$ rpki-client -vvf rpki.apnic.net/member_repository/A912BD25/07F8214A14E411EA876E8640C4F9AE02/CF3378E272DB11ED8483E95DC4F9AE02.roa File: CF3378E272DB11ED8483E95DC4F9AE02.roa (raw, json) Hash identifier: oTWmtO2mgStqeMj6jPmXnnLNrPwchhiOjUM05tQ62SY= Subject key identifier: 10:CF:8F:88:8C:3E:8F:83:19:62:64:DD:AE:3B:6A:9C:1C:A6:03:E1 Certificate issuer: /CN=A912BD25/serialNumber=C909BDB284E4DF08477660D682B7CB3F594831E3 Certificate serial: 0C3E Authority key identifier: C9:09:BD:B2:84:E4:DF:08:47:76:60:D6:82:B7:CB:3F:59:48:31:E3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yQm9soTk3whHdmDWgrfLP1lIMeM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912BD25/07F8214A14E411EA876E8640C4F9AE02/CF3378E272DB11ED8483E95DC4F9AE02.roa Signing time: Thu 02 Oct 2025 18:49:15 +0000 ROA not before: Thu 02 Oct 2025 18:49:15 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 138171 IP address blocks: 103.121.220.0/22 maxlen: 24 2403:7240::/32 maxlen: 32 2403:7240::/36 maxlen: 36 2403:7240:1000::/36 maxlen: 36 2403:7240:2000::/36 maxlen: 36 2403:7240:3000::/36 maxlen: 36 2403:7240:4000::/36 maxlen: 36 2403:7240:5000::/36 maxlen: 36 2403:7240:6000::/36 maxlen: 36 2403:7240:7000::/36 maxlen: 36 2403:7240:8000::/36 maxlen: 36 2403:7240:9000::/36 maxlen: 36 2403:7240:a000::/36 maxlen: 36 2403:7240:b000::/36 maxlen: 36 2403:7240:c000::/36 maxlen: 36 2403:7240:d000::/36 maxlen: 36 2403:7240:e000::/36 maxlen: 36 2403:7240:f000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912BD25/07F8214A14E411EA876E8640C4F9AE02/yQm9soTk3whHdmDWgrfLP1lIMeM.crl rsync://rpki.apnic.net/member_repository/A912BD25/07F8214A14E411EA876E8640C4F9AE02/yQm9soTk3whHdmDWgrfLP1lIMeM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yQm9soTk3whHdmDWgrfLP1lIMeM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 19:17:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3134 (0xc3e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912BD25, serialNumber=C909BDB284E4DF08477660D682B7CB3F594831E3 Validity Not Before: Oct 2 18:49:15 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68dec92b-f32d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:71:ec:c5:c1:4e:77:9f:4e:1c:5c:bf:35:12: e1:e5:73:f5:c6:6e:ad:c1:60:0d:f6:d0:eb:77:4b: 4a:b9:f7:30:eb:ea:53:b7:c4:30:d6:68:fb:dc:81: bd:38:be:54:dc:4f:a6:04:e2:98:d3:e5:d3:ea:84: 31:13:04:29:f9:77:72:38:52:7e:57:97:35:43:02: e4:fe:37:f8:13:7d:0f:8c:a4:b5:a1:57:8d:1d:4c: 08:ad:cf:24:73:26:a3:1b:33:2c:09:b6:9b:b2:c0: 41:ae:da:1f:e9:8f:c4:94:49:a9:3b:50:c5:d0:c8: 7b:86:e3:18:63:cd:6c:dd:c5:5b:38:6c:36:94:0e: 2b:c2:17:e3:21:e1:5e:b7:30:13:7e:0c:3f:2f:18: 29:05:0d:2a:ca:50:88:7b:ba:0a:f7:25:9e:ff:c7: de:98:10:5a:b4:df:8a:d5:ad:e4:15:18:c0:fa:0c: 34:86:31:12:3b:41:d7:dc:b8:e8:87:32:47:21:11: 93:4b:c7:41:bc:a5:0e:ba:fb:62:26:51:0d:dc:ac: 62:ec:00:f6:0b:ea:5e:2d:00:24:5a:04:35:74:87: 5a:a0:dc:b6:28:67:03:fe:17:9b:09:3e:68:5f:5f: 62:4a:e6:75:a4:a8:78:77:5d:a4:75:3c:78:8d:1d: 7d:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:CF:8F:88:8C:3E:8F:83:19:62:64:DD:AE:3B:6A:9C:1C:A6:03:E1 