$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/9BCC2FB0B3CB11F0A084D480C4F9AE02.roa File: 9BCC2FB0B3CB11F0A084D480C4F9AE02.roa (raw, json) Hash identifier: yhi2Tkw0GGKeFUshsC9P2AdxggVs4mgh5LXy2qIJrfA= Subject key identifier: BA:4B:A9:F5:D4:B6:F1:2E:AA:1B:A7:0C:E2:85:5B:9C:5D:A6:C5:99 Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934 Certificate serial: 08E5 Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/9BCC2FB0B3CB11F0A084D480C4F9AE02.roa Signing time: Sun 01 Mar 2026 18:53:55 +0000 ROA not before: Tue 28 Oct 2025 06:59:12 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 147002 IP address blocks: 43.229.154.0/24 maxlen: 24 103.20.222.0/24 maxlen: 24 103.48.169.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 11 Mar 2026 22:21:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2277 (0x8e5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911B412, serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934 Validity Not Before: Oct 28 06:59:12 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=69a48b43-f8fb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:da:22:16:27:3b:de:75:c5:8d:a2:83:15:2a: 07:ff:b9:89:92:83:4b:cc:d3:29:69:6f:b2:e8:1e: e1:24:22:c1:3f:e1:ba:15:c2:6e:c0:d5:1a:0a:23: 24:47:4c:f8:3a:42:b6:c7:e2:1b:11:c3:ee:64:3e: 81:e5:cf:30:64:6e:98:13:82:5f:0d:ba:04:b4:e8: 03:1a:e2:0f:bb:67:c9:f5:6a:a5:55:a3:97:ec:a2: 13:36:10:e2:36:45:fe:d8:40:f1:62:33:3b:e1:41: 56:da:77:cd:cc:20:3e:c3:c7:d8:1a:1a:2c:b4:de: ce:12:a8:86:de:dd:9e:b7:d4:bb:a0:b0:1e:84:c6: 4d:93:71:6c:cd:68:97:0e:7e:76:4f:0f:cb:bc:d9: 84:97:39:be:71:e4:d0:6d:b7:81:02:3e:e4:86:08: ca:93:36:86:d9:2f:69:1a:c6:f8:65:60:21:e3:b0: c5:aa:8b:3d:37:3b:65:31:b9:e2:b0:1e:ba:3d:03: a9:43:d2:c5:60:93:d0:d8:22:93:ac:43:08:b0:dc: a6:10:59:1a:20:a3:c5:59:f9:97:ee:6f:ae:c8:06: 6f:eb:93:65:76:96:2a:3a:5f:56:f2:3c:7e:e3:19: 33:1c:fc:1e:d2:41:ba:a0:ce:70:62:33:14:c8:09: f3:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:4B:A9:F5:D4:B6:F1:2E:AA:1B:A7:0C:E2:85:5B:9C:5D:A6:C5:99 X509v3 Authority Key Identifier: keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/9BCC2FB0B3CB11F0A084D480C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.229.154.0/24 103.20.222.0/24 103.48.169.0/24 Signature Algorithm: sha256WithRSAEncryption b3:dd:e4:d8:e3:69:fd:6a:d3:3b:69:95:2b:73:d2:f2:02:d1: 4c:1e:d3:cb:db:79:9a:ef:1b:f6:01:5e:4c:11:d7:fc:42:de: 16:f5:6c:21:27:bf:00:8a:aa:85:00:1d:f2:69:9e:03:e2:5f: ab:a2:54:21:ae:73:6e:ea:4e:da:e1:e7:59:bc:59:00:ad:50: 0d:cd:a7:a5:91:ac:8a:08:3c:b3:fe:41:96:12:8a:03:d0:64: 29:c3:99:2a:3b:79:bb:9d:cc:cb:92:2c:f0:fd:be:e9:21:00: e2:44:e8:8d:49:9b:21:27:b2:77:09:8e:bd:32:92:29:1f:c6: ae:cf:63:f9:ce:e7:1a:55:cc:c1:c1:98:46:ae:61:bf:56:6f: 34:d8:2c:b5:5f:f3:c1:68:df:e3:2e:f1:b9:34:15:64:f3:f1: 16:8e:49:e2:fb:c2:42:a2:84:54:11:4c:55:d3:30:12:a7:6c: c7:4a:c0:e1:9f:ef:e3:7a:34:5c:33:5c:17:16:3c:ae:03:c3: dc:ee:c4:f7:69:d7:3c:4b:95:b5:39:c8:8a:65:6f:18:1e:15: 97:f9:58:7b:a4:f5:9d:27:4e:06:8f:15:f4:a8:96:59:4d:8f: 32:87:9b:78:94:73:64:d1:14:39:6a:db:22:e2:3d:29:03:0b: 0d:5b:b1:62 -----BEGIN CERTIFICATE----- MIIFSDCCBDCgAwIBAgICCOUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3 RDgwQjA5MzQwHhcNMjUxMDI4MDY1OTEyWhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0OGI0My1mOGZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAptoiFic73nXFjaKDFSoH/7mJkoNLzNMpaW+y6B7hJCLBP+G6FcJuwNUaCiMk R0z4OkK2x+IbEcPuZD6B5c8wZG6YE4JfDboEtOgDGuIPu2fJ9WqlVaOX7KITNhDi NkX+2EDxYjM74UFW2nfNzCA+w8fYGhostN7OEqiG3t2et9S7oLAehMZNk3FszWiX Dn52Tw/LvNmElzm+ceTQbbeBAj7khgjKkzaG2S9pGsb4ZWAh47DFqos9NztlMbni sB66PQOpQ9LFYJPQ2CKTrEMIsNymEFkaIKPFWfmX7m+uyAZv65NldpYqOl9W8jx+ 4xkzHPwe0kG6oM5wYjMUyAnzzwIDAQABo4ICbDCCAmgwHQYDVR0OBBYEFLpLqfXU tvEuqhunDOKFW5xdpsWZMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvOUJDQzJGQjBC M0NCMTFGMEEwODRENDgwQzRGOUFFMDIucm9hMCsGCCsGAQUFBwEHAQH/BBwwGjAY BAIAATASAwQAK+WaAwQAZxTeAwQAZzCpMA0GCSqGSIb3DQEBCwUAA4IBAQCz3eTY 42n9atM7aZUrc9LyAtFMHtPL23ma7xv2AV5MEdf8Qt4W9WwhJ78AiqqFAB3yaZ4D 4l+rolQhrnNu6k7a4edZvFkArVANzaelkayKCDyz/kGWEooD0GQpw5kqO3m7nczL kizw/b7pIQDiROiNSZshJ7J3CY69MpIpH8auz2P5zucaVczBwZhGrmG/Vm802Cy1 X/PBaN/jLvG5NBVk8/EWjkni+8JCooRUEUxV0zASp2zHSsDhn+/jejRcM1wXFjyu A8Pc7sT3adc8S5W1OciKZW8YHhWX+Vh7pPWdJ04GjxX0qJZZTY8yh5t4lHNk0RQ5 atsi4j0pAwsNW7Fi -----END CERTIFICATE-----Generated at Fri Mar 6 05:42:34 2026 by rpki-client