$ rpki-client -vvf rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/E0125116A69711ED9DFF0870C4F9AE02.roa File: E0125116A69711ED9DFF0870C4F9AE02.roa (raw, json) Hash identifier: dNnfSdj7g2pauhw5NXd01RmRAbOAE1qZw2p4G5PL8H4= Subject key identifier: 84:30:EB:C8:32:6A:86:30:98:D4:AD:19:23:4B:87:90:ED:99:32:A7 Certificate issuer: /CN=A91406AA/serialNumber=315513E54AB0C99B8BCA84042E38358B60DB1B2C Certificate serial: 0800 Authority key identifier: 31:55:13:E5:4A:B0:C9:9B:8B:CA:84:04:2E:38:35:8B:60:DB:1B:2C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/E0125116A69711ED9DFF0870C4F9AE02.roa Signing time: Wed 08 Oct 2025 22:24:37 +0000 ROA not before: Wed 08 Oct 2025 22:24:37 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 55561 IP address blocks: 43.243.60.0/22 maxlen: 24 103.38.164.0/22 maxlen: 24 202.180.99.0/24 maxlen: 24 202.180.101.0/24 maxlen: 24 202.180.102.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.crl rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 29 Oct 2025 23:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2048 (0x800) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91406AA, serialNumber=315513E54AB0C99B8BCA84042E38358B60DB1B2C Validity Not Before: Oct 8 22:24:37 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68e6e4a5-a0c3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:01:bf:70:47:f4:1f:57:d6:ce:76:65:db:fa: b7:da:fc:c0:c2:18:c1:c1:33:ed:70:6b:c3:9a:0e: 28:7e:c2:a8:46:86:f7:c5:03:87:55:12:d7:67:e5: a1:db:50:f9:c5:09:2b:10:6e:88:4f:a5:a4:7f:e6: 14:fe:fa:98:0d:02:73:2d:18:ab:3c:a7:7a:e0:55: 74:a1:5c:e5:43:ee:b5:73:d5:4b:b7:9e:a3:6b:46: 49:f3:bd:a4:71:af:29:7d:3e:57:f0:95:59:7f:2d: 9e:fe:2e:3e:6f:b7:d6:52:99:4d:aa:d7:c9:fb:6b: 50:8c:76:06:2a:97:1f:0a:71:24:f3:74:f7:ca:17: 6a:b3:c5:5c:2e:ca:50:38:a5:87:0c:84:40:a8:b8: 55:93:38:fe:d3:a4:b5:4b:1f:f1:4f:d7:9c:fa:2c: 0b:1d:48:a9:1e:17:7c:36:a6:72:af:93:ab:a7:17: f7:83:88:31:64:e5:0f:2d:eb:c0:c8:a8:cd:5a:22: 6d:f2:d3:0a:6c:f6:29:94:8c:f2:f0:09:39:36:e3: 9a:e3:7d:08:2b:1a:0f:26:ee:bc:d1:31:1b:b5:20: ae:1c:5a:3b:a4:59:01:f4:00:2e:2b:6e:d7:95:b9: 3c:4c:18:26:82:72:7e:5e:23:7b:a6:a3:81:e3:45: 91:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:30:EB:C8:32:6A:86:30:98:D4:AD:19:23:4B:87:90:ED:99:32:A7 X509v3 Authority Key Identifier: keyid:31:55:13:E5:4A:B0:C9:9B:8B:CA:84:04:2E:38:35:8B:60:DB:1B:2C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/E0125116A69711ED9DFF0870C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.243.60.0/22 103.38.164.0/22 202.180.99.0/24 202.180.101.0-202.180.102.255 