$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2124D4CC803B11ED88B64D3DC4F9AE02.roa File: 2124D4CC803B11ED88B64D3DC4F9AE02.roa (raw, json) Hash identifier: jk6LG5RhWDcKqTh7wXv/cc4v2jPoU5+r1Dizw4y8Sp0= Subject key identifier: 86:8E:1F:D7:91:1F:A3:6F:76:42:1A:B7:A4:BA:28:7D:35:9D:7D:F4 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: B3CD Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2124D4CC803B11ED88B64D3DC4F9AE02.roa Signing time: Thu 08 May 2025 16:06:36 +0000 ROA not before: Thu 08 May 2025 16:06:36 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 136312 IP address blocks: 103.86.4.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 15:24:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46029 (0xb3cd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 8 16:06:36 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681cd68c-18f8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:33:f4:9e:af:b0:78:5d:4d:18:6e:dc:17:2a: 3c:46:9a:e9:0b:b3:c5:9e:5c:98:5c:c9:04:63:96: c8:c6:a2:da:90:96:9d:26:bf:b9:27:01:3b:b7:8d: 78:ac:b1:4d:2e:28:b8:8f:0f:d1:f7:58:eb:ed:46: be:f6:d0:f0:22:dc:d3:67:64:90:5c:06:f8:34:66: e4:86:20:5c:bf:49:0f:aa:c5:55:40:23:22:c4:b4: 84:41:18:c9:67:ff:d1:b3:fe:54:c6:3e:a3:93:c8: 3a:e9:94:16:06:db:f0:38:9a:26:16:e9:54:df:76: 09:55:0e:d8:58:d0:e8:fb:f6:7e:89:43:ed:22:34: 0a:13:13:80:ee:4e:f4:74:b5:1b:53:e8:9d:97:62: 2c:e1:27:57:f3:a9:03:1b:40:8d:86:67:b9:f3:c9: f0:e6:bc:ab:10:bd:a1:af:2e:12:24:fd:85:48:e2: 91:eb:67:c0:f5:bd:fd:28:6e:ba:09:58:73:99:28: 29:5f:56:ed:eb:be:0d:67:44:d8:05:06:8a:85:7b: 14:7d:c1:c4:31:a4:42:89:20:c9:b8:67:bc:11:3b: 0b:ba:ff:b0:95:4c:34:32:1a:7c:83:3c:ce:d7:df: db:3c:92:11:35:7d:ed:eb:2b:24:fc:be:d8:a2:a0: 70:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:8E:1F:D7:91:1F:A3:6F:76:42:1A:B7:A4:BA:28:7D:35:9D:7D:F4 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2124D4CC803B11ED88B64D3DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.86.4.0/22 Signature Algorithm: sha256WithRSAEncryption 4f:cf:9c:08:85:6a:a1:42:35:03:9f:3f:1c:e4:68:9f:47:8f: b6:65:c2:4d:0d:bc:6d:89:4f:20:3e:41:ec:ce:e9:8c:c4:0a: 00:a4:56:13:08:b0:d8:ab:f4:6d:4d:e5:95:69:ef:28:07:23: 29:0e:2e:cf:b0:80:8c:4d:3c:29:9c:83:6c:c5:af:a0:4e:31: c3:46:90:3b:21:72:35:3a:3c:bd:c2:ff:b3:f2:20:9d:06:9c: d7:18:71:5a:97:78:97:76:ef:36:fe:82:d8:d0:c2:e6:84:46: c7:a4:5a:e9:9b:89:76:33:7d:f6:63:1d:8e:b6:26:25:b4:e4: 02:3f:eb:d2:50:c4:64:39:7f:0d:31:f9:9f:7b:11:03:c1:2c: 93:be:93:e5:04:57:64:b5:8d:ab:1c:fd:78:ac:59:03:1e:13: 16:b0:22:14:e8:85:0d:82:ce:ed:02:79:70:75:17:e0:0b:6e: 9f:81:5e:c5:17:22:8f:fc:ef:34:63:6e:bd:c8:df:37:d8:94: 74:17:bf:77:b8:40:f4:ec:64:3b:6f:e7:1d:07:66:99:c7:8c: d1:98:f3:cf:d5:a1:0e:8a:9d:f4:70:67:4e:25:75:22:0e:5a: 4b:30:e0:6c:d1:21:35:c8:73:78:58:da:c4:52:68:e7:7f:f5: 66:a3:f2:f9 -----BEGIN CERTIFICATE----- MIIFcjCCBFqgAwIBAgIDALPNMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDUwODE2MDYzNloXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjgxY2Q2OGMtMThmODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN8z9J6vsHhdTRhu3BcqPEaa6QuzxZ5cmFzJBGOWyMai2pCWnSa/uScBO7eN eKyxTS4ouI8P0fdY6+1GvvbQ8CLc02dkkFwG+DRm5IYgXL9JD6rFVUAjIsS0hEEY yWf/0bP+VMY+o5PIOumUFgbb8DiaJhbpVN92CVUO2FjQ6Pv2folD7SI0ChMTgO5O 9HS1G1PonZdiLOEnV/OpAxtAjYZnufPJ8Oa8qxC9oa8uEiT9hUjiketnwPW9/Shu uglYc5koKV9W7eu+DWdE2AUGioV7FH3BxDGkQokgybhnvBE7C7r/sJVMNDIafIM8 ztff2zySETV97esrJPy+2KKgcCECAwEAAaOCApUwggKRMB0GA1UdDgQWBBSGjh/X kR+jb3ZCGrekuih9NZ199DAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzIxMjRENEND ODAzQjExRUQ4OEI2NEQzREM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/ BBAwDjAMBAIAATAGAwQCZ1YEMA0GCSqGSIb3DQEBCwUAA4IBAQBPz5wIhWqhQjUD nz8c5GifR4+2ZcJNDbxtiU8gPkHszumMxAoApFYTCLDYq/RtTeWVae8oByMpDi7P sICMTTwpnINsxa+gTjHDRpA7IXI1Ojy9wv+z8iCdBpzXGHFal3iXdu82/oLY0MLm hEbHpFrpm4l2M332Yx2OtiYltOQCP+vSUMRkOX8NMfmfexEDwSyTvpPlBFdktY2r HP14rFkDHhMWsCIU6IUNgs7tAnlwdRfgC26fgV7FFyKP/O80Y269yN832JR0F793 uED07GQ7b+cdB2aZx4zRmPPP1aEOip30cGdOJXUiDlpLMOBs0SE1yHN4WNrEUmjn f/Vmo/L5 -----END CERTIFICATE-----Generated at Wed Nov 5 16:31:02 2025 by rpki-client