$ rpki-client -vvf rpki.apnic.net/member_repository/A9136EC5/2DECAE560E5611E4B6F1953AC4F9AE02/8B903A32353211EBB3D0487FC4F9AE02.roa File: 8B903A32353211EBB3D0487FC4F9AE02.roa (raw, json) Hash identifier: g7V5MfQocCOi5DNnPKV2LsDx3/nhzxmFo0S20ShJreI= Subject key identifier: 12:3B:06:15:36:83:F6:98:11:7A:90:EA:59:FB:C2:17:E9:6F:26:8C Certificate issuer: /CN=A9136EC5/serialNumber=9FCE28914C50DC99755F108AB4334F772CBEA0E2 Certificate serial: 2B5F Authority key identifier: 9F:CE:28:91:4C:50:DC:99:75:5F:10:8A:B4:33:4F:77:2C:BE:A0:E2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n84okUxQ3Jl1XxCKtDNPdyy-oOI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9136EC5/2DECAE560E5611E4B6F1953AC4F9AE02/8B903A32353211EBB3D0487FC4F9AE02.roa Signing time: Fri 26 Sep 2025 15:42:41 +0000 ROA not before: Fri 26 Sep 2025 15:42:41 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 38719 IP address blocks: 43.245.96.0/22 maxlen: 24 43.245.108.0/22 maxlen: 24 43.245.252.0/22 maxlen: 24 101.100.192.0/18 maxlen: 24 103.9.100.0/22 maxlen: 24 103.11.188.0/22 maxlen: 24 103.15.232.0/22 maxlen: 24 103.245.92.0/22 maxlen: 24 111.235.136.0/22 maxlen: 24 119.31.232.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9136EC5/2DECAE560E5611E4B6F1953AC4F9AE02/n84okUxQ3Jl1XxCKtDNPdyy-oOI.crl rsync://rpki.apnic.net/member_repository/A9136EC5/2DECAE560E5611E4B6F1953AC4F9AE02/n84okUxQ3Jl1XxCKtDNPdyy-oOI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n84okUxQ3Jl1XxCKtDNPdyy-oOI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 15:45:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11103 (0x2b5f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9136EC5, serialNumber=9FCE28914C50DC99755F108AB4334F772CBEA0E2 Validity Not Before: Sep 26 15:42:41 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68d6b470-4df9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:af:df:4e:96:2d:52:e1:99:80:6e:75:26:c2: 2a:8a:a9:5a:c4:41:49:24:67:d9:f2:cf:ba:49:98: c2:20:ef:56:ca:7b:3b:a2:40:b5:d4:17:d4:47:8f: 6a:a7:2b:65:f5:a8:0f:0d:82:55:66:96:56:12:36: 0f:8d:56:da:4d:85:74:96:00:6b:f5:e7:ca:03:bc: b0:db:7b:fd:19:93:4b:b5:e5:63:89:e4:f6:5d:c1: e5:9b:3f:7c:99:b3:9c:05:65:73:44:81:a4:26:ec: da:10:2f:32:8b:64:24:3f:42:61:16:d9:8a:1e:1f: ee:d0:7e:06:52:ab:d1:e7:a2:80:a3:91:28:86:ae: 69:44:d3:8d:f1:9b:58:e7:99:58:b7:e4:56:64:22: c7:fa:43:d0:1d:fc:c3:90:fb:57:74:7e:85:ef:8f: ed:e6:38:26:96:04:e9:a3:00:ed:d8:d6:0e:60:c1: 2a:c4:71:79:73:1e:09:06:5d:44:d1:39:12:51:bd: 6e:c4:07:b9:85:d0:be:fc:00:07:3e:46:bd:c4:ec: 4e:b0:ce:88:b2:48:e9:5f:27:0f:2d:f8:1b:7b:1b: 40:14:2d:0f:aa:8a:03:15:8e:2f:16:3a:60:d3:f8: 97:42:c7:eb:2b:64:88:15:2f:f9:06:58:d5:30:3b: b4:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:3B:06:15:36:83:F6:98:11:7A:90:EA:59:FB:C2:17:E9:6F:26:8C X509v3 Authority Key Identifier: keyid:9F:CE:28:91:4C:50:DC:99:75:5F:10:8A:B4:33:4F:77:2C:BE:A0:E2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9136EC5/2DECAE560E5611E4B6F1953AC4F9AE02/n84okUxQ3Jl1XxCKtDNPdyy-oOI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n84okUxQ3Jl1XxCKtDNPdyy-oOI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9136EC5/2DECAE560E5611E4B6F1953AC4F9AE02/8B903A32353211EBB3D0487FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.245.96.0/22 43.245.108.0/22 43.245.252.0/22 101.100.192.0/18 103.9.100.0/22 103.11.188.0/22 103.15.232.0/22 103.245.92.0/22 111.235.136.0/22 119.31.232.0/21 Signature Algorithm: sha256WithRSAEncryption 6c:81:01:3c:e8:c2:7c:5b:f1:1d:01:86:21:91:69:dc:89:4f: ed:ae:71:18:07:47:0f:41:1e:b4:ec:fa:b4:cc:05:43:e8:48: ba:31:d0:90:8e:cb:63:1e:a0:a6:59:3e:5b:dd:19:8e:57:31: 4c:d8:23:cd:15:f2:a5:3a:61:85:cc:e0:c1:bd:8e:4c:0d:95: 3d:24:c9:b1:70:83:69:26:45:ad:d4:8d:a0:c4:c1:6b:f9:40: b4:96:1f:90:5e:86:ae:9d:8a:78:75:f7:a6:1e:9e:33:84:0f: 06:dc:9f:45:52:a5:7e:df:ec:72:d7:b2:59:99:79:8b:79:20: 69:4f:08:8a:61:a3:48:f4:93:78:03:77:54:70:c0:1f:3f:b2: bb:57:9d:84:2b:ab:83:75:5a:fa:1a:51:d3:65:fe:77:1a:f0: b7:62:e5:5b:7c:67:e1:79:86:5e:ad:0a:f9:54:73:47:30:6a: 1a:bb:be:6d:b3:bf:b6:bc:00:42:02:7e:45:be:c7:18:12:f8: 07:7f:b5:08:04:df:53:a7:5b:23:f8:ba:ec:68:13:7d:1c:5c: 1d:07:4d:a7:6a:31:d9:42:e0:48:39:ac:75:67:f8:9e:30:fd: 7d:24:3e:45:24:13:1a:44:ef:69:a2:6b:64:45:5d:7c:87:6d: e8:9f:ca:61 -----BEGIN CERTIFICATE----- MIIFpzCCBI+gAwIBAgICK18wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzZFQzUxMTAvBgNVBAUTKDlGQ0UyODkxNEM1MERDOTk3NTVGMTA4QUI0MzM0Rjc3 MkNCRUEwRTIwHhcNMjUwOTI2MTU0MjQxWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGQ2YjQ3MC00ZGY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2q/fTpYtUuGZgG51JsIqiqlaxEFJJGfZ8s+6SZjCIO9Wyns7okC11BfUR49q pytl9agPDYJVZpZWEjYPjVbaTYV0lgBr9efKA7yw23v9GZNLteVjieT2XcHlmz98 mbOcBWVzRIGkJuzaEC8yi2QkP0JhFtmKHh/u0H4GUqvR56KAo5Eohq5pRNON8ZtY 55lYt+RWZCLH+kPQHfzDkPtXdH6F74/t5jgmlgTpowDt2NYOYMEqxHF5cx4JBl1E 0TkSUb1uxAe5hdC+/AAHPka9xOxOsM6IskjpXycPLfgbextAFC0PqooDFY4vFjpg 0/iXQsfrK2SIFS/5BljVMDu0RQIDAQABo4ICyzCCAscwHQYDVR0OBBYEFBI7BhU2 g/aYEXqQ6ln7whfpbyaMMB8GA1UdIwQYMBaAFJ/OKJFMUNyZdV8QirQzT3csvqDi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNkVDNS8yREVDQUU1NjBF NTYxMUU0QjZGMTk1M0FDNEY5QUUwMi9uODRva1V4UTNKbDFYeENLdEROUGR5eS1v T0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL244NG9rVXhRM0psMVh4Q0t0RE5QZHl5LW9PSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzZFQzUvMkRFQ0FFNTYwRTU2MTFFNEI2RjE5NTNBQzRGOUFFMDIvOEI5MDNBMzIz NTMyMTFFQkIzRDA0ODdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVQYIKwYBBQUHAQcBAf8E RjBEMEIEAgABMDwDBAIr9WADBAIr9WwDBAIr9fwDBAZlZMADBAJnCWQDBAJnC7wD BAJnD+gDBAJn9VwDBAJv64gDBAN3H+gwDQYJKoZIhvcNAQELBQADggEBAGyBATzo wnxb8R0BhiGRadyJT+2ucRgHRw9BHrTs+rTMBUPoSLox0JCOy2MeoKZZPlvdGY5X MUzYI80V8qU6YYXM4MG9jkwNlT0kybFwg2kmRa3UjaDEwWv5QLSWH5Behq6dinh1 96YenjOEDwbcn0VSpX7f7HLXslmZeYt5IGlPCIpho0j0k3gDd1RwwB8/srtXnYQr q4N1WvoaUdNl/nca8Ldi5Vt8Z+F5hl6tCvlUc0cwahq7vm2zv7a8AEICfkW+xxgS +Ad/tQgE31OnWyP4uuxoE30cXB0HTadqMdlC4Eg5rHVn+J4w/X0kPkUkExpE72mi a2RFXXyHbeifymE= -----END CERTIFICATE-----Generated at Mon Oct 20 14:03:26 2025 by rpki-client