$ rpki-client -vvf rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/D9AD698C961211ECB515C474C4F9AE02.roa File: D9AD698C961211ECB515C474C4F9AE02.roa (raw, json) Hash identifier: 0Y4nA/Aph2MoTUodk+O6k9Ce17owZ/QgLBqclqJBZ7I= Subject key identifier: 3B:9C:97:02:9B:A4:14:83:CD:87:83:BE:FE:59:69:1F:55:B2:F6:EE Certificate issuer: /CN=A918F20B/serialNumber=7703A6D56C718021BD9C89EB3C4BED817ED56AE5 Certificate serial: 03E8 Authority key identifier: 77:03:A6:D5:6C:71:80:21:BD:9C:89:EB:3C:4B:ED:81:7E:D5:6A:E5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dwOm1WxxgCG9nInrPEvtgX7VauU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/D9AD698C961211ECB515C474C4F9AE02.roa Signing time: Wed 27 Aug 2025 01:06:47 +0000 ROA not before: Wed 27 Aug 2025 01:06:47 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 133199 IP address blocks: 43.242.128.0/24 maxlen: 24 43.242.129.0/24 maxlen: 24 43.242.130.0/24 maxlen: 24 43.242.131.0/24 maxlen: 24 103.251.88.0/24 maxlen: 24 103.251.89.0/24 maxlen: 24 103.251.90.0/24 maxlen: 24 103.251.91.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/dwOm1WxxgCG9nInrPEvtgX7VauU.crl rsync://rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/dwOm1WxxgCG9nInrPEvtgX7VauU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dwOm1WxxgCG9nInrPEvtgX7VauU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 16 Sep 2025 00:38:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1000 (0x3e8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918F20B, serialNumber=7703A6D56C718021BD9C89EB3C4BED817ED56AE5 Validity Not Before: Aug 27 01:06:47 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=68ae5a27-1582 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:cf:a1:29:b2:eb:30:b2:63:7c:80:cc:ad:a5: 4a:cc:56:6d:b6:cb:27:9c:a6:be:c3:4b:76:bb:d1: 11:65:91:4b:e1:d1:fc:98:78:f7:90:c2:db:0b:f7: 4f:e5:b9:18:1e:62:f8:c6:d3:51:51:03:d9:25:9a: dc:84:af:a7:4f:68:e8:c9:4b:b8:e5:0b:b8:af:3c: fa:0a:73:ba:ce:ec:21:ed:de:73:95:88:ba:00:6f: 20:28:d9:ad:b1:c2:46:e8:92:91:8c:71:6c:27:90: 71:f2:4c:83:06:89:75:63:92:fe:67:14:e7:68:51: cf:b4:10:9a:fd:10:2b:93:cd:e2:07:8c:a0:34:4c: 83:1b:8c:cc:c5:02:d9:91:d5:07:a6:e0:69:4a:4b: cc:90:11:ac:1c:41:80:6b:c0:5a:30:98:a1:4f:de: 81:30:69:95:fb:41:7c:ac:8c:25:a5:e3:44:01:df: d6:14:9d:be:a8:0c:e3:22:87:e8:b8:7b:6d:a0:1c: d2:95:f9:7b:72:54:4f:d8:4d:72:bb:89:d3:4f:87: 67:db:80:98:33:f7:69:b2:7e:2a:7f:56:84:aa:92: 74:b8:d9:a2:54:2d:9f:fb:52:88:59:25:75:ba:dd: 95:64:69:00:f4:45:f6:f2:5c:4d:4d:b6:34:ed:78: 5e:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:9C:97:02:9B:A4:14:83:CD:87:83:BE:FE:59:69:1F:55:B2:F6:EE X509v3 Authority Key Identifier: keyid:77:03:A6:D5:6C:71:80:21:BD:9C:89:EB:3C:4B:ED:81:7E:D5:6A:E5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/dwOm1WxxgCG9nInrPEvtgX7VauU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dwOm1WxxgCG9nInrPEvtgX7VauU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/D9AD698C961211ECB515C474C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.242.128.0/22 103.251.88.0/22 Signature Algorithm: sha256WithRSAEncryption 91:c4:6d:4e:84:58:3e:49:3e:6a:37:f8:b9:c8:99:f4:07:d8: e4:bd:70:eb:71:51:93:24:2e:de:99:e7:b0:51:cf:36:a0:7a: 5e:ab:6f:dc:1b:ed:82:f1:96:b5:cc:d2:2f:d7:0c:e5:63:05: 04:f3:7e:e0:aa:b5:75:83:7c:76:c5:dc:5e:30:b9:ff:50:b3: 6e:9a:52:ed:73:bb:a1:d6:40:74:c2:85:ad:6f:70:c7:84:71: 25:10:f3:04:a1:ce:96:04:29:b1:ea:b6:80:79:3d:8c:f6:16: 2d:71:84:86:c6:75:52:9c:59:62:00:9b:c8:dd:0e:85:a2:0a: 11:9b:7e:ad:b5:02:3c:6a:32:f2:f9:d7:68:7e:c9:3b:a6:6d: a5:c0:f5:3d:38:f8:af:78:f1:a0:23:3f:de:f6:3a:b5:18:aa: d0:fa:7d:0a:09:ff:63:72:fe:6d:21:7b:a0:7d:23:9a:32:70: 1e:38:32:c5:e9:ce:ee:fe:44:e0:06:f9:f4:9f:71:48:06:5d: 9f:62:21:3f:5b:2e:84:ef:83:7c:eb:11:d4:b6:36:69:c4:f4: f3:ef:0b:d9:13:87:15:e1:4f:36:bb:61:1c:9e:f9:36:c5:30: ad:91:0b:1c:17:14:73:88:3c:c1:83:84:f4:6b:cc:b3:e0:a0: c3:1a:59:27 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICA+gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEYyMEIxMTAvBgNVBAUTKDc3MDNBNkQ1NkM3MTgwMjFCRDlDODlFQjNDNEJFRDgx N0VENTZBRTUwHhcNMjUwODI3MDEwNjQ3WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGFlNWEyNy0xNTgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAos+hKbLrMLJjfIDMraVKzFZttssnnKa+w0t2u9ERZZFL4dH8mHj3kMLbC/dP 5bkYHmL4xtNRUQPZJZrchK+nT2joyUu45Qu4rzz6CnO6zuwh7d5zlYi6AG8gKNmt scJG6JKRjHFsJ5Bx8kyDBol1Y5L+ZxTnaFHPtBCa/RArk83iB4ygNEyDG4zMxQLZ kdUHpuBpSkvMkBGsHEGAa8BaMJihT96BMGmV+0F8rIwlpeNEAd/WFJ2+qAzjIofo uHttoBzSlfl7clRP2E1yu4nTT4dn24CYM/dpsn4qf1aEqpJ0uNmiVC2f+1KIWSV1 ut2VZGkA9EX28lxNTbY07XheJwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFDuclwKb pBSDzYeDvv5ZaR9VsvbuMB8GA1UdIwQYMBaAFHcDptVscYAhvZyJ6zxL7YF+1Wrl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RjIwQi8xOUU0REJGNjk2 MEYxMUVDODkwQTQ0NkRDNEY5QUUwMi9kd09tMVd4eGdDRzluSW5yUEV2dGdYN1Zh dVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2R3T20xV3h4Z0NHOW5JbnJQRXZ0Z1g3VmF1VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEYyMEIvMTlFNERCRjY5NjBGMTFFQzg5MEE0NDZEQzRGOUFFMDIvRDlBRDY5OEM5 NjEyMTFFQ0I1MTVDNDc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAIr8oADBAJn+1gwDQYJKoZIhvcNAQELBQADggEBAJHEbU6E WD5JPmo3+LnImfQH2OS9cOtxUZMkLt6Z57BRzzagel6rb9wb7YLxlrXM0i/XDOVj BQTzfuCqtXWDfHbF3F4wuf9Qs26aUu1zu6HWQHTCha1vcMeEcSUQ8wShzpYEKbHq toB5PYz2Fi1xhIbGdVKcWWIAm8jdDoWiChGbfq21AjxqMvL512h+yTumbaXA9T04 +K948aAjP972OrUYqtD6fQoJ/2Ny/m0he6B9I5oycB44MsXpzu7+ROAG+fSfcUgG XZ9iIT9bLoTvg3zrEdS2NmnE9PPvC9kThxXhTza7YRye+TbFMK2RCxwXFHOIPMGD hPRrzLPgoMMaWSc= -----END CERTIFICATE-----Generated at Tue Sep 9 17:50:38 2025 by rpki-client