$ rpki-client -vvf rpki.apnic.net/member_repository/A9110FEF/B0363D6064F511ED82B03C11C4F9AE02/47DA361A3F8F11EF8FA3802DC4F9AE02.roa File: 47DA361A3F8F11EF8FA3802DC4F9AE02.roa (raw, json) Hash identifier: t2QGvAxpDAT3kp8PeIbeNnP6vAkksZUBbRRuJ3lkqjY= Subject key identifier: 90:2B:AF:EE:AF:34:F0:0B:C0:03:8D:91:B9:EC:AC:9C:FF:16:3B:1F Certificate issuer: /CN=A9110FEF/serialNumber=321D0AB78A1ABE351A7DB79320D9FFD372A08C45 Certificate serial: 0235 Authority key identifier: 32:1D:0A:B7:8A:1A:BE:35:1A:7D:B7:93:20:D9:FF:D3:72:A0:8C:45 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Mh0Kt4oavjUafbeTINn_03KgjEU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9110FEF/B0363D6064F511ED82B03C11C4F9AE02/47DA361A3F8F11EF8FA3802DC4F9AE02.roa Signing time: Fri 17 Oct 2025 04:38:26 +0000 ROA not before: Fri 17 Oct 2025 04:38:26 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 133034 IP address blocks: 103.251.232.0/22 maxlen: 22 103.251.232.0/23 maxlen: 23 103.251.232.0/24 maxlen: 24 103.251.233.0/24 maxlen: 24 103.251.234.0/23 maxlen: 23 103.251.234.0/24 maxlen: 24 103.251.235.0/24 maxlen: 24 121.46.70.0/24 maxlen: 24 2400:a740::/32 maxlen: 32 2400:a740::/48 maxlen: 48 2400:a740:1::/48 maxlen: 48 2400:a740:2::/48 maxlen: 48 2400:a740:3::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9110FEF/B0363D6064F511ED82B03C11C4F9AE02/Mh0Kt4oavjUafbeTINn_03KgjEU.crl rsync://rpki.apnic.net/member_repository/A9110FEF/B0363D6064F511ED82B03C11C4F9AE02/Mh0Kt4oavjUafbeTINn_03KgjEU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Mh0Kt4oavjUafbeTINn_03KgjEU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 04:16:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 565 (0x235) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9110FEF, serialNumber=321D0AB78A1ABE351A7DB79320D9FFD372A08C45 Validity Not Before: Oct 17 04:38:26 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68f1c841-a072 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:d5:bf:1f:95:f6:dc:fb:ac:2d:71:68:ec:3f: c0:0a:d3:c9:6f:46:24:22:90:f5:7d:50:e5:f1:ed: d6:63:68:9b:52:e0:98:44:5f:46:cd:26:f6:26:11: ad:65:41:5e:c7:2c:21:7d:ee:5e:b3:95:be:9c:d7: 6f:7f:82:f6:4e:c9:4c:d2:23:0d:c2:70:39:66:aa: 43:78:22:d5:fe:05:c5:a3:49:41:b5:5f:e6:22:23: 98:5c:ad:66:46:3b:ee:c2:2c:30:17:87:4d:28:39: 8f:54:9f:04:48:4c:cf:3b:1d:a0:ad:f2:54:ec:63: 2a:54:d2:8a:41:50:64:a7:f0:d9:7d:a4:7d:ea:68: 3b:b5:09:19:eb:7b:bb:33:f1:7b:c5:e4:d5:2a:71: d2:7d:a5:16:5d:06:1d:a6:42:1c:eb:1b:c8:40:06: a1:81:88:b5:8f:4e:b1:ac:b4:66:e7:06:d7:51:f5: 2d:39:b8:88:76:6e:a2:e2:cd:57:68:ce:d7:6d:40: d3:e7:f8:fb:b2:65:73:a1:c7:b6:33:0f:60:84:97: 4a:db:a5:2f:6f:e0:85:f2:8b:b4:af:e7:e6:77:06: 48:bd:bc:a8:e3:df:b4:1d:5d:1a:cd:f0:42:51:e7: e2:44:b8:f6:ab:ae:6b:46:94:d9:d0:29:6b:f9:e4: d0:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:2B:AF:EE:AF:34:F0:0B:C0:03:8D:91:B9:EC:AC:9C:FF:16:3B:1F X509v3 Authority Key Identifier: keyid:32:1D:0A:B7:8A:1A:BE:35:1A:7D:B7:93:20:D9:FF:D3:72:A0:8C:45 