$ rpki-client -vvf rpki.apnic.net/member_repository/A9158F8D/A179E53C647711EFA82DE93DC4F9AE02/B9574A322C1311F0B642882AC4F9AE02.roa File: B9574A322C1311F0B642882AC4F9AE02.roa (raw, json) Hash identifier: QN8v9t5P0QTRBsYg+U9O7T5DHQfpoMuEMEImQ353CzQ= Subject key identifier: DE:CD:8C:66:4A:04:0F:A4:D4:D3:31:E4:DC:29:49:6D:2F:02:29:F8 Certificate issuer: /CN=A9158F8D/serialNumber=2A01C8FE967969447831EC01C02BC4E9CB9ACE2C Certificate serial: E0 Authority key identifier: 2A:01:C8:FE:96:79:69:44:78:31:EC:01:C0:2B:C4:E9:CB:9A:CE:2C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KgHI_pZ5aUR4MewBwCvE6cuaziw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9158F8D/A179E53C647711EFA82DE93DC4F9AE02/B9574A322C1311F0B642882AC4F9AE02.roa Signing time: Sat 11 Oct 2025 09:03:29 +0000 ROA not before: Sat 11 Oct 2025 09:03:29 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 138199 IP address blocks: 103.122.52.0/24 maxlen: 24 202.37.80.0/22 maxlen: 24 2001:df6:8d00::/48 maxlen: 48 2401:42a0::/32 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9158F8D/A179E53C647711EFA82DE93DC4F9AE02/KgHI_pZ5aUR4MewBwCvE6cuaziw.crl rsync://rpki.apnic.net/member_repository/A9158F8D/A179E53C647711EFA82DE93DC4F9AE02/KgHI_pZ5aUR4MewBwCvE6cuaziw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KgHI_pZ5aUR4MewBwCvE6cuaziw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 08:39:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 224 (0xe0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9158F8D, serialNumber=2A01C8FE967969447831EC01C02BC4E9CB9ACE2C Validity Not Before: Oct 11 09:03:29 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=68ea1d61-421c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:1a:51:7f:2c:8a:b0:35:de:be:3d:76:6b:4c: 8d:8f:39:18:ad:85:26:80:ea:47:e0:ae:be:3a:1f: e6:9b:49:fc:5b:64:54:77:3f:f0:e0:4d:b6:e4:51: f2:dd:50:76:34:d9:b4:d0:f7:ac:88:0a:26:f9:2e: 11:c1:50:fe:2b:3a:58:df:b2:e7:d5:22:22:e9:71: f0:64:d2:cc:0a:a2:65:b4:69:ac:2c:cc:87:a3:89: ed:29:4a:9d:ad:12:8d:83:7e:72:29:e4:35:7a:9f: 04:bd:8f:12:45:81:f2:49:83:1e:01:b6:a0:3c:e8: 7d:e1:f9:30:16:4d:c4:1a:bc:e7:96:86:84:52:68: a1:af:5c:a1:44:46:9f:0e:d5:ba:a2:21:91:88:30: 5d:75:fb:c6:d7:c7:f5:09:b9:43:3c:39:f5:b2:c7: e6:83:04:c4:8d:b9:bc:97:b5:44:1f:6b:98:dd:4c: 44:74:22:54:38:4a:61:0e:fd:d2:6d:a4:f9:2f:09: c9:d2:ec:51:a3:2d:a1:d8:64:78:a3:2b:0f:cc:eb: 83:51:63:30:75:94:f2:0e:6d:58:85:b8:a2:43:03: 4f:28:31:6a:be:e1:d1:64:91:1d:04:cd:0e:bd:b9: 32:73:bf:05:d3:fe:37:ca:98:65:ff:fa:49:58:08: fb:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:CD:8C:66:4A:04:0F:A4:D4:D3:31:E4:DC:29:49:6D:2F:02:29:F8 X509v3 Authority Key Identifier: