$ rpki-client -vvf rpki.apnic.net/member_repository/A914988F/19247FBAFE2511EA9CC10C4CC4F9AE02/4ED5A00CFE2611EAA4F3424DC4F9AE02.roa File: 4ED5A00CFE2611EAA4F3424DC4F9AE02.roa (raw, json) Hash identifier: FgNhv4Lyku+4T14lzJCXvI1aI6pzmBx0dttZBahWL/E= Subject key identifier: 15:11:3F:9A:0B:F2:9B:FA:63:12:D5:34:C5:F6:A6:59:0F:44:75:F7 Certificate issuer: /CN=A914988F/serialNumber=3FE6031F25567A4547CDE1731A2D814DB86E2094 Certificate serial: 087B Authority key identifier: 3F:E6:03:1F:25:56:7A:45:47:CD:E1:73:1A:2D:81:4D:B8:6E:20:94 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P-YDHyVWekVHzeFzGi2BTbhuIJQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914988F/19247FBAFE2511EA9CC10C4CC4F9AE02/4ED5A00CFE2611EAA4F3424DC4F9AE02.roa Signing time: Mon 18 May 2026 04:02:02 +0000 ROA not before: Mon 18 May 2026 04:02:02 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 24226 IP address blocks: 45.126.128.0/22 maxlen: 22 103.152.188.0/23 maxlen: 23 103.195.8.0/22 maxlen: 22 103.197.60.0/22 maxlen: 22 103.250.240.0/22 maxlen: 22 103.254.156.0/22 maxlen: 22 150.242.40.0/22 maxlen: 22 202.49.240.0/22 maxlen: 22 2406:33c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914988F/19247FBAFE2511EA9CC10C4CC4F9AE02/P-YDHyVWekVHzeFzGi2BTbhuIJQ.crl rsync://rpki.apnic.net/member_repository/A914988F/19247FBAFE2511EA9CC10C4CC4F9AE02/P-YDHyVWekVHzeFzGi2BTbhuIJQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P-YDHyVWekVHzeFzGi2BTbhuIJQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 May 2026 20:45:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2171 (0x87b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914988F, serialNumber=3FE6031F25567A4547CDE1731A2D814DB86E2094 Validity Not Before: May 18 04:02:02 2026 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=6a0a8f3a-8def Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:40:3f:da:9e:66:4c:81:0d:e3:0d:5d:06:cc: 3d:5b:5d:78:35:ea:73:19:36:df:84:b7:a3:94:97: f9:31:7f:86:60:7a:76:12:90:e4:aa:91:68:1c:35: 1c:a6:78:75:ba:59:82:56:80:e8:83:74:02:b0:93: 85:56:7b:b6:c7:37:39:bf:19:31:b2:e4:5c:89:0b: 8c:6f:48:92:3a:e2:67:eb:a6:d3:8e:42:ac:bb:b3: 12:41:24:51:01:b7:b6:94:29:1f:75:65:eb:f6:af: e1:20:1c:90:2e:04:6c:ed:ee:b6:76:31:a2:23:b9: 51:35:fc:d5:1e:5a:4e:87:81:8f:c9:de:f5:83:5f: 9c:28:fe:08:40:56:cd:68:61:6f:cf:81:03:c0:af: e1:c3:4e:5c:06:3e:12:1b:d1:67:f7:76:66:64:2e: fb:a7:b1:df:27:0d:58:02:e2:4b:4d:c2:ae:9f:51: 2d:d0:83:7d:19:bb:03:57:80:8b:6e:73:71:a6:df: d1:f6:be:e3:fe:46:54:4a:3c:42:3f:77:1a:7d:c4: 82:09:20:f5:37:b1:73:8c:0f:1c:59:b8:83:0d:e6: b6:23:0d:4e:7b:cf:bd:24:25:8b:0c:61:98:bf:04: de:df:1d:5e:84:f7:e6:f8:0e:63:89:72:1d:bb:bd: f7:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:11:3F:9A:0B:F2:9B:FA:63:12:D5:34:C5:F6:A6:59:0F:44:75:F7 X509v3 Authority Key Identifier: