$ rpki-client -vvf rpki.apnic.net/member_repository/A9175F18/A384291C0AA011EB87333882C4F9AE02/0DA7D6ACBEF111ED9634C070C4F9AE02.roa File: 0DA7D6ACBEF111ED9634C070C4F9AE02.roa (raw, json) Hash identifier: 5NqgNIsXa19amtn4HMMc6db3EBMX1bO+m+WZsJmO+bs= Subject key identifier: 2D:BA:C2:B5:2A:02:D3:39:ED:A4:04:C6:B9:1A:60:E1:04:25:F2:7D Certificate issuer: /CN=A9175F18/serialNumber=3C8B2BDBCB155E2D2FECD45D062FB3699F034320 Certificate serial: 0811 Authority key identifier: 3C:8B:2B:DB:CB:15:5E:2D:2F:EC:D4:5D:06:2F:B3:69:9F:03:43:20 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PIsr28sVXi0v7NRdBi-zaZ8DQyA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9175F18/A384291C0AA011EB87333882C4F9AE02/0DA7D6ACBEF111ED9634C070C4F9AE02.roa Signing time: Sun 02 Nov 2025 21:11:10 +0000 ROA not before: Sun 02 Nov 2025 21:11:10 +0000 ROA not after: Sun 31 Jan 2027 00:00:00 +0000 asID: 133929 IP address blocks: 43.225.59.0/24 maxlen: 24 103.252.16.0/22 maxlen: 22 103.252.16.0/23 maxlen: 24 103.252.18.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9175F18/A384291C0AA011EB87333882C4F9AE02/PIsr28sVXi0v7NRdBi-zaZ8DQyA.crl rsync://rpki.apnic.net/member_repository/A9175F18/A384291C0AA011EB87333882C4F9AE02/PIsr28sVXi0v7NRdBi-zaZ8DQyA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PIsr28sVXi0v7NRdBi-zaZ8DQyA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 21:12:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2065 (0x811) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9175F18, serialNumber=3C8B2BDBCB155E2D2FECD45D062FB3699F034320 Validity Not Before: Nov 2 21:11:10 2025 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=6907c8ee-7f42 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:d5:79:c0:8d:08:67:28:49:14:34:83:c7:3e: cb:46:24:62:a4:e6:10:a4:ec:91:88:92:0c:df:cd: bc:a5:2c:19:bb:26:c1:83:11:87:f5:30:27:fc:b5: bd:41:11:3e:26:6a:9c:6e:58:76:4d:6b:0e:75:78: 18:f3:bd:c1:7b:a2:f7:36:db:8a:68:72:db:9c:e5: 54:a9:bc:82:35:4f:5f:1f:80:98:70:62:75:6b:62: b4:eb:4a:c5:48:1a:62:1a:94:f2:e9:7c:45:35:85: e5:f3:b7:dc:02:e4:96:6c:d1:a6:8d:32:86:eb:9b: 1c:1d:86:d4:83:21:6d:22:04:1f:ea:98:d7:cb:23: b1:94:03:23:b4:6c:9f:d4:9c:b8:d4:fb:d3:5c:37: 79:96:b4:69:fc:45:16:15:26:34:49:ee:4f:6e:3a: c8:0f:21:99:c2:18:04:4e:91:6c:56:f8:36:f3:6f: 50:7c:89:03:a0:8b:7f:c7:fc:d9:c6:df:f3:9b:31: c6:2c:97:c7:11:d1:70:5e:c5:10:35:d3:40:06:3f: db:81:33:45:af:ea:f6:dd:df:2e:d6:c0:05:a4:53: bb:fe:7e:98:18:b3:1d:c6:0e:51:10:ba:89:8a:01: 6b:54:bb:9d:2d:e6:6d:a5:64:42:75:d3:23:9b:d3: 5c:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:BA:C2:B5:2A:02:D3:39:ED:A4:04:C6:B9:1A:60:E1:04:25:F2:7D X509v3 Authority Key Identifier: keyid:3C:8B:2B:DB:CB:15:5E:2D:2F:EC:D4:5D:06:2F:B3:69:9F:03:43:20 