$ rpki-client -vvf rpki.apnic.net/member_repository/A914DD78/D4E9649C42F811EAB460E93FC4F9AE02/2CAD3A66595911EA80344709C4F9AE02.roa File: 2CAD3A66595911EA80344709C4F9AE02.roa (raw, json) Hash identifier: H9hbPUbdv0cUQiC5whOpkC+JQu6c3qm0FHMfkH/xI3Y= Subject key identifier: D6:A9:32:2C:63:8C:4B:02:42:1B:45:7E:7D:08:E9:5A:85:89:2F:F1 Certificate issuer: /CN=A914DD78/serialNumber=D3C66C26A9FD1B9E7C455BDDB35159688D0140FE Certificate serial: 0B2A Authority key identifier: D3:C6:6C:26:A9:FD:1B:9E:7C:45:5B:DD:B3:51:59:68:8D:01:40:FE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/08ZsJqn9G558RVvds1FZaI0BQP4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914DD78/D4E9649C42F811EAB460E93FC4F9AE02/2CAD3A66595911EA80344709C4F9AE02.roa Signing time: Fri 02 May 2025 20:00:13 +0000 ROA not before: Fri 02 May 2025 20:00:13 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 58869 IP address blocks: 103.248.128.0/22 maxlen: 22 103.248.128.0/24 maxlen: 24 2001:df5::/48 maxlen: 48 2403:5f40:1::/48 maxlen: 48 2403:5f40:4::/48 maxlen: 48 2403:5f40:a::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914DD78/D4E9649C42F811EAB460E93FC4F9AE02/08ZsJqn9G558RVvds1FZaI0BQP4.crl rsync://rpki.apnic.net/member_repository/A914DD78/D4E9649C42F811EAB460E93FC4F9AE02/08ZsJqn9G558RVvds1FZaI0BQP4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/08ZsJqn9G558RVvds1FZaI0BQP4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 19:16:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2858 (0xb2a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914DD78, serialNumber=D3C66C26A9FD1B9E7C455BDDB35159688D0140FE Validity Not Before: May 2 20:00:13 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=6815244d-c2fe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:4c:98:95:52:5f:b9:5e:0a:f9:31:72:b7:bf: 74:7c:6d:69:d0:d5:8b:43:e7:ce:bb:1b:fb:67:ee: f8:d5:d5:e4:02:48:10:e1:81:02:7d:79:d7:87:9c: a4:16:1f:62:76:98:45:c6:ba:b9:25:39:52:fa:3e: c7:2a:f7:fa:52:c2:94:2d:8b:a4:75:e6:f5:1d:71: 34:db:98:3b:ae:75:5e:42:eb:b1:3b:43:74:dd:b6: 76:7c:2b:51:95:aa:37:41:a4:cb:99:06:2b:7f:a6: 63:4e:3b:48:ec:1f:fb:5b:4e:cd:6d:d9:eb:49:db: 88:cc:1e:e6:a8:72:df:ad:06:a5:30:e1:48:d7:91: a6:2c:dd:79:e0:92:5b:6e:87:e1:13:bc:5e:f9:0b: f4:d4:2c:64:d7:d1:17:33:ce:9d:ce:20:d8:6e:91: 2a:a8:1f:fc:bb:89:06:16:7e:af:3e:b8:22:87:0a: e6:cb:e1:9f:77:2b:10:c6:3c:83:33:07:86:73:af: 5c:0b:04:b4:6c:c7:c7:d9:71:63:42:1b:86:f8:e2: e9:af:f9:67:b6:42:0c:02:10:16:62:d2:d8:11:e4: 93:ec:7e:78:fc:37:39:85:e8:de:1f:ae:9a:23:8e: 33:a7:83:51:3e:25:3b:eb:25:2b:0e:be:de:f6:50: 89:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:A9:32:2C:63:8C:4B:02:42:1B:45:7E:7D:08:E9:5A:85:89:2F:F1 X509v3 Authority Key Identifier: