$ rpki-client -vvf rpki.apnic.net/member_repository/A918E4B7/EB312F021EAA11ECB756BF30C4F9AE02/B9DEB77E654411EFACBF7956C4F9AE02.roa File: B9DEB77E654411EFACBF7956C4F9AE02.roa (raw, json) Hash identifier: rrXHgzUdzEuReffPDCPuY00l4dzYtSiphjTni14sFbs= Subject key identifier: 14:29:B4:2E:2E:5D:DA:7E:7D:92:06:3F:84:A8:CB:AC:50:BE:E5:64 Certificate issuer: /CN=A918E4B7/serialNumber=0AB6DD26515C53ECC5B0462B4C475D5A7E5A5537 Certificate serial: 0550 Authority key identifier: 0A:B6:DD:26:51:5C:53:EC:C5:B0:46:2B:4C:47:5D:5A:7E:5A:55:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CrbdJlFcU-zFsEYrTEddWn5aVTc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918E4B7/EB312F021EAA11ECB756BF30C4F9AE02/B9DEB77E654411EFACBF7956C4F9AE02.roa Signing time: Wed 03 Sep 2025 00:15:37 +0000 ROA not before: Wed 03 Sep 2025 00:15:37 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 64022 IP address blocks: 45.126.124.0/24 maxlen: 24 45.126.125.0/24 maxlen: 24 45.126.126.0/24 maxlen: 24 45.126.127.0/24 maxlen: 24 103.102.44.0/24 maxlen: 24 103.102.45.0/24 maxlen: 24 103.102.47.0/24 maxlen: 24 103.195.4.0/24 maxlen: 24 103.195.5.0/24 maxlen: 24 103.195.6.0/24 maxlen: 24 103.195.7.0/24 maxlen: 24 103.252.116.0/24 maxlen: 24 103.252.117.0/24 maxlen: 24 103.252.118.0/24 maxlen: 24 103.252.119.0/24 maxlen: 24 114.29.236.0/24 maxlen: 24 114.29.237.0/24 maxlen: 24 114.29.238.0/24 maxlen: 24 114.29.239.0/24 maxlen: 24 2401:df40:1::/48 maxlen: 48 2402:da80:100::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918E4B7/EB312F021EAA11ECB756BF30C4F9AE02/CrbdJlFcU-zFsEYrTEddWn5aVTc.crl rsync://rpki.apnic.net/member_repository/A918E4B7/EB312F021EAA11ECB756BF30C4F9AE02/CrbdJlFcU-zFsEYrTEddWn5aVTc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CrbdJlFcU-zFsEYrTEddWn5aVTc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 23:36:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1360 (0x550) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918E4B7, serialNumber=0AB6DD26515C53ECC5B0462B4C475D5A7E5A5537 Validity Not Before: Sep 3 00:15:37 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68b788a9-3a4d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:05:09:ea:64:0b:b4:a4:b3:51:99:d1:85:af: b6:33:0a:b2:c1:ef:0a:69:b2:b7:42:da:3e:bd:ab: 2e:4c:fd:b6:28:31:d6:57:34:61:4d:f3:84:83:83: df:2f:b6:35:87:4b:0d:08:93:80:3b:7f:7d:ac:94: ad:30:8d:82:f4:88:9f:46:84:40:05:96:07:b2:c6: 0d:4a:e5:44:07:dc:a3:66:26:24:c1:4f:1b:0a:bb: 7f:fa:5a:10:38:c2:7c:9f:08:87:89:c5:79:8b:da: 0c:3d:f6:83:25:13:1b:c4:bd:b1:cc:5d:40:18:80: e8:a9:f1:57:19:84:24:7c:e4:fc:01:74:e7:0f:32: d0:9e:56:69:f6:8a:31:da:b9:d0:44:7f:25:56:52: 28:cc:cd:db:15:1f:c8:fa:d3:5f:d5:e0:87:7e:78: c9:c3:31:7b:0a:4c:92:a3:6b:81:11:86:7e:1b:3e: 1d:7c:39:34:da:68:51:16:25:77:29:c3:bb:2e:be: d2:a6:68:c2:a6:c4:7a:16:08:94:78:f8:c3:08:0f: 56:9b:2e:1a:1a:0b:12:e3:60:c9:23:80:46:a7:70: 74:89:39:9b:28:e3:41:ff:82:06:20:de:b8:98:d6: 19:5c:dd:32:dc:1a:bc:b1:4e:15:54:1d:f2:fc:7c: 6e:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:29:B4:2E:2E:5D:DA:7E:7D:92:06:3F:84:A8:CB:AC:50:BE:E5:64 X509v3 Authority Key Identifier: keyid:0A:B6:DD:26:51:5C:53:EC:C5:B0:46:2B:4C:47:5D:5A:7E:5A:55:37 