$ rpki-client -vvf rpki.apnic.net/member_repository/A9134C75/0F82F584BA1F11F09D9E253CC4F9AE02/5672783CBA2111F08A546E86C4F9AE02.roa File: 5672783CBA2111F08A546E86C4F9AE02.roa (raw, json) Hash identifier: TRNKJPfaeGRddgmm1XCBvC+iXBAcm8b5Fn3KrDnKAtQ= Subject key identifier: 1C:CB:AD:F4:CB:D3:A6:23:8D:18:81:73:3F:54:C2:76:F4:E4:F0:3D Certificate issuer: /CN=A9134C75/serialNumber=3C8FB5E0CCF7E105DFCCBB4C8F8359EF5A615F1F Certificate serial: 03 Authority key identifier: 3C:8F:B5:E0:CC:F7:E1:05:DF:CC:BB:4C:8F:83:59:EF:5A:61:5F:1F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PI-14Mz34QXfzLtMj4NZ71phXx8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9134C75/0F82F584BA1F11F09D9E253CC4F9AE02/5672783CBA2111F08A546E86C4F9AE02.roa Signing time: Wed 05 Nov 2025 08:28:00 +0000 ROA not before: Wed 05 Nov 2025 08:28:00 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 55902 IP address blocks: 43.249.244.0/22 maxlen: 22 43.249.244.0/24 maxlen: 24 43.249.245.0/24 maxlen: 24 43.249.246.0/24 maxlen: 24 43.249.247.0/24 maxlen: 24 103.31.12.0/22 maxlen: 22 103.31.12.0/24 maxlen: 24 103.31.13.0/24 maxlen: 24 103.31.14.0/24 maxlen: 24 103.31.15.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9134C75/0F82F584BA1F11F09D9E253CC4F9AE02/PI-14Mz34QXfzLtMj4NZ71phXx8.crl rsync://rpki.apnic.net/member_repository/A9134C75/0F82F584BA1F11F09D9E253CC4F9AE02/PI-14Mz34QXfzLtMj4NZ71phXx8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PI-14Mz34QXfzLtMj4NZ71phXx8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 08:28:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3 (0x3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9134C75, serialNumber=3C8FB5E0CCF7E105DFCCBB4C8F8359EF5A615F1F Validity Not Before: Nov 5 08:28:00 2025 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=690b0a8f-1971 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:f8:59:2e:d7:28:d4:ed:46:19:8f:11:22:c4: 55:86:4f:98:c9:23:3e:eb:b6:c3:24:79:7c:b9:7b: 9b:2a:a3:ff:e3:36:d6:08:2b:d3:6e:91:73:fa:df: e7:54:50:b7:12:39:6c:4b:b1:59:c5:a7:5b:96:74: 81:9c:80:45:b1:2f:97:b7:01:18:29:22:7d:a0:f4: 70:d6:63:3c:4d:98:c2:a3:05:03:3d:83:be:56:86: 9b:8f:85:1f:55:69:c1:6b:ca:8c:64:5a:3d:6c:ca: c0:0b:15:ff:66:23:bd:89:ef:47:c5:5e:d2:5e:80: e0:e8:c8:eb:29:18:a6:c7:fd:84:c5:b5:43:35:12: 17:a0:bd:8f:99:34:32:3f:a8:67:f7:a1:15:a7:73: b3:5c:20:d4:cc:d5:50:91:e6:24:3e:f5:fa:ba:3e: cb:dd:75:e4:8b:c0:53:62:b7:39:98:5c:f2:39:cc: 31:7b:d4:79:ec:0d:68:15:e0:f3:7f:a9:35:ea:89: 34:2b:e5:fd:9b:48:ae:c9:f5:bc:c4:8b:b6:eb:b9: 28:c1:f2:31:28:1f:c3:82:76:82:14:15:fb:f7:79: 83:cf:a1:59:2d:67:7c:66:f2:8f:5c:23:75:95:54: b5:39:c9:f4:c7:43:a1:94:1c:54:30:a7:72:f6:15: 1d:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:CB:AD:F4:CB:D3:A6:23:8D:18:81:73:3F:54:C2:76:F4:E4:F0:3D X509v3 Authority Key Identifier: keyid:3C:8F:B5:E0:CC:F7:E1:05:DF:CC:BB:4C:8F:83:59:EF:5A:61:5F:1F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9134C75/0F82F584BA1F11F09D9E253CC4F9AE02/PI-14Mz34QXfzLtMj4NZ71phXx8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PI-14Mz34QXfzLtMj4NZ71phXx8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9134C75/0F82F584BA1F11F09D9E253CC4F9AE02/5672783CBA2111F08A546E86C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.249.244.0/22 103.31.12.0/22 Signature Algorithm: sha256WithRSAEncryption 84:a7:ce:bf:e6:8e:d8:ab:16:20:06:06:b2:cb:6d:e1:22:06: 6e:69:05:a8:65:ad:7d:70:d3:34:17:92:07:67:53:47:f8:a3: db:a7:44:0c:87:38:f1:3e:5c:75:1b:bd:53:51:71:b3:d9:a0: b7:26:45:05:4d:d3:9d:73:21:ea:6c:b0:4c:3c:cf:1b:5c:6c: fa:e6:42:44:44:cf:da:c7:a0:b0:bd:15:d1:51:f5:40:47:58: 2f:08:33:1b:93:62:5c:aa:7b:2a:95:73:26:ac:e0:6f:5b:d7: a6:d8:78:cd:1a:fc:e0:2e:a8:cc:da:2c:ea:9e:8d:35:4c:06: c8:7c:34:3f:ca:42:8a:33:0d:da:23:ab:c5:fb:c2:ae:7c:80: 63:d0:1c:a7:fd:18:6c:69:d7:33:af:3c:c1:fd:56:f9:43:dd: 06:29:23:26:8f:85:25:c9:f2:72:cb:af:16:35:37:41:3e:12: b4:11:cc:aa:94:b6:a3:0e:fc:e4:4b:26:df:4a:23:d3:4e:58: b7:72:b2:07:ae:a8:7c:88:7d:f4:5a:24:49:83:17:62:c0:9a: a4:d9:d3:93:c4:4a:7e:40:21:0d:7a:5a:36:92:9e:98:23:a1: 4f:f9:af:1f:fc:d7:2d:aa:c7:ab:b4:ef:a9:80:77:0b:b2:bc: 2c:66:58:96 -----BEGIN CERTIFICATE----- MIIFdjCCBF6gAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz NEM3NTExMC8GA1UEBRMoM0M4RkI1RTBDQ0Y3RTEwNURGQ0NCQjRDOEY4MzU5RUY1 QTYxNUYxRjAeFw0yNTExMDUwODI4MDBaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY5MGIwYThmLTE5NzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDf+Fku1yjU7UYZjxEixFWGT5jJIz7rtsMkeXy5e5sqo//jNtYIK9NukXP63+dU ULcSOWxLsVnFp1uWdIGcgEWxL5e3ARgpIn2g9HDWYzxNmMKjBQM9g75WhpuPhR9V acFryoxkWj1sysALFf9mI72J70fFXtJegODoyOspGKbH/YTFtUM1EhegvY+ZNDI/ qGf3oRWnc7NcINTM1VCR5iQ+9fq6PsvddeSLwFNitzmYXPI5zDF71HnsDWgV4PN/ qTXqiTQr5f2bSK7J9bzEi7bruSjB8jEoH8OCdoIUFfv3eYPPoVktZ3xm8o9cI3WV VLU5yfTHQ6GUHFQwp3L2FR0PAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUHMut9MvT piONGIFzP1TCdvTk8D0wHwYDVR0jBBgwFoAUPI+14Mz34QXfzLtMj4NZ71phXx8w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTM0Qzc1LzBGODJGNTg0QkEx RjExRjA5RDlFMjUzQ0M0RjlBRTAyL1BJLTE0TXozNFFYZnpMdE1qNE5aNzFwaFh4 OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvUEktMTRNejM0UVhmekx0TWo0Tlo3MXBoWHg4LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz NEM3NS8wRjgyRjU4NEJBMUYxMUYwOUQ5RTI1M0NDNEY5QUUwMi81NjcyNzgzQ0JB MjExMUYwOEE1NDZFODZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW MBQwEgQCAAEwDAMEAiv59AMEAmcfDDANBgkqhkiG9w0BAQsFAAOCAQEAhKfOv+aO 2KsWIAYGsstt4SIGbmkFqGWtfXDTNBeSB2dTR/ij26dEDIc48T5cdRu9U1Fxs9mg tyZFBU3TnXMh6mywTDzPG1xs+uZCRETP2segsL0V0VH1QEdYLwgzG5NiXKp7KpVz Jqzgb1vXpth4zRr84C6ozNos6p6NNUwGyHw0P8pCijMN2iOrxfvCrnyAY9Acp/0Y bGnXM688wf1W+UPdBikjJo+FJcnycsuvFjU3QT4StBHMqpS2ow785Esm30oj005Y t3KyB66ofIh99FokSYMXYsCapNnTk8RKfkAhDXpaNpKemCOhT/mvH/zXLarHq7Tv qYB3C7K8LGZYlg== -----END CERTIFICATE-----Generated at Wed Nov 5 21:44:53 2025 by rpki-client