$ rpki-client -vvf rpki.apnic.net/member_repository/A914D2E1/DA86B616BA6E11EDB9CEA43AC4F9AE02/BCB2FFCEBA7211EDB0F5AE53C4F9AE02.roa File: BCB2FFCEBA7211EDB0F5AE53C4F9AE02.roa (raw, json) Hash identifier: 4pifmUBWRDqIs1AxU08rq2Ecl41mBJPR1UbVv8BwJA8= Subject key identifier: C3:89:6D:7B:27:F3:94:C1:A3:41:9E:B0:80:7C:7C:F2:B9:CC:83:A3 Certificate issuer: /CN=A914D2E1/serialNumber=3C651524B4F91A350D1ECFBBA66CABD1B48FB7C5 Certificate serial: 0259 Authority key identifier: 3C:65:15:24:B4:F9:1A:35:0D:1E:CF:BB:A6:6C:AB:D1:B4:8F:B7:C5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PGUVJLT5GjUNHs-7pmyr0bSPt8U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914D2E1/DA86B616BA6E11EDB9CEA43AC4F9AE02/BCB2FFCEBA7211EDB0F5AE53C4F9AE02.roa Signing time: Sun 29 Mar 2026 02:37:41 +0000 ROA not before: Sun 29 Mar 2026 02:37:41 +0000 ROA not after: Fri 28 May 2027 00:00:00 +0000 asID: 150788 IP address blocks: 103.203.240.0/24 maxlen: 24 103.206.98.0/24 maxlen: 24 203.0.139.0/24 maxlen: 24 2001:df2:10c0::/48 maxlen: 48 2400:e760:100::/48 maxlen: 48 2400:e760:200::/48 maxlen: 48 2400:e760:300::/48 maxlen: 48 2400:e760:400::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914D2E1/DA86B616BA6E11EDB9CEA43AC4F9AE02/PGUVJLT5GjUNHs-7pmyr0bSPt8U.crl rsync://rpki.apnic.net/member_repository/A914D2E1/DA86B616BA6E11EDB9CEA43AC4F9AE02/PGUVJLT5GjUNHs-7pmyr0bSPt8U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PGUVJLT5GjUNHs-7pmyr0bSPt8U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 Apr 2026 01:59:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 601 (0x259) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914D2E1, serialNumber=3C651524B4F91A350D1ECFBBA66CABD1B48FB7C5 Validity Not Before: Mar 29 02:37:41 2026 GMT Not After : May 28 00:00:00 2027 GMT Subject: CN=69c89075-d99f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:5a:54:5d:70:e2:12:74:95:ff:66:8d:9d:37: 6b:6d:12:15:25:b3:60:4b:05:d8:05:7a:9f:c2:52: 62:59:4e:61:e1:21:95:01:2d:c8:1a:f7:eb:20:44: bb:4a:d2:8c:bf:33:ec:01:ac:7c:83:b1:ec:00:fe: 90:f0:ce:b9:e1:15:01:05:51:22:45:20:6a:55:c9: 2d:d1:73:65:0f:7b:f2:44:7c:6f:71:ad:f5:57:77: 10:a7:4f:7b:b1:fd:92:b6:e4:4d:9d:e8:7b:ff:b6: c5:a3:13:e5:91:1d:83:71:2f:60:58:25:9f:58:c2: 34:a4:89:a3:55:a2:97:a3:4f:1e:0d:ab:74:cf:97: 67:7e:7b:26:2c:6e:d0:e8:ec:63:08:58:9a:b9:21: 85:7f:39:40:ba:25:18:bc:c9:c9:16:90:29:18:cc: c6:a8:16:9f:4b:9b:0f:a9:43:a8:c6:fa:31:9e:db: be:34:98:c5:f6:8c:16:6a:80:c4:d0:b8:36:6b:21: 75:4c:13:81:aa:f1:f2:09:90:52:37:0f:2a:96:ec: f4:d6:98:e7:0f:7c:07:5e:29:84:a7:28:3e:e7:62: 73:fb:28:33:5d:bd:3a:bf:0c:0d:ad:9f:2e:46:08: 89:5a:77:76:87:67:6f:84:70:a6:8e:a8:50:6f:96: 18:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:89:6D:7B:27:F3:94:C1:A3:41:9E:B0:80:7C:7C:F2:B9:CC:83:A3 X509v3 Authority Key Identifier: