$ rpki-client -vvf rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/FC5AFF000BE011ED9E3AA135C4F9AE02.roa File: FC5AFF000BE011ED9E3AA135C4F9AE02.roa (raw, json) Hash identifier: FkNOr2OAvQ+/2fjoQ+ttW/rGycCdH0fNwqceJH3qGXA= Subject key identifier: 93:49:1B:77:69:61:B1:3E:91:2D:0A:52:93:CD:EA:85:A4:7B:E1:A8 Certificate issuer: /CN=A918F20B/serialNumber=7703A6D56C718021BD9C89EB3C4BED817ED56AE5 Certificate serial: 03E9 Authority key identifier: 77:03:A6:D5:6C:71:80:21:BD:9C:89:EB:3C:4B:ED:81:7E:D5:6A:E5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dwOm1WxxgCG9nInrPEvtgX7VauU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/FC5AFF000BE011ED9E3AA135C4F9AE02.roa Signing time: Wed 27 Aug 2025 01:06:48 +0000 ROA not before: Wed 27 Aug 2025 01:06:48 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 133861 IP address blocks: 43.242.128.0/24 maxlen: 24 43.242.129.0/24 maxlen: 24 43.242.130.0/24 maxlen: 24 43.242.131.0/24 maxlen: 24 103.251.88.0/24 maxlen: 24 103.251.89.0/24 maxlen: 24 103.251.90.0/24 maxlen: 24 103.251.91.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/dwOm1WxxgCG9nInrPEvtgX7VauU.crl rsync://rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/dwOm1WxxgCG9nInrPEvtgX7VauU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dwOm1WxxgCG9nInrPEvtgX7VauU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 14 Sep 2025 00:58:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1001 (0x3e9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918F20B, serialNumber=7703A6D56C718021BD9C89EB3C4BED817ED56AE5 Validity Not Before: Aug 27 01:06:48 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=68ae5a28-0b1b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:6e:bb:48:90:15:2b:f5:bc:c4:a6:f0:13:7a: 78:32:27:d9:59:3f:3e:6d:17:78:04:4c:b5:4a:c8: 8e:e5:6e:bb:4e:9e:f2:d0:2f:5c:91:e7:91:8f:19: 25:5d:2d:7a:97:2e:c1:af:5c:c8:fa:c4:db:6d:d7: 9c:1a:04:ed:ae:3d:28:20:f3:ce:07:e9:a0:b1:39: 0e:94:db:ad:2f:7d:86:24:b6:24:1c:4e:55:98:f4: b1:f6:b7:1a:23:6a:d6:7c:db:87:01:a8:5e:d0:3f: 0f:ec:3f:8c:89:98:62:33:68:b9:70:1a:99:11:6f: 1f:34:ae:3f:78:33:f0:b4:0d:1f:af:f8:f8:79:49: 58:54:bb:87:c8:c7:35:cc:a7:f7:52:e8:eb:1d:73: 72:b1:58:f1:8a:2b:21:b2:40:82:de:99:a6:6f:57: 22:e1:f0:41:fc:fc:14:59:9e:6e:9b:96:20:e8:b9: 45:69:2c:2b:e3:c8:8d:dd:46:ec:23:31:2b:f3:8a: 09:5d:a2:43:38:37:b7:33:f0:f0:8f:13:77:dc:bf: d8:ad:10:c8:18:89:91:59:56:5e:e5:18:37:ae:aa: 0d:6c:39:7a:0d:9a:b4:de:b5:c0:b8:0e:ed:13:6d: 9a:c2:d4:3a:f5:d7:53:b3:a0:81:79:e7:36:73:65: 94:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:49:1B:77:69:61:B1:3E:91:2D:0A:52:93:CD:EA:85:A4:7B:E1:A8 X509v3 Authority Key Identifier: keyid:77:03:A6:D5:6C:71:80:21:BD:9C:89:EB:3C:4B:ED:81:7E:D5:6A:E5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/dwOm1WxxgCG9nInrPEvtgX7VauU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dwOm1WxxgCG9nInrPEvtgX7VauU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/FC5AFF000BE011ED9E3AA135C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.242.128.0/22 103.251.88.0/22 Signature Algorithm: sha256WithRSAEncryption 66:e5:36:9f:cd:29:d5:89:05:53:8b:b3:17:54:0e:de:ab:10: 96:ac:59:f3:46:32:1c:b1:2c:bd:24:1b:0e:b6:ec:bc:54:2d: bb:0a:c9:b9:7b:d9:5c:45:8c:1d:7e:01:6b:f5:ad:52:c0:d4: b3:ed:6b:d3:94:b2:8f:2e:a2:7a:da:31:e1:6d:26:d1:5b:3c: da:6a:a1:67:f2:e2:b5:a9:6c:f1:71:77:dc:5b:57:c7:94:39: ea:97:16:69:2d:dd:6d:d9:a1:56:69:69:d4:12:00:3a:97:e4: 09:4b:48:39:7b:85:d9:f2:fe:18:83:2b:a4:df:51:5f:ce:d8: e9:27:aa:2c:15:61:5a:24:dc:e8:db:ae:f8:73:02:a1:32:97: 41:59:ad:ed:5e:81:4f:69:98:f8:d7:63:19:1f:e6:8f:82:e5: bf:90:2c:33:5a:c7:d7:d6:e6:e6:39:c3:33:7b:3f:2d:76:cb: b1:60:79:0b:63:bf:b8:9d:6a:b3:54:be:9b:1f:29:e4:4a:04: c2:dd:04:9a:a7:14:4a:52:0f:11:91:89:9d:e8:aa:d2:89:d9: 9b:cb:ff:7f:9d:96:26:ab:97:7e:9a:14:9f:63:5e:38:62:40: c4:48:7f:a5:45:14:9c:2c:25:2c:f7:a3:1e:33:89:6f:92:62: c1:b8:93:8f -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICA+kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEYyMEIxMTAvBgNVBAUTKDc3MDNBNkQ1NkM3MTgwMjFCRDlDODlFQjNDNEJFRDgx N0VENTZBRTUwHhcNMjUwODI3MDEwNjQ4WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGFlNWEyOC0wYjFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuG67SJAVK/W8xKbwE3p4MifZWT8+bRd4BEy1SsiO5W67Tp7y0C9ckeeRjxkl XS16ly7Br1zI+sTbbdecGgTtrj0oIPPOB+mgsTkOlNutL32GJLYkHE5VmPSx9rca I2rWfNuHAahe0D8P7D+MiZhiM2i5cBqZEW8fNK4/eDPwtA0fr/j4eUlYVLuHyMc1 zKf3UujrHXNysVjxiishskCC3pmmb1ci4fBB/PwUWZ5um5Yg6LlFaSwr48iN3Ubs IzEr84oJXaJDODe3M/DwjxN33L/YrRDIGImRWVZe5Rg3rqoNbDl6DZq03rXAuA7t E22awtQ69ddTs6CBeec2c2WURwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFJNJG3dp YbE+kS0KUpPN6oWke+GoMB8GA1UdIwQYMBaAFHcDptVscYAhvZyJ6zxL7YF+1Wrl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RjIwQi8xOUU0REJGNjk2 MEYxMUVDODkwQTQ0NkRDNEY5QUUwMi9kd09tMVd4eGdDRzluSW5yUEV2dGdYN1Zh dVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2R3T20xV3h4Z0NHOW5JbnJQRXZ0Z1g3VmF1VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEYyMEIvMTlFNERCRjY5NjBGMTFFQzg5MEE0NDZEQzRGOUFFMDIvRkM1QUZGMDAw QkUwMTFFRDlFM0FBMTM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAIr8oADBAJn+1gwDQYJKoZIhvcNAQELBQADggEBAGblNp/N KdWJBVOLsxdUDt6rEJasWfNGMhyxLL0kGw627LxULbsKybl72VxFjB1+AWv1rVLA 1LPta9OUso8uonraMeFtJtFbPNpqoWfy4rWpbPFxd9xbV8eUOeqXFmkt3W3ZoVZp adQSADqX5AlLSDl7hdny/hiDK6TfUV/O2OknqiwVYVok3OjbrvhzAqEyl0FZre1e gU9pmPjXYxkf5o+C5b+QLDNax9fW5uY5wzN7Py12y7FgeQtjv7idarNUvpsfKeRK BMLdBJqnFEpSDxGRiZ3oqtKJ2ZvL/3+dliarl36aFJ9jXjhiQMRIf6VFFJwsJSz3 ox4ziW+SYsG4k48= -----END CERTIFICATE-----Generated at Mon Sep 8 15:51:57 2025 by rpki-client