$ rpki-client -vvf rpki.apnic.net/member_repository/A914B5BD/33CB117AB5A911E79C74CB72C4F9AE02/AF066E3E8BF711F08B841259C4F9AE02.roa File: AF066E3E8BF711F08B841259C4F9AE02.roa (raw, json) Hash identifier: I9IuYeKsVkPA5gYO/x+81RjmFQuZFPQkT2hjEsy5mDk= Subject key identifier: DE:53:86:FE:27:CD:AF:B7:B7:F6:D7:07:89:93:58:C0:8B:AA:36:8D Certificate issuer: /CN=A914B5BD/serialNumber=22E81B327CB1FB3501E05AFAB94121918FDB5B5E Certificate serial: 18A9 Authority key identifier: 22:E8:1B:32:7C:B1:FB:35:01:E0:5A:FA:B9:41:21:91:8F:DB:5B:5E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IugbMnyx-zUB4Fr6uUEhkY_bW14.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914B5BD/33CB117AB5A911E79C74CB72C4F9AE02/AF066E3E8BF711F08B841259C4F9AE02.roa Signing time: Tue 30 Sep 2025 16:45:17 +0000 ROA not before: Tue 30 Sep 2025 16:45:17 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 134512 IP address blocks: 43.239.143.0/24 maxlen: 24 103.71.172.0/24 maxlen: 24 103.71.173.0/24 maxlen: 24 103.71.174.0/24 maxlen: 24 103.71.175.0/24 maxlen: 24 103.194.168.0/24 maxlen: 24 103.194.169.0/24 maxlen: 24 103.194.170.0/24 maxlen: 24 103.194.171.0/24 maxlen: 24 103.248.52.0/24 maxlen: 24 103.248.53.0/24 maxlen: 24 103.248.54.0/24 maxlen: 24 103.248.55.0/24 maxlen: 24 103.252.220.0/24 maxlen: 24 103.252.221.0/24 maxlen: 24 103.252.222.0/24 maxlen: 24 103.252.223.0/24 maxlen: 24 2406:9980::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914B5BD/33CB117AB5A911E79C74CB72C4F9AE02/IugbMnyx-zUB4Fr6uUEhkY_bW14.crl rsync://rpki.apnic.net/member_repository/A914B5BD/33CB117AB5A911E79C74CB72C4F9AE02/IugbMnyx-zUB4Fr6uUEhkY_bW14.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IugbMnyx-zUB4Fr6uUEhkY_bW14.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 16:53:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6313 (0x18a9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914B5BD, serialNumber=22E81B327CB1FB3501E05AFAB94121918FDB5B5E Validity Not Before: Sep 30 16:45:17 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68dc091d-6c47 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:7c:9a:35:1a:29:13:06:78:eb:62:9a:1e:8c: 29:75:e7:64:3f:3f:ed:0c:81:61:65:bc:ca:d4:15: de:5b:db:bf:60:ab:68:30:a8:86:56:1b:ad:5f:3d: a8:c8:ba:65:24:11:b6:a9:ff:0c:3b:ec:22:fd:86: db:6e:3b:9b:e7:80:47:c1:f2:b0:56:b6:d7:20:74: a1:5a:32:81:46:dc:73:35:77:03:6a:55:ec:f2:97: d7:5e:16:4e:4f:7f:be:0c:c2:e2:9f:3c:d1:de:c5: 62:78:b1:21:3e:8e:16:3a:50:40:57:a4:a5:9b:85: 80:6a:19:23:32:76:8c:55:44:b2:8b:8b:ec:32:9c: 1e:af:8c:ca:ec:6d:55:d4:4f:86:ef:78:c2:2d:6f: b9:4c:2b:56:01:4a:58:17:86:6c:03:78:60:8c:c5: 84:4c:bc:f9:79:0d:e3:3a:c8:f3:12:1b:fd:df:fc: 58:84:09:21:0f:4c:5f:f4:f0:ba:1d:cd:ef:3e:68: e4:6f:83:5a:18:f6:c0:30:93:d8:c6:d6:81:21:d4: 95:c4:7d:2a:43:49:15:81:2a:d4:9a:b0:9c:c5:5c: 9d:82:56:dd:33:82:97:67:ed:54:9b:31:8d:6f:49: 98:38:3b:88:1b:3d:51:93:c9:f4:a1:61:69:4f:27: a3:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:53:86:FE:27:CD:AF:B7:B7:F6:D7:07:89:93:58:C0:8B:AA:36:8D X509v3 Authority Key Identifier: keyid:22:E8:1B:32:7C:B1:FB:35:01:E0:5A:FA:B9:41:21:91:8F:DB:5B:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914B5BD/33CB117AB5A911E79C74CB72C4F9AE02/IugbMnyx-zUB4Fr6uUEhkY_bW14.