$ rpki-client -vvf rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/E986DDEC979911ECB3B7CE39C4F9AE02.roa File: E986DDEC979911ECB3B7CE39C4F9AE02.roa (raw, json) Hash identifier: ciNIImuAbj1AO0K4GihG7jlhzLEKvAURaWl26eH889E= Subject key identifier: 3E:1E:7A:2B:96:F8:C6:A7:10:FF:D6:9A:65:79:11:E5:0F:61:D7:F3 Certificate issuer: /CN=A9152DE4/serialNumber=217C3D8BED0B40C0FB088B59EE6E65AE6C661F0D Certificate serial: 0411 Authority key identifier: 21:7C:3D:8B:ED:0B:40:C0:FB:08:8B:59:EE:6E:65:AE:6C:66:1F:0D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IXw9i-0LQMD7CItZ7m5lrmxmHw0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/E986DDEC979911ECB3B7CE39C4F9AE02.roa Signing time: Sat 21 Jun 2025 08:15:24 +0000 ROA not before: Sat 21 Jun 2025 08:15:24 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 149449 IP address blocks: 103.179.198.0/24 maxlen: 24 103.179.199.0/24 maxlen: 24 2400:4e20::/32 maxlen: 32 2400:4e20::/33 maxlen: 33 2400:4e20:8000::/33 maxlen: 33 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.crl rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IXw9i-0LQMD7CItZ7m5lrmxmHw0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 00:19:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1041 (0x411) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9152DE4, serialNumber=217C3D8BED0B40C0FB088B59EE6E65AE6C661F0D Validity Not Before: Jun 21 08:15:24 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=68566a1c-de54 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:21:b5:21:f7:f2:55:39:75:7b:7c:ee:58:ba: 74:33:20:01:1f:d2:65:ec:2c:3f:8c:b7:9d:ef:e2: 2b:fa:2a:20:27:4a:dc:d9:3b:2b:84:b3:d7:b8:c5: d5:eb:7c:af:30:e4:05:1c:49:80:a2:b9:6d:5c:e0: 03:ff:98:ac:db:5b:7e:9f:46:75:81:19:62:dc:23: 1c:e1:eb:75:2b:27:25:8f:d7:18:f3:61:81:4b:ab: a3:f0:00:c5:de:17:b2:ea:e9:5d:3d:c5:43:f2:d4: 20:1c:15:76:f2:51:d0:65:e8:d8:3b:e3:fb:a2:e9: 80:25:bb:05:db:9b:78:c8:2e:f6:c3:a4:36:66:13: 83:0b:8f:1d:bc:9a:7e:09:16:e4:00:d5:c4:0d:86: 88:db:f7:59:83:04:2f:31:9a:a6:c9:d8:32:8d:e1: 31:25:23:2b:75:b2:98:e0:73:c2:4e:7a:aa:ab:77: 89:be:af:e7:42:90:f6:59:0a:83:96:3f:40:d4:30: 91:8a:db:07:63:fa:dc:77:1f:ab:c8:96:df:1f:b0: 64:ee:6c:d9:5f:e2:53:38:f8:45:3c:71:ef:70:24: 40:3b:7e:e7:54:9a:87:be:e0:25:3d:ff:8c:c3:d1: 28:59:f0:fc:26:a9:01:f4:aa:e1:57:1c:15:e9:79: bd:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:1E:7A:2B:96:F8:C6:A7:10:FF:D6:9A:65:79:11:E5:0F:61:D7:F3 X509v3 Authority Key Identifier: keyid:21:7C:3D:8B:ED:0B:40:C0:FB:08:8B:59:EE:6E:65:AE:6C:66:1F:0D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IXw9i-0LQMD7CItZ7m5lrmxmHw0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/E986DDEC979911ECB3B7CE39C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.179.198.0/23 