$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/2A3B0CECF89E11EFBEB09C18C4F9AE02.roa File: 2A3B0CECF89E11EFBEB09C18C4F9AE02.roa (raw, json) Hash identifier: oyi/kQyIW3CvJ4H0JJtWIBcjnVZNJGfZ4Mbjh2PplVM= Subject key identifier: 64:D1:73:AD:8F:F6:8C:D5:CD:66:17:A0:04:99:F4:63:F0:11:14:6A Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934 Certificate serial: 08E3 Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/2A3B0CECF89E11EFBEB09C18C4F9AE02.roa Signing time: Sun 01 Mar 2026 18:53:53 +0000 ROA not before: Wed 08 Oct 2025 22:54:20 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 62610 IP address blocks: 36.255.195.0/24 maxlen: 24 43.252.210.0/24 maxlen: 24 103.225.197.0/24 maxlen: 24 103.225.198.0/24 maxlen: 24 150.107.0.0/24 maxlen: 24 150.107.3.0/24 maxlen: 24 150.129.40.0/24 maxlen: 24 150.129.42.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 11 Mar 2026 22:21:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2275 (0x8e3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911B412, serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934 Validity Not Before: Oct 8 22:54:20 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=69a48b41-b4b8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:b1:e8:db:da:14:c7:5a:57:b9:c6:68:73:b5: d8:9c:05:f4:bb:e4:57:b2:9e:09:bf:62:96:bd:70: 17:35:40:45:f2:8d:0e:f9:e6:2a:34:fc:8f:3d:13: ef:ec:cb:f0:bd:cc:51:2a:b6:84:87:d6:a2:e7:37: e3:24:67:55:73:fe:2f:a3:6e:f7:a8:e9:78:26:cc: f2:fc:a7:6b:63:20:ed:0d:74:66:73:a3:28:a9:b8: ad:51:a6:3e:18:67:da:01:40:4d:ea:53:86:82:3b: 2a:95:48:0c:3e:ae:dc:6c:7d:74:fd:cb:21:b7:20: 4d:d8:a2:a9:be:fd:44:72:d5:af:7a:4a:e9:9c:6f: da:6c:97:e1:c4:79:15:91:27:8e:2b:66:92:a2:04: 85:7c:5e:5b:22:f0:59:dd:81:b5:e3:b8:53:f8:f9: 2b:d4:ab:f1:93:46:eb:53:98:84:91:8b:00:bc:4e: 00:0e:02:bb:88:2d:b6:9d:05:2f:b1:02:e1:9b:a3: 88:03:ea:89:da:37:8d:2d:5c:92:be:3c:4c:b7:26: 6c:8e:2b:c9:05:45:21:9d:a8:c1:99:57:94:ba:75: 7f:26:50:a1:96:3d:14:01:2e:79:6c:88:1a:cc:cf: d9:4a:d1:55:7d:b0:75:7c:f6:a1:b1:5c:45:e2:09: 0a:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:D1:73:AD:8F:F6:8C:D5:CD:66:17:A0:04:99:F4:63:F0:11:14:6A X509v3 Authority Key Identifier: keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/2A3B0CECF89E11EFBEB09C18C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 36.255.195.0/24 43.252.210.0/24 103.225.197.0-103.225.198.255 150.107.0.0/24 150.107.3.0/24 150.129.40.0/24 150.129.42.0/24 Signature Algorithm: sha256WithRSAEncryption aa:4e:fe:c6:1d:20:e2:37:2b:3e:2b:4e:b6:1e:36:67:41:44: 3c:cf:7c:b0:6d:90:41:ce:a2:8b:40:dd:6e:dc:e5:71:e4:01: 4e:1b:61:f1:43:06:09:8c:29:03:52:45:79:fb:c4:38:4e:08: 3d:9d:e8:bc:37:98:8b:95:68:b7:9c:14:c2:7f:57:48:1c:9f: f8:c8:b2:bb:53:b1:35:8e:32:0e:3c:48:19:34:25:13:cd:90: 44:bf:fb:21:1d:f0:ed:be:1a:43:49:35:71:bf:9d:d8:d0:ce: 3e:f5:4f:cb:50:37:ff:fc:c3:0b:9a:f1:31:c5:0e:0b:11:db: 8e:b3:71:30:55:8d:a0:ea:0d:1b:98:54:2f:c4:08:b2:f9:3a: 6f:4e:8e:b5:90:97:28:6b:60:e2:95:45:83:c5:92:c1:a3:dd: b0:b3:4b:c3:85:9d:61:0a:68:04:92:cc:c5:c8:11:7f:7d:d0: dc:ed:5d:bd:7f:16:4f:66:b6:ba:ef:b1:d9:70:c5:b0:ab:ef: 5a:bd:a7:40:d6:98:4f:79:93:cc:57:88:0e:13:4d:eb:e1:84: 1e:e6:ee:c3:59:a7:2b:25:51:50:b8:43:cc:70:1a:18:ce:3d: 3d:0d:0c:81:cb:29:e6:d5:d0:68:2e:b8:3a:90:b1:17:ce:4b: 1f:a8:29:e0 -----BEGIN CERTIFICATE----- MIIFaDCCBFCgAwIBAgICCOMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3 RDgwQjA5MzQwHhcNMjUxMDA4MjI1NDIwWhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0OGI0MS1iNGI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyLHo29oUx1pXucZoc7XYnAX0u+RXsp4Jv2KWvXAXNUBF8o0O+eYqNPyPPRPv 7MvwvcxRKraEh9ai5zfjJGdVc/4vo273qOl4Jszy/KdrYyDtDXRmc6MoqbitUaY+ GGfaAUBN6lOGgjsqlUgMPq7cbH10/cshtyBN2KKpvv1EctWvekrpnG/abJfhxHkV kSeOK2aSogSFfF5bIvBZ3YG147hT+Pkr1Kvxk0brU5iEkYsAvE4ADgK7iC22nQUv sQLhm6OIA+qJ2jeNLVySvjxMtyZsjivJBUUhnajBmVeUunV/JlChlj0UAS55bIga zM/ZStFVfbB1fPahsVxF4gkKRwIDAQABo4ICjDCCAogwHQYDVR0OBBYEFGTRc62P 9ozVzWYXoASZ9GPwERRqMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvMkEzQjBDRUNG ODlFMTFFRkJFQjA5QzE4QzRGOUFFMDIucm9hMEsGCCsGAQUFBwEHAQH/BDwwOjA4 BAIAATAyAwQAJP/DAwQAK/zSMAwDBABn4cUDBABn4cYDBACWawADBACWawMDBACW gSgDBACWgSowDQYJKoZIhvcNAQELBQADggEBAKpO/sYdIOI3Kz4rTrYeNmdBRDzP fLBtkEHOootA3W7c5XHkAU4bYfFDBgmMKQNSRXn7xDhOCD2d6Lw3mIuVaLecFMJ/ V0gcn/jIsrtTsTWOMg48SBk0JRPNkES/+yEd8O2+GkNJNXG/ndjQzj71T8tQN//8 wwua8THFDgsR246zcTBVjaDqDRuYVC/ECLL5Om9OjrWQlyhrYOKVRYPFksGj3bCz S8OFnWEKaASSzMXIEX990NztXb1/Fk9mtrrvsdlwxbCr71q9p0DWmE95k8xXiA4T TevhhB7m7sNZpyslUVC4Q8xwGhjOPT0NDIHLKebV0GguuDqQsRfOSx+oKeA= -----END CERTIFICATE-----Generated at Fri Mar 6 05:42:18 2026 by rpki-client