$ rpki-client -vvf rpki.apnic.net/member_repository/A9158028/8A4ADEE4A11F11EB9339D50AC4F9AE02/687D7178B85D11EBB2E17F26C4F9AE02.roa File: 687D7178B85D11EBB2E17F26C4F9AE02.roa (raw, json) Hash identifier: +tI56XBeGW4f/ZvoEb+YONcyvmeUooJFS+xtnAK+AuY= Subject key identifier: 6D:AA:84:64:0E:0A:F5:EA:1C:92:35:67:91:B6:56:F2:1D:25:50:99 Certificate issuer: /CN=A9158028/serialNumber=809EFF1F7819B81751F177AB5AFED82BCC32A569 Certificate serial: 065A Authority key identifier: 80:9E:FF:1F:78:19:B8:17:51:F1:77:AB:5A:FE:D8:2B:CC:32:A5:69 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gJ7_H3gZuBdR8XerWv7YK8wypWk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9158028/8A4ADEE4A11F11EB9339D50AC4F9AE02/687D7178B85D11EBB2E17F26C4F9AE02.roa Signing time: Sat 04 Oct 2025 22:54:07 +0000 ROA not before: Sat 04 Oct 2025 22:54:07 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 132296 IP address blocks: 103.72.72.0/22 maxlen: 22 103.72.72.0/24 maxlen: 24 103.72.73.0/24 maxlen: 24 103.72.74.0/24 maxlen: 24 103.72.75.0/24 maxlen: 24 103.233.140.0/23 maxlen: 23 103.233.140.0/24 maxlen: 24 103.233.141.0/24 maxlen: 24 103.248.202.0/23 maxlen: 24 2406:b580::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9158028/8A4ADEE4A11F11EB9339D50AC4F9AE02/gJ7_H3gZuBdR8XerWv7YK8wypWk.crl rsync://rpki.apnic.net/member_repository/A9158028/8A4ADEE4A11F11EB9339D50AC4F9AE02/gJ7_H3gZuBdR8XerWv7YK8wypWk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gJ7_H3gZuBdR8XerWv7YK8wypWk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 22:40:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1626 (0x65a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9158028, serialNumber=809EFF1F7819B81751F177AB5AFED82BCC32A569 Validity Not Before: Oct 4 22:54:07 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68e1a58f-de3a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:51:aa:19:58:92:7c:34:14:4a:1d:f6:18:5e: ba:f1:0c:d9:6b:fa:0a:6a:29:5f:a9:e7:04:aa:07: 17:9e:b5:13:03:c8:f7:61:81:d1:07:41:a2:6e:32: ac:49:7d:06:02:1c:c0:c9:1e:99:ff:db:c4:fb:b6: ab:87:22:5c:d2:68:4c:81:03:64:96:9f:38:b8:4a: 13:3e:e5:3b:2d:ee:fc:8f:74:e3:89:82:7a:2e:b2: 47:03:e6:f1:bc:4a:36:7f:08:7b:3b:99:88:bb:1a: a0:21:d3:43:e2:c3:ba:f3:77:3f:0b:bc:03:53:6c: 48:3f:65:7d:d6:58:40:64:5d:1c:f9:84:c6:91:b6: 03:67:2e:7d:fc:e2:4a:e1:e9:16:f3:81:c4:a6:ec: fc:23:b6:89:36:5c:9d:28:2e:6e:f7:6e:da:8a:7d: 66:b7:ea:27:ab:41:e2:2f:7c:b6:f2:0d:6d:cf:54: 5e:32:93:62:56:cb:15:a5:ca:28:eb:b6:05:ae:aa: c5:30:18:5e:67:55:4f:55:26:5e:da:65:43:33:04: a9:ad:a8:14:05:8d:5d:87:c9:d7:57:aa:49:32:d2: a0:80:5b:2b:b5:0b:1c:06:46:1e:8a:77:84:6a:58: 85:4c:5a:4b:ed:b4:a4:1d:f1:81:c9:73:71:12:cb: f9:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:AA:84:64:0E:0A:F5:EA:1C:92:35:67:91:B6:56:F2:1D:25:50:99 X509v3 Authority Key Identifier: keyid:80:9E:FF:1F:78:19:B8:17:51:F1:77:AB:5A:FE:D8:2B:CC:32:A5:69 