$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/D716391C53CC11F0BC106B7CC4F9AE02.roa File: D716391C53CC11F0BC106B7CC4F9AE02.roa (raw, json) Hash identifier: Xm6BtJp1Xv982dNe+cH86+8Hl8aLCGaqau9syDHGkl0= Subject key identifier: 84:B1:7A:96:F6:E9:06:A3:CE:E3:B0:E5:54:5F:8C:50:C5:F8:23:30 Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934 Certificate serial: 0850 Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/D716391C53CC11F0BC106B7CC4F9AE02.roa Signing time: Wed 08 Oct 2025 22:54:15 +0000 ROA not before: Wed 08 Oct 2025 22:54:15 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 21859 IP address blocks: 36.255.193.0/24 maxlen: 24 36.255.194.0/24 maxlen: 24 43.229.152.0/24 maxlen: 24 103.209.233.0/24 maxlen: 24 103.209.234.0/24 maxlen: 24 150.107.0.0/24 maxlen: 24 163.53.17.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 00:38:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2128 (0x850) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911B412, serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934 Validity Not Before: Oct 8 22:54:15 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=68e6eb97-2244 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:d6:a1:8f:6f:4d:d7:2f:30:64:1a:94:07:60: 2f:46:0f:9f:e6:af:c2:a2:4f:36:b4:d3:b9:41:c9: a3:6b:e3:e1:d6:20:5e:33:d2:15:8c:49:76:1d:31: d2:f1:5b:5d:96:04:4a:cb:71:cb:39:18:97:bf:fb: 27:d0:bc:4b:1f:0b:31:fd:73:29:47:f2:07:ff:44: c6:3b:2a:34:50:4b:ea:df:94:ee:38:18:53:86:f9: 87:49:ab:bb:b9:3a:db:ec:26:6f:07:43:37:f7:6f: 59:af:12:ae:ee:11:a4:35:53:94:30:f0:1d:61:55: a0:a2:63:81:7e:c1:d0:a5:b0:fe:f8:52:50:ad:71: b1:9e:ba:48:0f:d3:ca:9e:c6:54:cc:ad:0f:74:c7: d8:bb:1d:85:9e:b5:8b:81:e1:b1:9a:32:76:06:9a: f8:6c:fb:27:b1:a1:a1:60:61:0b:b6:51:0f:eb:01: b5:e4:6e:10:92:84:1a:7d:f6:75:d1:49:04:3f:d0: cc:5d:c3:49:49:51:ab:88:9d:7a:17:b4:09:6f:20: 16:e3:52:01:89:7d:03:34:a6:54:56:a3:51:c5:74: bd:2b:d6:e5:c2:81:51:fa:07:12:90:61:b5:df:40: da:7d:e2:4e:60:40:a0:cc:c9:08:12:eb:c3:e7:1d: 97:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:B1:7A:96:F6:E9:06:A3:CE:E3:B0:E5:54:5F:8C:50:C5:F8:23:30 X509v3 Authority Key Identifier: keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/D716391C53CC11F0BC106B7CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 36.255.193.0-36.255.194.255 43.229.152.0/24 103.209.233.0-103.209.234.255 150.107.0.0/24 163.53.17.0/24 Signature Algorithm: sha256WithRSAEncryption 84:81:d5:75:1b:b4:99:41:dc:18:bf:4a:f6:ac:3a:a5:e3:00: a4:9e:5b:25:9a:33:0d:1e:89:71:6d:6d:4b:2a:df:f5:e0:71: 86:ec:f6:50:ef:2b:a7:18:a5:b7:6c:e4:b5:6f:f7:13:40:67: 15:54:92:da:a2:0c:f4:31:81:94:ae:ef:82:67:e0:da:01:1e: fc:f9:4a:13:be:f1:e6:74:5a:ae:d0:9b:2e:ef:45:42:5b:83: 55:a0:d8:14:7d:d7:27:06:37:1c:a5:fa:8d:5d:26:7a:d3:fd: e9:c8:10:0c:59:7b:c8:5c:32:f5:92:35:0a:55:95:04:ab:7f: c4:41:48:84:cb:5d:51:db:77:e5:64:a7:01:e1:72:71:be:6d: 43:85:81:cd:4d:88:57:9e:31:ce:2c:8a:7e:ab:03:bd:0d:8f: 11:d7:ac:a7:68:d8:a3:d6:95:2b:99:68:ff:d3:92:fc:0f:68: f9:b0:96:77:1b:4f:60:71:ca:2a:4c:59:a6:f2:34:a5:98:d3: c0:0a:42:8a:94:03:ec:6f:58:a2:39:72:e8:28:08:6d:b2:6e: 1e:40:53:5d:47:1a:47:92:56:76:38:99:03:6a:fc:5a:7e:fb: 50:d0:ca:5e:b3:c6:b8:f2:7b:3f:7f:0f:74:5c:f5:3b:0a:d7: a3:e1:e7:b2 -----BEGIN CERTIFICATE----- MIIFmTCCBIGgAwIBAgICCFAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3 RDgwQjA5MzQwHhcNMjUxMDA4MjI1NDE1WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGU2ZWI5Ny0yMjQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAq9ahj29N1y8wZBqUB2AvRg+f5q/Cok82tNO5Qcmja+Ph1iBeM9IVjEl2HTHS 8VtdlgRKy3HLORiXv/sn0LxLHwsx/XMpR/IH/0TGOyo0UEvq35TuOBhThvmHSau7 uTrb7CZvB0M3929ZrxKu7hGkNVOUMPAdYVWgomOBfsHQpbD++FJQrXGxnrpID9PK nsZUzK0PdMfYux2FnrWLgeGxmjJ2Bpr4bPsnsaGhYGELtlEP6wG15G4QkoQaffZ1 0UkEP9DMXcNJSVGriJ16F7QJbyAW41IBiX0DNKZUVqNRxXS9K9blwoFR+gcSkGG1 30DafeJOYECgzMkIEuvD5x2XcwIDAQABo4ICvTCCArkwHQYDVR0OBBYEFISxepb2 6QajzuOw5VRfjFDF+CMwMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvRDcxNjM5MUM1 M0NDMTFGMEJDMTA2QjdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRwYIKwYBBQUHAQcBAf8E ODA2MDQEAgABMC4wDAMEACT/wQMEACT/wgMEACvlmDAMAwQAZ9HpAwQAZ9HqAwQA lmsAAwQAozURMA0GCSqGSIb3DQEBCwUAA4IBAQCEgdV1G7SZQdwYv0r2rDql4wCk nlslmjMNHolxbW1LKt/14HGG7PZQ7yunGKW3bOS1b/cTQGcVVJLaogz0MYGUru+C Z+DaAR78+UoTvvHmdFqu0Jsu70VCW4NVoNgUfdcnBjccpfqNXSZ60/3pyBAMWXvI XDL1kjUKVZUEq3/EQUiEy11R23flZKcB4XJxvm1DhYHNTYhXnjHOLIp+qwO9DY8R 16ynaNij1pUrmWj/05L8D2j5sJZ3G09gccoqTFmm8jSlmNPACkKKlAPsb1iiOXLo KAhtsm4eQFNdRxpHklZ2OJkDavxafvtQ0Mpes8a48ns/fw90XPU7Ctej4eey -----END CERTIFICATE-----Generated at Sun Oct 19 23:32:13 2025 by rpki-client