X509v3 Authority Key Identifier: keyid:C9:09:BD:B2:84:E4:DF:08:47:76:60:D6:82:B7:CB:3F:59:48:31:E3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912BD25/07F8214A14E411EA876E8640C4F9AE02/yQm9soTk3whHdmDWgrfLP1lIMeM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yQm9soTk3whHdmDWgrfLP1lIMeM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912BD25/07F8214A14E411EA876E8640C4F9AE02/CF3378E272DB11ED8483E95DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.121.220.0/22 IPv6: 2403:7240::/32 Signature Algorithm: sha256WithRSAEncryption ab:a9:49:98:46:bc:1a:4f:e6:c2:91:52:da:97:4e:73:52:5d: e5:9f:26:12:41:bf:51:38:d8:d9:46:60:15:68:3a:6f:51:88: 4b:a8:7c:9b:89:3f:7e:b4:02:83:ba:fa:ec:ce:c4:c3:d3:52: 84:4f:34:db:eb:23:6b:fe:39:02:5b:37:c1:bd:73:bc:3b:24: 27:cf:8c:43:0b:2a:c9:b1:ef:b3:79:13:da:cc:68:e0:9e:62: ff:3d:32:4b:66:c0:f8:2e:be:c1:7b:af:20:3e:45:35:07:85: 33:36:36:5e:8e:10:a9:14:54:35:1c:88:69:7d:25:f6:65:0a: 89:aa:8c:2d:2d:37:00:cc:13:7a:f8:5d:23:1b:cd:ed:3c:b1: ea:a2:f3:c2:47:54:49:32:d9:31:ee:f5:73:5a:a2:ee:a8:42: f6:3c:3e:00:a1:3b:55:f1:60:04:73:ba:03:6c:23:6b:43:11: 13:42:c8:c2:83:b2:77:e9:a2:8d:aa:3c:08:f1:5b:7e:ef:69: f1:0b:3a:eb:a6:ed:7a:b7:5d:48:1e:98:19:0c:a5:c8:aa:5d: be:c7:58:92:7f:a5:39:50:4b:cc:d2:75:f1:20:b6:d6:9c:85: 5f:c4:70:b6:9e:a2:04:27:79:06:97:6f:f4:14:73:ee:e7:66: 4a:84:cf:b6 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICDD4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkJEMjUxMTAvBgNVBAUTKEM5MDlCREIyODRFNERGMDg0Nzc2NjBENjgyQjdDQjNG NTk0ODMxRTMwHhcNMjUxMDAyMTg0OTE1WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGRlYzkyYi1mMzJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1HHsxcFOd59OHFy/NRLh5XP1xm6twWAN9tDrd0tKufcw6+pTt8Qw1mj73IG9 OL5U3E+mBOKY0+XT6oQxEwQp+XdyOFJ+V5c1QwLk/jf4E30PjKS1oVeNHUwIrc8k cyajGzMsCbabssBBrtof6Y/ElEmpO1DF0Mh7huMYY81s3cVbOGw2lA4rwhfjIeFe tzATfgw/LxgpBQ0qylCIe7oK9yWe/8femBBatN+K1a3kFRjA+gw0hjESO0HX3Ljo hzJHIRGTS8dBvKUOuvtiJlEN3Kxi7AD2C+peLQAkWgQ1dIdaoNy2KGcD/hebCT5o X19iSuZ1pKh4d12kdTx4jR19XQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFBDPj4iM Po+DGWJk3a47apwcpgPhMB8GA1UdIwQYMBaAFMkJvbKE5N8IR3Zg1oK3yz9ZSDHj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQkQyNS8wN0Y4MjE0QTE0 RTQxMUVBODc2RTg2NDBDNEY5QUUwMi95UW05c29UazN3aEhkbURXZ3JmTFAxbElN ZU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lRbTlzb1RrM3doSGRtRFdncmZMUDFsSU1lTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MkJEMjUvMDdGODIxNEExNEU0MTFFQTg3NkU4NjQwQzRGOUFFMDIvQ0YzMzc4RTI3 MkRCMTFFRDg0ODNFOTVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAJnedwwDQQCAAIwBwMFACQDckAwDQYJKoZIhvcNAQELBQAD ggEBAKupSZhGvBpP5sKRUtqXTnNSXeWfJhJBv1E42NlGYBVoOm9RiEuofJuJP360 AoO6+uzOxMPTUoRPNNvrI2v+OQJbN8G9c7w7JCfPjEMLKsmx77N5E9rMaOCeYv89 MktmwPguvsF7ryA+RTUHhTM2Nl6OEKkUVDUciGl9JfZlComqjC0tNwDME3r4XSMb ze08seqi88JHVEky2THu9XNaou6oQvY8PgChO1XxYARzugNsI2tDERNCyMKDsnfp oo2qPAjxW37vafELOuum7Xq3XUgemBkMpciqXb7HWJJ/pTlQS8zSdfEgttachV/E cLaeogQneQaXb/QUc+7nZkqEz7Y= -----END CERTIFICATE-----Generated at Tue Oct 21 10:59:50 2025 by rpki-client