$ rpki-client -vvf rpki.apnic.net/member_repository/A9154FE7/5A2D89EADB7D11EABCF3EC3EC4F9AE02/4B3AC7DC5FC811ED869A6956C4F9AE02.roa File: 4B3AC7DC5FC811ED869A6956C4F9AE02.roa (raw, json) Hash identifier: h/ONFX5RBxxUCv61ioAJ3Q3fkstH618CVb7fuwaMYno= Subject key identifier: 10:9C:4C:6B:C8:FF:5E:E0:06:BC:A3:04:5F:4D:23:89:64:82:B2:C3 Certificate issuer: /CN=A9154FE7/serialNumber=CBE3D2A165B194B958EEC3B6A94457772A3A092A Certificate serial: 086D Authority key identifier: CB:E3:D2:A1:65:B1:94:B9:58:EE:C3:B6:A9:44:57:77:2A:3A:09:2A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y-PSoWWxlLlY7sO2qURXdyo6CSo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9154FE7/5A2D89EADB7D11EABCF3EC3EC4F9AE02/4B3AC7DC5FC811ED869A6956C4F9AE02.roa Signing time: Wed 22 Oct 2025 21:39:38 +0000 ROA not before: Wed 22 Oct 2025 21:39:38 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 45177 IP address blocks: 103.123.164.0/22 maxlen: 22 103.123.164.0/24 maxlen: 24 103.123.165.0/24 maxlen: 24 103.123.166.0/24 maxlen: 24 103.123.167.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9154FE7/5A2D89EADB7D11EABCF3EC3EC4F9AE02/y-PSoWWxlLlY7sO2qURXdyo6CSo.crl rsync://rpki.apnic.net/member_repository/A9154FE7/5A2D89EADB7D11EABCF3EC3EC4F9AE02/y-PSoWWxlLlY7sO2qURXdyo6CSo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y-PSoWWxlLlY7sO2qURXdyo6CSo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 20:37:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2157 (0x86d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9154FE7, serialNumber=CBE3D2A165B194B958EEC3B6A94457772A3A092A Validity Not Before: Oct 22 21:39:38 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=68f94f19-f5a0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:60:c9:5b:f1:f8:56:07:44:d8:1b:bc:8e:50: 6b:02:d4:f9:42:06:09:b4:0d:7d:fa:cf:e4:01:4b: 4f:b8:d9:43:ec:51:db:53:e7:97:65:01:9c:0c:35: a7:08:bf:17:ee:0d:dd:ab:76:f5:c7:f6:f1:60:e5: de:58:7e:82:5d:3c:44:09:a8:5b:ac:15:f0:86:18: c6:d7:a8:93:9d:de:b7:9d:88:70:cc:1e:d8:46:fe: 79:eb:93:ac:7a:3c:7f:53:e8:69:19:b9:62:7a:c2: 57:ab:75:c0:53:4d:7e:15:38:9f:4c:5a:d2:7b:b5: 6c:8e:28:f8:e6:de:45:d8:c4:cf:22:c5:7e:48:15: d4:ef:ed:8b:6b:b6:c5:4c:dc:44:c3:3b:d7:e7:49: 1e:3f:44:67:c8:c1:54:98:e4:b8:f8:2d:75:11:9d: 3a:82:4d:ae:b4:7d:6e:25:fb:b0:1e:ea:ba:6f:79: 25:a6:dc:8f:6c:77:b6:d3:37:5c:61:0f:57:f7:01: 59:4c:56:1a:55:01:7e:11:e9:e0:19:cf:40:f4:ce: 56:d5:38:bb:b6:ff:47:f0:9b:32:d0:0a:e0:54:2c: 81:44:70:da:37:3b:27:17:63:c7:66:55:0a:da:50: 5a:9b:27:13:b7:75:49:2d:1c:69:f2:28:19:f4:86: 25:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:9C:4C:6B:C8:FF:5E:E0:06:BC:A3:04:5F:4D:23:89:64:82:B2:C3 X509v3 Authority Key Identifier: