$ rpki-client -vvf rpki.apnic.net/member_repository/A91ED931/D1D32B6E19AF11ECAF84CD76C4F9AE02/387C18C819B811EC841B010DC4F9AE02.roa File: 387C18C819B811EC841B010DC4F9AE02.roa (raw, json) Hash identifier: +YlApSxTikM4FwHJdKq+xTsZNvZj1+64BoAuNMnItr4= Subject key identifier: 3F:DD:5F:77:F4:7F:AB:9C:87:A0:FB:F5:C2:FF:43:F8:11:09:8B:B7 Certificate issuer: /CN=A91ED931/serialNumber=C035450BD1A2D44B151EE38C089888A5AF4B8059 Certificate serial: 052B Authority key identifier: C0:35:45:0B:D1:A2:D4:4B:15:1E:E3:8C:08:98:88:A5:AF:4B:80:59 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wDVFC9Gi1EsVHuOMCJiIpa9LgFk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ED931/D1D32B6E19AF11ECAF84CD76C4F9AE02/387C18C819B811EC841B010DC4F9AE02.roa Signing time: Sun 07 Sep 2025 20:24:58 +0000 ROA not before: Sun 07 Sep 2025 20:24:58 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 17472 IP address blocks: 103.154.68.0/23 maxlen: 24 202.49.96.0/21 maxlen: 21 202.49.96.0/22 maxlen: 22 202.49.96.0/23 maxlen: 24 202.49.98.0/23 maxlen: 24 202.49.100.0/22 maxlen: 22 202.49.100.0/23 maxlen: 24 202.49.102.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ED931/D1D32B6E19AF11ECAF84CD76C4F9AE02/wDVFC9Gi1EsVHuOMCJiIpa9LgFk.crl rsync://rpki.apnic.net/member_repository/A91ED931/D1D32B6E19AF11ECAF84CD76C4F9AE02/wDVFC9Gi1EsVHuOMCJiIpa9LgFk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wDVFC9Gi1EsVHuOMCJiIpa9LgFk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 01:15:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1323 (0x52b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ED931, serialNumber=C035450BD1A2D44B151EE38C089888A5AF4B8059 Validity Not Before: Sep 7 20:24:58 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=68bdea1a-b7bf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:7e:2f:35:57:cf:23:be:b8:74:85:e3:f1:7f: c5:18:8b:89:13:73:92:89:b2:10:fe:cb:7e:62:9d: 11:d3:17:83:72:37:64:d1:03:2c:ee:63:6b:a1:1e: e8:39:52:2e:78:63:95:34:a9:76:77:92:42:53:c7: 4c:59:4f:ec:9f:16:9c:12:62:60:cf:3f:bf:06:f3: 4b:31:22:ea:a6:d1:21:3f:d2:3f:d2:a1:ea:2d:02: 9b:25:de:7a:be:de:37:47:4d:ae:56:cf:8a:7d:bf: 7c:55:3a:bf:c2:2b:ec:73:43:17:b5:3d:97:b9:1f: e1:b3:57:fb:ca:28:a0:c3:1b:0b:d1:5a:69:94:a6: 57:db:80:88:f3:31:c4:2f:50:81:7b:5e:bd:28:75: c3:b1:96:19:52:17:88:45:67:b5:bc:5d:d8:e5:92: 9f:a4:7a:9e:52:e5:b2:20:0a:2d:05:85:57:2b:bd: 54:77:ef:c7:c5:39:74:8d:80:91:9e:c0:73:4d:72: 64:31:a5:7b:3a:d2:b1:d7:e0:1e:db:b9:7d:5e:1b: 39:23:4f:86:e9:ff:c1:4a:21:62:a1:3b:29:c9:70: bb:b0:c0:1d:27:b0:ba:65:4c:20:1b:21:79:cf:30: 49:98:01:e4:af:42:39:59:bf:df:2a:bb:b5:61:36: c7:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:DD:5F:77:F4:7F:AB:9C:87:A0:FB:F5:C2:FF:43:F8:11:09:8B:B7 X509v3 Authority Key Identifier: keyid:C0:35:45:0B:D1:A2:D4:4B:15:1E:E3:8C:08:98:88:A5:AF:4B:80:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ED931/D1D32B6E19AF11ECAF84CD76C4F9AE02/wDVFC9Gi1EsVHuOMCJiIpa9LgFk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wDVFC9Gi1EsVHuOMCJiIpa9LgFk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ED931/D1D32B6E19AF11ECAF84CD76C4F9AE02/387C18C819B811EC841B010DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.154.68.0/23 202.49.96.0/21 Signature Algorithm: sha256WithRSAEncryption 85:eb:19:16:c3:82:ff:1d:56:f9:3a:1a:04:6a:10:a5:15:61: b0:bb:41:b8:2d:07:bd:65:1e:0b:f1:c2:9c:30:9c:ce:69:62: bd:1b:a0:20:ed:3c:b1:1e:19:a2:f3:1e:c6:20:86:0a:38:09: 3d:82:d2:23:d7:23:e9:86:d5:9d:b5:a3:89:8e:b2:f7:4e:0e: 3f:76:2b:14:53:b2:43:b3:08:13:29:7e:80:4d:7f:d9:17:9f: 9e:17:a6:2d:de:90:b5:11:f4:32:b8:4e:c1:77:74:da:91:86: 16:fe:d4:ae:6e:33:a8:74:62:a9:cb:09:bd:46:06:1a:26:83: ca:56:ea:a7:f7:21:c0:f8:b9:8c:41:a9:9c:0f:41:8a:2f:59: c0:0a:49:b8:44:07:06:8a:b1:bc:ab:91:f8:ae:43:4a:f1:8d: d5:69:98:84:e8:e7:39:d0:a1:8d:41:e4:7d:14:55:59:4e:25: 84:4a:52:2c:cd:78:93:a6:4f:7e:9a:a4:c7:fb:f1:00:88:2e: 60:b6:54:e9:aa:3d:a5:4b:24:43:80:bd:8c:32:7e:32:8a:fe: 18:3e:42:19:d8:5b:30:d6:dc:30:87:c0:7c:69:83:f6:bc:49: f3:28:44:26:cf:48:20:0a:bb:e6:46:a5:b3:8b:dd:8a:d0:b7: 86:ce:85:c0 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICBSswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUQ5MzExMTAvBgNVBAUTKEMwMzU0NTBCRDFBMkQ0NEIxNTFFRTM4QzA4OTg4OEE1 QUY0QjgwNTkwHhcNMjUwOTA3MjAyNDU4WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGJkZWExYS1iN2JmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2H4vNVfPI764dIXj8X/FGIuJE3OSibIQ/st+Yp0R0xeDcjdk0QMs7mNroR7o OVIueGOVNKl2d5JCU8dMWU/snxacEmJgzz+/BvNLMSLqptEhP9I/0qHqLQKbJd56 vt43R02uVs+Kfb98VTq/wivsc0MXtT2XuR/hs1f7yiigwxsL0VpplKZX24CI8zHE L1CBe169KHXDsZYZUheIRWe1vF3Y5ZKfpHqeUuWyIAotBYVXK71Ud+/HxTl0jYCR nsBzTXJkMaV7OtKx1+Ae27l9Xhs5I0+G6f/BSiFioTspyXC7sMAdJ7C6ZUwgGyF5 zzBJmAHkr0I5Wb/fKru1YTbHfwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFD/dX3f0 f6uch6D79cL/Q/gRCYu3MB8GA1UdIwQYMBaAFMA1RQvRotRLFR7jjAiYiKWvS4BZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRDkzMS9EMUQzMkI2RTE5 QUYxMUVDQUY4NENENzZDNEY5QUUwMi93RFZGQzlHaTFFc1ZIdU9NQ0ppSXBhOUxn RmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3dEVkZDOUdpMUVzVkh1T01DSmlJcGE5TGdGay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUQ5MzEvRDFEMzJCNkUxOUFGMTFFQ0FGODRDRDc2QzRGOUFFMDIvMzg3QzE4Qzgx OUI4MTFFQzg0MUIwMTBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAFnmkQDBAPKMWAwDQYJKoZIhvcNAQELBQADggEBAIXrGRbD gv8dVvk6GgRqEKUVYbC7QbgtB71lHgvxwpwwnM5pYr0boCDtPLEeGaLzHsYghgo4 CT2C0iPXI+mG1Z21o4mOsvdODj92KxRTskOzCBMpfoBNf9kXn54Xpi3ekLUR9DK4 TsF3dNqRhhb+1K5uM6h0YqnLCb1GBhomg8pW6qf3IcD4uYxBqZwPQYovWcAKSbhE BwaKsbyrkfiuQ0rxjdVpmITo5znQoY1B5H0UVVlOJYRKUizNeJOmT36apMf78QCI LmC2VOmqPaVLJEOAvYwyfjKK/hg+QhnYWzDW3DCHwHxpg/a8SfMoRCbPSCAKu+ZG pbOL3YrQt4bOhcA= -----END CERTIFICATE-----Generated at Mon Oct 20 13:10:40 2025 by rpki-client