$ rpki-client -vvf rpki.apnic.net/member_repository/A9176C8F/FA0E05A46B5A11EFBC99925CC4F9AE02/B0D3DA64107B11F097717C77C4F9AE02.roa File: B0D3DA64107B11F097717C77C4F9AE02.roa (raw, json) Hash identifier: 1d9wCsU9aWCRZr3QZQY+xUb1UN+Bs6Q6ncyy7XvW10Q= Subject key identifier: 28:2D:C3:93:9C:AA:45:70:A8:41:3C:BF:19:00:3B:2F:C3:A1:20:DD Certificate issuer: /CN=A9176C8F/serialNumber=057395B4878FB1A67FCBAD582617B7BAAF2C31FF Certificate serial: 0116 Authority key identifier: 05:73:95:B4:87:8F:B1:A6:7F:CB:AD:58:26:17:B7:BA:AF:2C:31:FF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BXOVtIePsaZ_y61YJhe3uq8sMf8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9176C8F/FA0E05A46B5A11EFBC99925CC4F9AE02/B0D3DA64107B11F097717C77C4F9AE02.roa Signing time: Tue 14 Oct 2025 11:04:23 +0000 ROA not before: Tue 14 Oct 2025 11:04:23 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 149296 IP address blocks: 43.255.52.0/24 maxlen: 24 43.255.53.0/24 maxlen: 24 43.255.54.0/24 maxlen: 24 43.255.55.0/24 maxlen: 24 103.129.52.0/22 maxlen: 22 103.129.54.0/23 maxlen: 23 103.129.54.0/24 maxlen: 24 103.129.55.0/24 maxlen: 24 2401:bbe0:200::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9176C8F/FA0E05A46B5A11EFBC99925CC4F9AE02/BXOVtIePsaZ_y61YJhe3uq8sMf8.crl rsync://rpki.apnic.net/member_repository/A9176C8F/FA0E05A46B5A11EFBC99925CC4F9AE02/BXOVtIePsaZ_y61YJhe3uq8sMf8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BXOVtIePsaZ_y61YJhe3uq8sMf8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 08:43:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 278 (0x116) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9176C8F, serialNumber=057395B4878FB1A67FCBAD582617B7BAAF2C31FF Validity Not Before: Oct 14 11:04:23 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68ee2e37-985c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:07:91:ed:7e:69:7a:98:ad:67:30:d4:e6:1d: 7c:c5:dc:eb:00:90:7a:4a:82:9b:5c:82:05:01:6a: b0:d5:fe:47:70:18:f9:49:ef:33:5d:00:4d:d7:26: 31:8d:b1:91:40:aa:c6:3f:48:eb:84:b4:78:ce:0f: ac:70:fd:79:ef:db:3d:1c:0b:30:1f:90:77:50:3c: d6:23:09:51:c1:f3:8d:c0:e4:49:d0:b8:35:b2:e7: 69:55:38:92:0f:27:29:81:06:f6:1e:cd:d3:b2:0f: ba:f9:51:87:ce:0d:e9:aa:71:52:ab:ec:11:31:5c: 5d:c4:d8:39:f5:e6:13:ea:7b:e9:d3:be:6a:8e:5e: 26:3e:9b:2d:12:7d:15:50:45:00:4e:5e:ed:87:31: 1b:c3:a4:a4:18:8b:5a:8b:48:4e:a0:0a:c9:be:7d: 07:04:e1:0f:1d:2b:09:69:ce:f1:12:a3:ec:69:c6: 4d:10:d1:74:be:cc:28:7f:b2:ac:30:2c:a3:0f:b0: 57:3c:4d:fd:55:a4:19:ae:9c:fc:b6:d2:46:e9:f8: 3a:b1:12:92:47:81:47:b4:97:df:57:66:0b:05:e6: 25:14:37:f5:80:49:56:45:a4:56:d4:26:e4:f2:a0: 7e:63:09:2e:4f:29:78:e1:25:c1:8e:0f:c7:d8:0b: 3d:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:2D:C3:93:9C:AA:45:70:A8:41:3C:BF:19:00:3B:2F:C3:A1:20:DD X509v3 Authority Key Identifier: