$ rpki-client -vvf rpki.apnic.net/member_repository/A9123F5D/75F875F2669011EA9683FB2FC4F9AE02/4DF99E0E934311ED882FFE24C4F9AE02.roa File: 4DF99E0E934311ED882FFE24C4F9AE02.roa (raw, json) Hash identifier: UXUfyB+pn9SOV3ygiY+ZvkGtLzGs52/Oyg8uFf+KACQ= Subject key identifier: F1:5D:60:2C:6B:68:26:A8:AA:66:EF:67:44:AF:FC:5C:59:53:17:6B Certificate issuer: /CN=A9123F5D/serialNumber=BF522D9925A5846280F60530AD39D766E4ABF093 Certificate serial: 0A9C Authority key identifier: BF:52:2D:99:25:A5:84:62:80:F6:05:30:AD:39:D7:66:E4:AB:F0:93 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v1ItmSWlhGKA9gUwrTnXZuSr8JM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9123F5D/75F875F2669011EA9683FB2FC4F9AE02/4DF99E0E934311ED882FFE24C4F9AE02.roa Signing time: Thu 31 Jul 2025 20:30:47 +0000 ROA not before: Thu 31 Jul 2025 20:30:47 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 59362 IP address blocks: 103.92.216.0/23 maxlen: 24 103.92.218.0/23 maxlen: 24 123.253.97.0/24 maxlen: 24 123.253.98.0/24 maxlen: 24 123.253.99.0/24 maxlen: 24 2401:21c0::/32 maxlen: 35 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9123F5D/75F875F2669011EA9683FB2FC4F9AE02/v1ItmSWlhGKA9gUwrTnXZuSr8JM.crl rsync://rpki.apnic.net/member_repository/A9123F5D/75F875F2669011EA9683FB2FC4F9AE02/v1ItmSWlhGKA9gUwrTnXZuSr8JM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v1ItmSWlhGKA9gUwrTnXZuSr8JM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2716 (0xa9c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9123F5D, serialNumber=BF522D9925A5846280F60530AD39D766E4ABF093 Validity Not Before: Jul 31 20:30:47 2025 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=688bd277-b19a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:d4:44:34:37:86:a9:c3:d4:20:5d:e5:cd:44: 71:ba:3e:b7:f7:09:34:1e:2b:97:6c:3d:f1:23:80: d0:a6:91:93:18:f1:de:40:f4:6b:22:0d:ee:f1:76: 52:5c:f9:43:98:83:ec:4b:03:bf:c4:0e:dd:1d:65: 00:df:25:22:df:a7:4d:e2:74:37:0c:00:2e:28:86: cf:5a:18:7f:1f:f5:4f:66:ac:87:b5:26:33:73:33: 1e:56:ef:b2:3d:49:62:a5:56:af:b6:9b:c8:03:c8: 43:ff:7e:08:4c:2f:79:96:f0:bd:54:7a:90:e5:59: 6e:ee:f2:75:24:bc:05:dc:af:6b:6e:62:40:9c:b0: 78:ef:e2:80:c6:0b:28:39:24:53:11:fd:50:75:2b: a1:60:78:3b:fb:ac:2a:e8:99:ec:04:0a:41:22:16: a8:ae:b2:49:6b:1f:6b:a7:e8:83:9f:ea:0b:61:a2: 07:a9:60:da:2a:47:70:66:70:0d:b3:87:81:5c:0b: e6:58:1e:0e:5d:3d:e9:5c:7f:ab:9b:2f:87:11:12: f6:48:70:cf:f6:d0:bc:fc:cd:75:57:de:4e:66:fa: b8:e2:62:f1:6d:26:a2:7c:04:47:6c:48:06:0a:2f: a5:36:85:90:4f:f5:ac:ec:0b:ec:98:87:d8:6a:80: 2d:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:5D:60:2C:6B:68:26:A8:AA:66:EF:67:44:AF:FC:5C:59:53:17:6B X509v3 Authority Key Identifier: keyid:BF:52:2D:99:25:A5:84:62:80:F6:05:30:AD:39:D7:66:E4:AB:F0:93 