$ rpki-client -vvf rpki.apnic.net/member_repository/A916732F/06B56150D91711EB89918D7DC4F9AE02/2EF7E9168D2811F0B3A81665C4F9AE02.roa File: 2EF7E9168D2811F0B3A81665C4F9AE02.roa (raw, json) Hash identifier: gZwSZaiGMHX80XPTAXje3zfVajGe3ErXWKRuYWUwlhE= Subject key identifier: 28:47:27:6F:C2:B7:02:DC:A7:E4:DB:FC:0D:12:E1:A5:F9:F2:3C:F0 Certificate issuer: /CN=A916732F/serialNumber=1FB4C3C5796F14B39DF51EFBA9DADAFD5CEBD09B Certificate serial: 05FE Authority key identifier: 1F:B4:C3:C5:79:6F:14:B3:9D:F5:1E:FB:A9:DA:DA:FD:5C:EB:D0:9B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H7TDxXlvFLOd9R77qdra_Vzr0Js.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916732F/06B56150D91711EB89918D7DC4F9AE02/2EF7E9168D2811F0B3A81665C4F9AE02.roa Signing time: Tue 21 Oct 2025 18:46:59 +0000 ROA not before: Tue 21 Oct 2025 18:46:59 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 140068 IP address blocks: 103.148.14.0/24 maxlen: 24 103.148.15.0/24 maxlen: 24 103.161.46.0/24 maxlen: 24 103.161.47.0/24 maxlen: 24 2402:29e0::/32 maxlen: 32 2402:29e0:c010::/48 maxlen: 48 2402:29e0:c011::/48 maxlen: 48 2402:29e0:d010::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916732F/06B56150D91711EB89918D7DC4F9AE02/H7TDxXlvFLOd9R77qdra_Vzr0Js.crl rsync://rpki.apnic.net/member_repository/A916732F/06B56150D91711EB89918D7DC4F9AE02/H7TDxXlvFLOd9R77qdra_Vzr0Js.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H7TDxXlvFLOd9R77qdra_Vzr0Js.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 23:05:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1534 (0x5fe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916732F, serialNumber=1FB4C3C5796F14B39DF51EFBA9DADAFD5CEBD09B Validity Not Before: Oct 21 18:46:59 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=68f7d523-bf6a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:20:d0:1e:21:21:b6:ae:77:f4:81:8d:89:a6: fc:65:12:ec:36:80:c0:26:5a:db:2b:58:ec:47:96: d2:78:84:8c:30:48:4c:b9:d6:cb:6c:5e:5d:60:12: 82:a7:7c:57:d1:96:5f:26:26:2f:9f:2e:54:1a:6c: 23:08:bc:7e:98:78:f0:13:6c:25:3c:dc:f6:11:6b: 87:e8:d3:97:31:2f:13:e1:4b:eb:c4:37:2e:7d:13: 45:21:50:24:21:00:a4:3b:95:67:cd:e3:ba:77:7c: a4:4c:8e:19:a3:0f:38:ed:10:c4:72:99:71:5d:e7: e2:2c:59:60:eb:4b:76:c9:dd:1e:3d:21:33:8c:85: ba:d4:de:f1:72:99:a5:39:59:02:93:d0:4f:14:3a: ac:5a:5f:5a:ae:1e:de:68:31:e6:d2:07:79:11:92: 74:e4:71:08:91:6e:90:cd:b7:a5:77:29:13:d8:04: 5d:82:39:5c:ba:45:50:6d:03:2d:d9:ac:ff:45:df: b7:5c:86:08:1a:8a:90:b2:8f:92:72:4c:64:47:bb: bd:8b:d4:48:3b:f9:9b:28:52:db:02:9b:f2:ba:1a: 73:e3:26:e1:57:23:4b:d2:64:18:b4:1f:ec:e2:2d: 9c:74:32:c2:b5:f1:23:89:7d:68:f8:b6:27:74:d9: 8f:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:47:27:6F:C2:B7:02:DC:A7:E4:DB:FC:0D:12:E1:A5:F9:F2:3C:F0 X509v3 Authority Key Identifier: keyid:1F:B4:C3:C5:79:6F:14:B3:9D:F5:1E:FB:A9:DA:DA:FD:5C:EB:D0:9B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916732F/06B56150D91711EB89918D7DC4F9AE02/H7TDxXlvFLOd9R77qdra_Vzr0Js.