$ rpki-client -vvf rpki.apnic.net/member_repository/A912FB1D/C684CA9C1DAB11E2A21E35AA08B02CD2/C098D762675111E9A0C4BB36C4F9AE02.roa File: C098D762675111E9A0C4BB36C4F9AE02.roa (raw, json) Hash identifier: Q+UMsPeyfxUm55P4fMvGVYmfZGcp4BR3EDI4z+jAzdY= Subject key identifier: 50:EC:60:80:7D:40:8F:AC:D7:1D:3B:D5:E5:72:8C:F2:8B:5B:76:2D Certificate issuer: /CN=A912FB1D/serialNumber=942F25D7350B203EA89EF2D1CC150B05B17B2B87 Certificate serial: 34E9 Authority key identifier: 94:2F:25:D7:35:0B:20:3E:A8:9E:F2:D1:CC:15:0B:05:B1:7B:2B:87 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lC8l1zULID6onvLRzBULBbF7K4c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912FB1D/C684CA9C1DAB11E2A21E35AA08B02CD2/C098D762675111E9A0C4BB36C4F9AE02.roa Signing time: Wed 24 Sep 2025 15:31:25 +0000 ROA not before: Wed 24 Sep 2025 15:31:25 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 132423 IP address blocks: 103.21.124.0/22 maxlen: 22 103.21.124.0/24 maxlen: 24 103.21.125.0/24 maxlen: 24 103.21.126.0/24 maxlen: 24 103.21.127.0/24 maxlen: 24 2001:df0:413::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912FB1D/C684CA9C1DAB11E2A21E35AA08B02CD2/lC8l1zULID6onvLRzBULBbF7K4c.crl rsync://rpki.apnic.net/member_repository/A912FB1D/C684CA9C1DAB11E2A21E35AA08B02CD2/lC8l1zULID6onvLRzBULBbF7K4c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lC8l1zULID6onvLRzBULBbF7K4c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 15:21:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13545 (0x34e9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912FB1D, serialNumber=942F25D7350B203EA89EF2D1CC150B05B17B2B87 Validity Not Before: Sep 24 15:31:25 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=68d40ecc-ec60 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:98:c1:5f:3c:ae:c1:97:0f:db:54:63:cf:d5: c6:49:f5:5a:0b:a7:ae:73:5a:07:b0:4d:2e:c3:bc: 6f:2c:6d:2d:68:d5:76:46:9a:1f:13:6c:26:36:15: c1:8e:52:37:8e:ad:3c:cc:04:9e:de:17:80:26:79: e7:46:58:08:3e:78:ad:f7:2b:e2:f7:8a:0a:41:ff: e8:4c:f6:dd:ca:1c:ce:38:c0:1d:c6:e2:d3:65:e2: 62:5a:84:55:76:b0:08:5b:2f:54:de:24:ee:b3:db: 3b:37:31:03:bd:2a:22:e1:b3:96:40:7d:2c:69:31: ea:dd:e5:6f:af:22:03:c6:b4:f9:2b:22:20:63:fe: e5:85:4c:b9:b4:a0:bb:ce:ce:99:79:3f:71:a2:1f: a4:60:ae:3b:9f:41:1f:1e:28:40:5a:f0:9c:6a:6e: 85:04:b4:e0:6e:c0:85:69:2d:00:52:ab:1b:82:59: c7:08:b5:01:8b:cf:a3:a0:d3:db:d6:7b:25:9e:5e: d7:f0:06:6c:5a:f1:a2:1b:76:99:1a:51:52:27:19: c8:0d:6f:ea:6b:1f:76:fb:4d:79:11:4a:8c:48:b5: 5a:86:88:6c:d4:84:e1:01:d7:81:39:e0:7d:1a:ce: 56:13:2c:b7:b0:e6:b9:56:1d:f4:82:4c:59:ba:cf: ae:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:EC:60:80:7D:40:8F:AC:D7:1D:3B:D5:E5:72:8C:F2:8B:5B:76:2D X509v3 Authority Key Identifier: keyid:94:2F:25:D7:35:0B:20:3E:A8:9E:F2:D1:CC:15:0B:05:B1:7B:2B:87 