$ rpki-client -vvf rpki.apnic.net/member_repository/A912AC33/04B3348872BC11EC86116D5EC4F9AE02/204CB89672C011EC809A5933C4F9AE02.roa File: 204CB89672C011EC809A5933C4F9AE02.roa (raw, json) Hash identifier: FSPwgNEhxgo+ZEvd+XrJX3+bZfKJ3dVoRc7zxS/PsyU= Subject key identifier: ED:28:06:73:B9:EA:FA:56:45:D2:93:56:88:2A:9C:09:28:A8:91:ED Certificate issuer: /CN=A912AC33/serialNumber=C95CE9D1B6B31081C025D46A3A167FCFDFA72634 Certificate serial: 0451 Authority key identifier: C9:5C:E9:D1:B6:B3:10:81:C0:25:D4:6A:3A:16:7F:CF:DF:A7:26:34 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yVzp0bazEIHAJdRqOhZ_z9-nJjQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912AC33/04B3348872BC11EC86116D5EC4F9AE02/204CB89672C011EC809A5933C4F9AE02.roa Signing time: Sun 21 Sep 2025 00:47:23 +0000 ROA not before: Sun 21 Sep 2025 00:47:23 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 133114 IP address blocks: 103.47.154.0/24 maxlen: 24 103.47.155.0/24 maxlen: 24 103.241.150.0/24 maxlen: 24 103.241.151.0/24 maxlen: 24 2401:e280:1000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912AC33/04B3348872BC11EC86116D5EC4F9AE02/yVzp0bazEIHAJdRqOhZ_z9-nJjQ.crl rsync://rpki.apnic.net/member_repository/A912AC33/04B3348872BC11EC86116D5EC4F9AE02/yVzp0bazEIHAJdRqOhZ_z9-nJjQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yVzp0bazEIHAJdRqOhZ_z9-nJjQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 02:06:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1105 (0x451) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912AC33, serialNumber=C95CE9D1B6B31081C025D46A3A167FCFDFA72634 Validity Not Before: Sep 21 00:47:23 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68cf4b1b-0e56 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:e5:5b:cb:de:bf:ef:b4:fb:33:45:27:9a:08: e3:e9:98:5c:a1:d0:67:1d:2e:07:85:61:4b:19:62: d2:9d:c3:2d:cd:64:55:65:28:f5:5d:af:51:f3:d5: ce:72:54:2f:c9:61:71:3a:4b:78:5e:af:78:dc:e1: 3c:1d:87:2c:5b:c7:e8:00:6c:68:c7:8f:88:5a:4d: 1e:b9:fd:f6:d2:a3:68:11:3f:5a:1f:6a:f7:fc:af: eb:c6:fb:0d:67:39:7a:f3:e2:77:c1:6f:87:ad:13: 60:70:04:3b:0e:f6:9a:28:40:12:e4:25:90:f7:12: 14:60:b4:ba:d8:e0:c2:2d:65:9c:16:e2:90:ca:3e: f8:78:25:5f:0c:0a:17:b9:58:c7:b2:98:c6:9e:8b: 52:a3:4d:f5:cf:6b:1f:dc:55:a9:33:ac:1d:6a:5f: ea:6e:d4:2a:20:ef:32:61:64:e0:6d:42:e5:5b:b8: 32:2c:5d:5d:a4:4e:dd:a1:fe:00:0d:a3:a1:c8:2f: 8a:39:f0:14:c9:8f:29:84:a6:ef:b8:d2:06:a1:28: b2:d9:73:66:51:e3:eb:b4:f4:60:55:2c:85:a5:c2: d3:05:b6:55:75:4e:60:ac:f8:a2:3b:3f:9b:98:06: 1e:d9:fd:df:f9:35:13:25:da:e9:b6:28:cf:68:3f: 7e:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:28:06:73:B9:EA:FA:56:45:D2:93:56:88:2A:9C:09:28:A8:91:ED X509v3 Authority Key Identifier: