$ rpki-client -vvf rpki.apnic.net/member_repository/A914B5BD/33CB117AB5A911E79C74CB72C4F9AE02/609B8BC27D7B11EDB6B77173C4F9AE02.roa File: 609B8BC27D7B11EDB6B77173C4F9AE02.roa (raw, json) Hash identifier: iFueyXd2lHMmKAfnAjCjI5GADReoL75SeKIy87AJaM0= Subject key identifier: BC:6E:8A:10:25:1E:20:93:39:66:29:89:5A:10:07:8C:0D:CF:95:3D Certificate issuer: /CN=A914B5BD/serialNumber=22E81B327CB1FB3501E05AFAB94121918FDB5B5E Certificate serial: 18AA Authority key identifier: 22:E8:1B:32:7C:B1:FB:35:01:E0:5A:FA:B9:41:21:91:8F:DB:5B:5E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IugbMnyx-zUB4Fr6uUEhkY_bW14.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914B5BD/33CB117AB5A911E79C74CB72C4F9AE02/609B8BC27D7B11EDB6B77173C4F9AE02.roa Signing time: Tue 30 Sep 2025 16:45:18 +0000 ROA not before: Tue 30 Sep 2025 16:45:18 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 60064 IP address blocks: 43.239.140.0/24 maxlen: 24 43.239.141.0/24 maxlen: 24 43.239.142.0/24 maxlen: 24 43.239.143.0/24 maxlen: 24 103.71.175.0/24 maxlen: 24 103.194.170.0/24 maxlen: 24 103.252.222.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914B5BD/33CB117AB5A911E79C74CB72C4F9AE02/IugbMnyx-zUB4Fr6uUEhkY_bW14.crl rsync://rpki.apnic.net/member_repository/A914B5BD/33CB117AB5A911E79C74CB72C4F9AE02/IugbMnyx-zUB4Fr6uUEhkY_bW14.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IugbMnyx-zUB4Fr6uUEhkY_bW14.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 29 Oct 2025 16:48:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6314 (0x18aa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914B5BD, serialNumber=22E81B327CB1FB3501E05AFAB94121918FDB5B5E Validity Not Before: Sep 30 16:45:18 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68dc091d-c1d7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:c4:8b:99:09:1c:c0:e2:38:bc:3e:62:3c:5a: 22:57:bb:1e:62:88:86:5d:55:e2:9b:bd:e3:53:a9: af:e8:a2:70:c9:92:88:15:b5:51:bf:77:64:92:98: f0:5f:51:c1:89:f2:b9:a1:11:fb:56:2c:63:84:89: aa:0d:ac:14:d0:2a:28:5e:5b:16:d7:5a:f0:a1:3f: de:79:0f:86:89:77:e1:3a:06:c3:64:3c:6e:8d:63: 2f:6f:f7:e3:ae:a2:03:c9:ad:70:b5:50:83:8e:81: 5c:b7:de:c5:03:0b:61:f9:42:de:62:8f:ce:73:a5: 2e:36:4e:73:6f:df:68:8c:38:aa:7d:fc:3f:c3:99: 01:5c:ae:eb:ac:09:78:95:fc:25:b7:46:69:22:d0: f7:73:f8:3d:09:fa:eb:34:76:81:47:a4:c1:da:4d: b1:19:6b:bf:93:25:96:51:c3:8b:07:ba:58:42:a5: 63:ac:ed:45:bd:88:a7:17:f4:1a:9b:8c:ba:cd:53: 48:f9:f4:ec:fb:bf:02:c8:0c:67:55:e7:96:ad:7e: 9d:3a:c5:95:71:dc:74:8b:91:17:44:43:d2:b8:30: 28:ef:58:47:72:44:09:fd:7a:d0:ed:d3:4c:3e:01: 52:e3:56:7a:80:89:42:a2:bf:46:2b:cf:b1:18:89: d8:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:6E:8A:10:25:1E:20:93:39:66:29:89:5A:10:07:8C:0D:CF:95:3D X509v3 Authority Key Identifier: keyid:22:E8:1B:32:7C:B1:FB:35:01:E0:5A:FA:B9:41:21:91:8F:DB:5B:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914B5BD/33CB117AB5A911E79C74CB72C4F9AE02/IugbMnyx-zUB4Fr6uUEhkY_bW14.