$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7412D892977011EB891B1662C4F9AE02.roa File: 7412D892977011EB891B1662C4F9AE02.roa (raw, json) Hash identifier: lBPGFhDvx1cWTRO8gofEumtrrQh0YfzlPfsQVy4Z+1Q= Subject key identifier: EC:E8:43:97:CB:D9:CF:84:80:C6:49:EB:6D:C4:97:0B:E0:F7:2C:F2 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: C666 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7412D892977011EB891B1662C4F9AE02.roa Signing time: Wed 22 Oct 2025 12:21:16 +0000 ROA not before: Wed 22 Oct 2025 12:21:15 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 141804 IP address blocks: 103.159.162.0/24 maxlen: 24 103.163.158.0/24 maxlen: 24 103.165.168.0/23 maxlen: 24 103.171.4.0/23 maxlen: 24 103.182.10.0/23 maxlen: 24 2001:df7:2f80::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 15:24:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50790 (0xc666) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Oct 22 12:21:15 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=68f8cc3b-3131 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:14:e9:86:49:b4:86:c7:8b:ee:3b:0b:6f:49: a5:00:78:95:7c:2e:9d:96:e8:3e:20:8b:dd:6c:9c: 7f:c2:d3:d8:4d:e6:d8:28:d5:59:f2:ec:2c:80:60: a5:78:b5:29:1b:f5:70:fb:e8:8c:e2:df:31:40:7f: 61:d0:af:64:fe:15:a6:ed:c2:ae:60:0b:26:83:40: a7:14:9b:4e:73:83:11:be:bb:29:dc:1e:0b:c9:33: 28:c1:e9:1e:43:a8:33:48:d2:4e:21:d3:25:51:a1: b5:7e:40:0b:2d:db:81:bb:ad:d8:7b:be:5e:0e:a3: 6e:dd:a4:4d:b8:ec:ea:4f:44:16:0d:38:1b:c5:4d: 95:64:76:27:61:87:f0:44:9a:f1:7f:90:c0:86:14: c2:f9:b6:d1:5e:46:d4:24:14:9c:f7:56:d3:6b:4a: ce:fc:0b:81:ea:0e:40:b8:db:15:1f:28:ba:84:33: a1:87:b2:cf:4b:06:e3:c6:5c:ab:fd:62:9d:d5:6e: ca:f6:9c:36:7c:29:6c:8b:ae:50:4c:00:4c:b5:d8: 63:e6:f5:ea:56:f4:4d:72:81:77:3e:d1:15:f1:51: 2b:80:c9:5b:45:da:98:2a:42:a8:a7:fb:99:56:16: 95:b1:2a:b7:46:3e:82:25:e5:26:e5:89:4a:61:65: cd:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:E8:43:97:CB:D9:CF:84:80:C6:49:EB:6D:C4:97:0B:E0:F7:2C:F2 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7412D892977011EB891B1662C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.159.162.0/24 103.163.158.0/24 103.165.168.0/23 103.171.4.0/23 103.182.10.0/23 IPv6: 2001:df7:2f80::/48 Signature Algorithm: sha256WithRSAEncryption 82:db:68:bb:c5:92:f9:32:77:de:21:92:ae:eb:b6:fb:6b:2d: b5:d2:55:2c:b0:70:bf:79:be:cf:98:6c:15:87:c9:bd:f9:cc: 22:ea:f0:49:14:2e:99:de:b0:be:73:ad:06:65:d2:22:31:1c: 91:a8:5e:95:aa:2f:17:38:bb:9a:67:84:7d:61:81:9a:0d:c9: 29:47:ef:85:7d:7b:c0:d4:05:73:9e:90:7e:43:c9:2b:e9:74: 4a:0d:48:14:ae:e2:78:c6:b9:28:22:6c:c7:36:36:b9:20:3a: 49:fd:33:6f:cb:b9:e0:2f:33:e1:69:8e:73:ba:64:69:58:af: 32:80:fb:17:36:1d:08:70:c5:68:c6:06:27:b4:63:38:a2:08: a8:a8:1f:88:9d:f5:e4:60:6a:ab:48:28:05:a0:c0:45:9c:ed: 20:4f:ac:10:fa:ac:a5:b3:cb:9a:d8:e9:c1:c3:eb:43:a8:94: bf:42:57:f4:80:a7:e0:0a:15:92:af:13:f6:05:33:ae:33:61: c9:a9:a1:a1:15:aa:35:e3:45:f2:ed:a1:c5:81:92:c6:fc:3e: 65:05:f4:ea:cf:58:92:c0:4c:5c:59:56:98:86:6b:14:7f:ff: 7a:10:e2:cd:f2:85:a4:59:7f:73:1e:73:41:b1:c0:d6:61:83: e0:a8:cb:cb -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIDAMZmMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MTAyMjEyMjExNVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjhmOGNjM2ItMzEzMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANQU6YZJtIbHi+47C29JpQB4lXwunZboPiCL3Wycf8LT2E3m2CjVWfLsLIBg pXi1KRv1cPvojOLfMUB/YdCvZP4Vpu3CrmALJoNApxSbTnODEb67KdweC8kzKMHp HkOoM0jSTiHTJVGhtX5ACy3bgbut2Hu+Xg6jbt2kTbjs6k9EFg04G8VNlWR2J2GH 8ESa8X+QwIYUwvm20V5G1CQUnPdW02tKzvwLgeoOQLjbFR8ouoQzoYeyz0sG48Zc q/1indVuyvacNnwpbIuuUEwATLXYY+b16lb0TXKBdz7RFfFRK4DJW0XamCpCqKf7 mVYWlbEqt0Y+giXlJuWJSmFlzW0CAwEAAaOCAr4wggK6MB0GA1UdDgQWBBTs6EOX y9nPhIDGSettxJcL4Pcs8jAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzc0MTJEODky OTc3MDExRUI4OTFCMTY2MkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMEgGCCsGAQUFBwEHAQH/ BDkwNzAkBAIAATAeAwQAZ5+iAwQAZ6OeAwQBZ6WoAwQBZ6sEAwQBZ7YKMA8EAgAC MAkDBwAgAQ33L4AwDQYJKoZIhvcNAQELBQADggEBAILbaLvFkvkyd94hkq7rtvtr LbXSVSywcL95vs+YbBWHyb35zCLq8EkULpnesL5zrQZl0iIxHJGoXpWqLxc4u5pn hH1hgZoNySlH74V9e8DUBXOekH5DySvpdEoNSBSu4njGuSgibMc2NrkgOkn9M2/L ueAvM+FpjnO6ZGlYrzKA+xc2HQhwxWjGBie0YziiCKioH4id9eRgaqtIKAWgwEWc 7SBPrBD6rKWzy5rY6cHD60OolL9CV/SAp+AKFZKvE/YFM64zYcmpoaEVqjXjRfLt ocWBksb8PmUF9OrPWJLATFxZVpiGaxR//3oQ4s3yhaRZf3Mec0GxwNZhg+Coy8s= -----END CERTIFICATE-----Generated at Wed Nov 5 16:28:26 2025 by rpki-client