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9175F18/A384291C0AA011EB87333882C4F9AE02/PIsr28sVXi0v7NRdBi-zaZ8DQyA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PIsr28sVXi0v7NRdBi-zaZ8DQyA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9175F18/A384291C0AA011EB87333882C4F9AE02/0DA7D6ACBEF111ED9634C070C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.225.59.0/24 103.252.16.0/22 Signature Algorithm: sha256WithRSAEncryption 89:c2:66:9b:ef:89:cd:2e:9e:cd:a8:b1:78:46:bc:13:62:f4: b3:38:d1:6a:d9:92:f2:41:cf:1b:34:39:8b:3d:58:1d:61:3a: 46:2f:ac:34:4e:ed:e3:e7:91:0d:a8:1d:98:5a:da:fc:f4:06: b9:43:30:58:b0:e1:a6:95:fd:32:14:f8:7c:09:20:1c:4b:9a: 11:08:88:80:68:f8:c1:bf:5d:4d:c4:da:36:f6:4e:d0:50:02: 73:a4:15:06:1e:47:f4:be:ef:da:90:78:8c:12:da:f2:69:0d: a1:28:e1:9f:63:23:3b:96:8b:54:87:68:8a:55:e8:f2:04:11: d2:b6:d2:00:e0:63:71:43:79:77:45:07:5d:23:47:bb:6d:de: b2:2d:8b:9c:ea:66:fa:37:de:c8:d8:e5:8e:1d:8c:e0:77:c0: 64:fc:6b:3d:4d:82:23:3c:06:58:a3:cd:c3:07:94:94:3a:4b: dc:60:35:f0:cb:31:d9:c0:45:8f:f1:15:9d:82:74:05:fc:17: 53:88:e8:b0:28:c4:0e:e8:f9:36:39:dd:77:ae:1c:8d:9b:83: d8:f6:74:b1:74:de:80:5c:9a:b6:2d:fc:ea:71:72:24:3c:81: f2:82:31:7f:d0:b2:5b:30:3d:3f:e6:9d:a0:97:5b:07:2d:0f: cb:7e:6e:53 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICCBEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzVGMTgxMTAvBgNVBAUTKDNDOEIyQkRCQ0IxNTVFMkQyRkVDRDQ1RDA2MkZCMzY5 OUYwMzQzMjAwHhcNMjUxMTAyMjExMTEwWhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OTA3YzhlZS03ZjQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAztV5wI0IZyhJFDSDxz7LRiRipOYQpOyRiJIM3828pSwZuybBgxGH9TAn/LW9 QRE+Jmqcblh2TWsOdXgY873Be6L3NtuKaHLbnOVUqbyCNU9fH4CYcGJ1a2K060rF SBpiGpTy6XxFNYXl87fcAuSWbNGmjTKG65scHYbUgyFtIgQf6pjXyyOxlAMjtGyf 1Jy41PvTXDd5lrRp/EUWFSY0Se5PbjrIDyGZwhgETpFsVvg2829QfIkDoIt/x/zZ xt/zmzHGLJfHEdFwXsUQNdNABj/bgTNFr+r23d8u1sAFpFO7/n6YGLMdxg5RELqJ igFrVLudLeZtpWRCddMjm9NcxwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFC26wrUq AtM57aQExrkaYOEEJfJ9MB8GA1UdIwQYMBaAFDyLK9vLFV4tL+zUXQYvs2mfA0Mg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NUYxOC9BMzg0MjkxQzBB QTAxMUVCODczMzM4ODJDNEY5QUUwMi9QSXNyMjhzVlhpMHY3TlJkQmktemFaOERR eUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1BJc3IyOHNWWGkwdjdOUmRCaS16YVo4RFF5QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzVGMTgvQTM4NDI5MUMwQUEwMTFFQjg3MzMzODgyQzRGOUFFMDIvMERBN0Q2QUNC RUYxMTFFRDk2MzRDMDcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAAr4TsDBAJn/BAwDQYJKoZIhvcNAQELBQADggEBAInCZpvv ic0uns2osXhGvBNi9LM40WrZkvJBzxs0OYs9WB1hOkYvrDRO7ePnkQ2oHZha2vz0 BrlDMFiw4aaV/TIU+HwJIBxLmhEIiIBo+MG/XU3E2jb2TtBQAnOkFQYeR/S+79qQ eIwS2vJpDaEo4Z9jIzuWi1SHaIpV6PIEEdK20gDgY3FDeXdFB10jR7tt3rIti5zq Zvo33sjY5Y4djOB3wGT8az1NgiM8BlijzcMHlJQ6S9xgNfDLMdnARY/xFZ2CdAX8 F1OI6LAoxA7o+TY53XeuHI2bg9j2dLF03oBcmrYt/OpxciQ8gfKCMX/QslswPT/m naCXWwctD8t+blM= -----END CERTIFICATE-----Generated at Wed Nov 5 00:22:19 2025 by rpki-client