= Subject key identifier: 94:CE:AA:EA:6E:F4:02:BF:2A:0C:E4:57:ED:FC:F7:90:FD:AD:A7:FE Certificate issuer: /CN=A9118EB2/serialNumber=8603A0ACA7204B0EFED64DB70DE51C75BA039355 Certificate serial: 0350 Authority key identifier: 86:03:A0:AC:A7:20:4B:0E:FE:D6:4D:B7:0D:E5:1C:75:BA:03:93:55 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hgOgrKcgSw7-1k23DeUcdboDk1U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9118EB2/7AC767DE066911EDB0AE8E37C4F9AE02/208C7D2E066C11EDB31C2239C4F9AE02.roa Signing time: Sun 01 Mar 2026 16:39:52 +0000 ROA not before: Tue 14 Oct 2025 04:39:13 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 139285 IP address blocks: 103.28.0.0/22 maxlen: 24 103.140.236.0/23 maxlen: 23 103.140.236.0/24 maxlen: 24 103.140.237.0/24 maxlen: 24 103.148.228.0/23 maxlen: 23 103.148.228.0/24 maxlen: 24 103.148.229.0/24 maxlen: 24 103.227.172.0/22 maxlen: 22 103.227.172.0/23 maxlen: 23 103.227.172.0/24 maxlen: 24 103.227.173.0/24 maxlen: 24 103.227.174.0/23 maxlen: 23 103.227.174.0/24 maxlen: 24 103.227.175.0/24 maxlen: 24 114.134.190.0/23 maxlen: 23 114.134.190.0/24 maxlen: 24 114.134.191.0/24 maxlen: 24 116.214.26.0/23 maxlen: 23 116.214.26.0/24 maxlen: 24 116.214.27.0/24 maxlen: 24 116.214.28.0/23 maxlen: 23 116.214.28.0/24 maxlen: 24 116.214.29.0/24 maxlen: 24 2400:96a0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9118EB2/7AC767DE066911EDB0AE8E37C4F9AE02/hgOgrKcgSw7-1k23DeUcdboDk1U.crl rsync://rpki.apnic.net/member_repository/A9118EB2/7AC767DE066911EDB0AE8E37C4F9AE02/hgOgrKcgSw7-1k23DeUcdboDk1U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hgOgrKcgSw7-1k23DeUcdboDk1U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 14 Mar 2026 00:48:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 848 (0x350) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9118EB2, serialNumber=8603A0ACA7204B0EFED64DB70DE51C75BA039355 Validity Not Before: Oct 14 04:39:13 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=69a46bd7-5981 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:fd:07:45:af:82:5b:4e:9b:80:2a:40:50:aa: 2f:21:15:9a:04:45:b3:c4:11:3b:74:5e:4b:67:dc: aa:13:13:9d:ec:f9:3c:dc:31:37:d8:f3:f5:c2:05: 97:d9:de:cc:ca:3a:1c:03:07:3f:8f:8c:49:82:de: 11:7b:26:08:38:5e:f3:79:bf:ad:a5:99:79:6f:52: 84:23:84:e6:19:96:55:f7:b7:95:c7:2e:ed:ab:22: 46:40:17:c6:30:1f:83:ee:ef:11:75:f8:22:9c:ef: 58:cd:38:44:36:20:51:1e:f5:b8:05:87:3c:0c:32: 50:89:bc:87:fd:16:01:06:9d:53:53:aa:51:29:7b: b3:7f:41:3a:bd:34:33:b4:0c:21:74:84:1e:3f:80: ad:96:51:53:88:7a:9e:f1:c1:9b:83:8f:c6:7e:67: 53:13:d4:b9:34:21:d1:8f:88:32:93:b3:50:7b:1f: 3a:17:f3:a2:42:ca:17:50:21:d6:31:25:a0:4e:8e: e4:0d:79:57:13:68:d6:b3:bc:ce:0f:45:5e:09:87: 0e:08:ec:3f:d2:20:04:96:a0:36:ba:d0:c6:f9:1b: 63:8e:cb:b8:76:1b:3e:7f:6d:a6:88:19:3b:6e:9b: 1f:3d:56:47:46:32:1f:0c:45:9e:12:c5:40:21:32: 90:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:CE:AA:EA:6E:F4:02:BF:2A:0C:E4:57:ED:FC:F7:90:FD:AD:A7:FE X509v3 Authority Key Identifier: keyid:86:03:A0:AC:A7:20:4B:0E:FE:D6:4D:B7:0D:E5:1C:75:BA:03:93:55 