$ rpki-client -vvf rpki.apnic.net/member_repository/A9153134/E65FA8A0545311EF8AD77409C4F9AE02/F32DDE98545411EFA3BC6B2BC4F9AE02.roa File: F32DDE98545411EFA3BC6B2BC4F9AE02.roa (raw, json) Hash identifier: xQbbLUx7h7kk+H0WrJFv17LPnpfULHNjuw2xaAYsdzA= Subject key identifier: 79:8F:5E:43:35:E1:95:5B:D5:26:AB:3A:D5:30:99:42:69:09:A9:5F Certificate issuer: /CN=A9153134/serialNumber=8442DC46024006011AD5CF48CD7E4C48BB97A11E Certificate serial: 0102 Authority key identifier: 84:42:DC:46:02:40:06:01:1A:D5:CF:48:CD:7E:4C:48:BB:97:A1:1E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hELcRgJABgEa1c9IzX5MSLuXoR4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9153134/E65FA8A0545311EF8AD77409C4F9AE02/F32DDE98545411EFA3BC6B2BC4F9AE02.roa Signing time: Mon 01 Sep 2025 06:24:55 +0000 ROA not before: Mon 01 Sep 2025 06:24:55 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 138189 IP address blocks: 103.122.40.0/22 maxlen: 22 103.122.40.0/24 maxlen: 24 103.122.41.0/24 maxlen: 24 103.122.42.0/24 maxlen: 24 103.122.43.0/24 maxlen: 24 202.36.32.0/24 maxlen: 24 203.132.4.0/22 maxlen: 24 2001:df6:6500::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9153134/E65FA8A0545311EF8AD77409C4F9AE02/hELcRgJABgEa1c9IzX5MSLuXoR4.crl rsync://rpki.apnic.net/member_repository/A9153134/E65FA8A0545311EF8AD77409C4F9AE02/hELcRgJABgEa1c9IzX5MSLuXoR4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hELcRgJABgEa1c9IzX5MSLuXoR4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 08:25:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 258 (0x102) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9153134, serialNumber=8442DC46024006011AD5CF48CD7E4C48BB97A11E Validity Not Before: Sep 1 06:24:55 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=68b53c37-b7d1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:1d:12:04:19:59:b0:b4:0f:d5:d1:3a:9f:d2: d8:2a:94:9a:94:27:7e:99:f1:f1:df:97:0d:93:51: b0:fb:ba:fe:f6:4d:97:61:02:b5:e2:d7:ad:f5:ba: 1a:ea:7a:ef:9b:df:e6:1c:84:e7:9c:6f:5a:fc:e3: cd:73:33:c0:90:c4:32:d8:52:6b:7c:a4:be:28:b6: 1c:a5:a7:46:87:24:26:1c:c7:29:c8:08:c2:e6:fc: 2d:0c:87:4a:c0:8d:16:f1:df:fa:72:c4:15:dd:77: 70:bb:78:36:11:8d:9d:d8:cd:84:28:6f:68:50:c2: c0:80:e6:9a:6d:16:6f:73:0a:3d:4d:72:f7:fe:71: 85:d6:79:9e:c8:00:01:7f:70:7a:14:69:6e:63:74: 01:bc:bc:a2:ca:a4:01:3d:85:ed:f6:a3:a1:d6:6f: fc:4d:c2:73:68:66:f8:62:c0:35:38:e4:2f:2a:7a: 58:66:0e:8d:bd:19:51:1b:f3:9e:51:c8:47:07:19: 7f:d8:76:37:ea:50:7f:80:e5:bf:c4:9a:a1:bd:c0: 83:52:4c:fc:33:d4:45:25:74:2d:30:71:e9:ab:a7: 92:f0:06:26:30:bd:48:ef:1f:76:97:97:71:99:e0: c4:2b:ce:8c:b1:b2:5f:ec:fa:4b:1f:e4:83:bb:18: c8:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:8F:5E:43:35:E1:95:5B:D5:26:AB:3A:D5:30:99:42:69:09:A9:5F X509v3 Authority Key Identifier: keyid:84:42:DC:46:02:40:06:01:1A:D5:CF:48:CD:7E:4C:48:BB:97:A1:1E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9153134/E65FA8A0545311EF8AD77409C4F9AE02/hELcRgJABgEa1c9IzX5MSLuXoR4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hELcRgJABgEa1c9IzX5MSLuXoR4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9153134/E65FA8A0545311EF8AD77409C4F9AE02/F32DDE98545411EFA3BC6B2BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.122.40.0/22 202.36.32.0/24 203.132.4.0/22 IPv6: 2001:df6:6500::/48 Signature Algorithm: sha256WithRSAEncryption 97:ad:ec:4e:bf:63:19:39:4c:b0:1a:c1:c7:3f:e7:29:6c:bb: ae:28:4c:dc:f0:c9:5b:22:43:a1:5a:92:aa:79:22:63:d4:f5: 97:29:84:40:36:34:dc:fb:a9:f9:49:cd:7e:7f:73:30:af:6d: e7:64:43:f5:1a:27:62:e0:7d:35:34:e2:cb:d0:41:80:d9:82: 8b:87:79:de:ca:19:7a:28:aa:00:f3:52:de:2a:6b:bf:f3:4a: d3:d9:69:f4:dd:8a:7f:ca:12:f3:c6:dc:29:f2:2e:68:24:97: 3a:45:4b:41:19:96:ff:c4:09:ef:0a:57:88:45:2a:78:b7:be: 4d:a2:0f:46:09:f3:b8:37:4c:8d:21:49:03:a2:5c:5b:2d:2d: 87:9c:3b:22:9b:98:e0:ac:41:eb:68:95:b1:06:5a:b3:aa:e5: 86:a1:99:4f:63:5b:0d:2a:e6:18:16:91:8c:bd:48:04:33:9d: e2:3e:fc:62:e4:04:89:37:f1:79:a7:48:92:27:13:96:95:3c: 7f:94:e7:02:00:a5:17:bd:12:e0:8b:f0:b4:f7:b9:c4:31:6e: 6e:48:32:51:19:d4:46:c2:01:97:42:6d:87:bd:df:c3:0f:c9: d6:0a:5d:5b:45:41:a4:4f:2d:fb:fb:5e:3e:18:4b:63:d9:c8: c0:53:aa:e0 -----BEGIN CERTIFICATE----- MIIFjjCCBHagAwIBAgICAQIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTMxMzQxMTAvBgNVBAUTKDg0NDJEQzQ2MDI0MDA2MDExQUQ1Q0Y0OENEN0U0QzQ4 QkI5N0ExMUUwHhcNMjUwOTAxMDYyNDU1WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGI1M2MzNy1iN2QxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqB0SBBlZsLQP1dE6n9LYKpSalCd+mfHx35cNk1Gw+7r+9k2XYQK14tet9boa 6nrvm9/mHITnnG9a/OPNczPAkMQy2FJrfKS+KLYcpadGhyQmHMcpyAjC5vwtDIdK wI0W8d/6csQV3Xdwu3g2EY2d2M2EKG9oUMLAgOaabRZvcwo9TXL3/nGF1nmeyAAB f3B6FGluY3QBvLyiyqQBPYXt9qOh1m/8TcJzaGb4YsA1OOQvKnpYZg6NvRlRG/Oe UchHBxl/2HY36lB/gOW/xJqhvcCDUkz8M9RFJXQtMHHpq6eS8AYmML1I7x92l5dx meDEK86MsbJf7PpLH+SDuxjIyQIDAQABo4ICsjCCAq4wHQYDVR0OBBYEFHmPXkM1 4ZVb1SarOtUwmUJpCalfMB8GA1UdIwQYMBaAFIRC3EYCQAYBGtXPSM1+TEi7l6Ee MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MzEzNC9FNjVGQThBMDU0 NTMxMUVGOEFENzc0MDlDNEY5QUUwMi9oRUxjUmdKQUJnRWExYzlJelg1TVNMdVhv UjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hFTGNSZ0pBQmdFYTFjOUl6WDVNU0x1WG9SNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTMxMzQvRTY1RkE4QTA1NDUzMTFFRjhBRDc3NDA5QzRGOUFFMDIvRjMyRERFOTg1 NDU0MTFFRkEzQkM2QjJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPAYIKwYBBQUHAQcBAf8E LTArMBgEAgABMBIDBAJneigDBADKJCADBALLhAQwDwQCAAIwCQMHACABDfZlADAN BgkqhkiG9w0BAQsFAAOCAQEAl63sTr9jGTlMsBrBxz/nKWy7rihM3PDJWyJDoVqS qnkiY9T1lymEQDY03Pup+UnNfn9zMK9t52RD9RonYuB9NTTiy9BBgNmCi4d53soZ eiiqAPNS3iprv/NK09lp9N2Kf8oS88bcKfIuaCSXOkVLQRmW/8QJ7wpXiEUqeLe+ TaIPRgnzuDdMjSFJA6JcWy0th5w7IpuY4KxB62iVsQZas6rlhqGZT2NbDSrmGBaR jL1IBDOd4j78YuQEiTfxeadIkicTlpU8f5TnAgClF70S4IvwtPe5xDFubkgyURnU RsIBl0Jth73fww/J1gpdW0VBpE8t+/tePhhLY9nIwFOq4A== -----END CERTIFICATE-----Generated at Mon Oct 20 19:26:08 2025 by rpki-client