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918E4B7/EB312F021EAA11ECB756BF30C4F9AE02/CrbdJlFcU-zFsEYrTEddWn5aVTc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CrbdJlFcU-zFsEYrTEddWn5aVTc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918E4B7/EB312F021EAA11ECB756BF30C4F9AE02/B9DEB77E654411EFACBF7956C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.126.124.0/22 103.102.44.0/23 103.102.47.0/24 103.195.4.0/22 103.252.116.0/22 114.29.236.0/22 IPv6: 2401:df40:1::/48 2402:da80:100::/48 Signature Algorithm: sha256WithRSAEncryption 1b:ef:c9:d3:25:4a:ab:f0:27:6a:38:d1:02:3a:10:52:8d:b0: b1:88:5a:67:9e:89:60:cd:71:8f:7e:40:96:fd:89:09:99:25: 96:b6:5c:4b:ac:b1:f7:5b:c5:ab:7c:1c:df:f6:11:2d:52:e2: 88:e7:cc:db:6f:a6:c1:f1:e5:44:d2:4e:9f:01:1b:e0:57:56: ae:06:55:e9:79:96:5d:b3:08:1a:1f:a1:51:96:eb:14:6a:24: de:44:a6:0d:d9:42:de:56:1e:dc:bb:98:39:31:6b:9d:1d:59: 36:df:ee:89:2d:89:e5:76:eb:30:e3:80:16:be:ee:15:16:53: e1:60:dc:4b:cf:70:20:c4:7f:9a:4d:24:2a:e8:8e:77:34:ab: e8:9a:1d:6e:fb:65:d8:ec:51:59:ef:98:38:86:fc:5f:22:f2: 3c:20:8d:aa:32:99:b8:0b:27:f8:0d:9f:cc:24:de:e3:e8:27: 17:7d:28:52:5f:ee:57:70:3a:84:2d:48:cb:9e:70:0f:35:fb: 23:89:9f:4d:bd:69:0b:38:fe:ab:9a:00:cd:5b:a7:3a:b4:76: ea:07:45:b4:99:d6:f0:87:20:b6:92:bf:13:4c:9a:72:31:e7: 3d:82:47:de:fb:be:a5:31:65:5d:ae:9b:91:7d:a0:72:4b:1e: 40:7e:ff:0a -----BEGIN CERTIFICATE----- MIIFqTCCBJGgAwIBAgICBVAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEU0QjcxMTAvBgNVBAUTKDBBQjZERDI2NTE1QzUzRUNDNUIwNDYyQjRDNDc1RDVB N0U1QTU1MzcwHhcNMjUwOTAzMDAxNTM3WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGI3ODhhOS0zYTRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxgUJ6mQLtKSzUZnRha+2Mwqywe8KabK3Qto+vasuTP22KDHWVzRhTfOEg4Pf L7Y1h0sNCJOAO399rJStMI2C9IifRoRABZYHssYNSuVEB9yjZiYkwU8bCrt/+loQ OMJ8nwiHicV5i9oMPfaDJRMbxL2xzF1AGIDoqfFXGYQkfOT8AXTnDzLQnlZp9oox 2rnQRH8lVlIozM3bFR/I+tNf1eCHfnjJwzF7CkySo2uBEYZ+Gz4dfDk02mhRFiV3 KcO7Lr7SpmjCpsR6FgiUePjDCA9Wmy4aGgsS42DJI4BGp3B0iTmbKONB/4IGIN64 mNYZXN0y3Bq8sU4VVB3y/HxuDwIDAQABo4ICzTCCAskwHQYDVR0OBBYEFBQptC4u Xdp+fZIGP4Soy6xQvuVkMB8GA1UdIwQYMBaAFAq23SZRXFPsxbBGK0xHXVp+WlU3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RTRCNy9FQjMxMkYwMjFF QUExMUVDQjc1NkJGMzBDNEY5QUUwMi9DcmJkSmxGY1UtekZzRVlyVEVkZFduNWFW VGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NyYmRKbEZjVS16RnNFWXJURWRkV241YVZUYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEU0QjcvRUIzMTJGMDIxRUFBMTFFQ0I3NTZCRjMwQzRGOUFFMDIvQjlERUI3N0U2 NTQ0MTFFRkFDQkY3OTU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVwYIKwYBBQUHAQcBAf8E SDBGMCoEAgABMCQDBAItfnwDBAFnZiwDBABnZi8DBAJnwwQDBAJn/HQDBAJyHeww GAQCAAIwEgMHACQB30AAAQMHACQC2oABADANBgkqhkiG9w0BAQsFAAOCAQEAG+/J 0yVKq/AnajjRAjoQUo2wsYhaZ56JYM1xj35Alv2JCZkllrZcS6yx91vFq3wc3/YR LVLiiOfM22+mwfHlRNJOnwEb4FdWrgZV6XmWXbMIGh+hUZbrFGok3kSmDdlC3lYe 3LuYOTFrnR1ZNt/uiS2J5XbrMOOAFr7uFRZT4WDcS89wIMR/mk0kKuiOdzSr6Jod bvtl2OxRWe+YOIb8XyLyPCCNqjKZuAsn+A2fzCTe4+gnF30oUl/uV3A6hC1Iy55w DzX7I4mfTb1pCzj+q5oAzVunOrR26gdFtJnW8IcgtpK/E0yacjHnPYJH3vu+pTFl Xa6bkX2gckseQH7/Cg== -----END CERTIFICATE-----Generated at Wed Nov 5 19:48:17 2025 by rpki-client