$ rpki-client -vvf rpki.apnic.net/member_repository/A9110C51/476A7BE07BBC11EA963F3686C4F9AE02/1043B2347BBD11EA8356C986C4F9AE02.roa File: 1043B2347BBD11EA8356C986C4F9AE02.roa (raw, json) Hash identifier: 3nC+gG2mDTZBTV04V3x6XaZzq6tvXUY+nCHa8UvPHpE= Subject key identifier: AB:AF:15:F1:B2:8A:9E:23:BB:CD:A1:E9:97:27:64:46:06:69:24:1F Certificate issuer: /CN=A9110C51/serialNumber=8D7E3058350BB8DFEFFCE7770BBC8C86B762A1E4 Certificate serial: 0A4F Authority key identifier: 8D:7E:30:58:35:0B:B8:DF:EF:FC:E7:77:0B:BC:8C:86:B7:62:A1:E4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jX4wWDULuN_v_Od3C7yMhrdioeQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9110C51/476A7BE07BBC11EA963F3686C4F9AE02/1043B2347BBD11EA8356C986C4F9AE02.roa Signing time: Fri 29 Aug 2025 11:33:30 +0000 ROA not before: Fri 29 Aug 2025 11:33:30 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 137580 IP address blocks: 103.114.24.0/24 maxlen: 24 103.114.25.0/24 maxlen: 24 103.114.26.0/24 maxlen: 24 103.114.27.0/24 maxlen: 24 2407:44c0::/32 maxlen: 32 2407:44c0::/40 maxlen: 40 2407:44c0:1::/48 maxlen: 48 2407:44c0:8000::/48 maxlen: 48 2407:44c0:8001::/48 maxlen: 48 2407:44c0:8002::/48 maxlen: 48 2407:44c0:800a::/48 maxlen: 48 2407:44c0:800b::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9110C51/476A7BE07BBC11EA963F3686C4F9AE02/jX4wWDULuN_v_Od3C7yMhrdioeQ.crl rsync://rpki.apnic.net/member_repository/A9110C51/476A7BE07BBC11EA963F3686C4F9AE02/jX4wWDULuN_v_Od3C7yMhrdioeQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jX4wWDULuN_v_Od3C7yMhrdioeQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 19:49:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2639 (0xa4f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9110C51, serialNumber=8D7E3058350BB8DFEFFCE7770BBC8C86B762A1E4 Validity Not Before: Aug 29 11:33:30 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=68b19009-2b67 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:ea:c7:f6:1f:78:17:d2:39:75:57:b9:8d:ef: f0:9f:c2:b3:b5:40:9d:80:50:5c:7b:01:3e:17:18: ef:51:a0:54:34:8b:63:66:9d:2f:af:b6:41:a7:2b: 31:22:77:48:f6:75:34:40:17:21:c5:39:9d:ac:6a: e6:d9:fe:72:e8:39:7c:f1:fa:cf:8f:be:ff:f8:11: 6d:fb:e1:0d:b2:38:28:c0:09:a7:c2:cb:bd:55:e3: 9c:c7:fb:b2:24:87:a8:5b:2e:35:f6:b4:63:87:4e: b6:0c:12:c8:2e:4c:cf:5a:5f:a7:03:2a:6b:f6:7d: 49:79:ac:50:d9:bb:65:ef:74:97:c9:a6:18:8f:7d: ad:e9:eb:38:f6:34:1d:fe:74:90:33:1f:d9:7c:12: 04:bd:f6:62:dd:b4:8e:c8:a4:cb:fe:7b:be:53:db: 4e:7e:3c:a0:7a:cf:fd:93:de:30:14:a9:4e:de:96: 01:99:87:da:7d:82:54:7a:ac:e4:87:72:bd:47:08: 82:4a:e6:bd:fd:de:25:b4:50:f4:2e:83:0e:23:df: c9:50:c9:41:c5:4f:cf:e8:7b:cc:84:32:6b:31:9e: a3:e9:2d:28:ed:02:b5:52:fd:a3:7f:fb:58:b0:e6: cf:68:c1:5c:63:81:35:aa:62:e6:42:b6:b0:e4:99: cc:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:AF:15:F1:B2:8A:9E:23:BB:CD:A1:E9:97:27:64:46:06:69:24:1F X509v3 Authority Key Identifier: keyid:8D:7E:30:58:35:0B:B8:DF:EF:FC:E7:77:0B:BC:8C:86:B7:62:A1:E4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9110C51/476A7BE07BBC11EA963F3686C4F9AE02/jX4wWDULuN_v_Od3C7yMhrdioeQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jX4wWDULuN_v_Od3C7yMhrdioeQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9110C51/476A7BE07BBC11EA963F3686C4F9AE02/1043B2347BBD11EA8356C986C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.114.24.0/22 IPv6: 2407:44c0::/32 Signature Algorithm: sha256WithRSAEncryption 53:24:e0:85:ce:59:e6:d4:7f:39:ae:37:25:fa:44:79:08:5c: fe:23:d7:71:0e:4c:0d:cf:5f:52:ac:70:86:e6:b0:01:4c:b8: 57:01:5b:d5:a2:4d:ab:d6:db:bd:0b:41:b5:9f:08:8a:4c:ab: 23:1d:d6:14:15:51:8c:67:84:8d:ae:57:54:ad:c6:cc:dc:42: 92:35:a1:da:23:1d:97:cd:52:00:59:58:80:64:61:98:35:2b: 84:01:9c:f9:41:73:b0:2f:ec:be:84:fe:e8:62:25:b5:b1:b8: d0:ef:53:ab:80:a4:fb:8f:29:f4:ea:a1:be:b5:5e:81:7e:98: ef:5c:00:e6:63:ff:18:72:27:3e:77:04:09:eb:28:ed:3e:bd: 41:80:f4:65:1e:e3:fc:17:44:64:7a:cc:d4:47:2f:18:5d:ea: 61:a4:0b:5c:fd:06:ff:c5:1a:78:05:5c:f9:06:a8:29:8a:4e: 0a:45:80:cf:45:b2:03:dd:b6:ec:98:44:72:6b:27:db:42:33: b2:4a:20:97:b2:b9:7e:65:6b:97:5a:43:71:95:77:dd:0c:39: cb:28:9e:08:b0:3d:2f:f1:02:19:67:f5:28:db:08:b0:d8:2f: 9d:43:83:fa:a7:da:fc:97:53:8b:02:32:16:1e:56:0e:52:9c: 27:b0:87:bb -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICCk8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTBDNTExMTAvBgNVBAUTKDhEN0UzMDU4MzUwQkI4REZFRkZDRTc3NzBCQkM4Qzg2 Qjc2MkExRTQwHhcNMjUwODI5MTEzMzMwWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGIxOTAwOS0yYjY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtOrH9h94F9I5dVe5je/wn8KztUCdgFBcewE+FxjvUaBUNItjZp0vr7ZBpysx IndI9nU0QBchxTmdrGrm2f5y6Dl88frPj77/+BFt++ENsjgowAmnwsu9VeOcx/uy JIeoWy419rRjh062DBLILkzPWl+nAypr9n1JeaxQ2btl73SXyaYYj32t6es49jQd /nSQMx/ZfBIEvfZi3bSOyKTL/nu+U9tOfjyges/9k94wFKlO3pYBmYfafYJUeqzk h3K9RwiCSua9/d4ltFD0LoMOI9/JUMlBxU/P6HvMhDJrMZ6j6S0o7QK1Uv2jf/tY sObPaMFcY4E1qmLmQraw5JnMpwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFKuvFfGy ip4ju82h6ZcnZEYGaSQfMB8GA1UdIwQYMBaAFI1+MFg1C7jf7/zndwu8jIa3YqHk MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMEM1MS80NzZBN0JFMDdC QkMxMUVBOTYzRjM2ODZDNEY5QUUwMi9qWDR3V0RVTHVOX3ZfT2QzQzd5TWhyZGlv ZVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2pYNHdXRFVMdU5fdl9PZDNDN3lNaHJkaW9lUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MTBDNTEvNDc2QTdCRTA3QkJDMTFFQTk2M0YzNjg2QzRGOUFFMDIvMTA0M0IyMzQ3 QkJEMTFFQTgzNTZDOTg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAJnchgwDQQCAAIwBwMFACQHRMAwDQYJKoZIhvcNAQELBQAD ggEBAFMk4IXOWebUfzmuNyX6RHkIXP4j13EOTA3PX1KscIbmsAFMuFcBW9WiTavW 270LQbWfCIpMqyMd1hQVUYxnhI2uV1StxszcQpI1odojHZfNUgBZWIBkYZg1K4QB nPlBc7Av7L6E/uhiJbWxuNDvU6uApPuPKfTqob61XoF+mO9cAOZj/xhyJz53BAnr KO0+vUGA9GUe4/wXRGR6zNRHLxhd6mGkC1z9Bv/FGngFXPkGqCmKTgpFgM9FsgPd tuyYRHJrJ9tCM7JKIJeyuX5la5daQ3GVd90MOcsongiwPS/xAhln9SjbCLDYL51D g/qn2vyXU4sCMhYeVg5SnCewh7s= -----END CERTIFICATE-----Generated at Wed Nov 5 18:36:43 2025 by rpki-client