$ rpki-client -vvf rpki.apnic.net/member_repository/A915F438/B7EF53FE2B4E11E5ACBBDF3AC4F9AE02/657B47B61C2F11E880C4ED7BC4F9AE02.roa File: 657B47B61C2F11E880C4ED7BC4F9AE02.roa (raw, json) Hash identifier: SqubnCOkk8RsrmFBLZGk+dGzptnKgDT9xCotCHCxhuo= Subject key identifier: A8:B8:06:88:A8:B9:1B:0C:E4:87:9D:FB:09:3B:E4:84:38:FC:8C:AA Certificate issuer: /CN=A915F438/serialNumber=93E7618CCFE26480D7927A1871BAD83FEF9DF484 Certificate serial: 2560 Authority key identifier: 93:E7:61:8C:CF:E2:64:80:D7:92:7A:18:71:BA:D8:3F:EF:9D:F4:84 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/k-dhjM_iZIDXknoYcbrYP--d9IQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915F438/B7EF53FE2B4E11E5ACBBDF3AC4F9AE02/657B47B61C2F11E880C4ED7BC4F9AE02.roa Signing time: Tue 16 Sep 2025 15:53:28 +0000 ROA not before: Tue 16 Sep 2025 15:53:28 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 38800 IP address blocks: 103.154.194.0/23 maxlen: 23 103.154.194.0/24 maxlen: 24 103.154.195.0/24 maxlen: 24 182.50.168.0/22 maxlen: 22 182.50.168.0/22 maxlen: 24 202.87.208.0/22 maxlen: 24 203.99.156.0/22 maxlen: 22 203.99.156.0/22 maxlen: 24 203.99.156.0/24 maxlen: 24 203.99.157.0/24 maxlen: 24 2402:ae80::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915F438/B7EF53FE2B4E11E5ACBBDF3AC4F9AE02/k-dhjM_iZIDXknoYcbrYP--d9IQ.crl rsync://rpki.apnic.net/member_repository/A915F438/B7EF53FE2B4E11E5ACBBDF3AC4F9AE02/k-dhjM_iZIDXknoYcbrYP--d9IQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/k-dhjM_iZIDXknoYcbrYP--d9IQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 15:49:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9568 (0x2560) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915F438, serialNumber=93E7618CCFE26480D7927A1871BAD83FEF9DF484 Validity Not Before: Sep 16 15:53:28 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68c987f7-cfca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:ae:c9:fe:a4:e6:53:f1:94:cb:30:d5:d8:83: b7:5f:de:78:89:83:b4:02:a7:32:8c:4c:1f:e6:fa: 38:d2:f4:de:9b:c8:e2:f2:a8:79:0d:2f:3a:d4:55: 6a:c4:d5:be:ed:cd:c0:62:18:4d:4b:93:cb:e7:f6: 74:5d:3d:ab:20:9d:d2:94:88:48:fb:46:b6:43:08: 62:72:51:6b:4b:ac:de:d2:96:ae:b9:73:34:93:d9: 08:93:09:5a:b4:01:da:03:ab:81:f1:a6:5d:2b:fa: 11:4d:ed:6e:df:d6:e0:cb:eb:e7:94:15:3d:32:19: 8c:ae:1b:8a:8a:33:63:1c:1a:70:61:c8:e4:01:60: 85:4b:a6:20:6f:6c:8e:ff:e2:9c:1d:c3:01:0b:31: 37:b7:f8:0b:d7:da:ea:09:c3:aa:c9:c5:ae:87:c3: cd:6c:31:78:03:bf:4a:db:c6:ef:eb:70:e5:08:61: ce:bf:60:03:a8:9f:cc:c2:2a:f0:a0:60:dd:e1:ae: fa:6f:62:65:8d:57:61:75:49:10:6a:9a:21:8a:45: 12:8b:15:cf:72:26:a5:de:cd:2d:ff:54:86:66:33: 3e:30:3e:af:db:ae:9c:c0:a1:e9:00:ba:e6:31:5f: 63:a6:63:9a:dd:58:e4:1e:10:f8:1c:12:55:7f:e8: 47:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:B8:06:88:A8:B9:1B:0C:E4:87:9D:FB:09:3B:E4:84:38:FC:8C:AA X509v3 Authority Key Identifier: keyid:93:E7:61:8C:CF:E2:64:80:D7:92:7A:18:71:BA:D8:3F:EF:9D:F4:84 