$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/2C3DCE420F7F11F0B174675DC4F9AE02.roa File: 2C3DCE420F7F11F0B174675DC4F9AE02.roa (raw, json) Hash identifier: c4tmYlMY5sWJ0DujxCTdR6nU4mhqfELo+RFUBYJRcIg= Subject key identifier: FB:9C:65:6D:A5:79:ED:B3:04:E2:B6:B7:B4:9A:5C:FE:4B:04:95:2A Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934 Certificate serial: 084A Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/2C3DCE420F7F11F0B174675DC4F9AE02.roa Signing time: Wed 08 Oct 2025 22:54:10 +0000 ROA not before: Wed 08 Oct 2025 22:54:10 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 150706 IP address blocks: 103.20.220.0/23 maxlen: 23 103.20.220.0/24 maxlen: 24 103.20.221.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 00:38:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2122 (0x84a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911B412, serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934 Validity Not Before: Oct 8 22:54:10 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=68e6eb92-9c86 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:09:1e:d4:c3:95:5d:d9:42:d7:c9:16:74:c7: 42:54:be:5e:6e:a1:00:4a:e0:58:01:df:73:6a:c8: 27:2b:82:74:39:ba:f9:82:11:f8:55:cf:87:d3:09: 15:dc:85:1f:c0:87:12:68:db:ed:ad:d4:2a:63:5e: f1:1b:53:bc:87:3f:c2:4b:7e:56:89:dc:00:8c:39: f2:7d:95:26:76:08:2b:d5:f5:38:93:eb:6c:bd:5f: 6d:28:a1:26:eb:8b:25:ac:43:a5:5f:24:a9:38:55: 5e:df:69:16:02:c9:fd:20:57:ff:15:34:28:33:39: ae:d2:c4:25:11:8d:81:e5:12:1a:aa:0c:fd:e8:74: 97:64:e3:e8:a0:63:51:bf:be:00:8c:34:83:7f:85: a8:b0:c0:f4:24:65:e3:43:5f:ef:ed:46:a2:6c:13: c7:3e:5e:c3:e9:3d:d9:95:4e:72:e7:f4:e4:49:f0: 97:ae:7a:e1:56:6a:59:b8:10:c1:8a:63:5d:de:fd: fb:68:0d:3d:54:f5:b8:48:20:81:65:e0:81:f5:6d: 58:c9:1e:95:c1:ca:42:19:aa:c3:fc:b0:0c:5e:b2: 9c:2a:88:95:6c:4a:c4:63:41:5c:5c:74:60:20:cd: 8c:53:a4:16:55:12:a4:f5:6a:8a:9b:82:62:19:ae: f8:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:9C:65:6D:A5:79:ED:B3:04:E2:B6:B7:B4:9A:5C:FE:4B:04:95:2A X509v3 Authority Key Identifier: keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/2C3DCE420F7F11F0B174675DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.20.220.0/23 Signature Algorithm: sha256WithRSAEncryption 62:67:96:3f:74:4f:a4:f3:ad:97:89:12:94:d1:7b:62:19:99: f6:2c:5b:27:1a:20:24:27:fc:41:83:be:b7:8b:20:87:29:34: 86:d9:40:22:15:e3:30:0f:5b:9b:f9:ce:d6:49:37:4b:bf:06: e9:6e:2b:72:2b:13:c6:ba:1a:0b:b5:fb:da:43:1e:9d:64:19: a2:f7:4a:0c:83:01:ef:de:d9:eb:a5:7a:59:bd:f2:d7:16:1e: 15:d1:b0:94:db:64:20:7a:6c:3a:3c:37:04:e3:08:21:36:a0: d2:b1:88:43:51:f0:83:1b:c1:b1:3d:a8:73:42:34:39:f0:b3: 84:ca:d7:16:4e:58:9b:e0:d4:91:71:5e:4b:4a:53:8d:ba:24: 3d:88:ef:09:01:fa:d2:7d:3a:f1:5b:af:58:ae:08:af:c4:d2: 50:37:c2:da:50:bf:99:85:4f:4a:b6:7c:e7:01:08:24:cd:1f: 51:db:1e:c0:8b:d1:1a:78:23:e2:b5:85:fe:f8:e6:0f:00:ad: c0:f4:26:71:03:07:95:96:be:82:83:d4:47:70:1a:3a:8c:e5: 92:64:58:cd:92:b1:29:59:a4:81:4b:ab:d6:ba:27:f6:60:6f: 11:07:97:e7:e5:a0:77:15:97:ec:96:63:59:5a:df:74:ee:df: e5:10:e7:13 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICCEowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3 RDgwQjA5MzQwHhcNMjUxMDA4MjI1NDEwWhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGU2ZWI5Mi05Yzg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqQke1MOVXdlC18kWdMdCVL5ebqEASuBYAd9zasgnK4J0Obr5ghH4Vc+H0wkV 3IUfwIcSaNvtrdQqY17xG1O8hz/CS35WidwAjDnyfZUmdggr1fU4k+tsvV9tKKEm 64slrEOlXySpOFVe32kWAsn9IFf/FTQoMzmu0sQlEY2B5RIaqgz96HSXZOPooGNR v74AjDSDf4WosMD0JGXjQ1/v7UaibBPHPl7D6T3ZlU5y5/TkSfCXrnrhVmpZuBDB imNd3v37aA09VPW4SCCBZeCB9W1YyR6VwcpCGarD/LAMXrKcKoiVbErEY0FcXHRg IM2MU6QWVRKk9WqKm4JiGa74OwIDAQABo4IClTCCApEwHQYDVR0OBBYEFPucZW2l ee2zBOK2t7SaXP5LBJUqMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvMkMzRENFNDIw RjdGMTFGMEIxNzQ2NzVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAFnFNwwDQYJKoZIhvcNAQELBQADggEBAGJnlj90T6TzrZeJ EpTRe2IZmfYsWycaICQn/EGDvreLIIcpNIbZQCIV4zAPW5v5ztZJN0u/BuluK3Ir E8a6Ggu1+9pDHp1kGaL3SgyDAe/e2eulelm98tcWHhXRsJTbZCB6bDo8NwTjCCE2 oNKxiENR8IMbwbE9qHNCNDnws4TK1xZOWJvg1JFxXktKU426JD2I7wkB+tJ9OvFb r1iuCK/E0lA3wtpQv5mFT0q2fOcBCCTNH1HbHsCL0Rp4I+K1hf745g8ArcD0JnED B5WWvoKD1EdwGjqM5ZJkWM2SsSlZpIFLq9a6J/ZgbxEHl+floHcVl+yWY1la33Tu 3+UQ5xM= -----END CERTIFICATE-----Generated at Mon Oct 20 04:20:46 2025 by rpki-client