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912FB1D/C684CA9C1DAB11E2A21E35AA08B02CD2/lC8l1zULID6onvLRzBULBbF7K4c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lC8l1zULID6onvLRzBULBbF7K4c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912FB1D/C684CA9C1DAB11E2A21E35AA08B02CD2/C098D762675111E9A0C4BB36C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.21.124.0/22 IPv6: 2001:df0:413::/48 Signature Algorithm: sha256WithRSAEncryption d8:e8:4d:37:a4:37:3d:2f:22:2f:4b:15:08:cf:55:e0:22:ab: 8b:f3:92:81:7e:d6:16:eb:db:be:31:8b:31:40:8d:59:d2:62: 42:ec:ad:52:be:74:d5:1c:b8:81:c0:a6:aa:bc:4e:6a:8d:22: bd:2c:27:f6:7d:f9:e1:5f:b3:e7:93:71:85:e5:ba:ac:c4:1a: f0:5a:62:47:ed:15:09:c3:0c:cb:77:9a:f5:63:77:66:e8:83: 27:cf:9c:c9:91:f8:d7:cb:31:d2:d7:82:c8:f8:77:77:fa:37: 03:3f:81:9c:69:1d:aa:2c:22:e6:18:1a:b5:97:4b:67:c9:c2: 9d:33:95:0a:d1:c6:57:13:77:d9:4d:0b:4f:9f:0f:5a:86:e6: 67:5f:42:a3:4a:10:2c:eb:0a:85:ae:a8:1b:67:c5:06:ea:e1: 3f:70:05:9d:0a:a2:e5:a8:ab:f4:30:52:bc:8a:a7:f6:ca:37: 86:38:f2:30:fe:d0:da:c5:92:de:89:9a:00:57:e0:43:69:1a: 5e:3b:08:17:5e:4b:c0:5b:22:5d:df:c5:9a:06:bd:bc:c1:30: 08:db:8c:17:2a:02:0d:80:c0:63:c5:01:18:d3:ab:5d:1f:95: 0e:d2:73:1c:a9:02:40:7b:1c:56:72:6b:34:da:52:08:bf:1c: f6:8b:03:a3 -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICNOkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkZCMUQxMTAvBgNVBAUTKDk0MkYyNUQ3MzUwQjIwM0VBODlFRjJEMUNDMTUwQjA1 QjE3QjJCODcwHhcNMjUwOTI0MTUzMTI1WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGQ0MGVjYy1lYzYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1JjBXzyuwZcP21Rjz9XGSfVaC6euc1oHsE0uw7xvLG0taNV2RpofE2wmNhXB jlI3jq08zASe3heAJnnnRlgIPnit9yvi94oKQf/oTPbdyhzOOMAdxuLTZeJiWoRV drAIWy9U3iTus9s7NzEDvSoi4bOWQH0saTHq3eVvryIDxrT5KyIgY/7lhUy5tKC7 zs6ZeT9xoh+kYK47n0EfHihAWvCcam6FBLTgbsCFaS0AUqsbglnHCLUBi8+joNPb 1nslnl7X8AZsWvGiG3aZGlFSJxnIDW/qax92+015EUqMSLVahohs1IThAdeBOeB9 Gs5WEyy3sOa5Vh30gkxZus+uiQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFFDsYIB9 QI+s1x071eVyjPKLW3YtMB8GA1UdIwQYMBaAFJQvJdc1CyA+qJ7y0cwVCwWxeyuH MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRkIxRC9DNjg0Q0E5QzFE QUIxMUUyQTIxRTM1QUEwOEIwMkNEMi9sQzhsMXpVTElENm9udkxSekJVTEJiRjdL NGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xDOGwxelVMSUQ2b252TFJ6QlVMQmJGN0s0Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MkZCMUQvQzY4NENBOUMxREFCMTFFMkEyMUUzNUFBMDhCMDJDRDIvQzA5OEQ3NjI2 NzUxMTFFOUEwQzRCQjM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAJnFXwwDwQCAAIwCQMHACABDfAEEzANBgkqhkiG9w0BAQsF AAOCAQEA2OhNN6Q3PS8iL0sVCM9V4CKri/OSgX7WFuvbvjGLMUCNWdJiQuytUr50 1Ry4gcCmqrxOao0ivSwn9n354V+z55NxheW6rMQa8FpiR+0VCcMMy3ea9WN3ZuiD J8+cyZH418sx0teCyPh3d/o3Az+BnGkdqiwi5hgatZdLZ8nCnTOVCtHGVxN32U0L T58PWobmZ19Co0oQLOsKha6oG2fFBurhP3AFnQqi5air9DBSvIqn9so3hjjyMP7Q 2sWS3omaAFfgQ2kaXjsIF15LwFsiXd/Fmga9vMEwCNuMFyoCDYDAY8UBGNOrXR+V DtJzHKkCQHscVnJrNNpSCL8c9osDow== -----END CERTIFICATE-----Generated at Wed Nov 5 04:49:13 2025 by rpki-client