keyid:2A:01:C8:FE:96:79:69:44:78:31:EC:01:C0:2B:C4:E9:CB:9A:CE:2C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9158F8D/A179E53C647711EFA82DE93DC4F9AE02/KgHI_pZ5aUR4MewBwCvE6cuaziw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KgHI_pZ5aUR4MewBwCvE6cuaziw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158F8D/A179E53C647711EFA82DE93DC4F9AE02/B9574A322C1311F0B642882AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.122.52.0/24 202.37.80.0/22 IPv6: 2001:df6:8d00::/48 2401:42a0::/32 Signature Algorithm: sha256WithRSAEncryption 35:bf:6c:11:64:38:16:8a:40:dc:d2:3d:8a:61:39:71:b3:3d: 5c:ae:b2:7e:0e:c2:8d:fc:59:b3:a4:2e:6a:80:7e:de:36:91: 5f:88:8c:c4:78:8c:83:f6:63:fc:97:e1:98:03:dd:c3:d0:9b: d1:a0:e1:9d:87:49:e1:30:35:86:48:05:b7:b8:bb:22:15:a1: 60:d9:b3:e9:3a:53:58:8d:d6:88:ca:2b:9e:37:e4:f1:38:a3: 2d:12:9f:71:3c:f0:e8:28:81:98:63:fc:5d:c4:9e:d2:2e:7a: 61:31:33:86:40:1b:92:a8:fc:bc:8a:a9:08:79:4b:36:01:77: a9:54:16:4b:d4:4c:79:66:98:02:1e:72:25:93:11:93:09:2f: 26:50:60:b0:86:97:c9:e1:12:98:ec:fb:b7:a3:9a:4c:47:82: 9c:fc:f0:eb:1c:79:24:74:2d:08:1f:83:e7:93:13:33:3f:24: 31:dc:37:a1:75:fd:8c:57:49:2d:22:bb:05:78:99:3f:84:fa: 93:7a:31:66:8c:71:50:7a:e6:5a:71:48:9d:65:cb:e8:e1:ad: f9:cd:5f:0a:30:b0:7f:e7:3e:92:ba:83:9c:36:03:aa:2a:51: 0c:ab:39:df:ab:08:76:a0:4a:59:48:b2:3d:15:1c:4c:de:74: 1f:f8:ef:26 -----BEGIN CERTIFICATE----- MIIFjzCCBHegAwIBAgICAOAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NThGOEQxMTAvBgNVBAUTKDJBMDFDOEZFOTY3OTY5NDQ3ODMxRUMwMUMwMkJDNEU5 Q0I5QUNFMkMwHhcNMjUxMDExMDkwMzI5WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGVhMWQ2MS00MjFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6RpRfyyKsDXevj12a0yNjzkYrYUmgOpH4K6+Oh/mm0n8W2RUdz/w4E225FHy 3VB2NNm00PesiAom+S4RwVD+KzpY37Ln1SIi6XHwZNLMCqJltGmsLMyHo4ntKUqd rRKNg35yKeQ1ep8EvY8SRYHySYMeAbagPOh94fkwFk3EGrznloaEUmihr1yhREaf DtW6oiGRiDBddfvG18f1CblDPDn1ssfmgwTEjbm8l7VEH2uY3UxEdCJUOEphDv3S baT5LwnJ0uxRoy2h2GR4oysPzOuDUWMwdZTyDm1YhbiiQwNPKDFqvuHRZJEdBM0O vbkyc78F0/43yphl//pJWAj71QIDAQABo4ICszCCAq8wHQYDVR0OBBYEFN7NjGZK BA+k1NMx5NwpSW0vAin4MB8GA1UdIwQYMBaAFCoByP6WeWlEeDHsAcArxOnLms4s MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OEY4RC9BMTc5RTUzQzY0 NzcxMUVGQTgyREU5M0RDNEY5QUUwMi9LZ0hJX3BaNWFVUjRNZXdCd0N2RTZjdWF6 aXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tnSElfcFo1YVVSNE1ld0J3Q3ZFNmN1YXppdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NThGOEQvQTE3OUU1M0M2NDc3MTFFRkE4MkRFOTNEQzRGOUFFMDIvQjk1NzRBMzIy QzEzMTFGMEI2NDI4ODJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E LjAsMBIEAgABMAwDBABnejQDBALKJVAwFgQCAAIwEAMHACABDfaNAAMFACQBQqAw DQYJKoZIhvcNAQELBQADggEBADW/bBFkOBaKQNzSPYphOXGzPVyusn4Owo38WbOk LmqAft42kV+IjMR4jIP2Y/yX4ZgD3cPQm9Gg4Z2HSeEwNYZIBbe4uyIVoWDZs+k6 U1iN1ojKK5435PE4oy0Sn3E88OgogZhj/F3EntIuemExM4ZAG5Ko/LyKqQh5SzYB d6lUFkvUTHlmmAIeciWTEZMJLyZQYLCGl8nhEpjs+7ejmkxHgpz88OsceSR0LQgf g+eTEzM/JDHcN6F1/YxXSS0iuwV4mT+E+pN6MWaMcVB65lpxSJ1ly+jhrfnNXwow sH/nPpK6g5w2A6oqUQyrOd+rCHagSllIsj0VHEzedB/47yY= -----END CERTIFICATE-----Generated at Mon Oct 20 22:55:14 2025 by rpki-client