$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2C3130CE88BF11F08AFA4C38C4F9AE02.roa File: 2C3130CE88BF11F08AFA4C38C4F9AE02.roa (raw, json) Hash identifier: p3ko4PsOqOwZv2xeVSUgZEYUnpOUq0Nd8I2BVE3GKpM= Subject key identifier: 15:A0:D0:D3:15:CC:BD:B1:11:5D:17:2D:7E:9B:33:1C:03:7B:4E:5A Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: C41C Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2C3130CE88BF11F08AFA4C38C4F9AE02.roa Signing time: Wed 03 Sep 2025 12:11:51 +0000 ROA not before: Wed 03 Sep 2025 12:11:51 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 149194 IP address blocks: 45.112.56.0/22 maxlen: 24 45.127.200.0/22 maxlen: 24 103.106.102.0/24 maxlen: 24 103.133.38.0/24 maxlen: 24 103.196.132.0/22 maxlen: 24 103.239.168.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Sep 2025 15:24:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50204 (0xc41c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Sep 3 12:11:51 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=68b83087-594e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:fd:eb:a6:85:1d:02:4f:4a:99:68:4a:29:12: af:c5:0e:8b:63:6d:78:f6:c5:49:88:4a:62:ec:95: 9c:e2:5a:6b:55:6d:4f:58:74:52:d4:1a:fa:2e:cf: 5e:4a:0b:4b:ff:27:53:84:38:20:53:5a:00:05:b7: 8c:b7:4f:4c:44:50:12:35:85:c9:5b:3f:03:26:e1: a3:4c:ef:99:ea:99:7a:84:03:1d:dc:48:c8:0d:c4: a9:e2:b8:8f:5e:e8:bf:a4:8b:a5:b4:53:81:4c:9b: 74:67:d1:a4:a9:65:41:aa:3d:41:ba:2c:44:c0:e7: 7b:f5:10:6a:1f:4e:bc:b2:96:9c:2c:57:2f:bf:86: 7a:25:1f:81:3f:10:bd:9b:7b:bf:1f:bf:eb:38:3d: 95:95:f1:0a:5b:af:df:0d:36:a7:69:ef:b5:31:ac: ed:bb:59:33:90:1e:ab:03:db:7d:ec:97:80:b0:de: 17:ee:e8:39:94:5d:7a:4b:77:f7:88:96:e4:12:51: 17:15:e5:8b:30:49:39:1c:d7:dc:58:c3:5c:30:97: ce:6f:16:c8:7f:40:22:6e:b1:2a:8c:a4:82:55:fd: ae:70:9e:c2:03:ce:4b:9e:05:e8:89:7d:8b:c8:d2: b8:e1:66:d5:6d:26:10:aa:6a:23:d2:a4:80:ea:6b: 7f:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:A0:D0:D3:15:CC:BD:B1:11:5D:17:2D:7E:9B:33:1C:03:7B:4E:5A X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2C3130CE88BF11F08AFA4C38C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.112.56.0/22 45.127.200.0/22 103.106.102.0/24 103.133.38.0/24 103.196.132.0/22 103.239.168.0/22 Signature Algorithm: sha256WithRSAEncryption 1f:c3:c9:99:a2:d2:ae:dd:8e:8f:46:0b:fb:58:a2:59:a2:93: d9:2a:eb:83:84:d5:36:e6:9c:d8:1f:aa:a6:bd:a2:e7:a4:ae: 6f:42:56:6c:65:04:15:cb:87:6d:2a:3b:48:0a:cb:c7:da:a5: b7:65:f2:e6:92:62:b2:e8:ad:19:88:f8:19:67:9e:a0:b8:d1: 4f:d9:5b:0a:5f:d3:f7:a6:73:0b:0c:0d:63:d2:b3:35:ae:d4: 72:49:62:fd:96:27:ba:f6:39:3c:5a:15:cb:dd:48:20:d3:42: b8:7e:e0:fa:92:80:be:c0:9c:4f:6f:07:af:96:da:81:e2:c7: de:73:49:28:8d:8e:08:b0:cf:5a:0f:b0:67:13:dc:f4:1d:d1: b4:81:e2:86:bb:c0:d1:50:49:bd:08:2c:44:7d:89:fd:79:11: 1a:d3:0b:f6:03:11:79:ce:29:fc:97:48:17:cb:5f:f9:f0:d6: aa:f3:76:8c:96:24:5d:91:3d:55:8e:a5:2d:67:01:a6:1f:b3: 72:47:4e:63:57:c1:c6:3d:05:05:13:89:24:12:9f:86:f0:b6: 56:af:ee:ce:b1:5c:89:a7:07:1e:b8:65:0a:86:c5:1b:0c:e6: fa:43:5f:87:c3:2d:ee:06:e6:ff:9f:a4:d3:0f:e7:74:c7:62: cf:94:96:96 -----BEGIN CERTIFICATE----- MIIFkDCCBHigAwIBAgIDAMQcMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDkwMzEyMTE1MVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjhiODMwODctNTk0ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOz966aFHQJPSploSikSr8UOi2NtePbFSYhKYuyVnOJaa1VtT1h0UtQa+i7P XkoLS/8nU4Q4IFNaAAW3jLdPTERQEjWFyVs/Aybho0zvmeqZeoQDHdxIyA3EqeK4 j17ov6SLpbRTgUybdGfRpKllQao9QbosRMDne/UQah9OvLKWnCxXL7+GeiUfgT8Q vZt7vx+/6zg9lZXxCluv3w02p2nvtTGs7btZM5AeqwPbfeyXgLDeF+7oOZRdekt3 94iW5BJRFxXlizBJORzX3FjDXDCXzm8WyH9AIm6xKoykglX9rnCewgPOS54F6Il9 i8jSuOFm1W0mEKpqI9KkgOprf30CAwEAAaOCArMwggKvMB0GA1UdDgQWBBQVoNDT Fcy9sRFdFy1+mzMcA3tOWjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzJDMzEzMENF ODhCRjExRjA4QUZBNEMzOEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMD0GCCsGAQUFBwEHAQH/ BC4wLDAqBAIAATAkAwQCLXA4AwQCLX/IAwQAZ2pmAwQAZ4UmAwQCZ8SEAwQCZ++o MA0GCSqGSIb3DQEBCwUAA4IBAQAfw8mZotKu3Y6PRgv7WKJZopPZKuuDhNU25pzY H6qmvaLnpK5vQlZsZQQVy4dtKjtICsvH2qW3ZfLmkmKy6K0ZiPgZZ56guNFP2VsK X9P3pnMLDA1j0rM1rtRySWL9lie69jk8WhXL3Ugg00K4fuD6koC+wJxPbwevltqB 4sfec0kojY4IsM9aD7BnE9z0HdG0geKGu8DRUEm9CCxEfYn9eREa0wv2AxF5zin8 l0gXy1/58Naq83aMliRdkT1VjqUtZwGmH7NyR05jV8HGPQUFE4kkEp+G8LZWr+7O sVyJpwceuGUKhsUbDOb6Q1+Hwy3uBub/n6TTD+d0x2LPlJaW -----END CERTIFICATE-----Generated at Sun Sep 7 16:33:44 2025 by rpki-client