$ rpki-client -vvf rpki.apnic.net/member_repository/A912176D/93D17CD006A011EBB4090859C4F9AE02/0B936B04519A11F097B33C66C4F9AE02.roa File: 0B936B04519A11F097B33C66C4F9AE02.roa (raw, json) Hash identifier: gg5UClknykBKSgMUWw9KgKhcxVJlFsp4nQm3k026P78= Subject key identifier: B3:BF:08:49:E8:40:66:FA:B4:08:EE:CB:7D:82:D9:83:9D:86:A4:EE Certificate issuer: /CN=A912176D/serialNumber=96F42E19F69D596A0318921590A17DD53233E595 Certificate serial: 0858 Authority key identifier: 96:F4:2E:19:F6:9D:59:6A:03:18:92:15:90:A1:7D:D5:32:33:E5:95 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lvQuGfadWWoDGJIVkKF91TIz5ZU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912176D/93D17CD006A011EBB4090859C4F9AE02/0B936B04519A11F097B33C66C4F9AE02.roa Signing time: Tue 23 Sep 2025 05:04:30 +0000 ROA not before: Tue 23 Sep 2025 05:04:30 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 40605 IP address blocks: 43.225.37.0/24 maxlen: 24 43.225.38.0/24 maxlen: 24 61.4.111.0/24 maxlen: 24 103.253.110.0/24 maxlen: 24 103.253.111.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912176D/93D17CD006A011EBB4090859C4F9AE02/lvQuGfadWWoDGJIVkKF91TIz5ZU.crl rsync://rpki.apnic.net/member_repository/A912176D/93D17CD006A011EBB4090859C4F9AE02/lvQuGfadWWoDGJIVkKF91TIz5ZU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lvQuGfadWWoDGJIVkKF91TIz5ZU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 22:20:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2136 (0x858) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912176D, serialNumber=96F42E19F69D596A0318921590A17DD53233E595 Validity Not Before: Sep 23 05:04:30 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68d22a5e-0014 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:57:42:94:ea:46:ee:09:71:a1:fa:08:8e:e3: 99:e6:25:6c:7c:d8:0b:dc:5d:88:19:d0:49:c4:29: a0:3d:75:88:5c:4a:0c:20:17:e1:55:cb:c7:ee:94: 99:0b:85:83:1b:56:25:b9:9e:63:ff:74:f9:cf:66: 71:ce:2a:e1:f3:d3:d3:a5:c1:6b:31:73:9b:af:4c: 75:59:8c:74:eb:39:78:3e:d2:27:27:ec:06:3e:e0: 89:7e:cb:41:4a:3a:c4:85:0b:d7:2e:1e:2f:9b:04: 4a:93:5a:00:73:31:d4:ad:08:76:88:6e:4b:d2:03: a5:88:c1:ca:eb:66:30:f3:32:7e:96:f8:da:36:b6: 09:5f:76:cc:a6:5d:ab:a4:f1:b7:be:ba:f4:59:38: 22:47:c0:81:74:45:23:45:80:30:e1:c0:78:90:10: 76:25:52:13:6f:bb:ea:6e:6a:11:5d:92:f4:b4:58: 0a:db:96:da:e0:66:05:95:a6:a6:e3:66:84:c0:e6: 5c:9e:43:ed:9a:3a:c8:00:4e:ee:63:9f:62:da:62: 9c:17:2c:5b:1d:41:61:39:14:67:c4:9b:e2:06:81: 49:90:02:ac:a7:cb:78:b0:ad:98:62:ea:19:45:90: f1:9d:75:06:01:c3:e9:c9:9a:0d:92:6b:83:e8:95: 43:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:BF:08:49:E8:40:66:FA:B4:08:EE:CB:7D:82:D9:83:9D:86:A4:EE X509v3 Authority Key Identifier: keyid:96:F4:2E:19:F6:9D:59:6A:03:18:92:15:90:A1:7D:D5:32:33:E5:95 