keyid:3C:65:15:24:B4:F9:1A:35:0D:1E:CF:BB:A6:6C:AB:D1:B4:8F:B7:C5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914D2E1/DA86B616BA6E11EDB9CEA43AC4F9AE02/PGUVJLT5GjUNHs-7pmyr0bSPt8U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PGUVJLT5GjUNHs-7pmyr0bSPt8U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914D2E1/DA86B616BA6E11EDB9CEA43AC4F9AE02/BCB2FFCEBA7211EDB0F5AE53C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.203.240.0/24 103.206.98.0/24 203.0.139.0/24 IPv6: 2001:df2:10c0::/48 2400:e760:100::/48 2400:e760:200::/48 2400:e760:300::/48 2400:e760:400::/48 Signature Algorithm: sha256WithRSAEncryption 87:49:aa:41:78:dc:05:08:db:ff:1e:1a:a6:fb:f0:b6:0e:e5: 21:06:07:7c:0c:ed:2e:86:b8:b5:d8:62:cc:76:39:61:2c:30: ae:f4:a4:e6:f3:b5:ee:e9:cb:48:29:e9:bc:cd:13:b9:43:fd: ec:95:cb:a3:0f:de:a5:7f:6e:a4:72:82:66:ef:f6:17:b7:87: aa:d9:62:70:b7:c3:82:ee:ce:86:6f:8e:75:87:90:b9:a5:1b: dd:7b:e0:fb:3e:85:dd:83:19:01:07:fa:ad:43:ad:f4:9f:16: 51:f3:6b:b1:1b:95:a3:c4:b6:bd:75:12:b2:9d:f2:e3:37:86: 60:19:eb:9b:62:68:e6:36:90:dc:d5:ac:70:a3:6b:8a:94:d0: 92:94:9e:fe:15:3e:72:dc:9a:b5:40:c4:45:25:02:09:5c:9f: 15:90:49:76:94:44:11:cc:52:28:75:ab:6d:16:4a:7c:28:f6: 00:7c:09:c1:a3:3e:39:29:81:3b:86:66:d5:84:cc:3d:b1:05: 9b:c5:cf:77:bf:33:4e:15:5d:9d:95:41:79:67:3f:ee:6b:06: 55:a2:7b:e7:53:bf:e4:04:99:d6:65:43:9c:df:ee:0a:9c:fe: c6:9a:af:90:2f:56:84:a0:4f:be:a2:b0:b7:b1:9d:3c:2a:0a: e5:a5:b5:c6 -----BEGIN CERTIFICATE----- MIIFfTCCBGWgAwIBAgICAlkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEQyRTExMTAvBgNVBAUTKDNDNjUxNTI0QjRGOTFBMzUwRDFFQ0ZCQkE2NkNBQkQx QjQ4RkI3QzUwHhcNMjYwMzI5MDIzNzQxWhcNMjcwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02OWM4OTA3NS1kOTlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyVpUXXDiEnSV/2aNnTdrbRIVJbNgSwXYBXqfwlJiWU5h4SGVAS3IGvfrIES7 StKMvzPsAax8g7HsAP6Q8M654RUBBVEiRSBqVckt0XNlD3vyRHxvca31V3cQp097 sf2StuRNneh7/7bFoxPlkR2DcS9gWCWfWMI0pImjVaKXo08eDat0z5dnfnsmLG7Q 6OxjCFiauSGFfzlAuiUYvMnJFpApGMzGqBafS5sPqUOoxvoxntu+NJjF9owWaoDE 0Lg2ayF1TBOBqvHyCZBSNw8qluz01pjnD3wHXimEpyg+52Jz+ygzXb06vwwNrZ8u RgiJWnd2h2dvhHCmjqhQb5YYMwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFMOJbXsn 85TBo0GesIB8fPK5zIOjMB8GA1UdIwQYMBaAFDxlFSS0+Ro1DR7Pu6Zsq9G0j7fF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RDJFMS9EQTg2QjYxNkJB NkUxMUVEQjlDRUE0M0FDNEY5QUUwMi9QR1VWSkxUNUdqVU5Icy03cG15cjBiU1B0 OFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1BHVVZKTFQ1R2pVTkhzLTdwbXlyMGJTUHQ4VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NEQyRTEvREE4NkI2MTZCQTZFMTFFREI5Q0VBNDNBQzRGOUFFMDIvQkNCMkZGQ0VC QTcyMTFFREIwRjVBRTUzQzRGOUFFMDIucm9hMGAGCCsGAQUFBwEHAQH/BFEwTzAY BAIAATASAwQAZ8vwAwQAZ85iAwQAywCLMDMEAgACMC0DBwAgAQ3yEMADBwAkAOdg AQADBwAkAOdgAgADBwAkAOdgAwADBwAkAOdgBAAwDQYJKoZIhvcNAQELBQADggEB AIdJqkF43AUI2/8eGqb78LYO5SEGB3wM7S6GuLXYYsx2OWEsMK70pObzte7py0gp 6bzNE7lD/eyVy6MP3qV/bqRygmbv9he3h6rZYnC3w4LuzoZvjnWHkLmlG9174Ps+ hd2DGQEH+q1DrfSfFlHza7EblaPEtr11ErKd8uM3hmAZ65tiaOY2kNzVrHCja4qU 0JKUnv4VPnLcmrVAxEUlAglcnxWQSXaURBHMUih1q20WSnwo9gB8CcGjPjkpgTuG ZtWEzD2xBZvFz3e/M04VXZ2VQXlnP+5rBlWie+dTv+QEmdZlQ5zf7gqc/saar5Av VoSgT76isLexnTwqCuWltcY= -----END CERTIFICATE-----Generated at Mon Apr 6 11:22:37 2026 by rpki-client