Signature Algorithm: sha256WithRSAEncryption bf:b7:a5:b9:5d:cd:9a:1a:c4:fd:7d:70:be:3c:92:49:83:a0: 2e:66:2e:a5:6b:8e:9b:c4:69:3d:d7:0f:f5:70:27:2c:52:f1: 8c:81:df:25:96:e5:38:63:61:ad:b1:14:68:75:cf:20:c1:c3: c9:02:da:f7:f3:ce:d8:29:77:67:aa:74:85:f6:02:be:3f:2f: 07:c1:fb:ea:77:f0:74:55:6c:86:68:72:01:83:35:e0:d6:17: aa:07:a9:89:63:5f:0c:c5:ec:9e:95:4b:a7:f3:34:1e:10:c2: 45:ca:d0:51:b2:07:1c:9d:86:60:a0:42:7b:5f:b6:d9:b1:9a: cd:d1:33:69:78:b8:e9:a1:8c:21:21:bd:a3:9f:c5:31:fd:05: b8:c9:ca:87:b5:b7:99:06:0f:77:a3:8e:94:92:63:c2:b2:f6: 42:1c:82:68:d0:4a:b0:cc:3e:52:4e:df:bb:27:67:62:c3:a4: 82:bb:28:93:16:10:66:fb:6b:8d:4c:92:5a:26:11:f4:6a:d1: 7f:f9:c1:1c:ca:ba:85:a7:c1:a5:33:b4:f8:44:f8:5c:b9:20: 80:83:16:34:76:b1:01:0f:49:f0:cc:d5:29:ff:96:9c:8a:e3: 8b:43:87:5b:5b:ec:b7:b8:1b:8d:7b:29:be:80:f2:cf:58:2e: fb:d8:29:53 -----BEGIN CERTIFICATE----- MIIFizCCBHOgAwIBAgICCAAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDA2QUExMTAvBgNVBAUTKDMxNTUxM0U1NEFCMEM5OUI4QkNBODQwNDJFMzgzNThC NjBEQjFCMkMwHhcNMjUxMDA4MjIyNDM3WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGU2ZTRhNS1hMGMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzQG/cEf0H1fWznZl2/q32vzAwhjBwTPtcGvDmg4ofsKoRob3xQOHVRLXZ+Wh 21D5xQkrEG6IT6Wkf+YU/vqYDQJzLRirPKd64FV0oVzlQ+61c9VLt56ja0ZJ872k ca8pfT5X8JVZfy2e/i4+b7fWUplNqtfJ+2tQjHYGKpcfCnEk83T3yhdqs8VcLspQ OKWHDIRAqLhVkzj+06S1Sx/xT9ec+iwLHUipHhd8NqZyr5Orpxf3g4gxZOUPLevA yKjNWiJt8tMKbPYplIzy8Ak5NuOa430IKxoPJu680TEbtSCuHFo7pFkB9AAuK27X lbk8TBgmgnJ+XiN7pqOB40WR6wIDAQABo4ICrzCCAqswHQYDVR0OBBYEFIQw68gy aoYwmNStGSNLh5DtmTKnMB8GA1UdIwQYMBaAFDFVE+VKsMmbi8qEBC44NYtg2xss MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDZBQS84RjVCQjRGODg2 QzExMUVCQkFCMzE4NEJDNEY5QUUwMi9NVlVUNVVxd3ladUx5b1FFTGpnMWkyRGJH eXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL01WVVQ1VXF3eVp1THlvUUVMamcxaTJEYkd5dy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDA2QUEvOEY1QkI0Rjg4NkMxMTFFQkJBQjMxODRCQzRGOUFFMDIvRTAxMjUxMTZB Njk3MTFFRDlERkYwODcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E KjAoMCYEAgABMCADBAIr8zwDBAJnJqQDBADKtGMwDAMEAMq0ZQMEAMq0ZjANBgkq hkiG9w0BAQsFAAOCAQEAv7eluV3NmhrE/X1wvjySSYOgLmYupWuOm8RpPdcP9XAn LFLxjIHfJZblOGNhrbEUaHXPIMHDyQLa9/PO2Cl3Z6p0hfYCvj8vB8H76nfwdFVs hmhyAYM14NYXqgepiWNfDMXsnpVLp/M0HhDCRcrQUbIHHJ2GYKBCe1+22bGazdEz aXi46aGMISG9o5/FMf0FuMnKh7W3mQYPd6OOlJJjwrL2QhyCaNBKsMw+Uk7fuydn YsOkgrsokxYQZvtrjUySWiYR9GrRf/nBHMq6hafBpTO0+ET4XLkggIMWNHaxAQ9J 8MzVKf+WnIrji0OHW1vst7gbjXspvoDyz1gu+9gpUw== -----END CERTIFICATE-----Generated at Thu Oct 23 01:27:10 2025 by rpki-client