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IugbMnyx-zUB4Fr6uUEhkY_bW14.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914B5BD/33CB117AB5A911E79C74CB72C4F9AE02/609B8BC27D7B11EDB6B77173C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.239.140.0/22 103.71.175.0/24 103.194.170.0/24 103.252.222.0/24 Signature Algorithm: sha256WithRSAEncryption 25:25:93:48:c2:81:1a:55:24:6c:14:bc:d8:e0:ec:db:33:5c: ea:98:24:ac:a7:e2:f7:13:2d:19:91:41:0b:7e:83:0f:38:fa: 2e:56:18:fb:c1:0e:2c:ca:3a:23:b7:3c:97:59:5e:c7:eb:5b: 0e:9e:c2:09:8d:47:3d:a6:22:44:b0:a0:02:d8:73:07:4a:c2: 2b:39:97:d2:b6:14:a6:46:8b:6a:7e:75:2b:da:06:b5:f8:4a: d6:89:98:4c:22:0c:17:65:4a:50:52:cf:81:45:c5:ba:84:cf: 0f:1c:df:12:ef:70:15:c4:34:1e:e3:9c:bc:2d:cd:d8:6b:ae: bb:30:49:2d:b2:7a:5c:62:0e:3e:9b:1f:60:b1:3a:a9:38:e3: 8e:cc:7d:c8:cb:cb:a3:f8:2d:9c:78:07:83:31:73:d9:15:5d: b6:42:e1:d8:d7:73:db:8f:ec:69:d5:59:c1:aa:4b:bf:19:50: a6:f4:8a:e7:53:c6:43:ad:a9:7b:53:4a:a6:8d:82:b8:6b:6a: 8f:d1:97:08:b6:fc:a1:91:d1:02:56:ca:57:c9:a1:f6:04:14: c5:32:23:af:40:68:07:e7:33:3d:d4:62:6f:4d:f4:1e:fd:a2: b5:55:ad:d4:a0:61:08:f3:75:13:a0:a0:aa:91:43:56:5c:af: 7d:da:c6:a3 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgICGKowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEI1QkQxMTAvBgNVBAUTKDIyRTgxQjMyN0NCMUZCMzUwMUUwNUFGQUI5NDEyMTkx OEZEQjVCNUUwHhcNMjUwOTMwMTY0NTE4WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGRjMDkxZC1jMWQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxsSLmQkcwOI4vD5iPFoiV7seYoiGXVXim73jU6mv6KJwyZKIFbVRv3dkkpjw X1HBifK5oRH7VixjhImqDawU0CooXlsW11rwoT/eeQ+GiXfhOgbDZDxujWMvb/fj rqIDya1wtVCDjoFct97FAwth+ULeYo/Oc6UuNk5zb99ojDiqffw/w5kBXK7rrAl4 lfwlt0ZpItD3c/g9CfrrNHaBR6TB2k2xGWu/kyWWUcOLB7pYQqVjrO1FvYinF/Qa m4y6zVNI+fTs+78CyAxnVeeWrX6dOsWVcdx0i5EXREPSuDAo71hHckQJ/XrQ7dNM PgFS41Z6gIlCor9GK8+xGInYUwIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFLxuihAl HiCTOWYpiVoQB4wNz5U9MB8GA1UdIwQYMBaAFCLoGzJ8sfs1AeBa+rlBIZGP21te MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QjVCRC8zM0NCMTE3QUI1 QTkxMUU3OUM3NENCNzJDNEY5QUUwMi9JdWdiTW55eC16VUI0RnI2dVVFaGtZX2JX MTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0l1Z2JNbnl4LXpVQjRGcjZ1VUVoa1lfYlcxNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NEI1QkQvMzNDQjExN0FCNUE5MTFFNzlDNzRDQjcyQzRGOUFFMDIvNjA5QjhCQzI3 RDdCMTFFREI2Qjc3MTczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E IjAgMB4EAgABMBgDBAIr74wDBABnR68DBABnwqoDBABn/N4wDQYJKoZIhvcNAQEL BQADggEBACUlk0jCgRpVJGwUvNjg7NszXOqYJKyn4vcTLRmRQQt+gw84+i5WGPvB DizKOiO3PJdZXsfrWw6ewgmNRz2mIkSwoALYcwdKwis5l9K2FKZGi2p+dSvaBrX4 StaJmEwiDBdlSlBSz4FFxbqEzw8c3xLvcBXENB7jnLwtzdhrrrswSS2yelxiDj6b H2CxOqk4447MfcjLy6P4LZx4B4Mxc9kVXbZC4djXc9uP7GnVWcGqS78ZUKb0iudT xkOtqXtTSqaNgrhrao/Rlwi2/KGR0QJWylfJofYEFMUyI69AaAfnMz3UYm9N9B79 orVVrdSgYQjzdROgoKqRQ1Zcr33axqM= -----END CERTIFICATE-----Generated at Fri Oct 24 06:56:00 2025 by rpki-client