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9123F5D/75F875F2669011EA9683FB2FC4F9AE02/v1ItmSWlhGKA9gUwrTnXZuSr8JM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v1ItmSWlhGKA9gUwrTnXZuSr8JM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9123F5D/75F875F2669011EA9683FB2FC4F9AE02/4DF99E0E934311ED882FFE24C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.92.216.0/22 123.253.97.0-123.253.99.255 IPv6: 2401:21c0::/32 Signature Algorithm: sha256WithRSAEncryption ba:ae:94:f8:b9:62:cc:cc:00:fe:dd:cf:5b:08:7b:f3:c3:56: 0e:aa:f2:d8:f2:95:eb:91:c1:83:09:05:27:31:07:4a:55:85: 23:8f:44:67:d3:b6:13:25:57:1f:33:ac:31:b6:59:94:cd:09: ee:9b:b5:8f:36:23:23:d7:a7:f1:7f:67:57:f2:e6:a1:16:b5: 54:0e:e3:35:46:b1:1f:e3:e7:6d:a6:6a:83:19:80:ab:0b:ca: 11:6a:80:3b:c1:85:ec:0e:f8:2c:6f:33:52:d5:dc:cc:0f:35: 15:56:a4:52:28:31:ed:36:af:67:22:31:7e:5e:90:af:47:53: 09:d1:9f:23:47:e6:a5:ef:4a:74:61:ca:a4:07:6c:f3:d0:1f: 9f:85:3a:02:f7:0b:f1:1e:0d:8a:ff:60:dc:7f:82:e3:c5:8c: e4:19:e0:c7:44:7d:d9:9b:ce:c5:64:f1:7a:0c:a4:5f:72:ad: 8d:b5:51:1c:7d:72:97:d5:41:b8:66:da:0c:ad:02:41:16:83: 03:31:73:09:08:bd:79:dd:93:40:da:9b:95:57:fc:eb:7f:9b: cb:15:1e:9b:8a:0f:4e:7b:12:81:49:0b:91:a6:3b:d4:fa:1a: 03:88:f6:13:d7:bc:de:29:86:41:8d:ff:33:e5:7b:9d:91:10: 3d:5b:99:97 -----BEGIN CERTIFICATE----- MIIFjjCCBHagAwIBAgICCpwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjNGNUQxMTAvBgNVBAUTKEJGNTIyRDk5MjVBNTg0NjI4MEY2MDUzMEFEMzlENzY2 RTRBQkYwOTMwHhcNMjUwNzMxMjAzMDQ3WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODhiZDI3Ny1iMTlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuNRENDeGqcPUIF3lzURxuj639wk0HiuXbD3xI4DQppGTGPHeQPRrIg3u8XZS XPlDmIPsSwO/xA7dHWUA3yUi36dN4nQ3DAAuKIbPWhh/H/VPZqyHtSYzczMeVu+y PUlipVavtpvIA8hD/34ITC95lvC9VHqQ5Vlu7vJ1JLwF3K9rbmJAnLB47+KAxgso OSRTEf1QdSuhYHg7+6wq6JnsBApBIhaorrJJax9rp+iDn+oLYaIHqWDaKkdwZnAN s4eBXAvmWB4OXT3pXH+rmy+HERL2SHDP9tC8/M11V95OZvq44mLxbSaifARHbEgG Ci+lNoWQT/Ws7AvsmIfYaoAtOwIDAQABo4ICsjCCAq4wHQYDVR0OBBYEFPFdYCxr aCaoqmbvZ0Sv/FxZUxdrMB8GA1UdIwQYMBaAFL9SLZklpYRigPYFMK0512bkq/CT MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyM0Y1RC83NUY4NzVGMjY2 OTAxMUVBOTY4M0ZCMkZDNEY5QUUwMi92MUl0bVNXbGhHS0E5Z1V3clRuWFp1U3I4 Sk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3YxSXRtU1dsaEdLQTlnVXdyVG5YWnVTcjhKTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MjNGNUQvNzVGODc1RjI2NjkwMTFFQTk2ODNGQjJGQzRGOUFFMDIvNERGOTlFMEU5 MzQzMTFFRDg4MkZGRTI0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPAYIKwYBBQUHAQcBAf8E LTArMBoEAgABMBQDBAJnXNgwDAMEAHv9YQMEAnv9YDANBAIAAjAHAwUAJAEhwDAN BgkqhkiG9w0BAQsFAAOCAQEAuq6U+LlizMwA/t3PWwh788NWDqry2PKV65HBgwkF JzEHSlWFI49EZ9O2EyVXHzOsMbZZlM0J7pu1jzYjI9en8X9nV/LmoRa1VA7jNUax H+PnbaZqgxmAqwvKEWqAO8GF7A74LG8zUtXczA81FVakUigx7TavZyIxfl6Qr0dT CdGfI0fmpe9KdGHKpAds89Afn4U6AvcL8R4Niv9g3H+C48WM5Bngx0R92ZvOxWTx egykX3KtjbVRHH1yl9VBuGbaDK0CQRaDAzFzCQi9ed2TQNqblVf863+byxUem4oP TnsSgUkLkaY71PoaA4j2E9e83imGQY3/M+V7nZEQPVuZlw== -----END CERTIFICATE-----Generated at Sun Aug 10 21:17:38 2025 by rpki-client