keyid:3F:E6:03:1F:25:56:7A:45:47:CD:E1:73:1A:2D:81:4D:B8:6E:20:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914988F/19247FBAFE2511EA9CC10C4CC4F9AE02/P-YDHyVWekVHzeFzGi2BTbhuIJQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P-YDHyVWekVHzeFzGi2BTbhuIJQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914988F/19247FBAFE2511EA9CC10C4CC4F9AE02/4ED5A00CFE2611EAA4F3424DC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 45.126.128.0/22 103.152.188.0/23 103.195.8.0/22 103.197.60.0/22 103.250.240.0/22 103.254.156.0/22 150.242.40.0/22 202.49.240.0/22 IPv6: 2406:33c0::/32 Signature Algorithm: sha256WithRSAEncryption 2a:27:e5:86:c3:34:00:9b:06:e4:19:2e:44:07:13:15:1a:b7: 29:fb:c3:53:b5:77:a0:43:d1:92:3f:87:f0:88:a0:20:e8:58: a1:e0:af:14:4b:f8:ef:c0:9b:68:bc:be:e5:2e:22:9b:66:1a: 78:4a:32:9c:43:42:99:b0:db:d2:1c:65:55:18:8f:87:80:43: 47:88:5b:4a:50:3e:08:07:3e:61:23:73:01:c8:ce:7e:37:61: 6d:fc:d1:75:ec:c3:e5:69:5e:f6:a7:ee:63:a0:a6:9c:1e:57: d0:72:16:12:cf:29:0e:e1:1c:0f:39:62:59:99:31:ab:37:c0: 08:aa:00:fc:f3:3d:15:8f:3b:31:02:d2:66:0a:bc:9e:77:49: 73:94:aa:c0:1e:0d:e5:5b:59:10:7a:0a:9a:d4:a0:f6:9a:32: 58:3f:95:ed:a3:01:00:0a:18:7d:62:ab:f4:a6:f8:0d:8e:25: 92:8b:29:fa:71:79:d4:27:86:95:ee:d3:83:37:cb:6e:fc:d0: 21:71:51:09:76:e2:dd:38:e7:5f:04:ee:b1:3b:a8:5a:47:9a: 96:f8:61:a6:7c:3a:38:f2:13:1d:71:1f:f1:c6:0a:9c:af:4d: be:3b:4d:c2:7c:b2:74:9e:6e:e6:c2:e3:ef:da:d0:34:04:ee: 09:f6:ea:13 -----BEGIN CERTIFICATE----- MIIFdTCCBF2gAwIBAgICCHswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDk4OEYxMTAvBgNVBAUTKDNGRTYwMzFGMjU1NjdBNDU0N0NERTE3MzFBMkQ4MTRE Qjg2RTIwOTQwHhcNMjYwNTE4MDQwMjAyWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02YTBhOGYzYS04ZGVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArkA/2p5mTIEN4w1dBsw9W114NepzGTbfhLejlJf5MX+GYHp2EpDkqpFoHDUc pnh1ulmCVoDog3QCsJOFVnu2xzc5vxkxsuRciQuMb0iSOuJn66bTjkKsu7MSQSRR Abe2lCkfdWXr9q/hIByQLgRs7e62djGiI7lRNfzVHlpOh4GPyd71g1+cKP4IQFbN aGFvz4EDwK/hw05cBj4SG9Fn93ZmZC77p7HfJw1YAuJLTcKun1Et0IN9GbsDV4CL bnNxpt/R9r7j/kZUSjxCP3cafcSCCSD1N7FzjA8cWbiDDea2Iw1Oe8+9JCWLDGGY vwTe3x1ehPfm+A5jiXIdu733fwIDAQABo4ICmTCCApUwHQYDVR0OBBYEFBURP5oL 8pv6YxLVNMX2plkPRHX3MB8GA1UdIwQYMBaAFD/mAx8lVnpFR83hcxotgU24biCU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OTg4Ri8xOTI0N0ZCQUZF MjUxMUVBOUNDMTBDNENDNEY5QUUwMi9QLVlESHlWV2VrVkh6ZUZ6R2kyQlRiaHVJ SlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1AtWURIeVZXZWtWSHplRnpHaTJCVGJodUlKUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDk4OEYvMTkyNDdGQkFGRTI1MTFFQTlDQzEwQzRDQzRGOUFFMDIvNEVENUEwMENG RTI2MTFFQUE0RjM0MjREQzRGOUFFMDIucm9hMFgGCCsGAQUFBwEHAQH/BEkwRzA2 BAIAATAwAwQCLX6AAwQBZ5i8AwQCZ8MIAwQCZ8U8AwQCZ/rwAwQCZ/6cAwQClvIo AwQCyjHwMA0EAgACMAcDBQAkBjPAMA0GCSqGSIb3DQEBCwUAA4IBAQAqJ+WGwzQA mwbkGS5EBxMVGrcp+8NTtXegQ9GSP4fwiKAg6Fih4K8US/jvwJtovL7lLiKbZhp4 SjKcQ0KZsNvSHGVVGI+HgENHiFtKUD4IBz5hI3MByM5+N2Ft/NF17MPlaV72p+5j oKacHlfQchYSzykO4RwPOWJZmTGrN8AIqgD88z0VjzsxAtJmCryed0lzlKrAHg3l W1kQegqa1KD2mjJYP5XtowEAChh9Yqv0pvgNjiWSiyn6cXnUJ4aV7tODN8tu/NAh cVEJduLdOOdfBO6xO6haR5qW+GGmfDo48hMdcR/xxgqcr02+O03CfLJ0nm7mwuPv 2tA0BO4J9uoT -----END CERTIFICATE-----Generated at Thu May 21 12:36:45 2026 by rpki-client