$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/2C928134155711F099BFE331C4F9AE02.roa File: 2C928134155711F099BFE331C4F9AE02.roa (raw, json) Hash identifier: AJZEFizEDsJ6sWn600ciPTkPWhiWwQ7kl7O8N1slUUo= Subject key identifier: 25:FD:6E:81:6C:76:8B:A4:A5:7D:B2:C6:6C:EC:C7:E5:90:C3:CF:D3 Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934 Certificate serial: 084C Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/2C928134155711F099BFE331C4F9AE02.roa Signing time: Wed 08 Oct 2025 22:54:12 +0000 ROA not before: Wed 08 Oct 2025 22:54:12 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 153706 IP address blocks: 43.229.153.0/24 maxlen: 24 103.228.64.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 00:38:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2124 (0x84c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911B412, serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934 Validity Not Before: Oct 8 22:54:12 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=68e6eb94-f339 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:65:81:eb:0a:70:29:ac:17:ce:3b:06:83:af: e3:49:e7:c0:ba:c7:c5:5d:b6:12:56:9c:5f:f1:6d: 89:05:a0:c3:a5:04:41:09:20:af:8e:e8:81:dd:9a: 99:f5:0f:3f:5b:23:06:cb:e1:b2:7b:a9:57:7c:ef: 23:61:b9:37:37:d7:d2:8e:60:33:c2:7f:19:68:fd: 4e:ce:35:49:eb:a5:0c:61:da:d7:29:63:99:08:72: 80:71:bb:16:58:4f:b4:cc:54:b9:f0:89:c7:16:fd: db:3e:72:0d:54:f5:70:eb:99:af:14:5c:1a:d7:85: c0:67:69:a7:58:d4:a6:ad:49:3a:4c:4d:62:08:73: d4:eb:c1:3c:06:52:43:45:2a:8b:49:a6:0c:79:8c: 78:af:f4:8f:84:f4:88:ca:b9:b3:d0:44:8d:c3:7d: dd:78:8f:af:eb:e7:ce:11:51:6e:8f:b0:f4:e8:a6: 09:13:71:9b:41:ac:c2:b8:ea:37:68:1b:2f:b6:78: a2:29:40:95:52:d1:c5:cc:56:60:90:87:6e:f1:d8: 1f:ed:22:f1:80:44:dd:5b:b8:4d:5d:c8:44:25:3b: 5b:15:e0:6c:0d:9a:f3:e6:c4:12:05:1c:cb:99:5d: d2:14:7a:52:86:21:1c:ec:1e:69:0d:b6:0b:66:f8: 15:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:FD:6E:81:6C:76:8B:A4:A5:7D:B2:C6:6C:EC:C7:E5:90:C3:CF:D3 X509v3 Authority Key Identifier: keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/2C928134155711F099BFE331C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.229.153.0/24 103.228.64.0/24 Signature Algorithm: sha256WithRSAEncryption 4a:18:bb:4c:4f:38:f9:14:f5:31:06:cf:ea:33:73:53:9a:ac: 83:c2:bd:eb:18:a0:52:3b:86:66:8c:29:45:45:e2:c0:19:e6: b9:37:07:1c:72:af:87:84:5c:2a:9d:f3:2a:45:68:1b:18:1b: 59:d9:07:41:a8:8b:d5:2f:f4:c1:f3:1f:c2:1b:65:e8:32:f9: 85:c6:ae:70:18:b8:99:41:d5:f4:12:62:bc:69:06:80:42:58: 93:06:a2:c7:c6:97:64:8b:f3:75:bd:54:61:36:13:2c:36:da: d8:b6:64:e9:6b:aa:37:22:40:81:9f:01:eb:ed:8a:8b:fd:66: e5:65:97:47:4d:42:14:f9:64:7c:16:a0:c6:a7:4f:c3:5b:7a: 50:c8:94:4c:57:45:70:d7:f9:56:e7:ea:3a:9f:bb:ee:3a:7f: f9:79:a6:df:64:0a:2f:4c:e1:62:8d:b0:e8:bb:9a:d9:67:2d: e8:c8:28:d6:19:33:09:8b:11:d6:e9:75:e5:68:49:72:83:ef: 24:a2:f6:25:bf:71:b6:ab:da:e3:0a:f6:9d:84:9d:b9:b0:56: 91:9b:83:bf:84:3d:83:28:3e:a1:c9:ef:bc:a2:cc:b3:8c:fa: 24:1c:0f:88:e3:17:cb:25:bc:00:37:10:47:7f:52:0e:76:cd: 1c:3e:96:12 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICCEwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3 RDgwQjA5MzQwHhcNMjUxMDA4MjI1NDEyWhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGU2ZWI5NC1mMzM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzWWB6wpwKawXzjsGg6/jSefAusfFXbYSVpxf8W2JBaDDpQRBCSCvjuiB3ZqZ 9Q8/WyMGy+Gye6lXfO8jYbk3N9fSjmAzwn8ZaP1OzjVJ66UMYdrXKWOZCHKAcbsW WE+0zFS58InHFv3bPnINVPVw65mvFFwa14XAZ2mnWNSmrUk6TE1iCHPU68E8BlJD RSqLSaYMeYx4r/SPhPSIyrmz0ESNw33deI+v6+fOEVFuj7D06KYJE3GbQazCuOo3 aBsvtniiKUCVUtHFzFZgkIdu8dgf7SLxgETdW7hNXchEJTtbFeBsDZrz5sQSBRzL mV3SFHpShiEc7B5pDbYLZvgVkQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFCX9boFs doukpX2yxmzsx+WQw8/TMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvMkM5MjgxMzQx NTU3MTFGMDk5QkZFMzMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAAr5ZkDBABn5EAwDQYJKoZIhvcNAQELBQADggEBAEoYu0xP OPkU9TEGz+ozc1OarIPCvesYoFI7hmaMKUVF4sAZ5rk3Bxxyr4eEXCqd8ypFaBsY G1nZB0Goi9Uv9MHzH8IbZegy+YXGrnAYuJlB1fQSYrxpBoBCWJMGosfGl2SL83W9 VGE2Eyw22ti2ZOlrqjciQIGfAevtiov9ZuVll0dNQhT5ZHwWoManT8NbelDIlExX RXDX+Vbn6jqfu+46f/l5pt9kCi9M4WKNsOi7mtlnLejIKNYZMwmLEdbpdeVoSXKD 7ySi9iW/cbar2uMK9p2EnbmwVpGbg7+EPYMoPqHJ77yizLOM+iQcD4jjF8slvAA3 EEd/Ug52zRw+lhI= -----END CERTIFICATE-----Generated at Mon Oct 20 13:51:07 2025 by rpki-client