$ rpki-client -vvf rpki.apnic.net/member_repository/A916A447/D2075814A09C11E4B50E7B15C4F9AE02/7F3D1128DC7811EFA7D7DB49C4F9AE02.roa File: 7F3D1128DC7811EFA7D7DB49C4F9AE02.roa (raw, json) Hash identifier: 9cZ6L/GPvQKK4pJ4l7g4uN4OgEx5HSReU5gKVwtDiRY= Subject key identifier: 20:28:56:05:B2:16:5C:E5:60:99:C1:59:FE:1A:FD:58:36:16:E6:CB Certificate issuer: /CN=A916A447/serialNumber=1F68258C526C5DBC715434357D380020146440EF Certificate serial: 296D Authority key identifier: 1F:68:25:8C:52:6C:5D:BC:71:54:34:35:7D:38:00:20:14:64:40:EF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H2gljFJsXbxxVDQ1fTgAIBRkQO8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916A447/D2075814A09C11E4B50E7B15C4F9AE02/7F3D1128DC7811EFA7D7DB49C4F9AE02.roa Signing time: Thu 26 Mar 2026 16:18:24 +0000 ROA not before: Thu 26 Mar 2026 16:18:24 +0000 ROA not after: Wed 31 Mar 2027 00:00:00 +0000 asID: 132045 IP address blocks: 101.2.190.0/24 maxlen: 24 103.227.245.0/24 maxlen: 24 103.227.247.0/24 maxlen: 24 203.153.220.0/24 maxlen: 24 203.153.222.0/24 maxlen: 24 223.224.12.0/24 maxlen: 24 223.224.22.0/24 maxlen: 24 223.224.29.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916A447/D2075814A09C11E4B50E7B15C4F9AE02/H2gljFJsXbxxVDQ1fTgAIBRkQO8.crl rsync://rpki.apnic.net/member_repository/A916A447/D2075814A09C11E4B50E7B15C4F9AE02/H2gljFJsXbxxVDQ1fTgAIBRkQO8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H2gljFJsXbxxVDQ1fTgAIBRkQO8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 Apr 2026 15:33:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10605 (0x296d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916A447, serialNumber=1F68258C526C5DBC715434357D380020146440EF Validity Not Before: Mar 26 16:18:24 2026 GMT Not After : Mar 31 00:00:00 2027 GMT Subject: CN=69c55c50-35d2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:8c:c2:83:52:8e:da:b3:cf:6f:c1:52:0d:8b: e5:7d:0e:e0:8e:dd:f7:4f:a5:25:a7:cd:32:e1:ab: 2b:a9:0a:bf:2b:65:fb:48:03:c3:42:dc:3b:ad:97: dc:23:09:c6:30:d5:6b:7d:b8:98:3a:55:7a:85:bd: 86:ae:2b:d5:bc:78:af:be:ac:56:7a:67:b5:7c:8c: a9:f0:f5:3f:99:87:9d:c5:9f:1f:1b:3d:2e:59:a4: 67:7e:a2:9d:82:a8:f2:b9:91:7e:73:61:e5:25:54: 55:a5:d6:01:b7:a5:ad:d6:c8:d3:26:d1:63:72:09: 43:23:b2:d9:52:96:1b:b8:9e:15:53:ec:d0:a9:7a: 02:05:1e:8d:88:1a:dc:bd:ae:9d:ab:9c:02:99:b5: bf:40:0a:d0:47:fb:6c:4f:03:07:4b:3b:14:c6:2c: fd:c3:7b:88:1f:92:0a:68:7d:6a:ea:f8:78:2f:da: 6e:48:72:a2:36:c5:bb:8c:6f:99:cd:d3:56:bc:55: 42:79:cf:99:64:57:74:16:ed:73:02:69:81:7e:95: 88:44:9c:00:87:f0:ea:e7:75:84:0d:58:ad:71:15: 89:0b:6c:c7:32:24:29:13:96:07:6e:d9:d3:c9:f1: 77:02:37:3e:c9:c1:dc:5a:b0:64:1f:f4:fe:7e:00: 63:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:28:56:05:B2:16:5C:E5:60:99:C1:59:FE:1A:FD:58:36:16:E6:CB X509v3 Authority Key Identifier: keyid:1F:68:25:8C:52:6C:5D:BC:71:54:34:35:7D:38:00:20:14:64:40:EF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916A447/D2075814A09C11E4B50E7B15C4F9AE02/H2gljFJsXbxxVDQ1fTgAIBRkQO8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H2gljFJsXbxxVDQ1fTgAIBRkQO8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916A447/D2075814A09C11E4B50E7B15C4F9AE02/7F3D1128DC7811EFA7D7DB49C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 101.2.190.0/24 103.227.245.0/24 103.227.247.0/24 203.153.220.0/24 203.153.222.0/24 223.224.12.0/24 223.224.22.0/24 223.224.29.0/24 Signature Algorithm: sha256WithRSAEncryption 66:31:3a:99:78:28:13:4c:a9:29:03:31:09:2a:62:50:20:7d: e5:d9:61:e1:22:f0:19:eb:6f:76:5d:85:2e:c9:64:49:5a:a4: 42:c8:5f:ab:17:89:4e:1f:fc:bf:e1:8d:d6:46:70:d1:4b:67: 3b:a5:d5:ea:3b:17:4f:c7:5e:bd:fd:5d:07:a9:0e:97:e0:4b: c2:89:13:b8:50:4d:37:64:8f:ce:04:31:ef:a4:81:02:6d:74: bf:b2:9f:79:27:b5:00:6b:dd:c0:44:78:e6:84:0b:3a:43:a5: 84:a5:a3:a8:f2:1b:b2:23:87:5f:ae:3c:28:79:ed:cd:b2:89: a8:5c:0d:e3:71:83:c8:f1:ad:42:f0:a4:e4:8b:4d:03:47:c1: 93:ad:4f:09:0e:72:6f:af:1f:b3:82:bf:3a:58:85:53:c5:64: 72:4f:88:1b:f6:31:31:e1:e8:fc:d7:90:3b:17:aa:d4:f0:c3: 6d:01:91:72:2f:86:94:e8:0c:f9:47:ac:25:fe:73:af:83:3b: e9:0e:1f:a1:34:7d:72:48:cc:e3:a4:00:ad:49:4c:f6:17:a5: c1:58:83:da:a7:99:8a:e2:63:9b:2d:55:ad:df:1e:0c:b6:da: 42:c0:0f:0d:95:c2:d2:ac:fe:66:44:36:69:dc:40:47:cb:59: 4c:78:f1:79 -----BEGIN CERTIFICATE----- MIIFZjCCBE6gAwIBAgICKW0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkE0NDcxMTAvBgNVBAUTKDFGNjgyNThDNTI2QzVEQkM3MTU0MzQzNTdEMzgwMDIw MTQ2NDQwRUYwHhcNMjYwMzI2MTYxODI0WhcNMjcwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWM1NWM1MC0zNWQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuYzCg1KO2rPPb8FSDYvlfQ7gjt33T6Ulp80y4asrqQq/K2X7SAPDQtw7rZfc IwnGMNVrfbiYOlV6hb2GrivVvHivvqxWeme1fIyp8PU/mYedxZ8fGz0uWaRnfqKd gqjyuZF+c2HlJVRVpdYBt6Wt1sjTJtFjcglDI7LZUpYbuJ4VU+zQqXoCBR6NiBrc va6dq5wCmbW/QArQR/tsTwMHSzsUxiz9w3uIH5IKaH1q6vh4L9puSHKiNsW7jG+Z zdNWvFVCec+ZZFd0Fu1zAmmBfpWIRJwAh/Dq53WEDVitcRWJC2zHMiQpE5YHbtnT yfF3Ajc+ycHcWrBkH/T+fgBjDQIDAQABo4ICijCCAoYwHQYDVR0OBBYEFCAoVgWy FlzlYJnBWf4a/Vg2FubLMB8GA1UdIwQYMBaAFB9oJYxSbF28cVQ0NX04ACAUZEDv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QTQ0Ny9EMjA3NTgxNEEw OUMxMUU0QjUwRTdCMTVDNEY5QUUwMi9IMmdsakZKc1hieHhWRFExZlRnQUlCUmtR TzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0gyZ2xqRkpzWGJ4eFZEUTFmVGdBSUJSa1FPOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NkE0NDcvRDIwNzU4MTRBMDlDMTFFNEI1MEU3QjE1QzRGOUFFMDIvN0YzRDExMjhE Qzc4MTFFRkE3RDdEQjQ5QzRGOUFFMDIucm9hMEkGCCsGAQUFBwEHAQH/BDowODA2 BAIAATAwAwQAZQK+AwQAZ+P1AwQAZ+P3AwQAy5ncAwQAy5neAwQA3+AMAwQA3+AW AwQA3+AdMA0GCSqGSIb3DQEBCwUAA4IBAQBmMTqZeCgTTKkpAzEJKmJQIH3l2WHh IvAZ6292XYUuyWRJWqRCyF+rF4lOH/y/4Y3WRnDRS2c7pdXqOxdPx169/V0HqQ6X 4EvCiRO4UE03ZI/OBDHvpIECbXS/sp95J7UAa93ARHjmhAs6Q6WEpaOo8huyI4df rjwoee3NsomoXA3jcYPI8a1C8KTki00DR8GTrU8JDnJvrx+zgr86WIVTxWRyT4gb 9jEx4ej815A7F6rU8MNtAZFyL4aU6Az5R6wl/nOvgzvpDh+hNH1ySMzjpACtSUz2 F6XBWIPap5mK4mObLVWt3x4MttpCwA8NlcLSrP5mRDZp3EBHy1lMePF5 -----END CERTIFICATE-----Generated at Mon Apr 6 10:09:46 2026 by rpki-client