$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/9C8302D0B3CB11F0A084D480C4F9AE02.roa File: 9C8302D0B3CB11F0A084D480C4F9AE02.roa (raw, json) Hash identifier: x7DJdFRsn2uvip24+58sYGOPQUkDpJjhzraS1Xt2eqo= Subject key identifier: 2A:4D:B1:42:3F:31:3D:FE:03:DD:86:E7:EA:5E:51:3E:53:FE:AD:85 Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934 Certificate serial: 0863 Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/9C8302D0B3CB11F0A084D480C4F9AE02.roa Signing time: Tue 28 Oct 2025 06:59:14 +0000 ROA not before: Tue 28 Oct 2025 06:59:14 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 40065 IP address blocks: 43.229.154.0/24 maxlen: 24 103.20.222.0/24 maxlen: 24 103.20.223.0/24 maxlen: 24 103.48.169.0/24 maxlen: 24 150.129.41.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 22:57:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2147 (0x863) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911B412, serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934 Validity Not Before: Oct 28 06:59:14 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=690069c1-f13f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:6c:67:cf:89:25:83:be:32:90:37:4e:6f:04: 36:b7:6f:45:ad:85:c4:fb:6a:67:2c:4b:1b:47:b6: 87:c8:48:01:ba:4b:53:07:45:fa:5c:81:e3:35:b0: 09:bb:be:0e:d3:da:13:29:41:76:9a:f7:19:e4:00: 25:0f:13:08:70:05:74:25:9a:75:34:23:7d:eb:57: d6:91:2e:8d:65:32:90:31:d5:c5:e4:2f:49:17:ba: 37:73:e7:aa:85:49:5e:24:25:9d:6f:84:7a:72:37: db:96:5a:5e:9e:bc:18:fb:09:4d:7f:29:75:dc:61: 81:1b:72:0c:6e:c0:61:26:88:c6:a6:a5:c9:a4:88: 58:e5:15:4a:92:b9:09:e9:4e:0a:07:0c:4a:fb:22: 36:4f:3c:e7:89:b9:e6:20:86:f6:e1:d0:a2:bc:e3: 6e:78:50:05:27:3b:32:1d:b3:a7:02:74:44:2e:e0: 8f:e4:a0:32:b0:25:34:78:01:72:d2:4c:c7:52:f1: e8:48:6f:b2:db:df:e8:bc:a8:22:e7:5e:c6:2d:4a: 3d:2c:e3:97:d0:9c:d3:5c:71:95:65:f1:b1:77:54: 2f:11:2b:75:11:ba:ad:69:38:45:73:fe:49:24:cd: 92:78:9b:4d:83:98:6c:8a:58:e9:dd:db:f8:3b:8c: 39:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:4D:B1:42:3F:31:3D:FE:03:DD:86:E7:EA:5E:51:3E:53:FE:AD:85 X509v3 Authority Key Identifier: keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/9C8302D0B3CB11F0A084D480C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.229.154.0/24 103.20.222.0/23 103.48.169.0/24 150.129.41.0/24 Signature Algorithm: sha256WithRSAEncryption 03:83:e2:14:b8:87:4e:8b:ac:45:18:c3:13:36:ce:44:3a:03: bc:38:cb:6d:7b:6f:64:f2:8f:a8:20:0a:04:5a:23:32:e2:bc: 4e:1e:c2:29:60:90:66:c4:15:8a:75:cc:38:c1:cc:73:21:a2: 51:a0:6f:b1:cb:3f:b9:16:b7:f7:f5:af:e7:71:68:16:d9:b4: a0:29:13:8f:d2:6d:10:16:85:cc:d4:5d:77:5c:1c:7b:07:51: 95:09:1f:a5:2b:d2:2c:e4:6b:8e:19:cd:8d:74:95:22:4f:f7: e5:ff:f3:28:0d:cc:48:15:8e:63:43:da:e0:ee:b7:cd:17:da: 0c:9f:7c:4c:10:cf:41:8b:a3:bb:75:40:66:c3:7e:72:2f:cc: 56:7f:9b:48:86:ca:59:c5:be:12:12:e9:70:db:e6:9a:db:5a: 60:78:8c:bc:55:42:32:8d:fb:b4:d3:78:51:b6:95:23:f8:3f: ad:77:93:96:9f:f3:60:12:91:b5:27:5d:35:ac:72:c4:b5:8c: 7b:99:fd:a7:ef:ad:45:fd:4b:bb:ac:32:43:fa:d0:6e:59:71: 77:2f:1f:81:97:67:c0:cc:83:9a:14:bf:06:e7:4e:08:13:7f: 60:ca:3f:43:2e:01:ef:6c:12:98:9c:39:c9:25:14:a4:80:1a: 77:6b:cc:75 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgICCGMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3 RDgwQjA5MzQwHhcNMjUxMDI4MDY1OTE0WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OTAwNjljMS1mMTNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA42xnz4klg74ykDdObwQ2t29FrYXE+2pnLEsbR7aHyEgBuktTB0X6XIHjNbAJ u74O09oTKUF2mvcZ5AAlDxMIcAV0JZp1NCN961fWkS6NZTKQMdXF5C9JF7o3c+eq hUleJCWdb4R6cjfbllpenrwY+wlNfyl13GGBG3IMbsBhJojGpqXJpIhY5RVKkrkJ 6U4KBwxK+yI2TzznibnmIIb24dCivONueFAFJzsyHbOnAnRELuCP5KAysCU0eAFy 0kzHUvHoSG+y29/ovKgi517GLUo9LOOX0JzTXHGVZfGxd1QvESt1EbqtaThFc/5J JM2SeJtNg5hsiljp3dv4O4w5owIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFCpNsUI/ MT3+A92G5+peUT5T/q2FMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvOUM4MzAyRDBC M0NCMTFGMEEwODRENDgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E IjAgMB4EAgABMBgDBAAr5ZoDBAFnFN4DBABnMKkDBACWgSkwDQYJKoZIhvcNAQEL BQADggEBAAOD4hS4h06LrEUYwxM2zkQ6A7w4y217b2Tyj6ggCgRaIzLivE4ewilg kGbEFYp1zDjBzHMholGgb7HLP7kWt/f1r+dxaBbZtKApE4/SbRAWhczUXXdcHHsH UZUJH6Ur0izka44ZzY10lSJP9+X/8ygNzEgVjmND2uDut80X2gyffEwQz0GLo7t1 QGbDfnIvzFZ/m0iGylnFvhIS6XDb5prbWmB4jLxVQjKN+7TTeFG2lSP4P613k5af 82ASkbUnXTWscsS1jHuZ/afvrUX9S7usMkP60G5ZcXcvH4GXZ8DMg5oUvwbnTggT f2DKP0MuAe9sEpicOcklFKSAGndrzHU= -----END CERTIFICATE-----Generated at Tue Nov 4 17:01:18 2025 by rpki-client