$ rpki-client -vvf rpki.apnic.net/member_repository/A9158131/982AB6E648B111EA96A06C7EC4F9AE02/2E4BBE4EB4B511EF8A24821EC4F9AE02.roa File: 2E4BBE4EB4B511EF8A24821EC4F9AE02.roa (raw, json) Hash identifier: +YYg5jcS99lfynPlhAhxkr4lADd5koWQrubtajtUn1M= Subject key identifier: A3:14:71:58:BE:D3:44:7C:8A:3E:D7:E8:90:8B:9D:04:57:C5:B2:36 Certificate issuer: /CN=A9158131/serialNumber=C79BBEAA66241EECF01C30335DB18EF2B3F56026 Certificate serial: 0B53 Authority key identifier: C7:9B:BE:AA:66:24:1E:EC:F0:1C:30:33:5D:B1:8E:F2:B3:F5:60:26 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x5u-qmYkHuzwHDAzXbGO8rP1YCY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9158131/982AB6E648B111EA96A06C7EC4F9AE02/2E4BBE4EB4B511EF8A24821EC4F9AE02.roa Signing time: Mon 06 Oct 2025 19:50:24 +0000 ROA not before: Mon 06 Oct 2025 19:50:24 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 64018 IP address blocks: 103.35.168.0/24 maxlen: 24 103.35.169.0/24 maxlen: 24 103.35.170.0/24 maxlen: 24 103.35.171.0/24 maxlen: 24 2403:2d40::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9158131/982AB6E648B111EA96A06C7EC4F9AE02/x5u-qmYkHuzwHDAzXbGO8rP1YCY.crl rsync://rpki.apnic.net/member_repository/A9158131/982AB6E648B111EA96A06C7EC4F9AE02/x5u-qmYkHuzwHDAzXbGO8rP1YCY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x5u-qmYkHuzwHDAzXbGO8rP1YCY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 19:21:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2899 (0xb53) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9158131, serialNumber=C79BBEAA66241EECF01C30335DB18EF2B3F56026 Validity Not Before: Oct 6 19:50:24 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=68e41d7f-16c5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:a7:d1:0b:e2:81:b1:01:bb:4f:d5:32:13:a0: c0:95:0a:38:da:4d:3d:e9:0a:6d:47:50:5f:f1:ea: e5:f2:ce:8f:c5:d4:17:28:c2:64:03:45:af:d7:05: 40:64:66:9c:85:c6:f4:53:8a:a2:da:02:04:8c:77: ff:60:66:18:fe:23:ab:dc:de:f8:69:d5:1d:a6:e4: f9:eb:2a:67:e6:ad:70:d8:bb:6a:72:0e:af:4b:28: 34:d7:e1:93:28:70:06:fd:5e:fc:b8:fd:58:53:17: dc:5c:8e:b6:40:62:a9:7e:ef:5a:59:76:8c:49:4f: 72:a2:5b:c1:e3:4a:02:9b:f6:5b:b2:b4:76:95:c9: 69:17:90:de:f3:32:04:89:48:d5:f1:1f:e3:f2:4d: c6:01:5b:2a:5e:50:10:71:8c:f8:34:28:03:8e:43: 66:8d:bc:c1:da:c2:41:df:7a:7e:e1:da:d4:db:91: 49:70:d1:71:a2:d7:19:cc:09:c7:d8:f4:60:57:b9: 0d:c0:a5:ef:4d:92:a6:06:e6:3c:6b:c7:17:f3:53: bc:8f:f9:4c:be:f3:39:f1:7b:fb:06:44:67:33:f7: f3:54:09:07:0e:a2:06:41:e9:e5:6c:59:26:d4:f7: b3:2c:81:b5:be:95:3f:5f:bd:95:a6:fe:32:79:2b: 87:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:14:71:58:BE:D3:44:7C:8A:3E:D7:E8:90:8B:9D:04:57:C5:B2:36 X509v3 Authority Key Identifier: keyid:C7:9B:BE:AA:66:24:1E:EC:F0:1C:30:33:5D:B1:8E:F2:B3:F5:60:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9158131/982AB6E648B111EA96A06C7EC4F9AE02/x5u-qmYkHuzwHDAzXbGO8rP1YCY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x5u-qmYkHuzwHDAzXbGO8rP1YCY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158131/982AB6E648B111EA96A06C7EC4F9AE02/2E4BBE4EB4B511EF8A24821EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.35.168.0/22 IPv6: 2403:2d40::/32 Signature Algorithm: sha256WithRSAEncryption 8f:3f:f4:1e:1d:5c:57:b6:9a:2d:f4:a9:23:24:3f:5e:45:81: fc:03:70:20:be:87:4a:71:23:f9:01:d2:b4:1d:6b:5c:c5:d8: 23:03:70:b1:f5:aa:4d:fd:a4:16:f2:0b:04:3e:8f:eb:c5:d3: 26:b9:c9:02:69:b3:ba:09:17:0a:0b:e5:45:4f:24:53:f8:2e: 4d:87:36:bd:d1:35:fd:41:bd:85:9c:40:80:80:1b:c3:9e:0e: dd:2f:15:bd:6a:be:6f:f8:cf:7d:56:4a:6b:b6:68:f3:c7:ec: 51:51:96:a7:62:b8:e7:9d:e1:1e:05:a7:e3:fc:68:d0:64:86: a3:41:62:9e:74:e5:88:43:15:57:a5:35:b6:9d:49:c7:35:77: 54:c7:54:c0:45:d6:4f:e9:10:85:0a:99:d9:f8:8a:9a:7b:d1: c4:68:2e:ad:9a:76:61:50:71:79:b6:e0:3b:88:ac:f3:b5:e1: 87:ca:c6:5c:97:e2:9d:f3:c2:24:52:d0:f3:e1:a4:26:63:e3: 85:1b:aa:2a:7d:06:91:00:d8:d9:b5:84:03:5f:fe:92:ed:93: fa:fd:1c:4e:5f:34:1f:9d:84:05:cc:b5:44:93:76:a5:29:29: ec:ee:81:3f:eb:0d:39:2d:21:98:0c:9a:ba:72:68:f0:f9:bb: 47:a4:f5:2a -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICC1MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTgxMzExMTAvBgNVBAUTKEM3OUJCRUFBNjYyNDFFRUNGMDFDMzAzMzVEQjE4RUYy QjNGNTYwMjYwHhcNMjUxMDA2MTk1MDI0WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGU0MWQ3Zi0xNmM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApafRC+KBsQG7T9UyE6DAlQo42k096QptR1Bf8erl8s6PxdQXKMJkA0Wv1wVA ZGachcb0U4qi2gIEjHf/YGYY/iOr3N74adUdpuT56ypn5q1w2Ltqcg6vSyg01+GT KHAG/V78uP1YUxfcXI62QGKpfu9aWXaMSU9yolvB40oCm/ZbsrR2lclpF5De8zIE iUjV8R/j8k3GAVsqXlAQcYz4NCgDjkNmjbzB2sJB33p+4drU25FJcNFxotcZzAnH 2PRgV7kNwKXvTZKmBuY8a8cX81O8j/lMvvM58Xv7BkRnM/fzVAkHDqIGQenlbFkm 1PezLIG1vpU/X72Vpv4yeSuHaQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFKMUcVi+ 00R8ij7X6JCLnQRXxbI2MB8GA1UdIwQYMBaAFMebvqpmJB7s8BwwM12xjvKz9WAm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODEzMS85ODJBQjZFNjQ4 QjExMUVBOTZBMDZDN0VDNEY5QUUwMi94NXUtcW1Za0h1endIREF6WGJHTzhyUDFZ Q1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3g1dS1xbVlrSHV6d0hEQXpYYkdPOHJQMVlDWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTgxMzEvOTgyQUI2RTY0OEIxMTFFQTk2QTA2QzdFQzRGOUFFMDIvMkU0QkJFNEVC NEI1MTFFRjhBMjQ4MjFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAJnI6gwDQQCAAIwBwMFACQDLUAwDQYJKoZIhvcNAQELBQAD ggEBAI8/9B4dXFe2mi30qSMkP15FgfwDcCC+h0pxI/kB0rQda1zF2CMDcLH1qk39 pBbyCwQ+j+vF0ya5yQJps7oJFwoL5UVPJFP4Lk2HNr3RNf1BvYWcQICAG8OeDt0v Fb1qvm/4z31WSmu2aPPH7FFRlqdiuOed4R4Fp+P8aNBkhqNBYp505YhDFVelNbad Scc1d1THVMBF1k/pEIUKmdn4ipp70cRoLq2admFQcXm24DuIrPO14YfKxlyX4p3z wiRS0PPhpCZj44Ubqip9BpEA2Nm1hANf/pLtk/r9HE5fNB+dhAXMtUSTdqUpKezu gT/rDTktIZgMmrpyaPD5u0ek9So= -----END CERTIFICATE-----Generated at Wed Nov 5 16:43:11 2025 by rpki-client