$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/AB067244570311F08477624BC4F9AE02.roa File: AB067244570311F08477624BC4F9AE02.roa (raw, json) Hash identifier: jZnXVowftRHYIu88v46GdbvMpuXu6YFqxF4QjgHQ5jU= Subject key identifier: 86:1F:53:49:7E:00:4F:9D:05:82:EF:8D:92:47:EF:41:B6:63:09:04 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: BF45 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/AB067244570311F08477624BC4F9AE02.roa Signing time: Wed 02 Jul 2025 05:16:12 +0000 ROA not before: Wed 02 Jul 2025 05:16:12 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 151101 IP address blocks: 103.209.172.0/24 maxlen: 24 103.221.238.0/23 maxlen: 24 2001:df1:c940::/48 maxlen: 48 2001:df2:94c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 Oct 2025 12:48:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48965 (0xbf45) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Jul 2 05:16:12 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=6864c09b-b14d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:f9:14:e9:9c:2f:6f:44:f6:9f:16:ef:0b:7e: cc:9f:da:71:94:d4:42:d6:3f:65:ff:b1:b2:26:71: 6b:aa:36:3a:c4:8d:a4:60:e0:46:aa:a2:fd:9e:98: 3f:35:2c:fb:ed:45:82:37:85:7b:da:70:60:e0:99: c0:3f:1f:bf:71:5e:5d:25:50:0d:4f:7e:21:e9:a2: ad:5b:d9:17:b6:c3:85:cd:fc:17:82:77:fe:d1:4b: 36:59:53:10:10:50:df:69:80:be:50:4a:28:97:ae: 2a:45:be:4d:22:40:db:a7:1a:d4:5a:eb:02:bd:ba: 40:11:3a:24:9c:69:99:29:03:42:ca:5c:33:06:7c: c9:de:8d:7d:a7:6b:98:78:0c:28:84:ed:a3:ec:c9: 0c:7c:15:4b:c3:b8:d9:b6:6f:3f:cf:64:d3:16:ec: bf:fd:83:d4:46:6d:3e:cd:38:d1:6e:90:03:9c:9d: 33:a6:e3:9b:05:4b:ac:02:a3:73:c4:b1:a6:28:af: a0:aa:e3:d7:ce:bb:13:aa:fd:88:1b:1d:34:71:f4: 88:0a:44:5c:be:16:85:3b:b0:2e:07:a6:c4:37:61: 57:b3:ed:bf:d2:7b:1c:17:24:bf:db:97:2d:0e:a9: bd:85:af:ad:b4:33:ba:46:98:37:c7:2f:e7:9a:db: 38:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:1F:53:49:7E:00:4F:9D:05:82:EF:8D:92:47:EF:41:B6:63:09:04 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/AB067244570311F08477624BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.209.172.0/24 103.221.238.0/23 IPv6: 2001:df1:c940::/48 2001:df2:94c0::/48 Signature Algorithm: sha256WithRSAEncryption 77:00:bf:3e:44:29:1f:c4:be:f7:8f:65:dc:b4:93:3f:84:96: 73:d5:8f:18:7e:83:01:8a:6b:f7:af:11:8f:e9:f2:04:dc:c8: b8:8c:ab:bc:d8:9d:ae:25:df:80:1d:88:b4:e1:81:b7:8b:4a: 74:b5:2f:78:8a:c8:f6:6e:2e:06:1a:59:dc:df:b7:5e:4b:02: 90:ad:fa:0f:5f:92:4e:fa:d8:d2:2b:96:cc:e7:7c:46:53:9f: 37:d1:5e:5d:c6:13:82:91:2c:61:be:e1:64:5f:b6:d5:a5:41: e8:bb:cc:55:6b:21:2d:cd:ac:d9:18:4b:79:b0:87:a0:11:1e: 2d:e0:df:3d:c0:2e:68:fc:e2:6c:f9:c2:4b:a5:47:19:e6:63: 33:3e:67:93:58:66:cf:19:d2:ee:30:ac:30:b2:ab:52:ea:58: af:7e:8f:1c:95:8e:44:f0:c0:16:2c:53:dd:c7:32:70:7c:85: c5:4f:97:11:9d:65:bc:73:1d:67:53:c6:ad:ae:cc:2d:d3:82: 9d:09:27:fb:d1:ae:41:e0:b8:ad:20:40:dc:08:9f:71:2b:1b: 18:95:ad:be:ee:4d:d8:d8:4c:ac:66:96:2e:9c:8d:29:12:6e: c4:c8:2a:18:ee:e8:8a:6f:81:89:fb:b4:06:0e:9a:78:5f:b9: c8:5d:78:45 -----BEGIN CERTIFICATE----- MIIFkjCCBHqgAwIBAgIDAL9FMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDcwMjA1MTYxMloXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjg2NGMwOWItYjE0ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL35FOmcL29E9p8W7wt+zJ/acZTUQtY/Zf+xsiZxa6o2OsSNpGDgRqqi/Z6Y PzUs++1FgjeFe9pwYOCZwD8fv3FeXSVQDU9+IemirVvZF7bDhc38F4J3/tFLNllT EBBQ32mAvlBKKJeuKkW+TSJA26ca1FrrAr26QBE6JJxpmSkDQspcMwZ8yd6Nfadr mHgMKITto+zJDHwVS8O42bZvP89k0xbsv/2D1EZtPs040W6QA5ydM6bjmwVLrAKj c8SxpiivoKrj1867E6r9iBsdNHH0iApEXL4WhTuwLgemxDdhV7Ptv9J7HBckv9uX LQ6pvYWvrbQzukaYN8cv55rbOEMCAwEAAaOCArUwggKxMB0GA1UdDgQWBBSGH1NJ fgBPnQWC742SR+9BtmMJBDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0FCMDY3MjQ0 NTcwMzExRjA4NDc3NjI0QkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMD8GCCsGAQUFBwEHAQH/ BDAwLjASBAIAATAMAwQAZ9GsAwQBZ93uMBgEAgACMBIDBwAgAQ3xyUADBwAgAQ3y lMAwDQYJKoZIhvcNAQELBQADggEBAHcAvz5EKR/EvvePZdy0kz+ElnPVjxh+gwGK a/evEY/p8gTcyLiMq7zYna4l34AdiLThgbeLSnS1L3iKyPZuLgYaWdzft15LApCt +g9fkk762NIrlsznfEZTnzfRXl3GE4KRLGG+4WRfttWlQei7zFVrIS3NrNkYS3mw h6ARHi3g3z3ALmj84mz5wkulRxnmYzM+Z5NYZs8Z0u4wrDCyq1LqWK9+jxyVjkTw wBYsU93HMnB8hcVPlxGdZbxzHWdTxq2uzC3Tgp0JJ/vRrkHguK0gQNwIn3ErGxiV rb7uTdjYTKxmli6cjSkSbsTIKhju6IpvgYn7tAYOmnhfuchdeEU= -----END CERTIFICATE-----Generated at Tue Oct 21 22:10:42 2025 by rpki-client