keyid:CB:E3:D2:A1:65:B1:94:B9:58:EE:C3:B6:A9:44:57:77:2A:3A:09:2A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9154FE7/5A2D89EADB7D11EABCF3EC3EC4F9AE02/y-PSoWWxlLlY7sO2qURXdyo6CSo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y-PSoWWxlLlY7sO2qURXdyo6CSo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9154FE7/5A2D89EADB7D11EABCF3EC3EC4F9AE02/4B3AC7DC5FC811ED869A6956C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.123.164.0/22 Signature Algorithm: sha256WithRSAEncryption 88:b4:55:83:5d:a5:c7:22:11:c2:52:76:b2:db:50:df:02:ea: 24:ef:9a:ee:2e:8f:69:9a:17:ea:7d:58:83:af:c0:84:3c:df: 48:52:2c:d6:4e:a0:ba:a3:8e:06:3d:19:a0:b1:52:b3:dd:8b: 5a:dc:18:2b:9a:52:a8:22:2c:0f:32:65:b3:a7:8f:71:59:70: b7:98:ff:36:d6:b2:d6:9d:81:ff:54:de:0f:98:9a:4c:28:a5: cf:32:1a:a0:b1:90:e0:94:4d:e3:f0:c7:f6:e2:8d:b3:c1:4e: be:a6:8c:a7:41:1c:62:c1:cc:72:a0:f5:4a:ce:fa:c6:74:9c: 43:a9:7c:f8:9b:da:b1:66:8e:5b:1d:42:dc:11:f3:2e:63:be: 25:75:de:3c:85:b1:0c:c9:03:8c:8f:ec:51:0c:8f:f2:fe:c6: 3b:30:dc:23:e6:08:93:e9:ac:ef:50:6e:1a:9f:95:57:fe:4b: bd:a7:78:fd:fa:fe:82:38:af:d8:bd:0a:d6:5f:a0:e4:ab:99: b8:48:34:8a:91:69:ee:e8:27:c4:90:da:ff:cc:71:73:bd:3c: a0:80:db:02:66:c7:4d:d9:d3:93:bb:e3:20:b7:ad:43:85:f1: 9b:16:b6:ae:15:3c:da:24:6e:da:60:a9:5a:a4:0d:18:eb:01: e6:d0:50:a3 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICCG0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTRGRTcxMTAvBgNVBAUTKENCRTNEMkExNjVCMTk0Qjk1OEVFQzNCNkE5NDQ1Nzc3 MkEzQTA5MkEwHhcNMjUxMDIyMjEzOTM4WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGY5NGYxOS1mNWEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx2DJW/H4VgdE2Bu8jlBrAtT5QgYJtA19+s/kAUtPuNlD7FHbU+eXZQGcDDWn CL8X7g3dq3b1x/bxYOXeWH6CXTxECahbrBXwhhjG16iTnd63nYhwzB7YRv5565Os ejx/U+hpGbliesJXq3XAU01+FTifTFrSe7Vsjij45t5F2MTPIsV+SBXU7+2La7bF TNxEwzvX50keP0RnyMFUmOS4+C11EZ06gk2utH1uJfuwHuq6b3klptyPbHe20zdc YQ9X9wFZTFYaVQF+EengGc9A9M5W1Ti7tv9H8Jsy0ArgVCyBRHDaNzsnF2PHZlUK 2lBamycTt3VJLRxp8igZ9IYl+QIDAQABo4IClTCCApEwHQYDVR0OBBYEFBCcTGvI /17gBryjBF9NI4lkgrLDMB8GA1UdIwQYMBaAFMvj0qFlsZS5WO7DtqlEV3cqOgkq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NEZFNy81QTJEODlFQURC N0QxMUVBQkNGM0VDM0VDNEY5QUUwMi95LVBTb1dXeGxMbFk3c08ycVVSWGR5bzZD U28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ktUFNvV1d4bExsWTdzTzJxVVJYZHlvNkNTby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTRGRTcvNUEyRDg5RUFEQjdEMTFFQUJDRjNFQzNFQzRGOUFFMDIvNEIzQUM3REM1 RkM4MTFFRDg2OUE2OTU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAJne6QwDQYJKoZIhvcNAQELBQADggEBAIi0VYNdpcciEcJS drLbUN8C6iTvmu4uj2maF+p9WIOvwIQ830hSLNZOoLqjjgY9GaCxUrPdi1rcGCua UqgiLA8yZbOnj3FZcLeY/zbWstadgf9U3g+Ymkwopc8yGqCxkOCUTePwx/bijbPB Tr6mjKdBHGLBzHKg9UrO+sZ0nEOpfPib2rFmjlsdQtwR8y5jviV13jyFsQzJA4yP 7FEMj/L+xjsw3CPmCJPprO9QbhqflVf+S72neP36/oI4r9i9CtZfoOSrmbhINIqR ae7oJ8SQ2v/McXO9PKCA2wJmx03Z05O74yC3rUOF8ZsWtq4VPNokbtpgqVqkDRjr AebQUKM= -----END CERTIFICATE-----Generated at Tue Nov 4 19:00:36 2025 by rpki-client