$ rpki-client -vvf rpki.apnic.net/member_repository/A911A35E/FA927782C60011EC9DA7400FC4F9AE02/7FA7FFD6D54F11EF88D65E53C4F9AE02.roa File: 7FA7FFD6D54F11EF88D65E53C4F9AE02.roa (raw, json) Hash identifier: 4UMRc+U+QvsxtO1R2mqRXzqp5X2s02DN1FDAeR0/6VE= Subject key identifier: 2E:C7:2B:BE:AD:4B:92:45:1E:60:7C:A8:7F:4B:5B:7D:CD:89:7D:78 Certificate issuer: /CN=A911A35E/serialNumber=8899693E931350C555F2BF47B151DEF87342B729 Certificate serial: 037C Authority key identifier: 88:99:69:3E:93:13:50:C5:55:F2:BF:47:B1:51:DE:F8:73:42:B7:29 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iJlpPpMTUMVV8r9HsVHe-HNCtyk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911A35E/FA927782C60011EC9DA7400FC4F9AE02/7FA7FFD6D54F11EF88D65E53C4F9AE02.roa Signing time: Sat 11 Oct 2025 03:27:29 +0000 ROA not before: Sat 11 Oct 2025 03:27:29 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 153494 IP address blocks: 43.243.208.0/22 maxlen: 24 103.39.24.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911A35E/FA927782C60011EC9DA7400FC4F9AE02/iJlpPpMTUMVV8r9HsVHe-HNCtyk.crl rsync://rpki.apnic.net/member_repository/A911A35E/FA927782C60011EC9DA7400FC4F9AE02/iJlpPpMTUMVV8r9HsVHe-HNCtyk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iJlpPpMTUMVV8r9HsVHe-HNCtyk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 02:52:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 892 (0x37c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911A35E, serialNumber=8899693E931350C555F2BF47B151DEF87342B729 Validity Not Before: Oct 11 03:27:29 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=68e9cea0-4ea7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:ea:c1:45:8d:bb:4b:da:6c:54:74:60:df:0e: 51:1a:59:11:58:f7:29:62:db:a4:37:cd:43:3d:50: 07:11:c0:a8:d1:87:dd:97:00:09:78:ba:51:91:8c: 3d:f2:de:b8:3b:1c:03:92:75:63:9b:bb:e1:df:a2: 37:68:04:fd:50:9c:53:61:58:67:b5:84:36:ae:51: 35:69:39:85:ff:da:79:3a:a3:48:b8:c4:1e:49:eb: da:fe:61:cd:cf:6a:40:4a:a8:0b:61:b1:2c:76:08: 40:ff:a4:c1:54:49:c9:72:09:e5:bb:f2:75:41:7d: 78:bc:84:66:69:d3:56:9b:8b:21:2f:5b:a5:fb:6f: e5:9f:83:91:31:0f:b7:8c:04:c3:8e:14:fa:02:46: b8:c0:a1:58:00:e9:c2:6a:63:b0:f0:ea:c5:cc:54: d5:02:a4:ce:02:37:cd:c5:c2:82:7b:a5:9d:f0:e9: 89:e4:27:bb:ef:06:7e:7f:1d:54:01:99:47:71:9f: 3b:fa:9c:cb:f8:91:e3:0f:7e:1b:55:f0:a2:7d:97: a2:c4:8c:9a:ce:c9:88:6b:44:ae:03:fd:0e:ed:65: 3d:7e:52:41:0f:fd:03:88:b4:58:4c:ff:d3:ce:59: 8b:ab:26:08:a2:b2:72:89:b5:86:51:ab:32:47:7c: ba:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:C7:2B:BE:AD:4B:92:45:1E:60:7C:A8:7F:4B:5B:7D:CD:89:7D:78 X509v3 Authority Key Identifier: keyid:88:99:69:3E:93:13:50:C5:55:F2:BF:47:B1:51:DE:F8:73:42:B7:29 