$ rpki-client -vvf rpki.apnic.net/member_repository/A9176B32/738796182F3811ED9E7E027DC4F9AE02/14C5F2A62F3C11ED84084082C4F9AE02.roa File: 14C5F2A62F3C11ED84084082C4F9AE02.roa (raw, json) Hash identifier: p+jEIIVZhiAs2rparlrnkAkhw6aAuDsTWw7U7icR8vY= Subject key identifier: EE:C7:1D:29:EA:0C:F7:E4:98:21:FE:F2:46:4E:0C:37:D1:CA:2C:E3 Certificate issuer: /CN=A9176B32/serialNumber=D822A2DBC88234F80F70E46782B2D4D9CD3F9BDC Certificate serial: 026A Authority key identifier: D8:22:A2:DB:C8:82:34:F8:0F:70:E4:67:82:B2:D4:D9:CD:3F:9B:DC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2CKi28iCNPgPcORngrLU2c0_m9w.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9176B32/738796182F3811ED9E7E027DC4F9AE02/14C5F2A62F3C11ED84084082C4F9AE02.roa Signing time: Thu 25 Sep 2025 02:20:46 +0000 ROA not before: Thu 25 Sep 2025 02:20:46 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 137409 IP address blocks: 103.120.20.0/24 maxlen: 24 103.120.21.0/24 maxlen: 24 103.120.22.0/24 maxlen: 24 103.120.23.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9176B32/738796182F3811ED9E7E027DC4F9AE02/2CKi28iCNPgPcORngrLU2c0_m9w.crl rsync://rpki.apnic.net/member_repository/A9176B32/738796182F3811ED9E7E027DC4F9AE02/2CKi28iCNPgPcORngrLU2c0_m9w.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2CKi28iCNPgPcORngrLU2c0_m9w.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 03:54:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 618 (0x26a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9176B32, serialNumber=D822A2DBC88234F80F70E46782B2D4D9CD3F9BDC Validity Not Before: Sep 25 02:20:46 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=68d4a6fe-68d6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:39:1c:9f:1c:e3:cc:fa:b2:42:ec:c9:45:ab: 9d:01:74:d6:6f:e8:87:78:a6:5a:55:fe:e6:4e:05: a1:1a:d4:fd:15:dc:b1:f3:b4:b0:14:29:1e:94:5f: b3:cb:cd:a4:da:97:2c:c4:64:4b:80:12:2d:2b:aa: 69:7f:9a:51:e4:37:fa:45:75:68:07:87:a9:1d:66: ce:2e:aa:b9:c6:8f:2f:da:6c:8a:a3:6c:a1:77:8f: 13:21:ec:9b:99:ee:49:de:0a:fb:98:cc:e5:99:bc: b5:c3:9f:db:ea:4b:68:f3:93:2c:25:b9:fa:65:32: 7c:af:a2:21:c2:30:56:30:e6:8b:e8:49:46:1d:c3: 9e:ab:91:9e:01:fa:03:51:a5:bf:ad:06:f0:37:a7: 69:2e:2f:25:0d:29:27:50:3e:4d:42:d2:6a:8c:71: 7e:63:8a:71:68:a1:8a:a7:44:3e:fe:77:49:45:85: a8:fd:eb:79:f1:88:f0:d0:ae:dc:9a:7a:36:44:63: ca:aa:ce:a4:2c:25:8c:4e:fe:6b:42:3d:41:28:fd: ed:13:4e:40:7d:2f:a3:b8:1e:4b:14:44:de:fc:53: 70:89:35:4f:72:c2:19:6d:ec:aa:59:21:1f:b1:4f: ad:6a:5b:e4:cc:c0:d4:f6:5a:96:f2:f8:60:c9:7f: 66:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:C7:1D:29:EA:0C:F7:E4:98:21:FE:F2:46:4E:0C:37:D1:CA:2C:E3 X509v3 Authority Key Identifier: keyid:D8:22:A2:DB:C8:82:34:F8:0F:70:E4:67:82:B2:D4:D9:CD:3F:9B:DC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9176B32/738796182F3811ED9E7E027DC4F9AE02/2CKi28iCNPgPcORngrLU2c0_m9w.