$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/34591BD0D17311EF8ACDDC78C4F9AE02.roa File: 34591BD0D17311EF8ACDDC78C4F9AE02.roa (raw, json) Hash identifier: +qiFCp2NiV2GzEE7Qz8jzX+jb1XXPzE/D8d/nezWcbU= Subject key identifier: C7:7F:24:D2:D7:AB:5A:F0:BD:57:50:78:84:AE:1F:E3:77:2D:46:A4 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: B316 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/34591BD0D17311EF8ACDDC78C4F9AE02.roa Signing time: Thu 08 May 2025 16:03:43 +0000 ROA not before: Thu 08 May 2025 16:03:43 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 135244 IP address blocks: 43.226.2.0/23 maxlen: 24 45.113.62.0/23 maxlen: 24 103.42.16.0/23 maxlen: 24 103.220.24.0/22 maxlen: 24 103.235.23.0/24 maxlen: 24 103.254.27.0/24 maxlen: 24 2403:73c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 15:24:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45846 (0xb316) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 8 16:03:43 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681cd5df-3986 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:69:28:63:c4:00:8b:d0:3e:18:09:9d:bd:01: 65:ce:e0:54:c2:ae:71:0d:46:e3:1c:c7:5d:5c:ee: 34:5c:46:9b:48:82:d4:61:97:d3:18:4c:f0:2f:02: b7:a8:3b:01:70:d5:9f:0b:be:60:4c:84:11:3d:10: 49:54:cd:29:79:ac:8f:cc:20:cc:89:bf:aa:cd:db: f9:e6:a4:db:44:f7:19:87:64:ec:d8:ac:7f:9e:f5: 80:f4:a0:7a:d6:76:1f:96:08:b1:22:71:6f:33:4f: f1:5c:62:a2:72:88:88:c6:a2:f4:af:88:0d:c9:bb: f2:3f:0c:ee:b0:50:39:de:3b:ed:76:6a:0f:53:d2: 8e:34:87:a2:45:4d:7b:dd:96:95:80:59:5a:e9:83: fb:25:bf:59:b2:cb:8d:8d:f6:5d:36:e7:88:7e:e0: 79:51:df:01:20:bf:b0:ef:ba:2c:57:e8:89:56:9c: 60:07:c8:d7:97:8a:3a:48:2e:53:2a:ef:a0:a4:9b: 8b:76:b8:92:6e:49:ca:32:98:de:97:66:70:67:1a: 8b:08:dd:38:f2:22:f9:fa:c2:14:e3:8f:56:f2:ca: 7a:5b:77:35:5a:b9:7c:04:0a:12:76:18:2b:5b:8e: 0d:f6:39:21:f0:3c:e5:e4:88:40:f7:f8:03:70:42: 58:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:7F:24:D2:D7:AB:5A:F0:BD:57:50:78:84:AE:1F:E3:77:2D:46:A4 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/34591BD0D17311EF8ACDDC78C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.226.2.0/23 45.113.62.0/23 103.42.16.0/23 103.220.24.0/22 103.235.23.0/24 103.254.27.0/24 IPv6: 2403:73c0::/32 Signature Algorithm: sha256WithRSAEncryption 17:92:b1:74:28:b9:08:1d:04:1e:00:fa:30:69:31:95:fe:00: 8c:d5:57:3e:c2:1a:48:4a:28:e5:7c:7d:de:16:b6:88:6e:21: 29:cb:50:8e:60:b4:b9:7d:70:32:ac:5f:66:40:21:27:74:2f: c9:99:bb:27:8b:03:ed:29:84:e7:a1:ac:51:22:fe:d6:2c:b6: ea:aa:9d:27:7b:30:c8:81:87:56:78:b0:5e:fa:8c:63:1d:1b: 8a:3d:9d:fa:45:4d:2d:bd:2c:a2:69:19:9c:b9:18:8f:bb:7a: 66:47:e2:b4:95:a4:d1:58:4a:11:7d:8e:ab:bc:76:67:cb:55: 0d:41:a9:59:e0:86:68:bd:67:16:9e:89:75:97:0d:28:2f:0b: 85:87:11:a3:a9:74:a9:8e:cc:5c:09:c2:7c:0d:48:4c:a3:df: 1c:ef:9f:c1:b4:2e:82:78:0a:e6:8e:a1:f8:fd:66:d7:8f:68: b6:fd:cb:5c:0e:d8:60:f1:39:b9:1d:bc:5b:46:d9:10:17:98: f9:64:20:65:3a:54:2d:31:40:bb:ca:e4:d7:5c:e6:52:36:4c: 5e:1d:14:6d:e5:d0:26:1b:bb:74:58:a9:d2:95:d1:e0:10:09: 64:93:cb:cf:39:c0:3e:d6:fb:0d:bf:bb:77:c8:6c:1b:21:45: 7a:e2:18:e5 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIDALMWMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDUwODE2MDM0M1oXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjgxY2Q1ZGYtMzk4NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMFpKGPEAIvQPhgJnb0BZc7gVMKucQ1G4xzHXVzuNFxGm0iC1GGX0xhM8C8C t6g7AXDVnwu+YEyEET0QSVTNKXmsj8wgzIm/qs3b+eak20T3GYdk7Nisf571gPSg etZ2H5YIsSJxbzNP8VxionKIiMai9K+IDcm78j8M7rBQOd477XZqD1PSjjSHokVN e92WlYBZWumD+yW/WbLLjY32XTbniH7geVHfASC/sO+6LFfoiVacYAfI15eKOkgu UyrvoKSbi3a4km5JyjKY3pdmcGcaiwjdOPIi+frCFOOPVvLKelt3NVq5fAQKEnYY K1uODfY5IfA85eSIQPf4A3BCWEUCAwEAAaOCAsIwggK+MB0GA1UdDgQWBBTHfyTS 16ta8L1XUHiErh/jdy1GpDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzM0NTkxQkQw RDE3MzExRUY4QUNEREM3OEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMEwGCCsGAQUFBwEHAQH/ BD0wOzAqBAIAATAkAwQBK+ICAwQBLXE+AwQBZyoQAwQCZ9wYAwQAZ+sXAwQAZ/4b MA0EAgACMAcDBQAkA3PAMA0GCSqGSIb3DQEBCwUAA4IBAQAXkrF0KLkIHQQeAPow aTGV/gCM1Vc+whpISijlfH3eFraIbiEpy1COYLS5fXAyrF9mQCEndC/JmbsniwPt KYTnoaxRIv7WLLbqqp0nezDIgYdWeLBe+oxjHRuKPZ36RU0tvSyiaRmcuRiPu3pm R+K0laTRWEoRfY6rvHZny1UNQalZ4IZovWcWnol1lw0oLwuFhxGjqXSpjsxcCcJ8 DUhMo98c75/BtC6CeArmjqH4/WbXj2i2/ctcDthg8Tm5HbxbRtkQF5j5ZCBlOlQt MUC7yuTXXOZSNkxeHRRt5dAmG7t0WKnSldHgEAlkk8vPOcA+1vsNv7t3yGwbIUV6 4hjl -----END CERTIFICATE-----Generated at Wed Nov 5 16:28:26 2025 by rpki-client