$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/2C928134155711F099BFE331C4F9AE02.roa File: 2C928134155711F099BFE331C4F9AE02.roa (raw, json) Hash identifier: sMLrfF2AkKSL1KelOYTfplFvI+YPoVFza1qb4eVxf6o= Subject key identifier: 61:14:CD:04:83:C2:74:99:09:49:9B:78:9A:57:96:C9:A5:D0:A3:BD Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934 Certificate serial: 0865 Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/2C928134155711F099BFE331C4F9AE02.roa Signing time: Tue 28 Oct 2025 07:01:06 +0000 ROA not before: Tue 28 Oct 2025 07:01:06 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 153706 IP address blocks: 43.229.153.0/24 maxlen: 24 103.225.199.0/24 maxlen: 24 103.228.64.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 23:03:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2149 (0x865) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911B412, serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934 Validity Not Before: Oct 28 07:01:06 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=69006a32-db3b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:8c:72:06:bc:95:9b:eb:a2:34:9f:f3:ab:93: 44:9e:52:69:dd:72:31:44:2e:c2:7a:d5:d7:f7:a6: ac:fc:e6:ce:13:10:74:1b:ba:39:c9:42:c2:87:0f: d5:ee:2a:fe:17:2f:3d:2e:0d:61:d9:1c:0c:bd:42: dd:68:30:c5:a5:77:81:92:c4:6c:63:07:e1:6d:f1: b2:68:98:d0:9f:4c:38:d3:c0:cf:69:81:70:bd:0b: 09:f6:0d:01:bb:5a:bc:ee:d0:3e:8e:13:5b:19:43: 52:c2:e2:1b:28:ab:e0:be:b0:55:02:c6:c0:50:ee: ec:05:49:91:da:f3:2c:85:c0:89:32:64:26:19:f6: 8b:76:5a:8f:3b:91:79:f5:18:36:08:72:31:b1:c2: a6:dd:bb:56:3b:40:06:4e:b8:37:f7:44:33:6c:cb: cc:10:c1:4e:67:9b:27:07:99:c8:0e:f7:f4:ef:91: c4:0d:22:71:e3:62:55:16:bf:b7:05:f2:92:26:bd: 77:07:1e:4f:00:9f:5c:09:30:9a:cd:f7:25:c2:b1: b8:4b:1a:be:6f:2b:57:46:b8:97:31:09:bf:d2:e8: 7e:bf:6f:69:02:27:c0:dd:7f:e1:a9:e3:69:b4:f0: d5:69:1f:10:bc:ad:6b:6e:ed:57:d5:76:62:19:1c: 58:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:14:CD:04:83:C2:74:99:09:49:9B:78:9A:57:96:C9:A5:D0:A3:BD X509v3 Authority Key Identifier: keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/2C928134155711F099BFE331C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.229.153.0/24 103.225.199.0/24 103.228.64.0/24 Signature Algorithm: sha256WithRSAEncryption 2f:a9:9e:ce:17:c7:73:73:b9:6c:43:7b:85:8b:80:7e:ff:05: 2f:b7:dc:0d:58:5d:f5:16:6e:97:74:6a:21:16:2b:c3:19:98: c2:bf:8f:df:c6:2e:17:96:07:b7:03:49:81:0f:6e:b5:c5:db: 11:cd:f3:8e:46:ce:c1:23:8d:54:d9:34:ae:0a:35:28:f8:c0: 47:08:4e:9c:94:75:42:92:b9:bb:7d:a5:fe:c3:58:6e:66:a3: 30:69:6e:50:dd:97:85:ac:af:7e:f9:ad:9f:cd:cd:d4:a4:77: cd:c4:48:38:23:72:52:3b:a4:20:48:69:bc:be:4c:ad:81:b2: e7:61:45:c9:da:37:9e:90:de:db:fd:b3:28:2a:75:2f:e5:05: 4e:07:4a:c6:fe:67:7d:d3:5b:91:ee:35:75:64:04:2f:ff:0e: b7:ce:69:6d:45:8a:b3:68:b4:79:2c:25:2b:40:9d:79:ed:62: 27:ed:99:74:43:b3:70:3a:50:f3:bf:cb:a9:50:b8:61:ff:06: ba:6d:27:67:c8:25:82:6d:c5:16:42:9e:4a:cf:9a:e8:13:46: af:1f:04:0d:e2:8f:f6:a3:e9:9c:6a:69:24:01:f8:fc:6b:f0: 0d:73:ef:78:c4:88:00:0c:26:c3:07:c3:87:48:fb:d1:68:72: ba:10:21:29 -----BEGIN CERTIFICATE----- MIIFfTCCBGWgAwIBAgICCGUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3 RDgwQjA5MzQwHhcNMjUxMDI4MDcwMTA2WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OTAwNmEzMi1kYjNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxIxyBryVm+uiNJ/zq5NEnlJp3XIxRC7CetXX96as/ObOExB0G7o5yULChw/V 7ir+Fy89Lg1h2RwMvULdaDDFpXeBksRsYwfhbfGyaJjQn0w408DPaYFwvQsJ9g0B u1q87tA+jhNbGUNSwuIbKKvgvrBVAsbAUO7sBUmR2vMshcCJMmQmGfaLdlqPO5F5 9Rg2CHIxscKm3btWO0AGTrg390QzbMvMEMFOZ5snB5nIDvf075HEDSJx42JVFr+3 BfKSJr13Bx5PAJ9cCTCazfclwrG4Sxq+bytXRriXMQm/0uh+v29pAifA3X/hqeNp tPDVaR8QvK1rbu1X1XZiGRxYIQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFGEUzQSD wnSZCUmbeJpXlsml0KO9MB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvMkM5MjgxMzQx NTU3MTFGMDk5QkZFMzMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E HDAaMBgEAgABMBIDBAAr5ZkDBABn4ccDBABn5EAwDQYJKoZIhvcNAQELBQADggEB AC+pns4Xx3NzuWxDe4WLgH7/BS+33A1YXfUWbpd0aiEWK8MZmMK/j9/GLheWB7cD SYEPbrXF2xHN845GzsEjjVTZNK4KNSj4wEcITpyUdUKSubt9pf7DWG5mozBpblDd l4Wsr375rZ/NzdSkd83ESDgjclI7pCBIaby+TK2BsudhRcnaN56Q3tv9sygqdS/l BU4HSsb+Z33TW5HuNXVkBC//DrfOaW1FirNotHksJStAnXntYiftmXRDs3A6UPO/ y6lQuGH/BrptJ2fIJYJtxRZCnkrPmugTRq8fBA3ij/aj6ZxqaSQB+Pxr8A1z73jE iAAMJsMHw4dI+9FocroQISk= -----END CERTIFICATE-----Generated at Wed Nov 5 13:34:39 2025 by rpki-client