$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/144425AE729211F0B749B275C4F9AE02.roa File: 144425AE729211F0B749B275C4F9AE02.roa (raw, json) Hash identifier: exhzrMFaxm5iIfoQjcUkJdHRskInNx0lMshgONTiPgg= Subject key identifier: 77:57:61:A0:DA:1A:EE:90:D1:38:88:99:C0:AF:07:30:58:45:28:06 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: C25A Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/144425AE729211F0B749B275C4F9AE02.roa Signing time: Tue 12 Aug 2025 07:00:07 +0000 ROA not before: Tue 12 Aug 2025 07:00:07 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 153236 IP address blocks: 103.120.62.0/23 maxlen: 24 103.177.234.0/23 maxlen: 24 103.210.0.0/23 maxlen: 24 103.217.82.0/24 maxlen: 24 103.217.83.0/24 maxlen: 24 2001:df2:8140::/48 maxlen: 48 2401:d9e0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 15:25:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49754 (0xc25a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Aug 12 07:00:07 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=689ae676-60a6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:db:50:98:f3:60:b4:6a:6a:66:76:fd:d8:fe: a1:22:58:0d:80:69:e2:d8:85:1b:a9:41:b2:62:75: 5a:16:21:38:c6:94:14:96:e4:04:e7:b0:1a:ca:7b: 26:95:a8:34:19:c9:13:d5:01:4a:9d:15:3e:cc:a5: b5:61:12:24:ec:70:18:8b:07:05:67:c7:32:bd:63: 09:8e:3c:f6:55:2d:8e:fc:51:d1:04:65:4c:9a:8d: ee:67:35:c6:1c:16:0a:19:60:de:ed:04:9e:07:9d: cf:85:ad:88:97:21:81:19:73:30:6a:80:be:fe:ab: ff:dd:d8:06:b4:14:75:88:93:f2:48:aa:1a:62:ef: 94:54:73:59:48:18:61:ba:ed:6a:8e:96:a7:19:07: 63:83:f7:b8:39:e7:1d:d6:84:93:02:4a:ef:f6:5d: 53:ea:ae:8d:7b:c5:34:a4:b2:8c:39:16:78:ae:e7: 8e:52:6c:8f:d7:6f:77:90:28:37:54:7f:49:52:31: 31:63:bc:75:d7:13:5c:ad:4d:9e:8e:5e:3a:00:f0: ee:e7:ba:56:78:c3:0e:ef:20:08:53:6c:ca:5e:b8: 4b:e7:5f:ab:0a:52:ab:ea:06:e8:9c:2f:86:7a:90: 0a:81:bf:4c:41:65:38:88:14:91:eb:ec:55:75:ad: ca:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:57:61:A0:DA:1A:EE:90:D1:38:88:99:C0:AF:07:30:58:45:28:06 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/144425AE729211F0B749B275C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.120.62.0/23 103.177.234.0/23 103.210.0.0/23 103.217.82.0/23 IPv6: 2001:df2:8140::/48 2401:d9e0::/32 Signature Algorithm: sha256WithRSAEncryption 39:2d:59:e8:2e:c3:b7:39:21:74:76:31:ec:f6:5b:85:f3:2c: f5:62:e2:85:e7:15:52:be:24:d8:f2:61:e0:ac:e5:ed:2a:65: 43:db:ce:25:58:de:90:5c:99:53:af:e3:4f:4b:67:50:54:6f: 57:b4:a7:ee:45:89:3a:d9:4d:46:6b:2d:e5:ee:a5:28:fd:ca: cd:32:45:c2:bc:33:4a:f6:19:04:ab:da:8c:9d:24:30:bf:f2: 97:b3:64:0b:fb:d5:f0:5e:29:e4:99:1b:21:b5:fa:67:b3:3b: 09:f7:00:c7:2f:5e:fb:58:c6:f8:16:52:48:f4:72:fa:62:e1: a9:c0:cd:4d:a6:a4:9b:d6:aa:9b:ce:dd:84:bc:28:e7:74:f4: 01:f1:e2:86:19:82:ed:57:8e:84:77:7b:9e:56:ac:c2:f4:07: 85:db:29:f2:52:07:3c:60:3f:6c:22:88:b1:d9:66:d9:24:47: 3d:ad:43:43:12:e5:13:bb:cb:31:9e:dd:71:5f:49:6a:e3:6d: 4a:8f:8d:a7:1c:1f:10:b6:0a:bb:09:fe:4b:18:75:1f:ec:53: 0e:24:95:50:7c:97:07:60:4f:b1:ae:38:f3:1d:d5:cb:05:c1: aa:b4:9a:3e:8e:97:91:0e:ab:8d:00:23:92:66:ed:5a:aa:d8: 5b:9a:4a:ec -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIDAMJaMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDgxMjA3MDAwN1oXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjg5YWU2NzYtNjBhNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANPbUJjzYLRqamZ2/dj+oSJYDYBp4tiFG6lBsmJ1WhYhOMaUFJbkBOewGsp7 JpWoNBnJE9UBSp0VPsyltWESJOxwGIsHBWfHMr1jCY489lUtjvxR0QRlTJqN7mc1 xhwWChlg3u0Engedz4WtiJchgRlzMGqAvv6r/93YBrQUdYiT8kiqGmLvlFRzWUgY Ybrtao6WpxkHY4P3uDnnHdaEkwJK7/ZdU+qujXvFNKSyjDkWeK7njlJsj9dvd5Ao N1R/SVIxMWO8ddcTXK1Nno5eOgDw7ue6VnjDDu8gCFNsyl64S+dfqwpSq+oG6Jwv hnqQCoG/TEFlOIgUkevsVXWtynsCAwEAAaOCAr8wggK7MB0GA1UdDgQWBBR3V2Gg 2hrukNE4iJnArwcwWEUoBjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzE0NDQyNUFF NzI5MjExRjBCNzQ5QjI3NUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMEkGCCsGAQUFBwEHAQH/ BDowODAeBAIAATAYAwQBZ3g+AwQBZ7HqAwQBZ9IAAwQBZ9lSMBYEAgACMBADBwAg AQ3ygUADBQAkAdngMA0GCSqGSIb3DQEBCwUAA4IBAQA5LVnoLsO3OSF0djHs9luF 8yz1YuKF5xVSviTY8mHgrOXtKmVD284lWN6QXJlTr+NPS2dQVG9XtKfuRYk62U1G ay3l7qUo/crNMkXCvDNK9hkEq9qMnSQwv/KXs2QL+9XwXinkmRshtfpnszsJ9wDH L177WMb4FlJI9HL6YuGpwM1NpqSb1qqbzt2EvCjndPQB8eKGGYLtV46Ed3ueVqzC 9AeF2ynyUgc8YD9sIoix2WbZJEc9rUNDEuUTu8sxnt1xX0lq421Kj42nHB8Qtgq7 Cf5LGHUf7FMOJJVQfJcHYE+xrjjzHdXLBcGqtJo+jpeRDquNACOSZu1aqthbmkrs -----END CERTIFICATE-----Generated at Sun Aug 24 02:35:49 2025 by rpki-client