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9158028/8A4ADEE4A11F11EB9339D50AC4F9AE02/gJ7_H3gZuBdR8XerWv7YK8wypWk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gJ7_H3gZuBdR8XerWv7YK8wypWk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158028/8A4ADEE4A11F11EB9339D50AC4F9AE02/687D7178B85D11EBB2E17F26C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.72.72.0/22 103.233.140.0/23 103.248.202.0/23 IPv6: 2406:b580::/32 Signature Algorithm: sha256WithRSAEncryption 5c:86:7a:57:f4:03:90:2f:06:66:88:c3:bf:f8:2e:ce:21:21: 07:87:e9:dc:26:08:82:df:03:55:12:16:35:46:7b:1d:ea:d6: db:2c:08:67:10:c8:78:dc:6b:ef:87:b0:d1:92:7d:99:43:a0: 1b:ea:b2:9a:b5:41:b3:50:57:b3:41:db:78:b3:1a:ac:4a:ec: ca:63:29:b5:9e:6d:d1:13:54:e1:ab:52:e1:e3:3b:09:ea:a2: 7d:4e:61:fb:2f:84:50:9b:c3:1f:50:1e:4d:21:e1:8e:5e:28: 61:ff:dc:99:30:5c:5a:c8:23:51:7f:25:76:ac:74:24:54:77: c9:a5:b4:d7:6a:22:06:a5:81:48:40:7a:45:30:e7:5f:ff:f8: 67:b5:e4:0c:7d:ba:8c:68:f8:15:ad:28:12:9a:eb:90:4d:38: 31:4a:4f:23:d3:97:27:e7:75:f5:6a:15:5c:61:51:8e:8d:72: a7:75:8c:41:7b:1a:dc:78:f2:b8:5f:5c:f1:35:b5:ca:0e:cf: ce:e9:72:76:b9:e0:48:31:c9:8d:33:cc:0d:39:fb:0f:18:fa: 19:9e:ee:7e:b7:d1:4e:9f:d5:44:ff:26:2d:08:16:95:01:74: c1:bc:34:0e:0d:ff:d3:86:e2:55:c1:d3:a0:73:17:b4:43:23: 5b:4e:c4:88 -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICBlowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTgwMjgxMTAvBgNVBAUTKDgwOUVGRjFGNzgxOUI4MTc1MUYxNzdBQjVBRkVEODJC Q0MzMkE1NjkwHhcNMjUxMDA0MjI1NDA3WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGUxYTU4Zi1kZTNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs1GqGViSfDQUSh32GF668QzZa/oKailfqecEqgcXnrUTA8j3YYHRB0GibjKs SX0GAhzAyR6Z/9vE+7arhyJc0mhMgQNklp84uEoTPuU7Le78j3TjiYJ6LrJHA+bx vEo2fwh7O5mIuxqgIdND4sO683c/C7wDU2xIP2V91lhAZF0c+YTGkbYDZy59/OJK 4ekW84HEpuz8I7aJNlydKC5u927ain1mt+onq0HiL3y28g1tz1ReMpNiVssVpcoo 67YFrqrFMBheZ1VPVSZe2mVDMwSpragUBY1dh8nXV6pJMtKggFsrtQscBkYeineE aliFTFpL7bSkHfGByXNxEsv58QIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFG2qhGQO CvXqHJI1Z5G2VvIdJVCZMB8GA1UdIwQYMBaAFICe/x94GbgXUfF3q1r+2CvMMqVp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODAyOC84QTRBREVFNEEx MUYxMUVCOTMzOUQ1MEFDNEY5QUUwMi9nSjdfSDNnWnVCZFI4WGVyV3Y3WUs4d3lw V2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2dKN19IM2dadUJkUjhYZXJXdjdZSzh3eXBXay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTgwMjgvOEE0QURFRTRBMTFGMTFFQjkzMzlENTBBQzRGOUFFMDIvNjg3RDcxNzhC ODVEMTFFQkIyRTE3RjI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAJnSEgDBAFn6YwDBAFn+MowDQQCAAIwBwMFACQGtYAwDQYJ KoZIhvcNAQELBQADggEBAFyGelf0A5AvBmaIw7/4Ls4hIQeH6dwmCILfA1USFjVG ex3q1tssCGcQyHjca++HsNGSfZlDoBvqspq1QbNQV7NB23izGqxK7MpjKbWebdET VOGrUuHjOwnqon1OYfsvhFCbwx9QHk0h4Y5eKGH/3JkwXFrII1F/JXasdCRUd8ml tNdqIgalgUhAekUw51//+Ge15Ax9uoxo+BWtKBKa65BNODFKTyPTlyfndfVqFVxh UY6Ncqd1jEF7Gtx48rhfXPE1tcoOz87pcna54EgxyY0zzA05+w8Y+hme7n630U6f 1UT/Ji0IFpUBdMG8NA4N/9OG4lXB06BzF7RDI1tOxIg= -----END CERTIFICATE-----Generated at Wed Nov 5 12:06:01 2025 by rpki-client