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912176D/93D17CD006A011EBB4090859C4F9AE02/lvQuGfadWWoDGJIVkKF91TIz5ZU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lvQuGfadWWoDGJIVkKF91TIz5ZU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912176D/93D17CD006A011EBB4090859C4F9AE02/0B936B04519A11F097B33C66C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.225.37.0-43.225.38.255 61.4.111.0/24 103.253.110.0/23 Signature Algorithm: sha256WithRSAEncryption c1:79:1b:ed:ee:d7:69:73:a2:da:a8:57:ff:01:51:79:9e:6d: ff:e3:49:21:e3:c8:be:8b:33:c8:cd:d9:18:6a:41:b8:5c:ec: bd:ba:15:f6:9b:f7:03:28:c3:07:01:15:ec:99:5e:f6:c9:44: 01:30:71:42:26:c4:c7:da:9a:e2:91:e8:c2:19:3e:94:60:26: 69:65:51:df:33:2a:3d:8d:10:10:a1:bb:2b:7b:e7:21:48:94: 6b:75:9c:28:f1:c7:2f:d8:6d:3a:54:02:e3:5f:7d:7f:cd:b9: 7c:85:7a:71:6b:d4:3c:ea:a0:06:69:5e:91:a0:a8:81:fa:ac: 4f:a1:2e:bc:dc:17:79:bf:24:a7:75:5f:2b:7a:62:13:b6:3b: 02:67:56:ce:20:8a:f9:5e:46:2a:43:6f:42:cc:76:3c:ad:67: 72:ab:a8:b9:aa:9f:b5:36:c8:f0:bd:b7:8e:10:65:a5:aa:00: fa:c4:91:60:2e:26:ed:da:ae:f6:3d:07:58:fa:ef:35:3a:08: 27:ae:4b:85:f0:35:f9:21:99:77:b6:23:20:17:9f:24:72:bc: 4b:1a:c5:d7:d6:cd:47:4e:e5:b4:a7:40:d0:5b:c1:cb:9b:85: c8:54:8e:84:0d:b3:9b:1c:33:0a:e1:45:da:3a:cf:a7:58:a1: 7a:35:7e:d5 -----BEGIN CERTIFICATE----- MIIFhTCCBG2gAwIBAgICCFgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjE3NkQxMTAvBgNVBAUTKDk2RjQyRTE5RjY5RDU5NkEwMzE4OTIxNTkwQTE3REQ1 MzIzM0U1OTUwHhcNMjUwOTIzMDUwNDMwWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGQyMmE1ZS0wMDE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7ldClOpG7glxofoIjuOZ5iVsfNgL3F2IGdBJxCmgPXWIXEoMIBfhVcvH7pSZ C4WDG1YluZ5j/3T5z2Zxzirh89PTpcFrMXObr0x1WYx06zl4PtInJ+wGPuCJfstB SjrEhQvXLh4vmwRKk1oAczHUrQh2iG5L0gOliMHK62Yw8zJ+lvjaNrYJX3bMpl2r pPG3vrr0WTgiR8CBdEUjRYAw4cB4kBB2JVITb7vqbmoRXZL0tFgK25ba4GYFlaam 42aEwOZcnkPtmjrIAE7uY59i2mKcFyxbHUFhORRnxJviBoFJkAKsp8t4sK2YYuoZ RZDxnXUGAcPpyZoNkmuD6JVDqQIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFLO/CEno QGb6tAjuy32C2YOdhqTuMB8GA1UdIwQYMBaAFJb0Lhn2nVlqAxiSFZChfdUyM+WV MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMTc2RC85M0QxN0NEMDA2 QTAxMUVCQjQwOTA4NTlDNEY5QUUwMi9sdlF1R2ZhZFdXb0RHSklWa0tGOTFUSXo1 WlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2x2UXVHZmFkV1dvREdKSVZrS0Y5MVRJejVaVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MjE3NkQvOTNEMTdDRDAwNkEwMTFFQkI0MDkwODU5QzRGOUFFMDIvMEI5MzZCMDQ1 MTlBMTFGMDk3QjMzQzY2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E JDAiMCAEAgABMBowDAMEACvhJQMEACvhJgMEAD0EbwMEAWf9bjANBgkqhkiG9w0B AQsFAAOCAQEAwXkb7e7XaXOi2qhX/wFReZ5t/+NJIePIvoszyM3ZGGpBuFzsvboV 9pv3AyjDBwEV7Jle9slEATBxQibEx9qa4pHowhk+lGAmaWVR3zMqPY0QEKG7K3vn IUiUa3WcKPHHL9htOlQC4199f825fIV6cWvUPOqgBmlekaCogfqsT6EuvNwXeb8k p3VfK3piE7Y7AmdWziCK+V5GKkNvQsx2PK1ncquouaqftTbI8L23jhBlpaoA+sSR YC4m7dqu9j0HWPrvNToIJ65LhfA1+SGZd7YjIBefJHK8SxrF19bNR07ltKdA0FvB y5uFyFSOhA2zmxwzCuFF2jrPp1ihejV+1Q== -----END CERTIFICATE-----Generated at Mon Oct 20 13:42:21 2025 by rpki-client