$ rpki-client -vvf rpki.apnic.net/member_repository/A913344F/94FFBAA0250F11E990DDE36CC4F9AE02/2CDBC1B0251111E997B74770C4F9AE02.roa File: 2CDBC1B0251111E997B74770C4F9AE02.roa (raw, json) Hash identifier: CkHze899oLtDE8NmW64bq/+8jNoI8+T8tB+dRDVhSSY= Subject key identifier: 0B:EE:9A:30:E5:6C:4A:07:63:44:89:EB:F7:27:73:27:3B:2C:2E:C8 Certificate issuer: /CN=A913344F/serialNumber=AD21E2A0887D8010588369F1478596028477CDBE Certificate serial: 10E7 Authority key identifier: AD:21:E2:A0:88:7D:80:10:58:83:69:F1:47:85:96:02:84:77:CD:BE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rSHioIh9gBBYg2nxR4WWAoR3zb4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913344F/94FFBAA0250F11E990DDE36CC4F9AE02/2CDBC1B0251111E997B74770C4F9AE02.roa Signing time: Mon 18 Aug 2025 17:56:51 +0000 ROA not before: Mon 18 Aug 2025 17:56:51 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 137989 IP address blocks: 103.119.152.0/22 maxlen: 22 103.119.152.0/24 maxlen: 24 103.119.153.0/24 maxlen: 24 103.119.154.0/24 maxlen: 24 103.119.155.0/24 maxlen: 24 2403:45c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913344F/94FFBAA0250F11E990DDE36CC4F9AE02/rSHioIh9gBBYg2nxR4WWAoR3zb4.crl rsync://rpki.apnic.net/member_repository/A913344F/94FFBAA0250F11E990DDE36CC4F9AE02/rSHioIh9gBBYg2nxR4WWAoR3zb4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rSHioIh9gBBYg2nxR4WWAoR3zb4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 17:25:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4327 (0x10e7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913344F, serialNumber=AD21E2A0887D8010588369F1478596028477CDBE Validity Not Before: Aug 18 17:56:51 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=68a36963-8456 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:65:ae:f6:b3:5b:f1:a2:31:b8:37:b4:f1:12: 36:fb:ca:36:4d:ce:82:74:98:73:25:0f:98:9c:ca: 39:03:b4:c2:a4:de:75:90:ac:c1:6c:b1:78:a3:e9: 5c:f5:b5:f8:d8:86:1a:f3:5f:c1:04:f3:43:b3:2d: 6d:26:19:76:d2:83:eb:91:9e:14:ea:6e:9a:7f:a0: b7:d2:7b:97:0f:56:7a:35:f5:09:ca:53:10:de:dc: 96:94:cd:10:41:26:e7:a1:10:91:73:be:cf:58:4a: 6b:97:82:54:7b:04:1c:52:26:30:3b:ad:4a:fc:8c: 85:95:14:71:be:c7:d0:d9:5f:fe:8e:07:2f:0c:9f: 97:16:ce:ce:62:cc:c5:02:d5:bb:18:73:2f:64:2f: 47:77:92:aa:93:4a:d4:32:bd:4d:73:25:67:91:d8: d0:5a:87:44:3a:b8:35:e6:5e:c5:f3:d7:05:65:c0: b7:ff:1e:0d:a2:31:a0:e9:39:ec:9a:53:1d:4b:6e: ee:15:6e:8c:2a:56:2e:34:c6:1b:90:c9:3a:4d:f5: 7e:a8:aa:23:35:d4:5a:3a:df:bd:a7:e0:83:cf:90: 4d:5b:98:a3:6b:39:3d:d3:f4:fe:56:ac:52:35:bd: 95:8b:d9:9f:ea:34:7a:32:0e:48:fc:9b:7b:14:18: 96:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:EE:9A:30:E5:6C:4A:07:63:44:89:EB:F7:27:73:27:3B:2C:2E:C8 X509v3 Authority Key Identifier: