$ rpki-client -vvf rpki.apnic.net/member_repository/A914749C/8D78E57EF1A211E69421B545C4F9AE02/433FBBECF1A511E6BE0A844EC4F9AE02.roa File: 433FBBECF1A511E6BE0A844EC4F9AE02.roa (raw, json) Hash identifier: jNQlV+fi0gh3TqmAhHo6u4WfK9ctt6IakWF/8kDkdDM= Subject key identifier: 56:AD:E0:1F:B9:56:EC:B4:F5:F7:5A:09:F4:93:56:AC:C1:53:0C:B1 Certificate issuer: /CN=A914749C/serialNumber=8CB2BBD64B6A774E16C10FDCA650A7ADC5B38D78 Certificate serial: 1C58 Authority key identifier: 8C:B2:BB:D6:4B:6A:77:4E:16:C1:0F:DC:A6:50:A7:AD:C5:B3:8D:78 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jLK71ktqd04WwQ_cplCnrcWzjXg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914749C/8D78E57EF1A211E69421B545C4F9AE02/433FBBECF1A511E6BE0A844EC4F9AE02.roa Signing time: Wed 08 Oct 2025 16:14:42 +0000 ROA not before: Wed 08 Oct 2025 16:14:42 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 135516 IP address blocks: 103.5.212.0/23 maxlen: 23 103.192.175.0/24 maxlen: 24 103.214.207.0/24 maxlen: 24 192.140.226.0/23 maxlen: 23 192.140.226.0/24 maxlen: 24 192.140.227.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914749C/8D78E57EF1A211E69421B545C4F9AE02/jLK71ktqd04WwQ_cplCnrcWzjXg.crl rsync://rpki.apnic.net/member_repository/A914749C/8D78E57EF1A211E69421B545C4F9AE02/jLK71ktqd04WwQ_cplCnrcWzjXg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jLK71ktqd04WwQ_cplCnrcWzjXg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 16:29:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7256 (0x1c58) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914749C, serialNumber=8CB2BBD64B6A774E16C10FDCA650A7ADC5B38D78 Validity Not Before: Oct 8 16:14:42 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68e68df2-6678 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:d0:21:97:3f:b8:89:cc:83:09:e9:a3:49:8b: c0:36:d7:ec:97:f6:13:7e:98:d0:ff:4a:98:93:2a: aa:c0:8a:07:be:98:ad:f9:b5:f6:86:8f:de:47:8a: 59:b3:c2:a1:60:fb:c9:f6:f6:a3:3d:00:00:78:14: ba:23:8f:8a:d6:6d:07:f1:55:b7:b0:a5:e8:2d:81: 9c:00:52:70:72:d4:86:76:46:ff:d6:b9:1d:8e:e7: 72:cd:f7:c4:c3:8e:75:c6:0a:0a:88:77:9e:d7:76: 0c:ad:8b:66:ea:fe:02:6a:4e:28:ad:95:29:c9:12: ae:3d:99:7f:25:d3:2d:f3:cf:c1:ae:81:01:08:2a: 1e:4e:eb:90:67:0c:6e:2d:e8:81:55:4b:58:73:fc: 85:e9:37:fb:28:ad:3f:05:bf:69:22:eb:f2:42:c4: a7:76:e4:79:23:74:e1:c7:03:dc:f9:c1:16:0e:10: d3:7c:97:c2:0b:26:fe:c3:e9:b2:35:4d:a6:f4:97: 53:9f:2a:5f:ef:35:ac:23:f9:8e:a4:f3:a1:e7:a2: ea:d7:2d:c4:e1:38:21:1e:98:ef:cc:45:ae:f9:93: 43:e6:f9:88:ee:c9:e0:aa:4f:15:d2:c5:72:ba:93: f6:df:22:07:cc:fe:b3:47:88:4f:1e:c3:81:7a:ce: bd:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:AD:E0:1F:B9:56:EC:B4:F5:F7:5A:09:F4:93:56:AC:C1:53:0C:B1 X509v3 Authority Key Identifier: keyid:8C:B2:BB:D6:4B:6A:77:4E:16:C1:0F:DC:A6:50:A7:AD:C5:B3:8D:78 