keyid:C9:5C:E9:D1:B6:B3:10:81:C0:25:D4:6A:3A:16:7F:CF:DF:A7:26:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912AC33/04B3348872BC11EC86116D5EC4F9AE02/yVzp0bazEIHAJdRqOhZ_z9-nJjQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yVzp0bazEIHAJdRqOhZ_z9-nJjQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912AC33/04B3348872BC11EC86116D5EC4F9AE02/204CB89672C011EC809A5933C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.47.154.0/23 103.241.150.0/23 IPv6: 2401:e280:1000::/36 Signature Algorithm: sha256WithRSAEncryption 0c:46:21:a6:94:47:79:b7:8c:7a:eb:1a:7f:a7:1b:62:a6:85: c7:71:d0:9b:b3:5b:b1:fd:81:1c:f0:96:b2:88:bf:56:10:ba: 8c:da:14:1d:0b:bd:2f:0a:c5:d7:54:a7:1c:eb:21:43:63:76: 69:ea:c1:00:84:79:9d:6f:dd:11:a3:c5:76:66:e3:58:7c:74: 91:38:ed:9b:61:60:f6:7d:9b:51:ed:78:26:32:d8:ad:15:f3: fa:87:e7:a3:3b:94:fb:9c:f1:4c:7a:f0:c7:79:8d:d7:7c:51: 6b:89:44:24:84:c7:06:e4:43:0b:e7:89:87:6b:fb:70:92:05: 8c:2b:cb:d1:58:46:a3:93:7f:29:d0:69:8d:09:5c:b1:d7:3e: 89:aa:54:65:2c:9e:c2:5c:7a:30:03:6d:77:e8:c6:cd:24:08: b5:12:40:3a:ef:b3:85:fd:82:90:14:6d:01:7b:68:d5:8d:1c: 2c:76:32:06:f9:3a:be:10:20:6a:ba:64:4e:cf:18:7a:22:7c: 54:15:4e:5a:34:66:72:c6:2d:eb:cf:14:3d:6e:51:d1:99:e3: cf:de:36:73:17:72:47:51:8e:3e:46:9f:40:2c:85:8f:ac:34: d6:e9:66:d6:4c:f9:79:e0:64:d6:c5:52:eb:70:f2:00:9f:fe: 22:41:7f:06 -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgICBFEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkFDMzMxMTAvBgNVBAUTKEM5NUNFOUQxQjZCMzEwODFDMDI1RDQ2QTNBMTY3RkNG REZBNzI2MzQwHhcNMjUwOTIxMDA0NzIzWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGNmNGIxYi0wZTU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAweVby96/77T7M0Unmgjj6ZhcodBnHS4HhWFLGWLSncMtzWRVZSj1Xa9R89XO clQvyWFxOkt4Xq943OE8HYcsW8foAGxox4+IWk0euf320qNoET9aH2r3/K/rxvsN Zzl68+J3wW+HrRNgcAQ7DvaaKEAS5CWQ9xIUYLS62ODCLWWcFuKQyj74eCVfDAoX uVjHspjGnotSo031z2sf3FWpM6wdal/qbtQqIO8yYWTgbULlW7gyLF1dpE7dof4A DaOhyC+KOfAUyY8phKbvuNIGoSiy2XNmUePrtPRgVSyFpcLTBbZVdU5grPiiOz+b mAYe2f3f+TUTJdrptijPaD9+nQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFO0oBnO5 6vpWRdKTVogqnAkoqJHtMB8GA1UdIwQYMBaAFMlc6dG2sxCBwCXUajoWf8/fpyY0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQUMzMy8wNEIzMzQ4ODcy QkMxMUVDODYxMTZENUVDNEY5QUUwMi95VnpwMGJhekVJSEFKZFJxT2haX3o5LW5K alEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lWenAwYmF6RUlIQUpkUnFPaFpfejktbkpqUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MkFDMzMvMDRCMzM0ODg3MkJDMTFFQzg2MTE2RDVFQzRGOUFFMDIvMjA0Q0I4OTY3 MkMwMTFFQzgwOUE1OTMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNQYIKwYBBQUHAQcBAf8E JjAkMBIEAgABMAwDBAFnL5oDBAFn8ZYwDgQCAAIwCAMGBCQB4oAQMA0GCSqGSIb3 DQEBCwUAA4IBAQAMRiGmlEd5t4x66xp/pxtipoXHcdCbs1ux/YEc8JayiL9WELqM 2hQdC70vCsXXVKcc6yFDY3Zp6sEAhHmdb90Ro8V2ZuNYfHSROO2bYWD2fZtR7Xgm MtitFfP6h+ejO5T7nPFMevDHeY3XfFFriUQkhMcG5EML54mHa/twkgWMK8vRWEaj k38p0GmNCVyx1z6JqlRlLJ7CXHowA2136MbNJAi1EkA677OF/YKQFG0Be2jVjRws djIG+Tq+ECBqumROzxh6InxUFU5aNGZyxi3rzxQ9blHRmePP3jZzF3JHUY4+Rp9A LIWPrDTW6WbWTPl54GTWxVLrcPIAn/4iQX8G -----END CERTIFICATE-----Generated at Tue Oct 21 02:15:18 2025 by rpki-client