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IugbMnyx-zUB4Fr6uUEhkY_bW14.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914B5BD/33CB117AB5A911E79C74CB72C4F9AE02/AF066E3E8BF711F08B841259C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.239.143.0/24 103.71.172.0/22 103.194.168.0/22 103.248.52.0/22 103.252.220.0/22 IPv6: 2406:9980::/32 Signature Algorithm: sha256WithRSAEncryption 07:27:e9:2c:13:bd:61:e6:72:d5:9f:2e:2e:50:bc:b7:5b:87: 43:6e:12:7e:83:03:f8:2a:61:1e:97:9c:39:cd:08:b2:96:b0: 23:f3:5e:50:85:bc:b3:7a:be:7a:db:7e:07:46:44:8d:06:48: 81:99:0c:1e:33:29:18:15:ed:18:4a:1a:e3:84:b0:0a:06:7c: a0:ff:27:df:8a:bc:12:8b:48:37:ce:c8:d2:55:69:3b:9e:4a: ad:10:68:f0:86:b2:88:a6:1a:f5:ca:96:23:61:04:a8:93:e9: 0a:aa:0d:d9:38:97:7d:a7:d2:63:d0:d9:f7:33:39:8b:68:e4: 89:b2:5c:0e:38:09:63:68:e7:62:2c:db:88:2d:7d:8b:5d:2f: bf:11:02:6a:07:5c:d0:62:c7:bd:c7:20:db:13:64:f4:d1:34: 35:f2:79:b2:81:19:87:fd:96:88:42:4a:66:9e:1f:ab:be:b7: fa:93:8d:f2:c0:93:4e:e6:37:95:da:b6:db:ac:e2:c6:87:61: 1d:b6:29:74:ef:c7:a0:3a:14:39:c5:d5:cf:25:71:c4:03:4f: 6c:1a:33:7a:22:8a:32:47:c8:ee:9a:e5:57:aa:d9:42:02:25: 55:8b:75:0e:7c:eb:74:ff:50:e6:8a:26:15:96:ee:5d:4e:f8: f2:53:94:c2 -----BEGIN CERTIFICATE----- MIIFmDCCBICgAwIBAgICGKkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEI1QkQxMTAvBgNVBAUTKDIyRTgxQjMyN0NCMUZCMzUwMUUwNUFGQUI5NDEyMTkx OEZEQjVCNUUwHhcNMjUwOTMwMTY0NTE3WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGRjMDkxZC02YzQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA23yaNRopEwZ462KaHowpdedkPz/tDIFhZbzK1BXeW9u/YKtoMKiGVhutXz2o yLplJBG2qf8MO+wi/Ybbbjub54BHwfKwVrbXIHShWjKBRtxzNXcDalXs8pfXXhZO T3++DMLinzzR3sVieLEhPo4WOlBAV6Slm4WAahkjMnaMVUSyi4vsMpwer4zK7G1V 1E+G73jCLW+5TCtWAUpYF4ZsA3hgjMWETLz5eQ3jOsjzEhv93/xYhAkhD0xf9PC6 Hc3vPmjkb4NaGPbAMJPYxtaBIdSVxH0qQ0kVgSrUmrCcxVydglbdM4KXZ+1UmzGN b0mYODuIGz1Rk8n0oWFpTyejvQIDAQABo4ICvDCCArgwHQYDVR0OBBYEFN5Thv4n za+3t/bXB4mTWMCLqjaNMB8GA1UdIwQYMBaAFCLoGzJ8sfs1AeBa+rlBIZGP21te MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QjVCRC8zM0NCMTE3QUI1 QTkxMUU3OUM3NENCNzJDNEY5QUUwMi9JdWdiTW55eC16VUI0RnI2dVVFaGtZX2JX MTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0l1Z2JNbnl4LXpVQjRGcjZ1VUVoa1lfYlcxNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NEI1QkQvMzNDQjExN0FCNUE5MTFFNzlDNzRDQjcyQzRGOUFFMDIvQUYwNjZFM0U4 QkY3MTFGMDhCODQxMjU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E NzA1MCQEAgABMB4DBAAr748DBAJnR6wDBAJnwqgDBAJn+DQDBAJn/NwwDQQCAAIw BwMFACQGmYAwDQYJKoZIhvcNAQELBQADggEBAAcn6SwTvWHmctWfLi5QvLdbh0Nu En6DA/gqYR6XnDnNCLKWsCPzXlCFvLN6vnrbfgdGRI0GSIGZDB4zKRgV7RhKGuOE sAoGfKD/J9+KvBKLSDfOyNJVaTueSq0QaPCGsoimGvXKliNhBKiT6QqqDdk4l32n 0mPQ2fczOYto5ImyXA44CWNo52Is24gtfYtdL78RAmoHXNBix73HINsTZPTRNDXy ebKBGYf9lohCSmaeH6u+t/qTjfLAk07mN5Xattus4saHYR22KXTvx6A6FDnF1c8l ccQDT2waM3oiijJHyO6a5Veq2UICJVWLdQ5863T/UOaKJhWW7l1O+PJTlMI= -----END CERTIFICATE-----Generated at Mon Oct 20 14:53:41 2025 by rpki-client