keyid:05:73:95:B4:87:8F:B1:A6:7F:CB:AD:58:26:17:B7:BA:AF:2C:31:FF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9176C8F/FA0E05A46B5A11EFBC99925CC4F9AE02/BXOVtIePsaZ_y61YJhe3uq8sMf8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BXOVtIePsaZ_y61YJhe3uq8sMf8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9176C8F/FA0E05A46B5A11EFBC99925CC4F9AE02/B0D3DA64107B11F097717C77C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.255.52.0/22 103.129.52.0/22 IPv6: 2401:bbe0:200::/40 Signature Algorithm: sha256WithRSAEncryption 27:1d:e2:29:97:2e:f0:16:69:03:94:25:16:bf:a7:3b:35:81: f2:81:ef:1a:89:eb:e9:12:87:01:04:80:c3:e8:ee:2b:05:90: f4:80:94:67:1b:09:23:e8:07:a8:a5:89:a8:e7:62:94:e8:bb: ca:06:0f:36:5d:54:f6:bb:ca:98:42:06:42:e8:6f:78:f0:c2: 0a:e5:7e:be:a9:3b:35:5e:44:c5:68:de:b2:fd:0c:0a:60:17: 95:33:6b:8b:1b:76:69:c4:7d:4c:23:63:34:a9:8a:d1:c3:bf: 46:74:39:31:c9:c3:eb:b1:0c:70:fc:b0:b4:e5:6a:13:51:99: f1:84:3d:cc:e0:27:1a:57:64:d5:df:ed:7c:27:c7:a3:f1:bd: 48:31:93:e4:dd:a5:5c:03:1e:c4:33:9b:29:52:c7:6e:45:6c: 13:20:87:df:f4:3c:34:62:fb:ed:1c:ac:47:03:e9:7c:11:7b: ba:2f:d3:22:eb:d7:58:5b:d8:f5:c5:ea:fb:2c:00:58:68:7a: a8:54:14:80:46:0b:17:bf:0a:24:74:25:d1:be:17:03:7b:ec: 67:bf:46:28:ac:01:8e:72:8e:24:90:72:70:c5:07:70:8c:61: cb:8e:f8:55:7b:cf:d7:10:02:bf:c7:d8:ad:f5:f8:ad:58:5c: cf:82:96:48 -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgICARYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzZDOEYxMTAvBgNVBAUTKDA1NzM5NUI0ODc4RkIxQTY3RkNCQUQ1ODI2MTdCN0JB QUYyQzMxRkYwHhcNMjUxMDE0MTEwNDIzWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGVlMmUzNy05ODVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0weR7X5pepitZzDU5h18xdzrAJB6SoKbXIIFAWqw1f5HcBj5Se8zXQBN1yYx jbGRQKrGP0jrhLR4zg+scP1579s9HAswH5B3UDzWIwlRwfONwORJ0Lg1sudpVTiS DycpgQb2Hs3Tsg+6+VGHzg3pqnFSq+wRMVxdxNg59eYT6nvp075qjl4mPpstEn0V UEUATl7thzEbw6SkGItai0hOoArJvn0HBOEPHSsJac7xEqPsacZNENF0vswof7Ks MCyjD7BXPE39VaQZrpz8ttJG6fg6sRKSR4FHtJffV2YLBeYlFDf1gElWRaRW1Cbk 8qB+YwkuTyl44SXBjg/H2As9uwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFCgtw5Oc qkVwqEE8vxkAOy/DoSDdMB8GA1UdIwQYMBaAFAVzlbSHj7Gmf8utWCYXt7qvLDH/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NkM4Ri9GQTBFMDVBNDZC NUExMUVGQkM5OTkyNUNDNEY5QUUwMi9CWE9WdEllUHNhWl95NjFZSmhlM3VxOHNN ZjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0JYT1Z0SWVQc2FaX3k2MVlKaGUzdXE4c01mOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzZDOEYvRkEwRTA1QTQ2QjVBMTFFRkJDOTk5MjVDQzRGOUFFMDIvQjBEM0RBNjQx MDdCMTFGMDk3NzE3Qzc3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNQYIKwYBBQUHAQcBAf8E JjAkMBIEAgABMAwDBAIr/zQDBAJngTQwDgQCAAIwCAMGACQBu+ACMA0GCSqGSIb3 DQEBCwUAA4IBAQAnHeIply7wFmkDlCUWv6c7NYHyge8aievpEocBBIDD6O4rBZD0 gJRnGwkj6AeopYmo52KU6LvKBg82XVT2u8qYQgZC6G948MIK5X6+qTs1XkTFaN6y /QwKYBeVM2uLG3ZpxH1MI2M0qYrRw79GdDkxycPrsQxw/LC05WoTUZnxhD3M4Cca V2TV3+18J8ej8b1IMZPk3aVcAx7EM5spUsduRWwTIIff9Dw0YvvtHKxHA+l8EXu6 L9Mi69dYW9j1xer7LABYaHqoVBSARgsXvwokdCXRvhcDe+xnv0YorAGOco4kkHJw xQdwjGHLjvhVe8/XEAK/x9it9fitWFzPgpZI -----END CERTIFICATE-----Generated at Mon Oct 20 00:30:19 2025 by rpki-client