IPv6: 2400:4e20::/32 Signature Algorithm: sha256WithRSAEncryption 15:22:3e:27:66:aa:2a:4b:d5:33:3a:17:6c:37:74:d5:f6:52: 5b:da:e1:ad:b9:da:48:bf:47:4a:e9:87:ef:98:d2:e1:28:74: ed:d1:11:f3:bd:1e:0c:08:6a:9e:14:28:9a:64:d8:57:9a:e0: b8:92:e7:83:ed:81:ab:73:45:80:4b:c9:b7:70:43:60:1a:8b: ff:43:eb:45:0b:13:52:1d:0b:9f:ef:48:aa:08:f4:62:09:e1: 02:10:7b:de:94:b5:10:e1:c2:41:95:1f:26:1f:80:41:a3:09: 8a:43:f0:e3:eb:46:92:05:4c:36:69:65:96:9e:25:75:61:03: a7:40:c4:39:64:a3:d5:cf:0e:9f:2d:a8:1d:bf:9c:83:34:b9: 4e:a9:7d:20:2d:8b:d0:bc:d4:8b:0c:ad:83:34:78:a6:d3:0c: 3c:a9:1b:b9:5d:17:eb:f2:69:63:32:ea:ec:8e:9d:74:ba:00: ce:0e:6a:81:e4:e2:c9:b3:07:01:18:86:85:83:22:d1:80:95: d8:a3:5a:10:35:9d:e2:c8:79:29:08:81:67:e6:49:57:42:ec: f1:cf:5b:6d:1a:bd:27:38:0c:bd:4d:b9:1b:a0:0b:cc:ba:27: c2:ac:28:fa:0c:28:9c:9c:24:cc:08:1e:92:62:04:7b:3f:89: 84:06:29:c3 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICBBEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTJERTQxMTAvBgNVBAUTKDIxN0MzRDhCRUQwQjQwQzBGQjA4OEI1OUVFNkU2NUFF NkM2NjFGMEQwHhcNMjUwNjIxMDgxNTI0WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODU2NmExYy1kZTU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4yG1IffyVTl1e3zuWLp0MyABH9Jl7Cw/jLed7+Ir+iogJ0rc2TsrhLPXuMXV 63yvMOQFHEmAorltXOAD/5is21t+n0Z1gRli3CMc4et1Kyclj9cY82GBS6uj8ADF 3hey6uldPcVD8tQgHBV28lHQZejYO+P7oumAJbsF25t4yC72w6Q2ZhODC48dvJp+ CRbkANXEDYaI2/dZgwQvMZqmydgyjeExJSMrdbKY4HPCTnqqq3eJvq/nQpD2WQqD lj9A1DCRitsHY/rcdx+ryJbfH7Bk7mzZX+JTOPhFPHHvcCRAO37nVJqHvuAlPf+M w9EoWfD8JqkB9KrhVxwV6Xm9gwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFD4eeiuW +ManEP/WmmV5EeUPYdfzMB8GA1UdIwQYMBaAFCF8PYvtC0DA+wiLWe5uZa5sZh8N MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MkRFNC80Q0NDQzMzMjc5 MkExMUVDQjBDNTkxNjJDNEY5QUUwMi9JWHc5aS0wTFFNRDdDSXRaN201bHJteG1I dzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lYdzlpLTBMUU1EN0NJdFo3bTVscm14bUh3MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTJERTQvNENDQ0MzMzI3OTJBMTFFQ0IwQzU5MTYyQzRGOUFFMDIvRTk4NkRERUM5 Nzk5MTFFQ0IzQjdDRTM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAFns8YwDQQCAAIwBwMFACQATiAwDQYJKoZIhvcNAQELBQAD ggEBABUiPidmqipL1TM6F2w3dNX2Ulva4a252ki/R0rph++Y0uEodO3REfO9HgwI ap4UKJpk2Fea4LiS54PtgatzRYBLybdwQ2Aai/9D60ULE1IdC5/vSKoI9GIJ4QIQ e96UtRDhwkGVHyYfgEGjCYpD8OPrRpIFTDZpZZaeJXVhA6dAxDlko9XPDp8tqB2/ nIM0uU6pfSAti9C81IsMrYM0eKbTDDypG7ldF+vyaWMy6uyOnXS6AM4OaoHk4smz BwEYhoWDItGAldijWhA1neLIeSkIgWfmSVdC7PHPW20avSc4DL1NuRugC8y6J8Ks KPoMKJycJMwIHpJiBHs/iYQGKcM= -----END CERTIFICATE-----Generated at Wed Nov 5 18:00:47 2025 by rpki-client