keyid:D3:C6:6C:26:A9:FD:1B:9E:7C:45:5B:DD:B3:51:59:68:8D:01:40:FE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914DD78/D4E9649C42F811EAB460E93FC4F9AE02/08ZsJqn9G558RVvds1FZaI0BQP4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/08ZsJqn9G558RVvds1FZaI0BQP4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914DD78/D4E9649C42F811EAB460E93FC4F9AE02/2CAD3A66595911EA80344709C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.248.128.0/22 IPv6: 2001:df5::/48 2403:5f40:1::/48 2403:5f40:4::/48 2403:5f40:a::/48 Signature Algorithm: sha256WithRSAEncryption 58:f8:b7:62:a2:33:ef:c3:3b:54:10:e8:7a:68:a0:fb:31:54: 3c:7b:97:63:b7:b6:0b:e1:8c:0b:17:ba:fd:aa:48:86:75:ab: 85:79:e6:16:aa:d5:e2:bd:8e:9a:9c:21:32:bf:53:74:b4:64: 48:ba:c9:5b:95:71:cd:9c:4a:f5:2e:f5:1b:3d:ad:bb:a4:c1: 38:d4:a2:38:40:0d:12:1e:dd:c0:de:e9:3d:72:1f:37:70:9c: 86:14:12:fe:0e:31:d6:84:7f:4f:4b:3f:e1:3a:dc:bc:84:73: 53:1a:ea:9e:5f:8a:53:17:26:24:16:29:6f:70:a8:d7:74:77: 63:55:85:b4:93:90:33:e3:9b:3b:ea:08:4c:6c:8a:08:68:9e: 11:03:7d:b1:89:81:32:21:5d:6e:bc:0d:46:23:ca:e8:56:7c: ea:9c:5a:df:b5:39:51:b5:52:07:a4:5b:a8:ba:ed:75:4e:d7: 85:89:18:59:69:5e:2b:45:04:ab:b5:fa:67:ed:b8:38:3b:17: e6:24:f6:95:38:44:05:b9:35:3c:b8:ec:f5:9f:96:13:d2:34: fd:fa:cd:89:59:60:10:11:d5:22:2c:a6:ca:38:18:94:ad:56: ad:78:23:ba:b2:aa:7b:39:0f:4d:51:17:fc:b9:f9:b9:d6:f9: 74:96:3f:66 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgICCyowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NERENzgxMTAvBgNVBAUTKEQzQzY2QzI2QTlGRDFCOUU3QzQ1NUJEREIzNTE1OTY4 OEQwMTQwRkUwHhcNMjUwNTAyMjAwMDEzWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODE1MjQ0ZC1jMmZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyEyYlVJfuV4K+TFyt790fG1p0NWLQ+fOuxv7Z+741dXkAkgQ4YECfXnXh5yk Fh9idphFxrq5JTlS+j7HKvf6UsKULYukdeb1HXE025g7rnVeQuuxO0N03bZ2fCtR lao3QaTLmQYrf6ZjTjtI7B/7W07NbdnrSduIzB7mqHLfrQalMOFI15GmLN154JJb bofhE7xe+Qv01Cxk19EXM86dziDYbpEqqB/8u4kGFn6vPrgihwrmy+GfdysQxjyD MweGc69cCwS0bMfH2XFjQhuG+OLpr/lntkIMAhAWYtLYEeST7H54/Dc5hejeH66a I44zp4NRPiU76yUrDr7e9lCJdwIDAQABo4ICwTCCAr0wHQYDVR0OBBYEFNapMixj jEsCQhtFfn0I6VqFiS/xMB8GA1UdIwQYMBaAFNPGbCap/RuefEVb3bNRWWiNAUD+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0REQ3OC9ENEU5NjQ5QzQy RjgxMUVBQjQ2MEU5M0ZDNEY5QUUwMi8wOFpzSnFuOUc1NThSVnZkczFGWmFJMEJR UDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzA4WnNKcW45RzU1OFJWdmRzMUZaYUkwQlFQNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NERENzgvRDRFOTY0OUM0MkY4MTFFQUI0NjBFOTNGQzRGOUFFMDIvMkNBRDNBNjY1 OTU5MTFFQTgwMzQ0NzA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSwYIKwYBBQUHAQcBAf8E PDA6MAwEAgABMAYDBAJn+IAwKgQCAAIwJAMHACABDfUAAAMHACQDX0AAAQMHACQD X0AABAMHACQDX0AACjANBgkqhkiG9w0BAQsFAAOCAQEAWPi3YqIz78M7VBDoemig +zFUPHuXY7e2C+GMCxe6/apIhnWrhXnmFqrV4r2OmpwhMr9TdLRkSLrJW5VxzZxK 9S71Gz2tu6TBONSiOEANEh7dwN7pPXIfN3CchhQS/g4x1oR/T0s/4TrcvIRzUxrq nl+KUxcmJBYpb3Co13R3Y1WFtJOQM+ObO+oITGyKCGieEQN9sYmBMiFdbrwNRiPK 6FZ86pxa37U5UbVSB6RbqLrtdU7XhYkYWWleK0UEq7X6Z+24ODsX5iT2lThEBbk1 PLjs9Z+WE9I0/frNiVlgEBHVIiymyjgYlK1WrXgjurKqezkPTVEX/Ln5udb5dJY/ Zg== -----END CERTIFICATE-----Generated at Wed Nov 5 15:42:13 2025 by rpki-client