keyid:AD:21:E2:A0:88:7D:80:10:58:83:69:F1:47:85:96:02:84:77:CD:BE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913344F/94FFBAA0250F11E990DDE36CC4F9AE02/rSHioIh9gBBYg2nxR4WWAoR3zb4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rSHioIh9gBBYg2nxR4WWAoR3zb4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913344F/94FFBAA0250F11E990DDE36CC4F9AE02/2CDBC1B0251111E997B74770C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.119.152.0/22 IPv6: 2403:45c0::/32 Signature Algorithm: sha256WithRSAEncryption 4f:5e:04:ab:ef:2c:2a:88:97:e6:2d:77:4b:82:1b:b4:46:d9: 19:fe:96:90:70:d3:2a:a9:f6:98:01:25:70:f6:9c:af:f9:93: e5:09:76:24:90:27:f7:98:a6:a5:05:f0:25:15:a0:fb:1e:3d: 66:7c:87:64:80:20:b9:23:15:63:38:45:ea:6f:5e:84:09:e9: 51:11:4b:86:7b:d3:80:d4:28:42:ac:33:8c:67:12:1e:15:69: b5:9c:51:a9:72:88:ba:83:e3:87:ec:9c:87:ba:91:d7:84:9e: 51:52:8c:33:53:7b:30:76:57:bd:1d:7f:27:2d:17:f9:60:2a: db:09:e4:e6:54:7a:66:c6:6d:c4:3a:8c:57:c1:ce:f8:c4:5c: c6:48:af:a3:9d:4c:34:17:4b:d2:9e:1e:b7:70:bc:b2:24:b5: 88:6d:6d:ae:f9:c1:2e:3d:ac:62:e0:a0:4b:0e:b1:6b:6f:08: e5:b4:85:f9:e4:5c:c9:86:2c:71:97:09:f0:33:c0:c8:cb:31: 6a:6f:35:cd:06:5d:92:48:2b:f7:05:97:7a:12:b3:0d:58:18: 49:01:1b:a5:99:95:ea:2c:c8:10:91:a3:d0:03:e9:81:42:cc: 50:6f:e8:95:42:c2:b8:27:7d:58:c2:d6:13:05:96:02:48:16: 8e:be:ff:28 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICEOcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzM0NEYxMTAvBgNVBAUTKEFEMjFFMkEwODg3RDgwMTA1ODgzNjlGMTQ3ODU5NjAy ODQ3N0NEQkUwHhcNMjUwODE4MTc1NjUxWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGEzNjk2My04NDU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1mWu9rNb8aIxuDe08RI2+8o2Tc6CdJhzJQ+YnMo5A7TCpN51kKzBbLF4o+lc 9bX42IYa81/BBPNDsy1tJhl20oPrkZ4U6m6af6C30nuXD1Z6NfUJylMQ3tyWlM0Q QSbnoRCRc77PWEprl4JUewQcUiYwO61K/IyFlRRxvsfQ2V/+jgcvDJ+XFs7OYszF AtW7GHMvZC9Hd5Kqk0rUMr1NcyVnkdjQWodEOrg15l7F89cFZcC3/x4NojGg6Tns mlMdS27uFW6MKlYuNMYbkMk6TfV+qKojNdRaOt+9p+CDz5BNW5ijazk90/T+VqxS Nb2Vi9mf6jR6Mg5I/Jt7FBiWyQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFAvumjDl bEoHY0SJ6/cncyc7LC7IMB8GA1UdIwQYMBaAFK0h4qCIfYAQWINp8UeFlgKEd82+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMzQ0Ri85NEZGQkFBMDI1 MEYxMUU5OTBEREUzNkNDNEY5QUUwMi9yU0hpb0loOWdCQllnMm54UjRXV0FvUjN6 YjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JTSGlvSWg5Z0JCWWcybnhSNFdXQW9SM3piNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzM0NEYvOTRGRkJBQTAyNTBGMTFFOTkwRERFMzZDQzRGOUFFMDIvMkNEQkMxQjAy NTExMTFFOTk3Qjc0NzcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAJnd5gwDQQCAAIwBwMFACQDRcAwDQYJKoZIhvcNAQELBQAD ggEBAE9eBKvvLCqIl+Ytd0uCG7RG2Rn+lpBw0yqp9pgBJXD2nK/5k+UJdiSQJ/eY pqUF8CUVoPsePWZ8h2SAILkjFWM4RepvXoQJ6VERS4Z704DUKEKsM4xnEh4VabWc UalyiLqD44fsnIe6kdeEnlFSjDNTezB2V70dfyctF/lgKtsJ5OZUembGbcQ6jFfB zvjEXMZIr6OdTDQXS9KeHrdwvLIktYhtba75wS49rGLgoEsOsWtvCOW0hfnkXMmG LHGXCfAzwMjLMWpvNc0GXZJIK/cFl3oSsw1YGEkBG6WZleosyBCRo9AD6YFCzFBv 6JVCwrgnfVjC1hMFlgJIFo6+/yg= -----END CERTIFICATE-----Generated at Sun Aug 24 05:14:12 2025 by rpki-client