$ rpki-client -vvf rpki.apnic.net/member_repository/A9114DDF/5B06FEF2A50A11ECB2778D5CC4F9AE02/FF46137EA51C11EC8394365BC4F9AE02.roa File: FF46137EA51C11EC8394365BC4F9AE02.roa (raw, json) Hash identifier: AFgH6rBWprP5TXP7VnSd6WVIQBawbyHn9rZtCd/WfjM= Subject key identifier: 01:99:23:FA:D7:F8:DD:BC:92:2B:6F:53:01:00:2C:F8:37:24:D7:46 Certificate issuer: /CN=A9114DDF/serialNumber=E8671750344F18C2AF747FFAF255850EBC79D01F Certificate serial: 03CD Authority key identifier: E8:67:17:50:34:4F:18:C2:AF:74:7F:FA:F2:55:85:0E:BC:79:D0:1F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6GcXUDRPGMKvdH_68lWFDrx50B8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9114DDF/5B06FEF2A50A11ECB2778D5CC4F9AE02/FF46137EA51C11EC8394365BC4F9AE02.roa Signing time: Tue 07 Oct 2025 00:58:30 +0000 ROA not before: Tue 07 Oct 2025 00:58:30 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 134553 IP address blocks: 45.126.88.0/22 maxlen: 22 45.126.88.0/24 maxlen: 24 45.126.89.0/24 maxlen: 24 45.126.90.0/24 maxlen: 24 45.126.91.0/24 maxlen: 24 103.236.228.0/22 maxlen: 22 103.236.228.0/24 maxlen: 24 103.236.229.0/24 maxlen: 24 103.236.230.0/24 maxlen: 24 103.236.231.0/24 maxlen: 24 2001:df1:2a00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9114DDF/5B06FEF2A50A11ECB2778D5CC4F9AE02/6GcXUDRPGMKvdH_68lWFDrx50B8.crl rsync://rpki.apnic.net/member_repository/A9114DDF/5B06FEF2A50A11ECB2778D5CC4F9AE02/6GcXUDRPGMKvdH_68lWFDrx50B8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6GcXUDRPGMKvdH_68lWFDrx50B8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 00:35:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 973 (0x3cd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9114DDF, serialNumber=E8671750344F18C2AF747FFAF255850EBC79D01F Validity Not Before: Oct 7 00:58:30 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68e465b5-8fb1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:c1:20:6e:a0:2a:4d:ca:2e:5f:62:da:d6:14: 7c:00:ee:2f:6d:15:d9:9b:87:08:ef:27:55:78:0b: 37:c5:94:77:7c:8b:6d:18:d7:78:4e:89:e7:69:c4: 73:75:ea:98:fd:1a:22:bb:f7:f9:07:dd:40:01:5d: 57:6a:eb:0e:c5:b7:4c:fb:5c:02:46:34:47:6b:dc: d7:a9:af:07:5a:d9:95:e9:ae:d6:5c:c5:33:8c:20: 47:10:8e:c4:12:e8:8b:93:e8:02:9b:eb:2a:a8:92: 2b:3f:86:3f:f9:42:33:36:f8:e6:7d:49:73:53:4e: 56:0f:c7:24:8e:cf:e9:00:c6:93:d0:57:4d:da:30: 24:08:f1:8e:5f:2b:a2:3b:5a:4c:a7:83:76:d0:be: ca:d3:d4:2b:6d:71:69:db:e6:fb:4f:54:68:0d:f3: bc:4d:7b:6c:46:d9:92:a2:68:62:c4:d9:ae:cd:af: 30:d5:c4:0f:7e:c0:09:bf:8c:40:fb:29:62:d7:50: 7c:e8:3f:df:ae:19:37:57:73:a8:17:cd:3d:bd:72: 21:87:c9:e4:a3:82:ae:f1:da:19:66:71:e7:82:ab: f7:06:e8:dd:df:a6:8a:3f:f8:18:66:c7:2a:fd:d7: e1:76:fb:fd:9c:3f:61:77:00:ac:51:9d:a3:81:45: ed:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:99:23:FA:D7:F8:DD:BC:92:2B:6F:53:01:00:2C:F8:37:24:D7:46 X509v3 Authority Key Identifier: keyid:E8:67:17:50:34:4F:18:C2:AF:74:7F:FA:F2:55:85:0E:BC:79:D0:1F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9114DDF/5B06FEF2A50A11ECB2778D5CC4F9AE02/6GcXUDRPGMKvdH_68lWFDrx50B8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6GcXUDRPGMKvdH_68lWFDrx50B8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9114DDF/5B06FEF2A50A11ECB2778D5CC4F9AE02/FF46137EA51C11EC8394365BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.126.88.0/22 103.236.228.0/22 IPv6: 2001:df1:2a00::/48 Signature Algorithm: sha256WithRSAEncryption 7e:c2:23:0e:d8:24:d4:6c:26:27:1a:5f:d5:54:04:f7:cf:89: 99:3b:b7:b9:c3:b2:3d:25:5e:cf:64:66:5c:e8:8a:64:63:a5: 8a:2a:ec:06:85:8c:b4:30:dc:14:c1:9d:56:f3:16:39:11:6b: c3:ca:b5:10:16:26:ba:92:f9:73:83:61:8b:b8:39:d1:99:14: f6:c0:28:b8:c5:f1:e8:0f:76:35:c1:c9:88:47:ed:42:e3:c4: 18:a2:d5:cd:18:0e:c3:8a:ca:10:8f:3b:13:ae:23:12:2f:dd: 03:58:3a:69:d1:07:39:0b:65:a0:0b:d9:a5:d2:f5:c6:6f:8c: 87:21:a6:77:5b:96:77:08:27:62:3a:a9:e5:7c:63:c2:19:41: d5:36:a3:d6:c0:ac:75:27:58:c9:b3:35:74:38:3a:a9:92:15: 5f:4b:93:58:99:7b:76:0c:35:4b:fa:81:9c:64:ec:03:fd:4d: 64:d5:ce:3b:fd:51:ef:55:b9:a6:dd:02:4c:82:c4:e4:39:d5: f5:20:a5:66:ca:5b:40:a7:fd:55:ac:ee:e5:5c:ba:6a:ae:f3: 59:7c:68:c5:2a:42:4f:b7:63:2c:20:f7:95:ab:df:46:3c:e1: b2:2e:6e:50:f2:fa:be:24:8b:5d:f6:7a:f9:dd:e9:0d:df:c7: 56:57:d4:f2 -----BEGIN CERTIFICATE----- MIIFiDCCBHCgAwIBAgICA80wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTREREYxMTAvBgNVBAUTKEU4NjcxNzUwMzQ0RjE4QzJBRjc0N0ZGQUYyNTU4NTBF QkM3OUQwMUYwHhcNMjUxMDA3MDA1ODMwWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGU0NjViNS04ZmIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA78EgbqAqTcouX2La1hR8AO4vbRXZm4cI7ydVeAs3xZR3fIttGNd4TonnacRz deqY/Roiu/f5B91AAV1XausOxbdM+1wCRjRHa9zXqa8HWtmV6a7WXMUzjCBHEI7E EuiLk+gCm+sqqJIrP4Y/+UIzNvjmfUlzU05WD8ckjs/pAMaT0FdN2jAkCPGOXyui O1pMp4N20L7K09QrbXFp2+b7T1RoDfO8TXtsRtmSomhixNmuza8w1cQPfsAJv4xA +yli11B86D/frhk3V3OoF809vXIhh8nko4Ku8doZZnHngqv3Bujd36aKP/gYZscq /dfhdvv9nD9hdwCsUZ2jgUXtLwIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFAGZI/rX +N28kitvUwEALPg3JNdGMB8GA1UdIwQYMBaAFOhnF1A0TxjCr3R/+vJVhQ68edAf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNERERi81QjA2RkVGMkE1 MEExMUVDQjI3NzhENUNDNEY5QUUwMi82R2NYVURSUEdNS3ZkSF82OGxXRkRyeDUw QjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzZHY1hVRFJQR01LdmRIXzY4bFdGRHJ4NTBCOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MTREREYvNUIwNkZFRjJBNTBBMTFFQ0IyNzc4RDVDQzRGOUFFMDIvRkY0NjEzN0VB NTFDMTFFQzgzOTQzNjVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E JzAlMBIEAgABMAwDBAItflgDBAJn7OQwDwQCAAIwCQMHACABDfEqADANBgkqhkiG 9w0BAQsFAAOCAQEAfsIjDtgk1GwmJxpf1VQE98+JmTu3ucOyPSVez2RmXOiKZGOl iirsBoWMtDDcFMGdVvMWORFrw8q1EBYmupL5c4Nhi7g50ZkU9sAouMXx6A92NcHJ iEftQuPEGKLVzRgOw4rKEI87E64jEi/dA1g6adEHOQtloAvZpdL1xm+MhyGmd1uW dwgnYjqp5XxjwhlB1Taj1sCsdSdYybM1dDg6qZIVX0uTWJl7dgw1S/qBnGTsA/1N ZNXOO/1R71W5pt0CTILE5DnV9SClZspbQKf9Vazu5Vy6aq7zWXxoxSpCT7djLCD3 lavfRjzhsi5uUPL6viSLXfZ6+d3pDd/HVlfU8g== -----END CERTIFICATE-----Generated at Tue Nov 4 21:36:58 2025 by rpki-client