$ rpki-client -vvf rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/AAF07158AFEB11EEBCAD8169C4F9AE02.roa File: AAF07158AFEB11EEBCAD8169C4F9AE02.roa (raw, json) Hash identifier: GhkeJdDB3s6krzBACiFXBD746D8xZZw8DtZXOoU3xkE= Subject key identifier: 97:97:5D:79:CC:F8:83:82:D2:B8:81:01:EE:92:89:7B:5B:07:64:53 Certificate issuer: /CN=A911C28D/serialNumber=99DFB6BF7950E6B40195A59024F4B750863D3D93 Certificate serial: 295C Authority key identifier: 99:DF:B6:BF:79:50:E6:B4:01:95:A5:90:24:F4:B7:50:86:3D:3D:93 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/AAF07158AFEB11EEBCAD8169C4F9AE02.roa Signing time: Sun 01 Mar 2026 19:09:54 +0000 ROA not before: Sat 26 Jul 2025 15:54:02 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 142594 IP address blocks: 45.249.88.0/24 maxlen: 24 45.249.89.0/24 maxlen: 24 103.217.254.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/md-2v3lQ5rQBlaWQJPS3UIY9PZM.crl rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/md-2v3lQ5rQBlaWQJPS3UIY9PZM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 13 Mar 2026 15:39:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10588 (0x295c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911C28D, serialNumber=99DFB6BF7950E6B40195A59024F4B750863D3D93 Validity Not Before: Jul 26 15:54:02 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=69a48f02-751a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:b6:96:07:fe:71:27:86:b8:e4:e1:dd:3c:67: 82:25:75:a0:20:71:a0:73:55:dc:0f:38:14:af:5a: 98:53:70:82:a6:ba:16:2a:87:21:45:4b:25:06:94: f5:55:ea:6e:d4:9a:cd:77:11:20:10:47:07:f2:44: 4f:31:b2:fa:d1:85:f6:e5:a8:ba:db:5e:c4:26:94: 09:22:db:82:a0:80:5e:f1:f7:54:6a:b7:2c:27:c0: 9e:9c:f0:e1:10:26:64:ce:cb:62:1b:74:07:e9:35: 8e:60:6a:7d:83:1c:e8:41:86:d2:3b:0f:a9:30:97: 23:0a:83:e4:8d:59:19:09:ef:f7:a7:f2:6f:98:39: 3b:dc:87:c8:a4:5b:87:48:52:0c:c2:b5:61:49:f2: 65:12:e5:1b:d7:53:0e:a2:3f:5c:38:0b:10:b3:2b: df:ad:40:89:56:9a:b8:83:e2:c1:86:0d:9a:3b:1e: 4c:53:9d:46:22:f2:cb:f0:b1:9f:2c:5d:d4:7d:35: 03:67:b3:5d:aa:46:61:9d:a7:65:66:e1:52:91:f1: ee:d8:39:70:39:72:59:ce:22:02:2d:2a:64:0d:78: d9:7d:28:76:8b:6b:d3:bc:71:66:e3:ec:a5:b9:51: c5:55:f2:58:b0:83:9e:9b:26:96:bd:fc:50:c4:17: 07:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:97:5D:79:CC:F8:83:82:D2:B8:81:01:EE:92:89:7B:5B:07:64:53 X509v3 Authority Key Identifier: keyid:99:DF:B6:BF:79:50:E6:B4:01:95:A5:90:24:F4:B7:50:86:3D:3D:93 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/md-2v3lQ5rQBlaWQJPS3UIY9PZM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/AAF07158AFEB11EEBCAD8169C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 