$ rpki-client -vvf rpki.apnic.net/member_repository/A9120BC1/DAC603888C7211F0A2B0AE56C4F9AE02/309260868C7311F0A82E0E57C4F9AE02.roa File: 309260868C7311F0A82E0E57C4F9AE02.roa (raw, json) Hash identifier: xvOCoFGuwQpaZXzaiPWTPYcNvcs6Rl0rLNu2ZBBzhNc= Subject key identifier: 86:12:E5:AE:9F:F7:85:8B:C0:BF:39:53:C9:B2:8E:47:FA:BC:9F:81 Certificate issuer: /CN=A9120BC1/serialNumber=04A8F28F527E189167ACC9030CBEDAD8A9C417B9 Certificate serial: 04 Authority key identifier: 04:A8:F2:8F:52:7E:18:91:67:AC:C9:03:0C:BE:DA:D8:A9:C4:17:B9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BKjyj1J-GJFnrMkDDL7a2KnEF7k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9120BC1/DAC603888C7211F0A2B0AE56C4F9AE02/309260868C7311F0A82E0E57C4F9AE02.roa Signing time: Mon 08 Sep 2025 05:21:38 +0000 ROA not before: Mon 08 Sep 2025 05:21:38 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 134967 IP address blocks: 103.22.244.0/22 maxlen: 22 103.22.244.0/24 maxlen: 24 103.22.245.0/24 maxlen: 24 103.22.246.0/24 maxlen: 24 103.22.247.0/24 maxlen: 24 2404:3980::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9120BC1/DAC603888C7211F0A2B0AE56C4F9AE02/BKjyj1J-GJFnrMkDDL7a2KnEF7k.crl rsync://rpki.apnic.net/member_repository/A9120BC1/DAC603888C7211F0A2B0AE56C4F9AE02/BKjyj1J-GJFnrMkDDL7a2KnEF7k.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BKjyj1J-GJFnrMkDDL7a2KnEF7k.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Sep 2025 08:53:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4 (0x4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9120BC1, serialNumber=04A8F28F527E189167ACC9030CBEDAD8A9C417B9 Validity Not Before: Sep 8 05:21:38 2025 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=68be67e1-88c5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:a5:1b:3b:6d:90:77:ce:70:a2:40:ed:21:44: 72:e7:64:40:04:7a:f7:1a:96:3e:a3:07:d7:cb:06: d3:48:1a:5c:b6:fa:e9:0e:31:1c:ee:72:69:28:98: 51:56:f5:c8:c9:97:f2:e3:b9:99:8c:74:c4:49:d5: 95:2e:4b:94:78:65:16:4b:48:c3:6d:12:9d:c6:3a: 48:91:c5:9a:7d:cd:b7:04:74:0d:78:1c:11:ee:fa: eb:55:3e:26:99:5b:20:17:c3:4b:ad:3f:98:f0:be: dd:19:72:36:42:c3:23:d1:72:9e:c7:96:10:72:df: dc:be:26:28:ce:86:5d:8b:8d:a2:d7:80:c9:5e:2f: 40:55:30:b2:7e:43:d0:13:ec:e8:c0:ff:f8:12:f2: 60:e4:93:e9:80:87:08:14:20:bf:82:da:12:85:ae: 3e:ac:4b:8b:40:30:61:ba:b6:de:f1:72:2e:1c:74: 7f:a4:fa:8c:24:ac:b4:3d:77:7f:69:5e:50:34:36: 74:c0:71:aa:18:5b:ae:f8:d6:e1:af:8d:f2:ab:40: ad:f7:29:7d:33:8f:aa:2a:c3:f9:04:c9:4f:69:f6: 61:fe:27:d4:91:71:30:b5:45:b5:67:e3:5a:46:d6: a7:6f:d2:5e:bd:a4:f9:18:86:8b:d8:42:7f:3b:9d: e4:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:12:E5:AE:9F:F7:85:8B:C0:BF:39:53:C9:B2:8E:47:FA:BC:9F:81 X509v3 Authority Key Identifier: keyid:04:A8:F2:8F:52:7E:18:91:67:AC:C9:03:0C:BE:DA:D8:A9:C4:17:B9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9120BC1/DAC603888C7211F0A2B0AE56C4F9AE02/BKjyj1J-GJFnrMkDDL7a2KnEF7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BKjyj1J-GJFnrMkDDL7a2KnEF7k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9120BC1/DAC603888C7211F0A2B0AE56C4F9AE02/309260868C7311F0A82E0E57C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.22.244.0/22 IPv6: 2404:3980::/32 Signature Algorithm: sha256WithRSAEncryption 97:80:b2:fa:1d:95:e9:50:4f:29:ae:41:05:56:f8:ba:b9:85: 8c:bc:b8:0e:ec:2a:e8:ec:39:2c:34:47:b8:d2:04:f6:8a:7a: 11:84:a6:f8:6e:f1:6e:35:06:b4:df:65:27:78:30:3c:a5:07: 75:9d:fe:2a:fa:98:1c:eb:c5:0a:ef:b2:dd:f5:5c:d5:23:f8: e9:b6:0a:88:ce:b2:bf:15:cc:4d:72:6a:37:96:12:6f:e9:b1: cf:13:b1:75:ac:46:fd:75:20:41:b7:54:1a:bd:1e:ea:f8:b8: fe:c6:ac:fb:b1:ef:1c:b7:67:76:93:bc:e6:e7:84:db:db:4b: e4:91:95:9e:08:1d:d1:4d:d5:31:8c:fb:5f:03:ce:0e:55:bb: 93:e4:1e:a0:aa:03:7e:55:5c:ca:4b:30:63:bc:a8:6e:a3:1e: ec:e9:12:9f:2e:1f:44:97:2b:67:62:70:08:75:4a:20:7e:6b: f8:f5:a4:15:fa:df:18:9d:dd:6c:f9:ae:a0:fd:25:cb:28:6d: df:59:ed:65:00:58:82:ca:02:99:37:c8:ad:34:1b:2b:5b:bc: 1b:f8:34:81:c4:cc:d4:4d:49:86:09:99:82:86:9f:dc:17:cc: f0:4c:42:5f:48:bc:e7:74:9c:28:66:9c:27:2d:5a:9f:60:45: 15:05:b1:c0 -----BEGIN CERTIFICATE----- MIIFfzCCBGegAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy MEJDMTExMC8GA1UEBRMoMDRBOEYyOEY1MjdFMTg5MTY3QUNDOTAzMENCRURBRDhB OUM0MTdCOTAeFw0yNTA5MDgwNTIxMzhaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4YmU2N2UxLTg4YzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCypRs7bZB3znCiQO0hRHLnZEAEevcalj6jB9fLBtNIGly2+ukOMRzucmkomFFW 9cjJl/LjuZmMdMRJ1ZUuS5R4ZRZLSMNtEp3GOkiRxZp9zbcEdA14HBHu+utVPiaZ WyAXw0utP5jwvt0ZcjZCwyPRcp7HlhBy39y+JijOhl2LjaLXgMleL0BVMLJ+Q9AT 7OjA//gS8mDkk+mAhwgUIL+C2hKFrj6sS4tAMGG6tt7xci4cdH+k+owkrLQ9d39p XlA0NnTAcaoYW6741uGvjfKrQK33KX0zj6oqw/kEyU9p9mH+J9SRcTC1RbVn41pG 1qdv0l69pPkYhovYQn87neRFAgMBAAGjggKkMIICoDAdBgNVHQ4EFgQUhhLlrp/3 hYvAvzlTybKOR/q8n4EwHwYDVR0jBBgwFoAUBKjyj1J+GJFnrMkDDL7a2KnEF7kw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTIwQkMxL0RBQzYwMzg4OEM3 MjExRjBBMkIwQUU1NkM0RjlBRTAyL0JLanlqMUotR0pGbnJNa0RETDdhMktuRUY3 ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvQktqeWoxSi1HSkZuck1rRERMN2EyS25FRjdrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MEJDMS9EQUM2MDM4ODhDNzIxMUYwQTJCMEFFNTZDNEY5QUUwMi8zMDkyNjA4NjhD NzMxMUYwQTgyRTBFNTdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf MB0wDAQCAAEwBgMEAmcW9DANBAIAAjAHAwUAJAQ5gDANBgkqhkiG9w0BAQsFAAOC AQEAl4Cy+h2V6VBPKa5BBVb4urmFjLy4Duwq6Ow5LDRHuNIE9op6EYSm+G7xbjUG tN9lJ3gwPKUHdZ3+KvqYHOvFCu+y3fVc1SP46bYKiM6yvxXMTXJqN5YSb+mxzxOx daxG/XUgQbdUGr0e6vi4/sas+7HvHLdndpO85ueE29tL5JGVnggd0U3VMYz7XwPO DlW7k+QeoKoDflVcykswY7yobqMe7OkSny4fRJcrZ2JwCHVKIH5r+PWkFfrfGJ3d bPmuoP0lyyht31ntZQBYgsoCmTfIrTQbK1u8G/g0gcTM1E1JhgmZgoaf3BfM8ExC X0i853ScKGacJy1an2BFFQWxwA== -----END CERTIFICATE-----Generated at Fri Sep 19 07:52:07 2025 by rpki-client