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2CKi28iCNPgPcORngrLU2c0_m9w.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9176B32/738796182F3811ED9E7E027DC4F9AE02/14C5F2A62F3C11ED84084082C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.120.20.0/22 Signature Algorithm: sha256WithRSAEncryption 2b:05:69:89:79:4a:17:64:11:04:0c:63:3c:ba:11:25:5f:d5: 06:b3:af:b3:53:28:e1:6f:36:21:51:fc:02:eb:4a:fd:96:83: 61:a2:b3:5d:46:7d:f9:83:a5:39:83:f3:72:d3:29:0a:8b:63: 83:2e:7f:da:e6:b8:5b:6a:53:8a:cd:1d:16:1e:38:65:65:47: 3a:6f:5b:95:20:0e:34:96:34:0c:45:b4:b5:e0:90:6c:25:21: 49:a4:01:c1:65:16:34:ea:db:6f:ff:9e:84:59:07:a8:fa:88: ee:95:91:af:05:06:d7:8b:77:bf:73:ac:a9:3f:45:d4:04:5c: 87:99:a0:df:b2:d2:cb:d7:2e:30:15:de:b7:89:91:51:1c:0b: 95:f3:cb:ec:63:ad:7f:86:e9:84:0b:32:08:d6:fe:bb:45:39: 8f:d8:c9:d6:1c:1e:0e:46:58:e5:2e:fd:21:e4:5f:b0:7c:a6: 36:23:9b:23:14:70:45:c6:ff:e0:d8:f3:1e:94:5d:b3:f9:a7: 95:7d:c2:68:79:4b:59:2d:70:90:2d:29:a7:34:a9:e6:e3:c9: 13:9e:ea:c0:26:3d:9f:e3:41:35:64:72:97:8c:44:6f:3a:6e: af:7b:8a:b7:25:dd:9f:5e:a6:89:c6:4a:8e:7f:d8:7c:1a:74: 33:09:39:59 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICAmowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzZCMzIxMTAvBgNVBAUTKEQ4MjJBMkRCQzg4MjM0RjgwRjcwRTQ2NzgyQjJENEQ5 Q0QzRjlCREMwHhcNMjUwOTI1MDIyMDQ2WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGQ0YTZmZS02OGQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArDkcnxzjzPqyQuzJRaudAXTWb+iHeKZaVf7mTgWhGtT9Fdyx87SwFCkelF+z y82k2pcsxGRLgBItK6ppf5pR5Df6RXVoB4epHWbOLqq5xo8v2myKo2yhd48TIeyb me5J3gr7mMzlmby1w5/b6kto85MsJbn6ZTJ8r6IhwjBWMOaL6ElGHcOeq5GeAfoD UaW/rQbwN6dpLi8lDSknUD5NQtJqjHF+Y4pxaKGKp0Q+/ndJRYWo/et58Yjw0K7c mno2RGPKqs6kLCWMTv5rQj1BKP3tE05AfS+juB5LFETe/FNwiTVPcsIZbeyqWSEf sU+talvkzMDU9lqW8vhgyX9m3QIDAQABo4IClTCCApEwHQYDVR0OBBYEFO7HHSnq DPfkmCH+8kZODDfRyizjMB8GA1UdIwQYMBaAFNgiotvIgjT4D3DkZ4Ky1NnNP5vc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NkIzMi83Mzg3OTYxODJG MzgxMUVEOUU3RTAyN0RDNEY5QUUwMi8yQ0tpMjhpQ05QZ1BjT1JuZ3JMVTJjMF9t OXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJDS2kyOGlDTlBnUGNPUm5nckxVMmMwX205dy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzZCMzIvNzM4Nzk2MTgyRjM4MTFFRDlFN0UwMjdEQzRGOUFFMDIvMTRDNUYyQTYy RjNDMTFFRDg0MDg0MDgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAJneBQwDQYJKoZIhvcNAQELBQADggEBACsFaYl5ShdkEQQM Yzy6ESVf1Qazr7NTKOFvNiFR/ALrSv2Wg2Gis11GffmDpTmD83LTKQqLY4Muf9rm uFtqU4rNHRYeOGVlRzpvW5UgDjSWNAxFtLXgkGwlIUmkAcFlFjTq22//noRZB6j6 iO6Vka8FBteLd79zrKk/RdQEXIeZoN+y0svXLjAV3reJkVEcC5Xzy+xjrX+G6YQL MgjW/rtFOY/YydYcHg5GWOUu/SHkX7B8pjYjmyMUcEXG/+DY8x6UXbP5p5V9wmh5 S1ktcJAtKac0qebjyROe6sAmPZ/jQTVkcpeMRG86bq97ircl3Z9eponGSo5/2Hwa dDMJOVk= -----END CERTIFICATE-----Generated at Tue Oct 21 14:07:24 2025 by rpki-client