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9110FEF/B0363D6064F511ED82B03C11C4F9AE02/Mh0Kt4oavjUafbeTINn_03KgjEU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Mh0Kt4oavjUafbeTINn_03KgjEU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9110FEF/B0363D6064F511ED82B03C11C4F9AE02/47DA361A3F8F11EF8FA3802DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.251.232.0/22 121.46.70.0/24 IPv6: 2400:a740::/32 Signature Algorithm: sha256WithRSAEncryption 6d:3a:ce:64:c1:06:bc:00:fc:1e:2c:7a:7e:af:0f:6b:61:ac: 14:e6:f8:31:74:cc:f4:7a:51:ca:e5:1b:c6:fd:af:d9:63:02: e4:40:11:50:61:f9:b5:6e:e2:49:76:eb:73:0e:42:0a:66:22: 9b:e6:9e:84:e6:cf:90:cd:ed:db:9a:38:e2:44:61:c0:2b:87: d3:10:d8:ba:e0:3e:bb:6a:d1:21:66:7a:0f:1c:c8:df:6c:58: e8:47:b2:de:07:63:11:4e:a1:1c:c7:b2:19:04:7d:c5:e9:55: d6:f1:d2:64:0d:ed:8f:49:73:42:c4:a5:15:19:bb:cc:a8:aa: 82:b6:ce:17:0a:80:78:c3:d4:c3:87:da:1e:52:e2:d1:aa:f1: e8:b1:5f:74:43:14:89:84:b0:33:10:5f:97:e0:72:5b:54:3a: b8:26:ff:fc:90:f6:62:2b:8e:81:92:53:80:59:28:52:67:01: 9f:02:11:50:ea:30:67:02:0f:09:de:c0:e2:ad:df:09:5c:86: 1e:5b:94:2c:30:f2:2e:15:40:ac:a8:dc:4a:ab:d9:d4:f1:ae: 8b:b5:19:2e:01:7c:35:c9:4f:fa:f6:f2:38:4b:3e:3d:a2:fd: 57:76:e8:e6:66:9d:17:00:39:48:4e:23:19:e2:f8:e1:f0:e4: 87:d4:3e:28 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICAjUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTBGRUYxMTAvBgNVBAUTKDMyMUQwQUI3OEExQUJFMzUxQTdEQjc5MzIwRDlGRkQz NzJBMDhDNDUwHhcNMjUxMDE3MDQzODI2WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGYxYzg0MS1hMDcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvtW/H5X23PusLXFo7D/ACtPJb0YkIpD1fVDl8e3WY2ibUuCYRF9GzSb2JhGt ZUFexywhfe5es5W+nNdvf4L2TslM0iMNwnA5ZqpDeCLV/gXFo0lBtV/mIiOYXK1m RjvuwiwwF4dNKDmPVJ8ESEzPOx2grfJU7GMqVNKKQVBkp/DZfaR96mg7tQkZ63u7 M/F7xeTVKnHSfaUWXQYdpkIc6xvIQAahgYi1j06xrLRm5wbXUfUtObiIdm6i4s1X aM7XbUDT5/j7smVzoce2Mw9ghJdK26Uvb+CF8ou0r+fmdwZIvbyo49+0HV0azfBC UefiRLj2q65rRpTZ0Clr+eTQ2QIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFJArr+6v NPALwAONkbnsrJz/FjsfMB8GA1UdIwQYMBaAFDIdCreKGr41Gn23kyDZ/9NyoIxF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMEZFRi9CMDM2M0Q2MDY0 RjUxMUVEODJCMDNDMTFDNEY5QUUwMi9NaDBLdDRvYXZqVWFmYmVUSU5uXzAzS2dq RVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL01oMEt0NG9hdmpVYWZiZVRJTm5fMDNLZ2pFVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MTBGRUYvQjAzNjNENjA2NEY1MTFFRDgyQjAzQzExQzRGOUFFMDIvNDdEQTM2MUEz RjhGMTFFRjhGQTM4MDJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAJn++gDBAB5LkYwDQQCAAIwBwMFACQAp0AwDQYJKoZIhvcN AQELBQADggEBAG06zmTBBrwA/B4sen6vD2thrBTm+DF0zPR6UcrlG8b9r9ljAuRA EVBh+bVu4kl263MOQgpmIpvmnoTmz5DN7duaOOJEYcArh9MQ2LrgPrtq0SFmeg8c yN9sWOhHst4HYxFOoRzHshkEfcXpVdbx0mQN7Y9Jc0LEpRUZu8yoqoK2zhcKgHjD 1MOH2h5S4tGq8eixX3RDFImEsDMQX5fgcltUOrgm//yQ9mIrjoGSU4BZKFJnAZ8C EVDqMGcCDwnewOKt3wlchh5blCww8i4VQKyo3Eqr2dTxrou1GS4BfDXJT/r28jhL Pj2i/Vd26OZmnRcAOUhOIxni+OHw5IfUPig= -----END CERTIFICATE-----Generated at Mon Oct 20 10:44:22 2025 by rpki-client