45.249.88.0/23 103.217.254.0/24 Signature Algorithm: sha256WithRSAEncryption bb:91:2b:b9:ef:41:ac:e0:3f:62:09:7a:14:ce:e3:2a:d9:8c: a4:f4:5f:47:9f:cb:d4:93:28:5b:8a:ec:03:e3:24:03:f3:b4: da:c9:72:d7:4f:23:a4:f2:02:a8:c5:e5:44:58:79:56:f0:03: 11:a6:31:12:f1:13:87:54:c8:e1:29:4c:7e:f7:5f:5e:46:8f: e4:f2:e7:0c:f8:63:b3:f1:52:59:b3:4b:cc:b1:59:eb:0c:89: 50:20:6c:0a:e2:3c:c7:0d:69:ba:db:d4:0d:1a:fe:6f:79:74: 29:46:3d:55:1b:2c:06:72:bd:7f:fa:9f:7a:e9:a7:1b:de:b8: de:c2:ad:c0:4e:21:7a:21:f1:48:17:19:92:b7:d7:68:ec:64: 0c:a0:f7:0d:9f:0f:ab:13:be:65:0a:7f:5c:d0:e1:24:81:b4: 8f:ed:83:5a:3d:15:eb:ae:6e:03:4e:6c:41:42:3f:b3:29:7c: 82:c0:29:a0:8d:91:7b:bf:dd:3b:7b:c1:a5:c6:6f:5c:d5:1e: 29:3b:b7:f6:7d:c9:59:e8:bb:bd:01:97:c4:16:c6:3f:89:ef: bd:28:6e:61:3c:8d:fd:45:94:85:08:68:e0:88:b2:aa:ff:e5: ad:70:d4:1b:44:47:40:84:77:49:a5:9e:f6:bf:c0:13:a3:e9: da:e9:f4:dd -----BEGIN CERTIFICATE----- MIIFQjCCBCqgAwIBAgICKVwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUMyOEQxMTAvBgNVBAUTKDk5REZCNkJGNzk1MEU2QjQwMTk1QTU5MDI0RjRCNzUw ODYzRDNEOTMwHhcNMjUwNzI2MTU1NDAyWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0OGYwMi03NTFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAubaWB/5xJ4a45OHdPGeCJXWgIHGgc1XcDzgUr1qYU3CCproWKochRUslBpT1 Vepu1JrNdxEgEEcH8kRPMbL60YX25ai6217EJpQJItuCoIBe8fdUarcsJ8CenPDh ECZkzstiG3QH6TWOYGp9gxzoQYbSOw+pMJcjCoPkjVkZCe/3p/JvmDk73IfIpFuH SFIMwrVhSfJlEuUb11MOoj9cOAsQsyvfrUCJVpq4g+LBhg2aOx5MU51GIvLL8LGf LF3UfTUDZ7NdqkZhnadlZuFSkfHu2DlwOXJZziICLSpkDXjZfSh2i2vTvHFm4+yl uVHFVfJYsIOemyaWvfxQxBcH/QIDAQABo4ICZjCCAmIwHQYDVR0OBBYEFJeXXXnM +IOC0riBAe6SiXtbB2RTMB8GA1UdIwQYMBaAFJnftr95UOa0AZWlkCT0t1CGPT2T MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzI4RC9CREFCNjdGNjNB ODAxMUU1QUUzOTAxNTVDNEY5QUUwMi9tZC0ydjNsUTVyUUJsYVdRSlBTM1VJWTlQ Wk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL21kLTJ2M2xRNXJRQmxhV1FKUFMzVUlZOVBaTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUMyOEQvQkRBQjY3RjYzQTgwMTFFNUFFMzkwMTU1QzRGOUFFMDIvQUFGMDcxNThB RkVCMTFFRUJDQUQ4MTY5QzRGOUFFMDIucm9hMCUGCCsGAQUFBwEHAQH/BBYwFDAS BAIAATAMAwQBLflYAwQAZ9n+MA0GCSqGSIb3DQEBCwUAA4IBAQC7kSu570Gs4D9i CXoUzuMq2Yyk9F9Hn8vUkyhbiuwD4yQD87TayXLXTyOk8gKoxeVEWHlW8AMRpjES 8ROHVMjhKUx+919eRo/k8ucM+GOz8VJZs0vMsVnrDIlQIGwK4jzHDWm629QNGv5v eXQpRj1VGywGcr1/+p966acb3rjewq3ATiF6IfFIFxmSt9do7GQMoPcNnw+rE75l Cn9c0OEkgbSP7YNaPRXrrm4DTmxBQj+zKXyCwCmgjZF7v907e8Glxm9c1R4pO7f2 fclZ6Lu9AZfEFsY/ie+9KG5hPI39RZSFCGjgiLKq/+WtcNQbREdAhHdJpZ72v8AT o+na6fTd -----END CERTIFICATE-----Generated at Fri Mar 6 23:43:33 2026 by rpki-client