$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/823B80562B3011F09C4BFC19C4F9AE02.roa File: 823B80562B3011F09C4BFC19C4F9AE02.roa (raw, json) Hash identifier: Mu7IkaUqwNjxUMFswQZRsdx7tzejdqnlt4CDdP+1lE8= Subject key identifier: 4A:AF:B5:51:80:D1:84:0E:49:C3:2A:48:CB:55:3E:3C:8D:59:21:3B Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: C0A9 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/823B80562B3011F09C4BFC19C4F9AE02.roa Signing time: Mon 21 Jul 2025 12:29:01 +0000 ROA not before: Mon 21 Jul 2025 12:29:01 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 140115 IP address blocks: 103.143.108.0/24 maxlen: 24 103.154.35.0/24 maxlen: 24 103.171.128.0/23 maxlen: 24 2001:df2:8fc0::/48 maxlen: 52 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 15:24:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49321 (0xc0a9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Jul 21 12:29:01 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=687e328d-ccd2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:37:9a:22:f2:c6:00:c4:e1:cb:21:d6:6b:2c: 61:82:53:d2:55:4f:83:36:2e:4e:c6:25:1d:fd:a3: 34:63:7c:aa:cc:d0:be:9b:70:51:b0:8c:b4:b0:6c: 32:f8:cd:8a:e4:91:9a:2a:9a:a3:12:fd:d0:d4:33: 75:0d:53:73:b0:8a:bd:95:db:f7:74:c6:53:c0:86: 1b:d6:f6:88:c4:fa:38:99:ae:f2:04:ef:9d:11:fd: 36:10:0f:1c:f8:45:3c:49:8a:77:bb:e1:f9:24:2e: 36:cd:13:16:c2:8b:5c:5b:9f:50:a2:5b:26:48:4e: 8e:9e:ce:02:ba:2f:33:ac:c1:7d:57:3c:e9:5d:30: 7e:a0:4d:18:8c:6a:84:73:8e:04:4e:99:9d:89:91: c4:7f:7a:1e:99:a1:07:46:c8:c6:b8:34:ab:6c:83: 40:d2:af:e6:3f:f1:64:75:91:ea:3b:94:d6:48:b3: 3e:d6:ed:e3:cd:8e:5e:82:94:37:b8:b8:fb:ca:95: ab:8a:f1:b4:ca:1a:a0:13:26:54:60:28:b1:ab:47: ba:57:5c:6d:c5:4b:b7:2a:d8:51:93:0e:35:d9:73: 57:92:d7:a2:2c:51:4c:9d:52:ae:db:cf:b6:48:6d: 05:ae:24:88:b0:bc:c9:a2:02:ba:86:57:ad:a5:73: 61:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:AF:B5:51:80:D1:84:0E:49:C3:2A:48:CB:55:3E:3C:8D:59:21:3B X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/823B80562B3011F09C4BFC19C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.143.108.0/24 103.154.35.0/24 103.171.128.0/23 IPv6: 2001:df2:8fc0::/48 Signature Algorithm: sha256WithRSAEncryption 2b:c8:91:53:3e:68:49:ae:e4:e8:ac:55:d4:77:a7:b6:2f:64: 5d:cc:3a:70:cd:c6:24:ed:c5:6e:48:88:ae:ea:69:89:62:6b: 96:51:a5:f4:b7:5a:2b:65:d6:ce:5c:6d:0b:64:a0:ea:11:df: 0d:53:3f:05:b6:c4:a5:8b:12:b6:f7:cc:2c:ce:ae:0e:6a:55: 54:69:00:32:5e:b7:ff:5a:25:f7:20:2b:1a:33:d0:f4:06:99: d5:73:91:96:c2:5e:c4:15:74:0e:5f:ce:0e:67:cd:e0:59:27: 7d:ce:73:be:26:46:5f:0b:ee:af:5e:d1:66:0b:12:8e:74:29: fd:dc:34:40:4a:85:df:bc:b8:91:bb:e2:d4:a2:85:43:1e:bc: 2b:4c:86:e8:64:82:a8:e5:81:5e:c4:03:c7:b1:0c:40:5c:e7: c3:07:1e:0e:e5:31:5b:d2:f2:94:04:17:a9:9e:7c:b8:97:2a: 64:13:62:15:1e:92:43:9f:90:b1:4f:3f:fb:c5:21:24:e5:7b: 21:44:2b:69:8f:6d:71:a1:09:00:1d:ad:9b:76:cb:0e:0d:23: 0a:0e:39:71:4a:ec:62:69:83:e7:ae:48:27:3b:96:a2:bb:38: 40:7b:af:ef:0f:1c:36:95:26:d9:8d:70:c8:e1:d6:56:77:26: a8:06:05:d2 -----BEGIN CERTIFICATE----- MIIFjzCCBHegAwIBAgIDAMCpMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDcyMTEyMjkwMVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjg3ZTMyOGQtY2NkMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALY3miLyxgDE4csh1mssYYJT0lVPgzYuTsYlHf2jNGN8qszQvptwUbCMtLBs MvjNiuSRmiqaoxL90NQzdQ1Tc7CKvZXb93TGU8CGG9b2iMT6OJmu8gTvnRH9NhAP HPhFPEmKd7vh+SQuNs0TFsKLXFufUKJbJkhOjp7OArovM6zBfVc86V0wfqBNGIxq hHOOBE6ZnYmRxH96HpmhB0bIxrg0q2yDQNKv5j/xZHWR6juU1kizPtbt482OXoKU N7i4+8qVq4rxtMoaoBMmVGAosatHuldcbcVLtyrYUZMONdlzV5LXoixRTJ1SrtvP tkhtBa4kiLC8yaICuoZXraVzYZkCAwEAAaOCArIwggKuMB0GA1UdDgQWBBRKr7VR gNGEDknDKkjLVT48jVkhOzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzgyM0I4MDU2 MkIzMDExRjA5QzRCRkMxOUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDwGCCsGAQUFBwEHAQH/ BC0wKzAYBAIAATASAwQAZ49sAwQAZ5ojAwQBZ6uAMA8EAgACMAkDBwAgAQ3yj8Aw DQYJKoZIhvcNAQELBQADggEBACvIkVM+aEmu5OisVdR3p7YvZF3MOnDNxiTtxW5I iK7qaYlia5ZRpfS3Witl1s5cbQtkoOoR3w1TPwW2xKWLErb3zCzOrg5qVVRpADJe t/9aJfcgKxoz0PQGmdVzkZbCXsQVdA5fzg5nzeBZJ33Oc74mRl8L7q9e0WYLEo50 Kf3cNEBKhd+8uJG74tSihUMevCtMhuhkgqjlgV7EA8exDEBc58MHHg7lMVvS8pQE F6mefLiXKmQTYhUekkOfkLFPP/vFISTleyFEK2mPbXGhCQAdrZt2yw4NIwoOOXFK 7GJpg+euSCc7lqK7OEB7r+8PHDaVJtmNcMjh1lZ3JqgGBdI= -----END CERTIFICATE-----Generated at Wed Nov 5 19:24:06 2025 by rpki-client