$ rpki-client -vvf rpki.apnic.net/member_repository/A9136EC5/2DECAE560E5611E4B6F1953AC4F9AE02/08074A8A1EB711EF9C248E60C4F9AE02.roa File: 08074A8A1EB711EF9C248E60C4F9AE02.roa (raw, json) Hash identifier: i7ok5KOsj6nhLRt3px2zv2fWTxSsfow5HHXSl/NaJkA= Subject key identifier: 78:4B:11:76:75:01:DC:D8:CB:8B:ED:8C:2E:AA:0E:EA:96:A2:91:C3 Certificate issuer: /CN=A9136EC5/serialNumber=9FCE28914C50DC99755F108AB4334F772CBEA0E2 Certificate serial: 2B60 Authority key identifier: 9F:CE:28:91:4C:50:DC:99:75:5F:10:8A:B4:33:4F:77:2C:BE:A0:E2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n84okUxQ3Jl1XxCKtDNPdyy-oOI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9136EC5/2DECAE560E5611E4B6F1953AC4F9AE02/08074A8A1EB711EF9C248E60C4F9AE02.roa Signing time: Fri 26 Sep 2025 15:42:42 +0000 ROA not before: Fri 26 Sep 2025 15:42:42 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 55803 IP address blocks: 43.245.96.0/22 maxlen: 24 43.245.108.0/22 maxlen: 24 43.245.252.0/22 maxlen: 24 101.100.192.0/18 maxlen: 24 103.9.100.0/22 maxlen: 24 103.11.188.0/22 maxlen: 24 103.15.232.0/22 maxlen: 24 103.104.196.0/24 maxlen: 24 103.245.92.0/22 maxlen: 24 111.235.136.0/22 maxlen: 24 119.31.232.0/21 maxlen: 24 2001:df0:454::/48 maxlen: 48 2001:df3:4f00::/48 maxlen: 48 2403:cb00::/32 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9136EC5/2DECAE560E5611E4B6F1953AC4F9AE02/n84okUxQ3Jl1XxCKtDNPdyy-oOI.crl rsync://rpki.apnic.net/member_repository/A9136EC5/2DECAE560E5611E4B6F1953AC4F9AE02/n84okUxQ3Jl1XxCKtDNPdyy-oOI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n84okUxQ3Jl1XxCKtDNPdyy-oOI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 15:32:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11104 (0x2b60) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9136EC5, serialNumber=9FCE28914C50DC99755F108AB4334F772CBEA0E2 Validity Not Before: Sep 26 15:42:42 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68d6b471-a420 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:bd:ad:f7:4a:a2:77:6d:0b:89:af:b4:54:4a: c4:ea:af:10:9d:c8:46:9d:d9:54:7d:15:e8:1f:3d: a6:db:45:a9:a5:20:30:9e:a3:a0:a7:27:78:1f:58: cb:16:b6:94:7f:e2:84:99:00:f7:7c:7b:d3:17:45: 7e:a6:83:e0:4a:13:07:e1:85:5b:f2:18:db:08:9d: bd:78:a9:8e:9e:d3:1c:5f:01:6f:58:52:ae:28:9c: d1:ac:9a:76:d9:83:0b:f1:a4:eb:c9:32:69:01:60: 9e:b4:80:48:80:43:f8:e8:c5:6a:85:56:83:4d:7a: 65:2b:20:3b:c1:da:98:cd:61:c2:0f:56:de:f2:e5: 4e:ca:c8:56:04:bd:8d:cd:0a:1f:29:6a:cd:1e:f8: c7:b5:a4:b6:ca:f0:44:5b:e7:07:3d:f0:a2:dc:bf: f7:ac:d9:5e:47:ac:63:f5:67:3e:db:20:e6:f2:62: 50:e3:6a:83:d0:78:a5:7f:fd:1c:87:62:8f:25:a4: 53:e7:c4:03:f1:10:7f:31:60:84:a0:2a:c2:30:e6: 49:63:e9:d5:77:42:00:c9:09:52:81:ff:11:ae:34: 67:e1:5c:f9:02:5c:1b:97:a5:8d:70:bf:be:03:10: b1:84:48:e2:5a:bc:3a:1a:99:99:06:c2:dc:79:2b: 29:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:4B:11:76:75:01:DC:D8:CB:8B:ED:8C:2E:AA:0E:EA:96:A2:91:C3 X509v3 Authority Key Identifier: keyid:9F:CE:28:91:4C:50:DC:99:75:5F:10:8A:B4:33:4F:77:2C:BE:A0:E2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9136EC5/2DECAE560E5611E4B6F1953AC4F9AE02/n84okUxQ3Jl1XxCKtDNPdyy-oOI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n84okUxQ3Jl1XxCKtDNPdyy-oOI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9136EC5/2DECAE560E5611E4B6F1953AC4F9AE02/08074A8A1EB711EF9C248E60C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.245.96.0/22 43.245.108.0/22 43.245.252.0/22 101.100.192.0/18 103.9.100.0/22 103.11.188.0/22 103.15.232.0/22 103.104.196.0/24 103.245.92.0/22 111.235.136.0/22 119.31.232.0/21 IPv6: 2001:df0:454::/48 2001:df3:4f00::/48 2403:cb00::/32 Signature Algorithm: sha256WithRSAEncryption 4f:44:66:8c:b5:47:5c:84:14:7c:49:2a:9f:dc:7f:9d:b1:c0: 2a:7a:92:66:8c:88:25:41:21:82:93:37:3b:16:b7:56:13:05: 36:76:20:6f:65:16:58:ea:11:95:33:3e:9b:7e:7b:e7:a8:f3: 50:e5:df:b1:59:84:08:e1:8b:7e:08:34:c9:54:a2:fb:a6:97: 77:a3:a6:29:13:4d:49:62:80:4f:3b:41:f8:fa:be:d2:5d:bb: 88:e8:82:d7:3b:fd:a1:fd:60:d1:b2:ff:67:2c:66:99:0d:56: e9:a8:41:75:60:75:97:60:dd:d9:32:0b:ca:3a:bf:cc:62:04: 24:ea:90:f6:71:09:18:36:4a:62:72:64:54:28:ef:c5:16:02: 4a:1a:a2:c1:a7:b6:79:57:8b:bc:9e:a2:71:5b:e8:01:90:3e: 44:32:6c:d2:a3:b9:fe:13:19:74:36:a5:7f:24:21:af:7c:0d: 25:98:32:ab:f6:4d:f6:09:17:5b:84:22:92:af:53:f4:5a:fc: c7:83:03:af:92:30:c6:34:cc:92:3c:61:e4:e4:07:f8:c7:3b: 8e:a3:e0:06:5d:83:37:97:68:c9:00:e2:35:d7:a1:e4:e5:40: 17:c9:a2:00:86:98:3b:15:1e:34:29:58:34:4a:63:e6:b0:43: 37:32:10:16 -----BEGIN CERTIFICATE----- MIIFzjCCBLagAwIBAgICK2AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzZFQzUxMTAvBgNVBAUTKDlGQ0UyODkxNEM1MERDOTk3NTVGMTA4QUI0MzM0Rjc3 MkNCRUEwRTIwHhcNMjUwOTI2MTU0MjQyWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGQ2YjQ3MS1hNDIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxL2t90qid20Lia+0VErE6q8QnchGndlUfRXoHz2m20WppSAwnqOgpyd4H1jL FraUf+KEmQD3fHvTF0V+poPgShMH4YVb8hjbCJ29eKmOntMcXwFvWFKuKJzRrJp2 2YML8aTryTJpAWCetIBIgEP46MVqhVaDTXplKyA7wdqYzWHCD1be8uVOyshWBL2N zQofKWrNHvjHtaS2yvBEW+cHPfCi3L/3rNleR6xj9Wc+2yDm8mJQ42qD0Hilf/0c h2KPJaRT58QD8RB/MWCEoCrCMOZJY+nVd0IAyQlSgf8RrjRn4Vz5Alwbl6WNcL++ AxCxhEjiWrw6GpmZBsLceSspMQIDAQABo4IC8jCCAu4wHQYDVR0OBBYEFHhLEXZ1 AdzYy4vtjC6qDuqWopHDMB8GA1UdIwQYMBaAFJ/OKJFMUNyZdV8QirQzT3csvqDi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNkVDNS8yREVDQUU1NjBF NTYxMUU0QjZGMTk1M0FDNEY5QUUwMi9uODRva1V4UTNKbDFYeENLdEROUGR5eS1v T0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL244NG9rVXhRM0psMVh4Q0t0RE5QZHl5LW9PSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzZFQzUvMkRFQ0FFNTYwRTU2MTFFNEI2RjE5NTNBQzRGOUFFMDIvMDgwNzRBOEEx RUI3MTFFRjlDMjQ4RTYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwfAYIKwYBBQUHAQcBAf8E bTBrMEgEAgABMEIDBAIr9WADBAIr9WwDBAIr9fwDBAZlZMADBAJnCWQDBAJnC7wD BAJnD+gDBABnaMQDBAJn9VwDBAJv64gDBAN3H+gwHwQCAAIwGQMHACABDfAEVAMH ACABDfNPAAMFACQDywAwDQYJKoZIhvcNAQELBQADggEBAE9EZoy1R1yEFHxJKp/c f52xwCp6kmaMiCVBIYKTNzsWt1YTBTZ2IG9lFljqEZUzPpt+e+eo81Dl37FZhAjh i34INMlUovuml3ejpikTTUligE87Qfj6vtJdu4jogtc7/aH9YNGy/2csZpkNVumo QXVgdZdg3dkyC8o6v8xiBCTqkPZxCRg2SmJyZFQo78UWAkoaosGntnlXi7yeonFb 6AGQPkQybNKjuf4TGXQ2pX8kIa98DSWYMqv2TfYJF1uEIpKvU/Ra/MeDA6+SMMY0 zJI8YeTkB/jHO46j4AZdgzeXaMkA4jXXoeTlQBfJogCGmDsVHjQpWDRKY+awQzcy EBY= -----END CERTIFICATE-----Generated at Mon Nov 3 17:20:09 2025 by rpki-client