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H7TDxXlvFLOd9R77qdra_Vzr0Js.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916732F/06B56150D91711EB89918D7DC4F9AE02/2EF7E9168D2811F0B3A81665C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.148.14.0/23 103.161.46.0/23 IPv6: 2402:29e0::/32 Signature Algorithm: sha256WithRSAEncryption 16:cc:dd:a2:d1:c5:15:65:96:e5:7b:80:32:a2:77:cb:a8:fc: 00:db:97:7a:53:c4:12:fb:06:72:24:b1:34:80:23:c4:ee:c6: e0:4d:dd:65:0d:88:a5:c4:70:5e:c7:22:7d:aa:5c:40:b2:05: ec:4d:59:e9:01:c4:0f:0d:d7:c6:78:bd:fb:b6:64:6a:a8:6a: 73:bc:d1:6a:ab:bf:64:85:15:e8:31:c8:2e:65:b2:46:59:bc: e3:71:4b:ff:9e:64:36:29:73:fd:3e:ff:f2:ce:61:33:01:b6: 64:a5:61:95:07:2b:3e:9f:dc:a8:e5:9a:f2:01:cc:e4:10:cd: 96:97:67:dc:8d:51:e4:3e:bb:9f:b7:2e:c8:79:24:4c:1f:05: ac:c7:e8:5c:46:d0:9a:13:b5:43:3f:0c:07:fd:7d:e3:76:07: 78:d6:3d:e4:cc:c3:e6:b5:0e:61:1c:f6:82:56:dd:d9:ec:85: 8e:74:a6:cf:62:83:45:b1:92:f5:32:fb:70:53:7e:4a:14:38: 31:99:a2:bb:39:53:02:0d:61:1a:ca:d7:bf:ba:90:60:1c:bc: 4e:60:51:f0:5e:de:58:86:2a:e1:f2:93:14:31:9f:d2:56:93: a7:6a:dc:57:a1:d1:3c:89:8c:73:13:ec:0f:d1:be:24:05:29: 3e:f1:c4:b8 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICBf4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjczMkYxMTAvBgNVBAUTKDFGQjRDM0M1Nzk2RjE0QjM5REY1MUVGQkE5REFEQUZE NUNFQkQwOUIwHhcNMjUxMDIxMTg0NjU5WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGY3ZDUyMy1iZjZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvCDQHiEhtq539IGNiab8ZRLsNoDAJlrbK1jsR5bSeISMMEhMudbLbF5dYBKC p3xX0ZZfJiYvny5UGmwjCLx+mHjwE2wlPNz2EWuH6NOXMS8T4UvrxDcufRNFIVAk IQCkO5VnzeO6d3ykTI4Zow847RDEcplxXefiLFlg60t2yd0ePSEzjIW61N7xcpml OVkCk9BPFDqsWl9arh7eaDHm0gd5EZJ05HEIkW6QzbeldykT2ARdgjlcukVQbQMt 2az/Rd+3XIYIGoqQso+SckxkR7u9i9RIO/mbKFLbApvyuhpz4ybhVyNL0mQYtB/s 4i2cdDLCtfEjiX1o+LYndNmPZQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFChHJ2/C twLcp+Tb/A0S4aX58jzwMB8GA1UdIwQYMBaAFB+0w8V5bxSznfUe+6na2v1c69Cb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NzMyRi8wNkI1NjE1MEQ5 MTcxMUVCODk5MThEN0RDNEY5QUUwMi9IN1REeFhsdkZMT2Q5Ujc3cWRyYV9WenIw SnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0g3VER4WGx2RkxPZDlSNzdxZHJhX1Z6cjBKcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NjczMkYvMDZCNTYxNTBEOTE3MTFFQjg5OTE4RDdEQzRGOUFFMDIvMkVGN0U5MTY4 RDI4MTFGMEIzQTgxNjY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAFnlA4DBAFnoS4wDQQCAAIwBwMFACQCKeAwDQYJKoZIhvcN AQELBQADggEBABbM3aLRxRVlluV7gDKid8uo/ADbl3pTxBL7BnIksTSAI8TuxuBN 3WUNiKXEcF7HIn2qXECyBexNWekBxA8N18Z4vfu2ZGqoanO80Wqrv2SFFegxyC5l skZZvONxS/+eZDYpc/0+//LOYTMBtmSlYZUHKz6f3KjlmvIBzOQQzZaXZ9yNUeQ+ u5+3Lsh5JEwfBazH6FxG0JoTtUM/DAf9feN2B3jWPeTMw+a1DmEc9oJW3dnshY50 ps9ig0WxkvUy+3BTfkoUODGZors5UwINYRrK17+6kGAcvE5gUfBe3liGKuHykxQx n9JWk6dq3Feh0TyJjHMT7A/RviQFKT7xxLg= -----END CERTIFICATE-----Generated at Wed Nov 5 03:24:42 2025 by rpki-client