$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/2A3B0CECF89E11EFBEB09C18C4F9AE02.roa File: 2A3B0CECF89E11EFBEB09C18C4F9AE02.roa (raw, json) Hash identifier: 9NhxgmeB9d3FvwHBDgCqKyQC9U/lReRo4/VWdoQQNcM= Subject key identifier: 37:88:CB:79:DF:0C:79:CD:76:FA:A1:80:8E:C5:64:74:4B:03:F0:8A Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934 Certificate serial: 0856 Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/2A3B0CECF89E11EFBEB09C18C4F9AE02.roa Signing time: Wed 08 Oct 2025 22:54:20 +0000 ROA not before: Wed 08 Oct 2025 22:54:20 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 62610 IP address blocks: 36.255.195.0/24 maxlen: 24 43.252.210.0/24 maxlen: 24 103.225.197.0/24 maxlen: 24 103.225.198.0/24 maxlen: 24 150.107.0.0/24 maxlen: 24 150.107.3.0/24 maxlen: 24 150.129.40.0/24 maxlen: 24 150.129.42.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 00:38:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2134 (0x856) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911B412, serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934 Validity Not Before: Oct 8 22:54:20 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=68e6eb9c-ae9b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:9e:15:e1:67:29:28:fd:0a:34:be:3e:af:ac: 4b:f7:7c:26:ae:9b:b3:ff:ba:de:a4:e0:fd:ed:77: e2:8f:e3:b5:81:67:fa:17:6e:f1:5d:15:c9:d4:dc: 92:a1:a3:50:6d:56:dd:f4:ef:d4:1e:4b:c1:02:62: 6e:fa:80:7e:40:70:fc:0d:0e:f4:7f:fd:4e:89:cb: d4:96:cd:3d:30:8b:af:b8:64:1e:c9:57:0c:88:47: 4f:88:e4:ae:b1:bb:6b:ba:63:cf:be:25:78:f3:70: 33:e0:77:20:31:b5:3c:c8:8c:a2:ae:a2:be:17:12: 53:bf:2a:9c:8e:5e:d5:4c:bd:3d:9d:51:74:67:3f: 73:75:db:2d:5e:6b:55:8d:81:ff:10:51:13:52:59: 38:24:4f:46:bc:cc:a6:d6:06:05:9b:d0:c1:8f:e1: 27:c0:d3:f0:68:02:18:dd:1f:50:87:fd:28:96:47: 7e:e3:b9:2a:95:68:b3:93:06:af:19:4b:17:6e:59: bf:dd:89:5f:a6:37:40:03:32:25:dd:5f:6f:fb:57: 9e:6e:4d:8e:c8:a7:05:b8:a7:2d:cd:e0:dd:ea:fa: 02:71:a1:fd:81:f0:02:ff:d4:96:f7:f0:43:df:73: 0e:43:b2:bb:01:f5:0a:15:7b:ee:c5:71:06:d7:46: 68:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:88:CB:79:DF:0C:79:CD:76:FA:A1:80:8E:C5:64:74:4B:03:F0:8A X509v3 Authority Key Identifier: keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/2A3B0CECF89E11EFBEB09C18C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 36.255.195.0/24 43.252.210.0/24 103.225.197.0-103.225.198.255 150.107.0.0/24 150.107.3.0/24 150.129.40.0/24 150.129.42.0/24 Signature Algorithm: sha256WithRSAEncryption 2b:a3:1c:d5:da:74:1d:8c:6b:99:d7:9f:30:ad:f7:98:a3:69: 5b:41:8e:d7:fc:6c:d0:60:fd:cb:ec:23:e0:ca:c8:48:77:c9: e0:fa:5e:1a:72:a1:88:8e:4f:f7:e1:73:a7:2c:51:f5:a4:51: 2e:11:30:5e:6b:2e:2f:76:80:4e:ea:74:4d:11:8f:e8:b5:e4: 1c:86:4b:3a:3d:6f:2f:84:f5:a4:37:93:b6:bb:8f:31:94:f3: b2:80:17:87:6a:cb:21:18:a3:d7:91:db:98:4f:af:e1:4f:a8: 05:f5:82:b0:d1:66:67:1c:ad:f0:4b:68:3c:78:da:2d:e0:6e: 86:74:02:fe:04:d5:bf:d1:55:29:f2:14:6f:a3:1b:c2:14:7a: 59:67:b3:f4:36:86:9c:ec:88:e2:5a:9b:95:71:06:b5:7b:99: ff:e2:03:5b:87:36:9f:66:39:3d:1c:cc:01:c4:06:f7:59:b6: d7:51:c4:83:5a:cc:3e:73:87:73:8e:3c:35:cf:c6:b3:fe:76: 64:e1:6d:34:fe:27:20:6d:72:6c:5e:cd:77:fa:5e:85:e7:0a: 28:ce:98:82:85:00:a1:e4:dc:52:52:aa:72:71:c3:2d:70:91: 3b:ab:25:bb:a3:57:ae:18:21:8c:25:10:ab:90:a9:4b:02:31: a9:cc:d5:5b -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgICCFYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3 RDgwQjA5MzQwHhcNMjUxMDA4MjI1NDIwWhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGU2ZWI5Yy1hZTliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAq54V4WcpKP0KNL4+r6xL93wmrpuz/7repOD97Xfij+O1gWf6F27xXRXJ1NyS oaNQbVbd9O/UHkvBAmJu+oB+QHD8DQ70f/1OicvUls09MIuvuGQeyVcMiEdPiOSu sbtrumPPviV483Az4HcgMbU8yIyirqK+FxJTvyqcjl7VTL09nVF0Zz9zddstXmtV jYH/EFETUlk4JE9GvMym1gYFm9DBj+EnwNPwaAIY3R9Qh/0olkd+47kqlWizkwav GUsXblm/3YlfpjdAAzIl3V9v+1eebk2OyKcFuKctzeDd6voCcaH9gfAC/9SW9/BD 33MOQ7K7AfUKFXvuxXEG10Zo0wIDAQABo4ICwTCCAr0wHQYDVR0OBBYEFDeIy3nf DHnNdvqhgI7FZHRLA/CKMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvMkEzQjBDRUNG ODlFMTFFRkJFQjA5QzE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSwYIKwYBBQUHAQcBAf8E PDA6MDgEAgABMDIDBAAk/8MDBAAr/NIwDAMEAGfhxQMEAGfhxgMEAJZrAAMEAJZr AwMEAJaBKAMEAJaBKjANBgkqhkiG9w0BAQsFAAOCAQEAK6Mc1dp0HYxrmdefMK33 mKNpW0GO1/xs0GD9y+wj4MrISHfJ4PpeGnKhiI5P9+FzpyxR9aRRLhEwXmsuL3aA Tup0TRGP6LXkHIZLOj1vL4T1pDeTtruPMZTzsoAXh2rLIRij15HbmE+v4U+oBfWC sNFmZxyt8EtoPHjaLeBuhnQC/gTVv9FVKfIUb6MbwhR6WWez9DaGnOyI4lqblXEG tXuZ/+IDW4c2n2Y5PRzMAcQG91m211HEg1rMPnOHc448Nc/Gs/52ZOFtNP4nIG1y bF7Nd/pehecKKM6YgoUAoeTcUlKqcnHDLXCRO6slu6NXrhghjCUQq5CpSwIxqczV Ww== -----END CERTIFICATE-----Generated at Tue Oct 21 14:52:13 2025 by rpki-client