$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/84DF828EF81411EF8300740EC4F9AE02.roa File: 84DF828EF81411EF8300740EC4F9AE02.roa (raw, json) Hash identifier: nZ7EYDTlpjjUMHiMTMBX8wiHDohfS1v1F9l4GEGZHAw= Subject key identifier: E6:C3:C9:92:AE:61:DB:1F:74:32:35:B3:58:FD:D0:26:CB:6D:31:B2 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: B922 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/84DF828EF81411EF8300740EC4F9AE02.roa Signing time: Thu 08 May 2025 16:27:17 +0000 ROA not before: Thu 08 May 2025 16:27:17 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 151685 IP address blocks: 103.72.140.0/22 maxlen: 24 103.91.100.0/22 maxlen: 24 103.141.218.0/23 maxlen: 24 103.155.240.0/23 maxlen: 24 103.209.154.0/23 maxlen: 24 2001:df4:9780::/48 maxlen: 48 2400:a3e0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 15:24:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47394 (0xb922) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 8 16:27:17 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681cdb65-8e71 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:a3:19:4d:ef:03:f6:7b:0f:7d:f1:24:b2:99: 4d:ec:fc:36:d9:cd:ac:93:e5:79:a5:04:e6:4c:ca: ce:8b:8c:6f:c4:10:60:2b:c9:fa:3d:da:a4:3e:7c: 0d:be:63:fe:df:95:3c:fd:98:0c:64:e2:95:fa:7f: c2:15:02:70:0a:55:3f:70:3c:bb:fb:6e:39:f7:b4: 40:a2:02:2c:54:33:b0:2e:c2:d7:1b:69:51:80:f5: cb:3f:78:b2:e5:22:ed:68:d6:15:97:35:97:e0:79: b0:e7:6a:b4:00:3a:4b:05:28:72:14:0c:03:59:40: e1:ca:43:76:fa:8a:7b:e8:d8:24:2d:cb:47:0f:1a: eb:59:4d:2f:4d:3f:a5:93:72:53:cc:21:78:bb:24: 9c:8f:ca:b1:ee:45:c9:e6:b0:2d:cb:a8:04:66:51: e2:89:ae:b4:87:f2:d3:81:83:19:f3:7d:9e:b7:29: 66:f6:6d:56:ff:0e:a8:2d:67:48:35:ec:89:e5:26: e6:5a:75:2a:d4:b1:62:24:04:89:f5:e4:56:f4:22: ee:25:e3:88:f7:03:6b:df:3b:ca:51:e0:08:94:81: 47:bd:78:7d:8f:fa:1d:55:1a:39:12:70:a4:24:12: 7d:3a:fb:73:e7:13:3d:48:c0:3f:65:78:7a:c3:38: db:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:C3:C9:92:AE:61:DB:1F:74:32:35:B3:58:FD:D0:26:CB:6D:31:B2 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/84DF828EF81411EF8300740EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.72.140.0/22 103.91.100.0/22 103.141.218.0/23 103.155.240.0/23 103.209.154.0/23 IPv6: 2001:df4:9780::/48 2400:a3e0::/32 Signature Algorithm: sha256WithRSAEncryption aa:7c:ca:a8:2e:64:e1:be:af:e7:9d:61:1e:d8:5a:d6:24:96: ae:a3:56:13:6f:a1:84:23:4b:77:e8:29:3c:73:d0:58:2d:00: 9a:92:a1:1a:cd:7a:13:d8:90:e7:c5:ed:77:2d:e3:1a:a1:61: 99:14:6a:22:d4:b3:73:52:f5:60:e9:d0:4b:c9:70:62:d8:7d: 86:18:d0:d4:44:6c:87:51:e3:10:00:5d:b7:c2:f5:00:92:cf: 77:61:8b:e8:b6:c4:a4:78:5c:64:a6:0f:e9:19:10:c6:26:09: c7:ae:22:fd:00:67:cd:ac:ff:20:29:e0:20:ff:b7:42:15:0d: 87:04:36:91:6a:04:cd:3f:1d:8f:7a:90:27:50:b1:4b:86:b5: d5:63:32:3f:62:ec:08:f9:2b:31:5a:aa:60:b8:c0:91:ec:4c: 62:53:ce:10:3f:aa:1e:7e:c2:4e:bb:85:2a:13:6a:9c:85:d7: 3b:dc:4c:b8:6a:ce:da:c0:0d:0c:f7:32:94:03:4a:26:95:e7: fe:8a:65:cf:88:f4:42:15:91:c8:10:f2:9d:1b:f0:dd:95:19: f1:e3:a9:a5:c4:54:1d:26:0f:9c:06:b4:1a:e2:2d:51:5c:88: a4:62:f2:84:00:53:02:1e:9c:ef:a5:bc:9c:a7:76:5f:ce:07: c0:b3:41:2c -----BEGIN CERTIFICATE----- MIIFojCCBIqgAwIBAgIDALkiMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDUwODE2MjcxN1oXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjgxY2RiNjUtOGU3MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALajGU3vA/Z7D33xJLKZTez8NtnNrJPleaUE5kzKzouMb8QQYCvJ+j3apD58 Db5j/t+VPP2YDGTilfp/whUCcApVP3A8u/tuOfe0QKICLFQzsC7C1xtpUYD1yz94 suUi7WjWFZc1l+B5sOdqtAA6SwUochQMA1lA4cpDdvqKe+jYJC3LRw8a61lNL00/ pZNyU8wheLsknI/Kse5FyeawLcuoBGZR4omutIfy04GDGfN9nrcpZvZtVv8OqC1n SDXsieUm5lp1KtSxYiQEifXkVvQi7iXjiPcDa987ylHgCJSBR714fY/6HVUaORJw pCQSfTr7c+cTPUjAP2V4esM420UCAwEAAaOCAsUwggLBMB0GA1UdDgQWBBTmw8mS rmHbH3QyNbNY/dAmy20xsjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzg0REY4MjhF RjgxNDExRUY4MzAwNzQwRUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sME8GCCsGAQUFBwEHAQH/ BEAwPjAkBAIAATAeAwQCZ0iMAwQCZ1tkAwQBZ43aAwQBZ5vwAwQBZ9GaMBYEAgAC MBADBwAgAQ30l4ADBQAkAKPgMA0GCSqGSIb3DQEBCwUAA4IBAQCqfMqoLmThvq/n nWEe2FrWJJauo1YTb6GEI0t36Ck8c9BYLQCakqEazXoT2JDnxe13LeMaoWGZFGoi 1LNzUvVg6dBLyXBi2H2GGNDURGyHUeMQAF23wvUAks93YYvotsSkeFxkpg/pGRDG JgnHriL9AGfNrP8gKeAg/7dCFQ2HBDaRagTNPx2PepAnULFLhrXVYzI/YuwI+Ssx WqpguMCR7ExiU84QP6oefsJOu4UqE2qchdc73Ey4as7awA0M9zKUA0omlef+imXP iPRCFZHIEPKdG/DdlRnx46mlxFQdJg+cBrQa4i1RXIikYvKEAFMCHpzvpbycp3Zf zgfAs0Es -----END CERTIFICATE-----Generated at Wed Nov 5 16:30:53 2025 by rpki-client