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911A35E/FA927782C60011EC9DA7400FC4F9AE02/iJlpPpMTUMVV8r9HsVHe-HNCtyk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iJlpPpMTUMVV8r9HsVHe-HNCtyk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911A35E/FA927782C60011EC9DA7400FC4F9AE02/7FA7FFD6D54F11EF88D65E53C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.243.208.0/22 103.39.24.0/22 Signature Algorithm: sha256WithRSAEncryption 1e:ae:51:98:fa:a2:52:de:0b:e9:89:a4:99:63:e6:31:50:74: be:e8:ad:68:3d:b3:57:16:80:38:30:fc:fd:ed:99:a7:df:1b: 9d:87:c4:1e:8b:e8:f5:91:18:6b:dc:b9:7e:0f:54:67:4f:41: 26:5b:3f:d8:98:56:30:bd:ab:93:d0:be:a7:a3:4a:82:08:e8: 01:c0:3d:8b:db:56:cf:b1:53:f6:79:23:28:33:8b:ca:3e:2c: 61:a3:db:5f:95:cb:f3:12:ae:66:3b:60:9e:9b:bc:f1:e6:49: d0:1b:2a:3c:56:c4:00:64:cc:9f:2e:54:57:96:6c:0a:a5:c3: 1c:48:3c:32:94:b2:7c:66:01:56:1c:38:25:79:39:d8:a8:91: 1f:d1:07:ea:f6:88:21:4c:26:bf:f4:62:b1:9a:ba:b4:54:65: 95:09:f7:64:85:6e:14:8e:e6:00:02:82:69:fe:c6:59:22:b2: 35:58:ca:9e:44:a9:ef:09:bd:fa:fe:af:88:1c:17:de:fe:48: 43:63:fe:f5:dc:e3:03:a7:c6:99:7a:31:f7:2b:4d:c6:34:0c: 97:68:3b:da:e7:2c:a0:de:f7:f0:75:bf:c7:0d:b3:d5:b2:12: bb:ce:e5:b2:86:ca:46:29:2a:be:65:43:ba:a0:2b:54:34:73: 2b:35:46:52 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICA3wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUEzNUUxMTAvBgNVBAUTKDg4OTk2OTNFOTMxMzUwQzU1NUYyQkY0N0IxNTFERUY4 NzM0MkI3MjkwHhcNMjUxMDExMDMyNzI5WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGU5Y2VhMC00ZWE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3+rBRY27S9psVHRg3w5RGlkRWPcpYtukN81DPVAHEcCo0YfdlwAJeLpRkYw9 8t64OxwDknVjm7vh36I3aAT9UJxTYVhntYQ2rlE1aTmF/9p5OqNIuMQeSeva/mHN z2pASqgLYbEsdghA/6TBVEnJcgnlu/J1QX14vIRmadNWm4shL1ul+2/ln4ORMQ+3 jATDjhT6Aka4wKFYAOnCamOw8OrFzFTVAqTOAjfNxcKCe6Wd8OmJ5Ce77wZ+fx1U AZlHcZ87+pzL+JHjD34bVfCifZeixIyazsmIa0SuA/0O7WU9flJBD/0DiLRYTP/T zlmLqyYIorJyibWGUasyR3y6PwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFC7HK76t S5JFHmB8qH9LW33NiX14MB8GA1UdIwQYMBaAFIiZaT6TE1DFVfK/R7FR3vhzQrcp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQTM1RS9GQTkyNzc4MkM2 MDAxMUVDOURBNzQwMEZDNEY5QUUwMi9pSmxwUHBNVFVNVlY4cjlIc1ZIZS1ITkN0 eWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lKbHBQcE1UVU1WVjhyOUhzVkhlLUhOQ3R5ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUEzNUUvRkE5Mjc3ODJDNjAwMTFFQzlEQTc0MDBGQzRGOUFFMDIvN0ZBN0ZGRDZE NTRGMTFFRjg4RDY1RTUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAIr89ADBAJnJxgwDQYJKoZIhvcNAQELBQADggEBAB6uUZj6 olLeC+mJpJlj5jFQdL7orWg9s1cWgDgw/P3tmaffG52HxB6L6PWRGGvcuX4PVGdP QSZbP9iYVjC9q5PQvqejSoII6AHAPYvbVs+xU/Z5Iygzi8o+LGGj21+Vy/MSrmY7 YJ6bvPHmSdAbKjxWxABkzJ8uVFeWbAqlwxxIPDKUsnxmAVYcOCV5OdiokR/RB+r2 iCFMJr/0YrGaurRUZZUJ92SFbhSO5gACgmn+xlkisjVYyp5Eqe8Jvfr+r4gcF97+ SENj/vXc4wOnxpl6MfcrTcY0DJdoO9rnLKDe9/B1v8cNs9WyErvO5bKGykYpKr5l Q7qgK1Q0cys1RlI= -----END CERTIFICATE-----Generated at Mon Oct 20 10:13:41 2025 by rpki-client