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9118EB2/7AC767DE066911EDB0AE8E37C4F9AE02/hgOgrKcgSw7-1k23DeUcdboDk1U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hgOgrKcgSw7-1k23DeUcdboDk1U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9118EB2/7AC767DE066911EDB0AE8E37C4F9AE02/208C7D2E066C11EDB31C2239C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.28.0.0/22 103.140.236.0/23 103.148.228.0/23 103.227.172.0/22 114.134.190.0/23 116.214.26.0-116.214.29.255 IPv6: 2400:96a0::/32 Signature Algorithm: sha256WithRSAEncryption c4:ac:7b:3e:d1:4c:0c:48:3e:56:3f:6c:ad:30:c1:2f:e7:f1: e1:96:2a:c3:81:57:01:a7:81:af:89:cc:06:4e:d8:90:00:d0: 7c:85:51:1d:44:23:71:6b:ec:ee:7c:59:0f:13:68:6d:66:7d: 5a:15:b2:3f:67:2a:79:16:21:72:0d:48:3a:1c:ea:28:13:8d: c3:e0:12:53:4d:81:cf:28:39:05:ca:b0:f3:c3:b0:13:ce:3f: 4d:ef:23:5c:9f:a6:2a:f2:d4:a2:db:60:ca:29:31:66:5a:22: cc:d1:22:57:5f:df:6a:26:6a:84:a5:85:e1:df:22:a6:5f:d6: 66:a9:91:bf:e5:b5:bb:f5:c4:c1:c4:d0:8a:e1:f3:b0:af:10: 82:6c:5e:0b:45:e4:6a:81:7d:4e:cd:7f:65:03:69:09:6a:3a: 18:9f:c4:e2:14:43:cf:16:59:0c:5d:3c:2e:00:e5:df:49:32: 10:15:4a:59:67:42:70:f6:9c:5b:eb:3f:cb:c1:e9:68:70:76: 8e:11:33:9f:09:af:45:f3:ef:1b:68:54:cb:a0:e9:bd:c6:77: cc:72:d5:24:25:08:b9:88:75:00:2d:b8:01:bb:1a:c8:0c:fe: 41:67:9e:04:a3:79:2a:98:51:06:31:45:75:59:78:aa:58:bb: ba:01:a0:43 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICA1AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MThFQjIxMTAvBgNVBAUTKDg2MDNBMEFDQTcyMDRCMEVGRUQ2NERCNzBERTUxQzc1 QkEwMzkzNTUwHhcNMjUxMDE0MDQzOTEzWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NmJkNy01OTgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8f0HRa+CW06bgCpAUKovIRWaBEWzxBE7dF5LZ9yqExOd7Pk83DE32PP1wgWX 2d7MyjocAwc/j4xJgt4ReyYIOF7zeb+tpZl5b1KEI4TmGZZV97eVxy7tqyJGQBfG MB+D7u8RdfginO9YzThENiBRHvW4BYc8DDJQibyH/RYBBp1TU6pRKXuzf0E6vTQz tAwhdIQeP4CtllFTiHqe8cGbg4/GfmdTE9S5NCHRj4gyk7NQex86F/OiQsoXUCHW MSWgTo7kDXlXE2jWs7zOD0VeCYcOCOw/0iAElqA2utDG+Rtjjsu4dhs+f22miBk7 bpsfPVZHRjIfDEWeEsVAITKQTQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJTOqupu 9AK/KgzkV+3895D9raf+MB8GA1UdIwQYMBaAFIYDoKynIEsO/tZNtw3lHHW6A5NV MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOEVCMi83QUM3NjdERTA2 NjkxMUVEQjBBRThFMzdDNEY5QUUwMi9oZ09ncktjZ1N3Ny0xazIzRGVVY2Rib0Rr MVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hnT2dyS2NnU3c3LTFrMjNEZVVjZGJvRGsxVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MThFQjIvN0FDNzY3REUwNjY5MTFFREIwQUU4RTM3QzRGOUFFMDIvMjA4QzdEMkUw NjZDMTFFREIzMUMyMjM5QzRGOUFFMDIucm9hMFQGCCsGAQUFBwEHAQH/BEUwQzAy BAIAATAsAwQCZxwAAwQBZ4zsAwQBZ5TkAwQCZ+OsAwQBcoa+MAwDBAF01hoDBAF0 1hwwDQQCAAIwBwMFACQAlqAwDQYJKoZIhvcNAQELBQADggEBAMSsez7RTAxIPlY/ bK0wwS/n8eGWKsOBVwGnga+JzAZO2JAA0HyFUR1EI3Fr7O58WQ8TaG1mfVoVsj9n KnkWIXINSDoc6igTjcPgElNNgc8oOQXKsPPDsBPOP03vI1yfpiry1KLbYMopMWZa IszRIldf32omaoSlheHfIqZf1mapkb/ltbv1xMHE0Irh87CvEIJsXgtF5GqBfU7N f2UDaQlqOhifxOIUQ88WWQxdPC4A5d9JMhAVSllnQnD2nFvrP8vB6Whwdo4RM58J r0Xz7xtoVMug6b3Gd8xy1SQlCLmIdQAtuAG7GsgM/kFnngSjeSqYUQYxRXVZeKpY u7oBoEM= -----END CERTIFICATE-----Generated at Sat Mar 7 11:03:59 2026 by rpki-client