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914749C/8D78E57EF1A211E69421B545C4F9AE02/jLK71ktqd04WwQ_cplCnrcWzjXg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jLK71ktqd04WwQ_cplCnrcWzjXg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914749C/8D78E57EF1A211E69421B545C4F9AE02/433FBBECF1A511E6BE0A844EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.5.212.0/23 103.192.175.0/24 103.214.207.0/24 192.140.226.0/23 Signature Algorithm: sha256WithRSAEncryption 1a:43:dd:1a:17:89:28:86:45:40:cb:54:69:b3:e0:2a:ec:d7: 50:5e:d3:4b:2a:e6:82:ab:8d:3c:98:72:44:cf:e7:f5:82:9b: 24:75:57:9b:47:ea:c7:9b:1c:86:2e:f8:f1:6b:23:43:d0:15: 9f:69:ad:f8:cd:9a:3d:64:11:3b:b7:1e:49:5d:87:de:3b:bb: bf:eb:3c:e6:d6:75:02:56:28:f8:5e:fe:60:ad:79:92:33:eb: 84:3a:0c:01:ef:49:89:4e:f4:17:40:09:03:2d:e6:18:3c:e3: f3:a8:ca:6f:16:ea:e5:72:c7:18:6d:fb:eb:89:c0:de:18:85: e4:f4:74:2a:40:36:53:29:11:f1:bb:d5:39:57:cf:01:fc:ef: c4:d9:b3:1b:c7:94:ba:80:bc:f0:a6:a6:b9:6f:12:f3:f4:a3: ab:59:af:e0:50:5a:d2:7f:ea:e8:37:30:3f:1d:ca:09:cf:eb: e9:45:71:8c:43:ad:d6:c7:0b:c4:e9:8a:37:4f:13:fc:ce:e4: a5:4c:8e:e0:b6:8b:f7:5c:c3:a6:31:fa:ad:91:16:de:7a:0a: b5:93:47:91:31:c9:ad:cf:1c:4d:b1:7a:e7:a5:a5:09:74:20: 69:9d:35:e6:d5:3f:95:51:4d:b6:4b:ff:39:2f:9e:4f:3c:46: ac:ed:87:80 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgICHFgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDc0OUMxMTAvBgNVBAUTKDhDQjJCQkQ2NEI2QTc3NEUxNkMxMEZEQ0E2NTBBN0FE QzVCMzhENzgwHhcNMjUxMDA4MTYxNDQyWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGU2OGRmMi02Njc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtNAhlz+4icyDCemjSYvANtfsl/YTfpjQ/0qYkyqqwIoHvpit+bX2ho/eR4pZ s8KhYPvJ9vajPQAAeBS6I4+K1m0H8VW3sKXoLYGcAFJwctSGdkb/1rkdjudyzffE w451xgoKiHee13YMrYtm6v4Cak4orZUpyRKuPZl/JdMt88/BroEBCCoeTuuQZwxu LeiBVUtYc/yF6Tf7KK0/Bb9pIuvyQsSnduR5I3ThxwPc+cEWDhDTfJfCCyb+w+my NU2m9JdTnypf7zWsI/mOpPOh56Lq1y3E4TghHpjvzEWu+ZND5vmI7sngqk8V0sVy upP23yIHzP6zR4hPHsOBes69PQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFFat4B+5 Vuy09fdaCfSTVqzBUwyxMB8GA1UdIwQYMBaAFIyyu9ZLandOFsEP3KZQp63Fs414 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzQ5Qy84RDc4RTU3RUYx QTIxMUU2OTQyMUI1NDVDNEY5QUUwMi9qTEs3MWt0cWQwNFd3UV9jcGxDbnJjV3pq WGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2pMSzcxa3RxZDA0V3dRX2NwbENucmNXempYZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDc0OUMvOEQ3OEU1N0VGMUEyMTFFNjk0MjFCNTQ1QzRGOUFFMDIvNDMzRkJCRUNG MUE1MTFFNkJFMEE4NDRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E IjAgMB4EAgABMBgDBAFnBdQDBABnwK8DBABn1s8DBAHAjOIwDQYJKoZIhvcNAQEL BQADggEBABpD3RoXiSiGRUDLVGmz4Crs11Be00sq5oKrjTyYckTP5/WCmyR1V5tH 6sebHIYu+PFrI0PQFZ9prfjNmj1kETu3Hkldh947u7/rPObWdQJWKPhe/mCteZIz 64Q6DAHvSYlO9BdACQMt5hg84/Ooym8W6uVyxxht++uJwN4YheT0dCpANlMpEfG7 1TlXzwH878TZsxvHlLqAvPCmprlvEvP0o6tZr+BQWtJ/6ug3MD8dygnP6+lFcYxD rdbHC8TpijdPE/zO5KVMjuC2i/dcw6Yx+q2RFt56CrWTR5Exya3PHE2xeuelpQl0 IGmdNebVP5VRTbZL/zkvnk88Rqzth4A= -----END CERTIFICATE-----Generated at Mon Oct 20 19:13:10 2025 by rpki-client