$ rpki-client -vvf rpki.apnic.net/member_repository/A914E9C1/EE702F447AC911EC9DA55B46C4F9AE02/4B167396E74111EC80E35542C4F9AE02.roa File: 4B167396E74111EC80E35542C4F9AE02.roa (raw, json) Hash identifier: m7bVPzA+H6T0BPfqPAwWK53E3FJsQccTswfglW7TmvM= Subject key identifier: CE:2D:B4:C1:A0:74:BF:6E:94:CE:9E:F7:F7:17:22:85:6A:82:AC:87 Certificate issuer: /CN=A914E9C1/serialNumber=0A1DE18DFC98E4ACB3FA233368105A73D1D419F3 Certificate serial: 043C Authority key identifier: 0A:1D:E1:8D:FC:98:E4:AC:B3:FA:23:33:68:10:5A:73:D1:D4:19:F3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ch3hjfyY5Kyz-iMzaBBac9HUGfM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914E9C1/EE702F447AC911EC9DA55B46C4F9AE02/4B167396E74111EC80E35542C4F9AE02.roa Signing time: Wed 03 Sep 2025 00:45:40 +0000 ROA not before: Wed 03 Sep 2025 00:45:40 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 3786 IP address blocks: 103.99.208.0/24 maxlen: 24 103.99.210.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914E9C1/EE702F447AC911EC9DA55B46C4F9AE02/Ch3hjfyY5Kyz-iMzaBBac9HUGfM.crl rsync://rpki.apnic.net/member_repository/A914E9C1/EE702F447AC911EC9DA55B46C4F9AE02/Ch3hjfyY5Kyz-iMzaBBac9HUGfM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ch3hjfyY5Kyz-iMzaBBac9HUGfM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Sep 2025 00:38:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1084 (0x43c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914E9C1, serialNumber=0A1DE18DFC98E4ACB3FA233368105A73D1D419F3 Validity Not Before: Sep 3 00:45:40 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68b78fb3-2588 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:2f:56:bf:e2:f5:09:72:28:0a:64:0c:77:13: da:1e:c8:d8:d0:6a:89:6b:ef:0b:a8:ba:20:bf:9d: 79:52:4c:a9:d7:52:43:b4:ef:b1:49:8a:03:77:58: af:fc:72:68:df:df:b8:52:7e:77:fe:7d:48:b0:d4: b2:c9:83:b6:32:a7:41:31:a6:c2:70:2c:b1:27:4a: 15:46:5e:45:ea:89:44:fb:ce:a5:95:58:e9:62:5e: 67:0b:86:81:15:f7:8b:4d:28:e0:44:ef:94:24:8e: 1c:12:f1:a8:a8:e6:37:5a:21:f7:b2:e3:ee:b1:b9: 67:30:30:86:b1:87:1c:a1:45:28:3e:c8:43:6c:df: a8:f7:ea:1c:cc:2e:f3:5c:07:b6:dd:e3:63:b0:b1: 59:ef:ef:6b:1d:20:33:67:ea:27:d4:03:3e:15:3f: e3:27:18:df:27:1d:bd:a2:95:21:db:8a:39:83:d4: a2:e5:88:58:47:05:fd:75:9a:9e:be:a5:44:16:fa: a0:41:08:7f:04:99:f6:1a:ff:13:74:1e:03:49:8e: 85:9a:86:83:f8:7f:da:f9:c1:25:27:4c:30:48:8d: e6:e7:30:d4:db:83:53:ca:c5:6d:dd:0a:04:59:c6: 21:90:f1:47:c2:f0:e9:e5:ee:6f:01:57:b1:5b:48: 95:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:2D:B4:C1:A0:74:BF:6E:94:CE:9E:F7:F7:17:22:85:6A:82:AC:87 X509v3 Authority Key Identifier: