$ rpki-client -vvf rpki.apnic.net/member_repository/A9194E03/3F48F2241DA611E29A075D9D08B02CD2/2A24EFB878D011F08CEB9275C4F9AE02.roa File: 2A24EFB878D011F08CEB9275C4F9AE02.roa (raw, json) Hash identifier: civYJKjv+rMWikYh4a7W2bxU8PQ81xsHn2H6a66BKGA= Subject key identifier: EE:DB:BE:83:EF:4C:C8:E8:64:24:63:4F:EA:01:F7:CD:1F:CE:F8:8C Certificate issuer: /CN=A9194E03/serialNumber=E39AB1D07B50DBB9ABE2CB51CD9B1E3A5A854521 Certificate serial: 34E8 Authority key identifier: E3:9A:B1:D0:7B:50:DB:B9:AB:E2:CB:51:CD:9B:1E:3A:5A:85:45:21 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/45qx0HtQ27mr4stRzZseOlqFRSE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9194E03/3F48F2241DA611E29A075D9D08B02CD2/2A24EFB878D011F08CEB9275C4F9AE02.roa Signing time: Thu 02 Oct 2025 15:41:09 +0000 ROA not before: Thu 02 Oct 2025 15:41:09 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 132827 IP address blocks: 27.123.208.0/22 maxlen: 22 101.0.8.0/24 maxlen: 24 101.0.9.0/24 maxlen: 24 101.0.10.0/24 maxlen: 24 101.0.11.0/24 maxlen: 24 101.0.24.0/24 maxlen: 24 101.0.25.0/24 maxlen: 24 101.0.26.0/23 maxlen: 23 103.3.16.0/24 maxlen: 24 103.3.17.0/24 maxlen: 24 103.3.19.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9194E03/3F48F2241DA611E29A075D9D08B02CD2/45qx0HtQ27mr4stRzZseOlqFRSE.crl rsync://rpki.apnic.net/member_repository/A9194E03/3F48F2241DA611E29A075D9D08B02CD2/45qx0HtQ27mr4stRzZseOlqFRSE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/45qx0HtQ27mr4stRzZseOlqFRSE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 15:20:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13544 (0x34e8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9194E03, serialNumber=E39AB1D07B50DBB9ABE2CB51CD9B1E3A5A854521 Validity Not Before: Oct 2 15:41:09 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=68de9d15-1d8f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:5a:35:3e:9e:55:f2:80:ca:d5:e9:58:c0:46: 63:15:23:98:c1:0b:9d:5f:5f:d9:db:91:7e:2c:95: 63:40:61:92:2a:77:6f:71:df:d8:6b:4f:54:73:2f: 20:d6:e7:e5:b0:41:50:1e:f0:67:2e:74:7b:cf:fc: 75:ad:81:8c:00:fb:e7:6a:d0:42:59:b9:fe:d0:ad: d5:08:81:a0:5b:8a:d2:1f:67:f6:9f:35:e3:eb:ea: e4:1d:e8:e5:64:a7:70:08:83:7c:c6:f4:3a:67:d1: cc:97:0c:73:a2:fb:23:9e:42:af:e4:e0:71:14:2d: 58:07:8c:5a:8a:4d:92:7a:c5:b9:48:e2:d4:8b:5b: d9:bb:cd:e4:30:1e:a7:49:86:86:02:ec:0a:a8:e9: 83:22:97:d9:96:f0:71:08:fd:65:6c:ad:4b:66:7c: b6:a8:46:53:5b:8f:8b:a7:95:0e:e5:f5:17:15:b9: 74:b8:2a:37:01:5f:b6:68:a9:e5:f2:57:67:d8:19: 6c:92:f5:a5:38:1e:6b:6d:a9:da:91:c2:14:22:09: 28:8d:fa:f8:d0:ec:5e:47:83:bc:86:ea:89:6c:84: 92:a9:88:61:ac:d0:4f:51:be:24:96:0c:d2:a9:a0: 5d:fb:c1:5b:ea:35:29:b1:48:b6:c9:2f:35:cf:91: a5:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:DB:BE:83:EF:4C:C8:E8:64:24:63:4F:EA:01:F7:CD:1F:CE:F8:8C X509v3 Authority Key Identifier: keyid:E3:9A:B1:D0:7B:50:DB:B9:AB:E2:CB:51:CD:9B:1E:3A:5A:85:45:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9194E03/3F48F2241DA611E29A075D9D08B02CD2/45qx0HtQ27mr4stRzZseOlqFRSE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/45qx0HtQ27mr4stRzZseOlqFRSE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9194E03/3F48F2241DA611E29A075D9D08B02CD2/2A24EFB878D011F08CEB9275C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 27.123.208.0/22 101.0.8.0/22 101.0.24.0/22 103.3.16.0/23 103.3.19.0/24 Signature Algorithm: sha256WithRSAEncryption a6:d7:f8:f3:2a:95:34:e0:b5:1c:23:f5:f1:9c:6f:46:bb:42: e4:ce:de:0a:58:7c:dc:1d:45:31:1a:2f:0b:3d:ae:56:c6:27: 0e:95:a1:7b:c8:7d:2b:37:ac:a3:f9:ee:08:43:17:10:36:71: 23:89:94:86:f8:39:25:15:e9:f8:9c:e5:e5:77:a0:0e:23:3e: f5:15:9d:92:97:de:1a:80:55:e9:a3:51:73:90:c1:c2:4b:db: ef:5a:39:e0:3b:6f:0e:9a:bd:4a:24:00:f3:ce:52:00:88:3a: 36:a9:d4:e7:59:09:f5:11:fd:f5:8f:16:31:85:72:aa:c1:8f: 31:ac:01:28:04:8a:a8:be:07:07:1b:3d:80:3d:bc:5e:bc:4a: 40:08:6b:ec:72:d5:50:a7:aa:bc:89:f7:a6:19:24:59:f7:24: 8c:90:50:52:1b:82:7e:eb:92:83:bb:c0:55:e1:90:ec:30:71: 78:58:fb:9a:8a:24:50:8d:52:e6:e2:ca:fd:6c:ad:39:d9:7f: 4f:12:83:16:5b:11:a2:a7:7b:27:5e:77:3a:99:79:fb:c6:a2: 65:8d:b2:83:5f:c5:3d:78:00:2e:91:86:15:3b:41:55:a1:9f: 26:af:c1:48:0d:47:e0:01:e1:1f:a8:c3:86:df:18:ad:34:6d: 13:a4:a1:60 -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgICNOgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTRFMDMxMTAvBgNVBAUTKEUzOUFCMUQwN0I1MERCQjlBQkUyQ0I1MUNEOUIxRTNB NUE4NTQ1MjEwHhcNMjUxMDAyMTU0MTA5WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGRlOWQxNS0xZDhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy1o1Pp5V8oDK1elYwEZjFSOYwQudX1/Z25F+LJVjQGGSKndvcd/Ya09Ucy8g 1uflsEFQHvBnLnR7z/x1rYGMAPvnatBCWbn+0K3VCIGgW4rSH2f2nzXj6+rkHejl ZKdwCIN8xvQ6Z9HMlwxzovsjnkKv5OBxFC1YB4xaik2SesW5SOLUi1vZu83kMB6n SYaGAuwKqOmDIpfZlvBxCP1lbK1LZny2qEZTW4+Lp5UO5fUXFbl0uCo3AV+2aKnl 8ldn2BlskvWlOB5rbanakcIUIgkojfr40OxeR4O8huqJbISSqYhhrNBPUb4klgzS qaBd+8Fb6jUpsUi2yS81z5GlTQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFO7bvoPv TMjoZCRjT+oB980fzviMMB8GA1UdIwQYMBaAFOOasdB7UNu5q+LLUc2bHjpahUUh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NEUwMy8zRjQ4RjIyNDFE QTYxMUUyOUEwNzVEOUQwOEIwMkNEMi80NXF4MEh0UTI3bXI0c3RSelpzZU9scUZS U0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzQ1cXgwSHRRMjdtcjRzdFJ6WnNlT2xxRlJTRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTRFMDMvM0Y0OEYyMjQxREE2MTFFMjlBMDc1RDlEMDhCMDJDRDIvMkEyNEVGQjg3 OEQwMTFGMDhDRUI5Mjc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E KDAmMCQEAgABMB4DBAIbe9ADBAJlAAgDBAJlABgDBAFnAxADBABnAxMwDQYJKoZI hvcNAQELBQADggEBAKbX+PMqlTTgtRwj9fGcb0a7QuTO3gpYfNwdRTEaLws9rlbG Jw6VoXvIfSs3rKP57ghDFxA2cSOJlIb4OSUV6fic5eV3oA4jPvUVnZKX3hqAVemj UXOQwcJL2+9aOeA7bw6avUokAPPOUgCIOjap1OdZCfUR/fWPFjGFcqrBjzGsASgE iqi+BwcbPYA9vF68SkAIa+xy1VCnqryJ96YZJFn3JIyQUFIbgn7rkoO7wFXhkOww cXhY+5qKJFCNUubiyv1srTnZf08SgxZbEaKneydedzqZefvGomWNsoNfxT14AC6R hhU7QVWhnyavwUgNR+AB4R+ow4bfGK00bROkoWA= -----END CERTIFICATE-----Generated at Mon Oct 20 14:01:55 2025 by rpki-client