$ rpki-client -vvf rpki.apnic.net/member_repository/A918F550/8B9BD2021D8511E2B41230DC08B02CD2/203B2B7A1C9811EE995E057EC4F9AE02.roa File: 203B2B7A1C9811EE995E057EC4F9AE02.roa (raw, json) Hash identifier: Hfoqu4I1rzkj+GgbHs+w6S5W47rIQMmLn4wuh51rR+4= Subject key identifier: 2A:7F:4E:E9:93:A8:07:37:47:BC:1D:FC:01:B1:FF:FD:24:76:66:53 Certificate issuer: /CN=A918F550/serialNumber=A24B6A62044B70065F0506388460E4AF2F17F3FF Certificate serial: 3573 Authority key identifier: A2:4B:6A:62:04:4B:70:06:5F:05:06:38:84:60:E4:AF:2F:17:F3:FF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oktqYgRLcAZfBQY4hGDkry8X8_8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918F550/8B9BD2021D8511E2B41230DC08B02CD2/203B2B7A1C9811EE995E057EC4F9AE02.roa Signing time: Wed 20 Aug 2025 14:50:32 +0000 ROA not before: Wed 20 Aug 2025 14:50:32 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 4007 IP address blocks: 103.235.196.0/22 maxlen: 24 163.53.24.0/23 maxlen: 24 202.51.69.0/24 maxlen: 24 202.51.80.0/24 maxlen: 24 202.51.88.0/23 maxlen: 23 202.51.88.0/24 maxlen: 24 202.51.89.0/24 maxlen: 24 202.51.92.0/24 maxlen: 24 202.51.93.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918F550/8B9BD2021D8511E2B41230DC08B02CD2/oktqYgRLcAZfBQY4hGDkry8X8_8.crl rsync://rpki.apnic.net/member_repository/A918F550/8B9BD2021D8511E2B41230DC08B02CD2/oktqYgRLcAZfBQY4hGDkry8X8_8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oktqYgRLcAZfBQY4hGDkry8X8_8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 14:25:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13683 (0x3573) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918F550, serialNumber=A24B6A62044B70065F0506388460E4AF2F17F3FF Validity Not Before: Aug 20 14:50:32 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=68a5e0b8-093d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:1a:d8:09:58:29:3b:d8:da:74:82:02:a0:a5: 13:45:91:23:51:d9:cf:0e:59:89:01:a1:55:3c:40: 74:be:c0:ca:26:bc:56:70:95:07:c6:3f:78:dc:28: 17:1d:26:cf:d0:eb:73:44:71:f8:20:55:e7:aa:6d: a7:ea:9d:77:d2:57:a2:bf:37:fa:d7:ab:98:7a:d5: d7:bc:ff:d3:9e:94:24:ca:35:e6:98:0a:5f:4d:bb: 56:06:d9:4d:78:0b:22:5e:a3:62:8d:f7:5f:2f:59: e1:17:68:67:c1:64:4e:41:ae:c5:39:ef:f7:9f:68: c0:de:67:db:c0:7a:df:84:30:1e:7c:06:e5:0d:ac: 2e:9e:a4:01:34:47:45:ba:e4:eb:06:51:98:53:59: 72:e1:50:9b:5e:7a:df:be:9e:b1:68:bb:03:79:fb: b3:e0:a9:50:9f:5f:aa:ca:81:b1:af:45:1f:3a:d3: 89:13:34:f9:e4:a1:1b:da:62:e2:86:c1:cd:7d:6c: d3:f6:1b:1a:41:8b:c9:1c:d4:43:19:6c:b0:7f:ff: 52:d0:6e:34:db:69:2a:c4:a5:6d:93:81:e7:c8:72: 0c:6e:f7:d0:c5:7d:c1:33:6c:bd:29:db:2c:19:ba: 41:72:8c:71:4d:50:df:40:b4:d9:9a:58:42:93:eb: 89:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:7F:4E:E9:93:A8:07:37:47:BC:1D:FC:01:B1:FF:FD:24:76:66:53 X509v3 Authority Key Identifier: keyid:A2:4B:6A:62:04:4B:70:06:5F:05:06:38:84:60:E4:AF:2F:17:F3:FF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918F550/8B9BD2021D8511E2B41230DC08B02CD2/oktqYgRLcAZfBQY4hGDkry8X8_8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oktqYgRLcAZfBQY4hGDkry8X8_8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F550/8B9BD2021D8511E2B41230DC08B02CD2/203B2B7A1C9811EE995E057EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.235.196.0/22 163.53.24.0/23 202.51.69.0/24 202.51.80.0/24 202.51.88.0/23 202.51.92.0/23 Signature Algorithm: sha256WithRSAEncryption 91:c7:1c:78:26:ed:cb:26:34:a3:3d:18:7a:4d:73:1a:98:80: d3:88:4a:8d:36:c3:cb:cb:82:47:7d:1f:36:07:03:52:de:ab: eb:b0:27:e5:0d:88:3f:4b:86:da:b4:77:50:c1:52:a2:f9:af: b3:72:22:42:b5:3c:a5:46:18:c2:a6:7d:5c:10:f1:f9:0a:a6: 3d:53:e5:06:de:db:a5:59:dc:12:e2:65:ed:89:0e:48:8e:37: 99:7e:40:cb:2a:8e:86:2d:05:9f:a5:f5:70:6f:94:1f:74:87: 58:cf:53:04:61:df:56:88:c3:19:90:4c:c4:04:f1:28:d2:8d: 92:6c:80:45:f6:84:f6:0c:f3:0e:06:a1:cc:70:11:5b:13:fe: 90:6f:d5:03:7a:2e:20:13:26:40:06:a1:28:16:a1:75:b0:ff: 46:d6:92:44:8b:87:fd:d7:f4:3a:82:bd:49:f6:e4:bb:b7:59: 6c:dc:11:d8:d9:a7:ec:c6:e3:2b:ef:13:de:0b:7b:3e:8e:72: 0d:28:39:8d:b9:58:37:88:7d:24:a1:1d:1a:cc:07:b8:33:cc: 92:6c:d8:f5:3d:0c:d6:7e:73:68:f5:2b:d5:ac:0b:e9:b7:c2: 8a:59:9a:9a:d0:f7:32:06:44:b6:59:7a:d4:78:04:14:7a:5d: 13:0b:f1:0e -----BEGIN CERTIFICATE----- MIIFjzCCBHegAwIBAgICNXMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEY1NTAxMTAvBgNVBAUTKEEyNEI2QTYyMDQ0QjcwMDY1RjA1MDYzODg0NjBFNEFG MkYxN0YzRkYwHhcNMjUwODIwMTQ1MDMyWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGE1ZTBiOC0wOTNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArxrYCVgpO9jadIICoKUTRZEjUdnPDlmJAaFVPEB0vsDKJrxWcJUHxj943CgX HSbP0OtzRHH4IFXnqm2n6p130leivzf616uYetXXvP/TnpQkyjXmmApfTbtWBtlN eAsiXqNijfdfL1nhF2hnwWROQa7FOe/3n2jA3mfbwHrfhDAefAblDawunqQBNEdF uuTrBlGYU1ly4VCbXnrfvp6xaLsDefuz4KlQn1+qyoGxr0UfOtOJEzT55KEb2mLi hsHNfWzT9hsaQYvJHNRDGWywf/9S0G4022kqxKVtk4HnyHIMbvfQxX3BM2y9Kdss GbpBcoxxTVDfQLTZmlhCk+uJmwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFCp/TumT qAc3R7wd/AGx//0kdmZTMB8GA1UdIwQYMBaAFKJLamIES3AGXwUGOIRg5K8vF/P/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RjU1MC84QjlCRDIwMjFE ODUxMUUyQjQxMjMwREMwOEIwMkNEMi9va3RxWWdSTGNBWmZCUVk0aEdEa3J5OFg4 XzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29rdHFZZ1JMY0FaZkJRWTRoR0Rrcnk4WDhfOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEY1NTAvOEI5QkQyMDIxRDg1MTFFMkI0MTIzMERDMDhCMDJDRDIvMjAzQjJCN0Ex Qzk4MTFFRTk5NUUwNTdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E LjAsMCoEAgABMCQDBAJn68QDBAGjNRgDBADKM0UDBADKM1ADBAHKM1gDBAHKM1ww DQYJKoZIhvcNAQELBQADggEBAJHHHHgm7csmNKM9GHpNcxqYgNOISo02w8vLgkd9 HzYHA1Leq+uwJ+UNiD9Lhtq0d1DBUqL5r7NyIkK1PKVGGMKmfVwQ8fkKpj1T5Qbe 26VZ3BLiZe2JDkiON5l+QMsqjoYtBZ+l9XBvlB90h1jPUwRh31aIwxmQTMQE8SjS jZJsgEX2hPYM8w4GocxwEVsT/pBv1QN6LiATJkAGoSgWoXWw/0bWkkSLh/3X9DqC vUn25Lu3WWzcEdjZp+zG4yvvE94Lez6Ocg0oOY25WDeIfSShHRrMB7gzzJJs2PU9 DNZ+c2j1K9WsC+m3wopZmprQ9zIGRLZZetR4BBR6XRML8Q4= -----END CERTIFICATE-----Generated at Sun Aug 24 04:08:20 2025 by rpki-client