$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/ED585FAC71B811F0B467DA5CC4F9AE02.roa File: ED585FAC71B811F0B467DA5CC4F9AE02.roa (raw, json) Hash identifier: USmwXnvxuo3Sfpfp66dsM4DCxO9IXpv6Yk6m389eF0c= Subject key identifier: 94:A9:3E:0A:28:48:CE:19:E8:81:A3:9D:6A:DB:85:72:A5:8B:EB:2E Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: C19E Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/ED585FAC71B811F0B467DA5CC4F9AE02.roa Signing time: Tue 05 Aug 2025 04:59:12 +0000 ROA not before: Tue 05 Aug 2025 04:59:12 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 135183 IP address blocks: 103.217.88.0/22 maxlen: 24 2001:df2:1fc0::/48 maxlen: 48 2001:df5:a240::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 Oct 2025 12:48:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49566 (0xc19e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Aug 5 04:59:12 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=68918fa0-31d1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:09:4f:66:a9:8d:c7:06:33:41:86:4b:a0:00: fd:27:0a:bc:9f:11:6b:10:d4:46:be:5c:62:61:0e: 78:3c:da:1a:97:4f:19:f2:68:f7:25:69:8a:57:9f: e0:86:84:6c:e3:a5:d9:f9:df:4b:12:eb:5b:60:e6: 8d:1a:48:1d:3e:87:0f:44:f6:02:75:5b:b4:3a:3c: bc:2e:2c:3b:3f:ad:49:87:38:cc:d4:0a:1f:09:3c: 19:2e:2c:dd:e1:92:2c:8a:6f:75:b3:a9:74:b5:74: 2c:07:61:75:da:0f:c9:f0:72:f4:82:ba:9e:5f:eb: a6:e6:32:72:53:23:c8:e0:3c:d9:bd:af:19:20:aa: af:1f:2e:80:b5:ea:4c:79:1d:88:97:27:90:85:36: 46:82:d5:45:a8:8c:50:3c:52:8e:4e:b0:65:b7:dc: e2:ee:33:92:9e:a1:00:5b:cf:1d:f8:2a:d7:b3:13: 95:9c:92:1e:0b:44:84:8b:41:5e:37:57:94:40:95: 82:f7:2d:37:75:d6:6f:9b:cc:95:af:a7:cc:62:8d: 47:d4:ff:5f:6d:81:8c:4e:be:ed:8c:9a:f3:71:5d: 4e:ad:25:c1:fb:7a:30:dd:fc:6e:bd:d4:31:07:51: 17:ee:0d:9e:88:46:5f:31:83:27:09:24:37:4a:fe: 6f:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:A9:3E:0A:28:48:CE:19:E8:81:A3:9D:6A:DB:85:72:A5:8B:EB:2E X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/ED585FAC71B811F0B467DA5CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.217.88.0/22 IPv6: 2001:df2:1fc0::/48 2001:df5:a240::/48 Signature Algorithm: sha256WithRSAEncryption 48:83:bd:3c:85:33:2b:1c:a0:36:e3:4a:01:96:b8:67:a0:36: 6d:f1:8b:d5:c5:21:2b:af:d9:ed:b4:8c:22:e2:fa:20:13:f1: a3:5a:75:d7:16:82:45:e5:c3:f5:d9:8f:b0:be:1f:e0:3a:2d: a0:3f:fe:be:9a:39:5a:01:f2:fd:70:9a:83:3f:83:9b:d1:c3: d4:49:82:51:46:c4:47:e1:1e:18:dd:5b:0a:1c:b1:76:af:34: 43:77:22:3a:01:d0:cf:8c:ca:58:41:ae:ad:b6:21:74:da:00: 82:79:9e:79:b4:a4:fb:22:6e:39:72:ec:a0:b3:3f:dd:bf:c1: 95:8e:42:d1:04:6c:67:d8:cc:5d:bc:e0:16:d4:50:c1:9e:05: 91:1f:5b:78:9c:4f:4d:c7:27:d5:c1:34:3d:9f:a3:df:76:ec: 70:2e:3f:66:81:86:83:d9:71:5f:d2:26:4f:1e:ee:ba:a1:cc: ed:e4:bb:ef:cd:04:7a:07:08:7d:02:c1:54:c7:e4:ee:d9:c3: 5f:9e:e2:53:de:a9:b2:8b:45:0d:f9:ce:e4:da:40:33:d5:f8: ec:0c:80:07:84:21:fa:ca:32:18:44:4f:be:7e:4f:9e:1f:00: db:7f:c0:2a:a7:56:50:e1:7d:a1:d5:95:74:4d:e7:27:b5:b5: 59:28:7e:b1 -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgIDAMGeMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDgwNTA0NTkxMloXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjg5MThmYTAtMzFkMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ4JT2apjccGM0GGS6AA/ScKvJ8RaxDURr5cYmEOeDzaGpdPGfJo9yVpilef 4IaEbOOl2fnfSxLrW2DmjRpIHT6HD0T2AnVbtDo8vC4sOz+tSYc4zNQKHwk8GS4s 3eGSLIpvdbOpdLV0LAdhddoPyfBy9IK6nl/rpuYyclMjyOA82b2vGSCqrx8ugLXq THkdiJcnkIU2RoLVRaiMUDxSjk6wZbfc4u4zkp6hAFvPHfgq17MTlZySHgtEhItB XjdXlECVgvctN3XWb5vMla+nzGKNR9T/X22BjE6+7Yya83FdTq0lwft6MN38br3U MQdRF+4NnohGXzGDJwkkN0r+b18CAwEAAaOCAq8wggKrMB0GA1UdDgQWBBSUqT4K KEjOGeiBo51q24VypYvrLjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0VENTg1RkFD NzFCODExRjBCNDY3REE1Q0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDkGCCsGAQUFBwEHAQH/ BCowKDAMBAIAATAGAwQCZ9lYMBgEAgACMBIDBwAgAQ3yH8ADBwAgAQ31okAwDQYJ KoZIhvcNAQELBQADggEBAEiDvTyFMyscoDbjSgGWuGegNm3xi9XFISuv2e20jCLi +iAT8aNaddcWgkXlw/XZj7C+H+A6LaA//r6aOVoB8v1wmoM/g5vRw9RJglFGxEfh HhjdWwocsXavNEN3IjoB0M+MylhBrq22IXTaAIJ5nnm0pPsibjly7KCzP92/wZWO QtEEbGfYzF284BbUUMGeBZEfW3icT03HJ9XBND2fo9927HAuP2aBhoPZcV/SJk8e 7rqhzO3ku+/NBHoHCH0CwVTH5O7Zw1+e4lPeqbKLRQ35zuTaQDPV+OwMgAeEIfrK MhhET75+T54fANt/wCqnVlDhfaHVlXRN5ye1tVkofrE= -----END CERTIFICATE-----Generated at Tue Oct 21 22:10:44 2025 by rpki-client