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915F438/B7EF53FE2B4E11E5ACBBDF3AC4F9AE02/k-dhjM_iZIDXknoYcbrYP--d9IQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/k-dhjM_iZIDXknoYcbrYP--d9IQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915F438/B7EF53FE2B4E11E5ACBBDF3AC4F9AE02/657B47B61C2F11E880C4ED7BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.154.194.0/23 182.50.168.0/22 202.87.208.0/22 203.99.156.0/22 IPv6: 2402:ae80::/32 Signature Algorithm: sha256WithRSAEncryption 89:2a:47:aa:0a:56:67:96:77:5d:e6:d7:6d:cf:d3:d6:0b:ec: e1:3b:e2:a9:39:1f:3f:c3:72:0d:84:bc:e3:d8:6a:07:9f:88: ef:83:c6:dd:4c:0f:22:d1:0f:da:56:16:d2:de:2c:1f:ef:eb: ae:84:4f:c5:f8:80:1f:cc:24:5a:62:0a:a9:2a:e2:ee:7b:a9: c9:8c:10:c1:4d:00:e7:ba:22:fa:1a:aa:6a:1c:8d:ab:a5:fa: 1f:52:62:99:19:28:90:7f:c0:72:f7:d1:f1:ee:5a:38:3a:41: 0c:b0:b0:3b:d1:01:e3:76:ee:16:b4:b5:19:af:35:59:ac:35: 94:a8:58:c3:93:b5:06:66:04:1a:35:ce:0c:b4:08:50:ff:3d: 10:01:76:65:7f:a3:0b:f7:d2:16:b8:ac:75:d4:21:43:67:8e: 0b:09:f4:b6:3e:dc:3c:69:5c:c2:3d:a2:96:98:08:80:39:e6: a9:df:92:8b:31:6b:8d:18:a6:46:ba:bc:09:bf:86:28:de:ab: 84:83:7b:0a:d0:18:8e:bc:70:02:b8:c7:dc:4e:e3:59:3b:b5: de:d5:82:b8:b8:65:84:c7:c5:fa:d4:5b:d2:84:a3:62:d0:e1: 28:a1:aa:6b:0e:0c:ba:b6:0c:c0:14:d6:09:90:84:2c:7c:18: 1e:e0:64:e6 -----BEGIN CERTIFICATE----- MIIFkjCCBHqgAwIBAgICJWAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUY0MzgxMTAvBgNVBAUTKDkzRTc2MThDQ0ZFMjY0ODBENzkyN0ExODcxQkFEODNG RUY5REY0ODQwHhcNMjUwOTE2MTU1MzI4WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGM5ODdmNy1jZmNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA067J/qTmU/GUyzDV2IO3X954iYO0AqcyjEwf5vo40vTem8ji8qh5DS861FVq xNW+7c3AYhhNS5PL5/Z0XT2rIJ3SlIhI+0a2QwhiclFrS6ze0pauuXM0k9kIkwla tAHaA6uB8aZdK/oRTe1u39bgy+vnlBU9MhmMrhuKijNjHBpwYcjkAWCFS6Ygb2yO /+KcHcMBCzE3t/gL19rqCcOqycWuh8PNbDF4A79K28bv63DlCGHOv2ADqJ/Mwirw oGDd4a76b2JljVdhdUkQapohikUSixXPcial3s0t/1SGZjM+MD6v266cwKHpALrm MV9jpmOa3VjkHhD4HBJVf+hHpQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFKi4Boio uRsM5Ied+wk75IQ4/IyqMB8GA1UdIwQYMBaAFJPnYYzP4mSA15J6GHG62D/vnfSE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RjQzOC9CN0VGNTNGRTJC NEUxMUU1QUNCQkRGM0FDNEY5QUUwMi9rLWRoak1faVpJRFhrbm9ZY2JyWVAtLWQ5 SVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2stZGhqTV9pWklEWGtub1ljYnJZUC0tZDlJUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NUY0MzgvQjdFRjUzRkUyQjRFMTFFNUFDQkJERjNBQzRGOUFFMDIvNjU3QjQ3QjYx QzJGMTFFODgwQzRFRDdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E MTAvMB4EAgABMBgDBAFnmsIDBAK2MqgDBALKV9ADBALLY5wwDQQCAAIwBwMFACQC roAwDQYJKoZIhvcNAQELBQADggEBAIkqR6oKVmeWd13m123P09YL7OE74qk5Hz/D cg2EvOPYagefiO+Dxt1MDyLRD9pWFtLeLB/v666ET8X4gB/MJFpiCqkq4u57qcmM EMFNAOe6Ivoaqmocjaul+h9SYpkZKJB/wHL30fHuWjg6QQywsDvRAeN27ha0tRmv NVmsNZSoWMOTtQZmBBo1zgy0CFD/PRABdmV/owv30ha4rHXUIUNnjgsJ9LY+3Dxp XMI9opaYCIA55qnfkosxa40Ypka6vAm/hijeq4SDewrQGI68cAK4x9xO41k7td7V gri4ZYTHxfrUW9KEo2LQ4SihqmsODLq2DMAU1gmQhCx8GB7gZOY= -----END CERTIFICATE-----Generated at Wed Nov 5 10:26:22 2025 by rpki-client