$ rpki-client -vvf rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/D9AD698C961211ECB515C474C4F9AE02.roa File: D9AD698C961211ECB515C474C4F9AE02.roa (raw, json) Hash identifier: HY8jx42KdkySd2cMF5R0KcyeEkXfACP7f6ppIrDm7WM= Subject key identifier: 9B:3D:41:64:9B:C5:80:5E:56:FE:E8:BC:51:14:61:EE:CD:35:A3:23 Certificate issuer: /CN=A918F20B/serialNumber=7703A6D56C718021BD9C89EB3C4BED817ED56AE5 Certificate serial: 044E Authority key identifier: 77:03:A6:D5:6C:71:80:21:BD:9C:89:EB:3C:4B:ED:81:7E:D5:6A:E5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dwOm1WxxgCG9nInrPEvtgX7VauU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/D9AD698C961211ECB515C474C4F9AE02.roa Signing time: Sun 01 Mar 2026 15:03:03 +0000 ROA not before: Wed 27 Aug 2025 01:06:47 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 133199 IP address blocks: 43.242.128.0/24 maxlen: 24 43.242.129.0/24 maxlen: 24 43.242.130.0/24 maxlen: 24 43.242.131.0/24 maxlen: 24 103.251.88.0/24 maxlen: 24 103.251.89.0/24 maxlen: 24 103.251.90.0/24 maxlen: 24 103.251.91.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/dwOm1WxxgCG9nInrPEvtgX7VauU.crl rsync://rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/dwOm1WxxgCG9nInrPEvtgX7VauU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dwOm1WxxgCG9nInrPEvtgX7VauU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 23:47:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1102 (0x44e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918F20B, serialNumber=7703A6D56C718021BD9C89EB3C4BED817ED56AE5 Validity Not Before: Aug 27 01:06:47 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=69a45527-3335 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:fa:8e:0c:b2:11:56:72:4a:59:a5:70:9d:70: 3c:70:95:ba:e6:1f:fa:24:3f:69:a6:5b:7f:86:02: bd:a8:68:b4:e2:e7:c0:49:d7:70:fb:ba:a9:19:c2: 22:f5:31:87:62:e0:cf:b8:1b:44:55:62:2d:37:3e: 3d:6d:83:3c:f1:c0:4e:f9:0d:2f:cf:8c:1e:f4:44: c1:27:d9:1c:11:fc:f6:ca:ca:b8:a8:d7:ac:5c:70: 22:10:80:66:fb:1f:36:b1:df:c4:93:07:99:8c:8e: 76:42:0b:49:5c:8c:62:98:75:b2:04:d6:68:76:46: eb:55:fa:34:df:00:ee:92:9e:3b:74:a3:f2:9b:00: 8b:a6:e6:65:13:28:3a:e4:b4:52:61:3b:0a:cf:8b: e7:3d:96:90:3e:9f:13:cb:f1:b1:55:25:8c:a8:fd: 93:99:f5:3b:e7:87:09:95:57:07:4d:51:38:d1:fa: fb:7e:b7:03:25:6f:1a:7a:03:0a:ea:6d:e2:ea:82: f1:3d:b9:f6:60:4d:dd:14:47:de:c9:04:d3:52:05: b9:6e:03:48:06:6f:4a:5a:a2:cb:09:c6:d8:a4:78: 68:fa:b2:b2:97:3a:5b:7a:8c:7c:69:c3:e0:f9:f4: a4:64:e6:3d:ae:f5:d8:c3:08:db:47:8e:66:f5:29: 70:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:3D:41:64:9B:C5:80:5E:56:FE:E8:BC:51:14:61:EE:CD:35:A3:23 X509v3 Authority Key Identifier: keyid:77:03:A6:D5:6C:71:80:21:BD:9C:89:EB:3C:4B:ED:81:7E:D5:6A:E5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/dwOm1WxxgCG9nInrPEvtgX7VauU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dwOm1WxxgCG9nInrPEvtgX7VauU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/D9AD698C961211ECB515C474C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.242.128.0/22 103.251.88.0/22 Signature Algorithm: sha256WithRSAEncryption 69:92:03:1d:ee:e1:09:c6:22:c4:64:cb:b1:cc:23:05:60:68: b4:40:aa:4c:df:54:c5:0b:47:e5:19:11:1f:65:3c:a4:cf:f1: 41:de:1f:08:b4:d2:c6:c8:b9:36:dc:f5:29:ac:df:b1:5d:7b: 07:e8:c1:fb:b7:1e:a8:7c:1d:cd:7b:9c:e5:f8:74:20:ff:bd: e2:df:61:d4:f0:98:9d:41:d0:83:73:ae:ba:95:c0:25:71:e2: 59:aa:3c:f8:45:25:1d:26:b3:43:a7:8e:23:e3:1e:e5:fd:ac: d8:58:f4:7c:50:97:6e:db:38:1d:cd:2c:00:9c:54:19:ac:33: 06:d4:ab:f4:39:b6:0c:90:26:1a:d7:58:f3:f4:7b:be:5e:89: b6:da:1c:d1:27:37:b5:cb:f1:35:8f:0b:bb:7b:17:1a:ee:76: 3d:55:7b:32:2a:c6:80:8c:bb:e7:3a:e6:7a:3f:ae:fd:d5:cb: ad:fc:ad:06:38:33:1e:7d:4a:d8:72:42:f5:01:70:5d:6f:73: 2b:b5:d9:43:db:b5:f6:45:b6:aa:db:41:3c:bc:55:e5:7e:9f: c2:a6:09:86:a9:17:d3:fe:40:cf:fe:a6:77:2f:a2:c5:a3:5f: ff:ab:1f:26:ba:f4:82:d4:f0:78:13:63:b3:de:49:fa:98:d2: 81:56:1e:eb -----BEGIN CERTIFICATE----- MIIFQjCCBCqgAwIBAgICBE4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEYyMEIxMTAvBgNVBAUTKDc3MDNBNkQ1NkM3MTgwMjFCRDlDODlFQjNDNEJFRDgx N0VENTZBRTUwHhcNMjUwODI3MDEwNjQ3WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NTUyNy0zMzM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu/qODLIRVnJKWaVwnXA8cJW65h/6JD9pplt/hgK9qGi04ufASddw+7qpGcIi 9TGHYuDPuBtEVWItNz49bYM88cBO+Q0vz4we9ETBJ9kcEfz2ysq4qNesXHAiEIBm +x82sd/EkweZjI52QgtJXIximHWyBNZodkbrVfo03wDukp47dKPymwCLpuZlEyg6 5LRSYTsKz4vnPZaQPp8Ty/GxVSWMqP2TmfU754cJlVcHTVE40fr7frcDJW8aegMK 6m3i6oLxPbn2YE3dFEfeyQTTUgW5bgNIBm9KWqLLCcbYpHho+rKylzpbeox8acPg +fSkZOY9rvXYwwjbR45m9Slw2QIDAQABo4ICZjCCAmIwHQYDVR0OBBYEFJs9QWSb xYBeVv7ovFEUYe7NNaMjMB8GA1UdIwQYMBaAFHcDptVscYAhvZyJ6zxL7YF+1Wrl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RjIwQi8xOUU0REJGNjk2 MEYxMUVDODkwQTQ0NkRDNEY5QUUwMi9kd09tMVd4eGdDRzluSW5yUEV2dGdYN1Zh dVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2R3T20xV3h4Z0NHOW5JbnJQRXZ0Z1g3VmF1VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEYyMEIvMTlFNERCRjY5NjBGMTFFQzg5MEE0NDZEQzRGOUFFMDIvRDlBRDY5OEM5 NjEyMTFFQ0I1MTVDNDc0QzRGOUFFMDIucm9hMCUGCCsGAQUFBwEHAQH/BBYwFDAS BAIAATAMAwQCK/KAAwQCZ/tYMA0GCSqGSIb3DQEBCwUAA4IBAQBpkgMd7uEJxiLE ZMuxzCMFYGi0QKpM31TFC0flGREfZTykz/FB3h8ItNLGyLk23PUprN+xXXsH6MH7 tx6ofB3Ne5zl+HQg/73i32HU8JidQdCDc666lcAlceJZqjz4RSUdJrNDp44j4x7l /azYWPR8UJdu2zgdzSwAnFQZrDMG1Kv0ObYMkCYa11jz9Hu+Xom22hzRJze1y/E1 jwu7exca7nY9VXsyKsaAjLvnOuZ6P6791cut/K0GODMefUrYckL1AXBdb3MrtdlD 27X2Rbaq20E8vFXlfp/CpgmGqRfT/kDP/qZ3L6LFo1//qx8muvSC1PB4E2Oz3kn6 mNKBVh7r -----END CERTIFICATE-----Generated at Tue Mar 24 08:14:37 2026 by rpki-client