keyid:0A:1D:E1:8D:FC:98:E4:AC:B3:FA:23:33:68:10:5A:73:D1:D4:19:F3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914E9C1/EE702F447AC911EC9DA55B46C4F9AE02/Ch3hjfyY5Kyz-iMzaBBac9HUGfM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ch3hjfyY5Kyz-iMzaBBac9HUGfM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914E9C1/EE702F447AC911EC9DA55B46C4F9AE02/4B167396E74111EC80E35542C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.99.208.0/24 103.99.210.0/24 Signature Algorithm: sha256WithRSAEncryption 71:50:ee:d3:99:a3:b9:a6:cb:bc:b7:9b:e2:b9:ef:ca:b9:61: c6:97:17:59:9b:7d:a2:a0:26:cb:2b:f8:05:c7:07:1d:0a:58: ab:3f:c0:39:0a:07:e6:85:3f:4c:71:4c:ae:b6:1b:50:a6:fa: e2:20:a9:01:7f:88:b7:42:e7:2d:2e:e5:95:33:4e:ce:24:7b: 6e:80:95:cd:9d:bf:7c:d1:4d:50:ec:8a:f1:d6:0e:be:c4:4f: e6:c4:0a:8c:1e:ef:56:de:f7:91:cd:38:fd:73:78:7c:96:d0: 18:18:3e:16:87:80:b3:34:5b:17:30:1d:af:85:ad:a8:e4:f4: 3a:e1:6d:1f:5b:3d:0c:35:2b:a1:c7:ab:d0:a6:84:ea:b8:4e: 4d:fa:b2:35:d9:e5:a0:46:ae:54:64:61:5e:bb:64:7e:c9:88: 02:93:a8:85:f7:a8:8c:21:fb:1c:16:08:87:75:2c:75:4f:d6: c9:bf:d3:50:70:93:ec:1c:49:5e:45:b5:cc:c0:d7:87:17:a1: d5:be:9d:11:24:f1:65:73:d7:c9:98:b2:5d:be:c7:69:d5:36: 62:af:fb:18:f9:eb:4b:b0:1f:65:08:9f:64:bb:16:64:03:51: 72:26:78:d3:2a:66:1c:8f:cb:12:95:e8:6e:1a:7d:71:38:7f: 65:f4:b6:29 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICBDwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEU5QzExMTAvBgNVBAUTKDBBMURFMThERkM5OEU0QUNCM0ZBMjMzMzY4MTA1QTcz RDFENDE5RjMwHhcNMjUwOTAzMDA0NTQwWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGI3OGZiMy0yNTg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8i9Wv+L1CXIoCmQMdxPaHsjY0GqJa+8LqLogv515Ukyp11JDtO+xSYoDd1iv /HJo39+4Un53/n1IsNSyyYO2MqdBMabCcCyxJ0oVRl5F6olE+86llVjpYl5nC4aB FfeLTSjgRO+UJI4cEvGoqOY3WiH3suPusblnMDCGsYccoUUoPshDbN+o9+oczC7z XAe23eNjsLFZ7+9rHSAzZ+on1AM+FT/jJxjfJx29opUh24o5g9Si5YhYRwX9dZqe vqVEFvqgQQh/BJn2Gv8TdB4DSY6FmoaD+H/a+cElJ0wwSI3m5zDU24NTysVt3QoE WcYhkPFHwvDp5e5vAVexW0iVLQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFM4ttMGg dL9ulM6e9/cXIoVqgqyHMB8GA1UdIwQYMBaAFAod4Y38mOSss/ojM2gQWnPR1Bnz MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RTlDMS9FRTcwMkY0NDdB QzkxMUVDOURBNTVCNDZDNEY5QUUwMi9DaDNoamZ5WTVLeXotaU16YUJCYWM5SFVH Zk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NoM2hqZnlZNUt5ei1pTXphQkJhYzlIVUdmTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NEU5QzEvRUU3MDJGNDQ3QUM5MTFFQzlEQTU1QjQ2QzRGOUFFMDIvNEIxNjczOTZF NzQxMTFFQzgwRTM1NTQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBABnY9ADBABnY9IwDQYJKoZIhvcNAQELBQADggEBAHFQ7tOZ o7mmy7y3m+K578q5YcaXF1mbfaKgJssr+AXHBx0KWKs/wDkKB+aFP0xxTK62G1Cm +uIgqQF/iLdC5y0u5ZUzTs4ke26Alc2dv3zRTVDsivHWDr7ET+bECowe71be95HN OP1zeHyW0BgYPhaHgLM0WxcwHa+Frajk9DrhbR9bPQw1K6HHq9CmhOq4Tk36sjXZ 5aBGrlRkYV67ZH7JiAKTqIX3qIwh+xwWCId1LHVP1sm/01Bwk+wcSV5FtczA14cX odW+nREk8WVz18mYsl2+x2nVNmKv+xj560uwH2UIn2S7FmQDUXImeNMqZhyPyxKV 6G4afXE4f2X0tik= -----END CERTIFICATE-----Generated at Sat Sep 6 09:42:44 2025 by rpki-client