$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/900E0ED889C111ECA9865C1DC4F9AE02.roa File: 900E0ED889C111ECA9865C1DC4F9AE02.roa (raw, json) Hash identifier: U//QUemK34fw6iVZ39WZcYsIQ8jA5FUmgQ9/YJl/f38= Subject key identifier: EC:20:36:22:CF:69:9C:34:97:03:76:77:57:43:77:3A:CD:25:B7:B5 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: B4FA Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/900E0ED889C111ECA9865C1DC4F9AE02.roa Signing time: Thu 08 May 2025 16:11:13 +0000 ROA not before: Thu 08 May 2025 16:11:13 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 138257 IP address blocks: 45.250.216.0/24 maxlen: 24 45.250.217.0/24 maxlen: 24 45.250.218.0/24 maxlen: 24 45.250.219.0/24 maxlen: 24 103.69.4.0/22 maxlen: 24 103.154.246.0/23 maxlen: 24 157.119.88.0/22 maxlen: 22 157.119.88.0/24 maxlen: 24 157.119.89.0/24 maxlen: 24 157.119.90.0/24 maxlen: 24 157.119.91.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 15:24:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46330 (0xb4fa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 8 16:11:13 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681cd7a1-c201 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:bc:45:cf:ce:39:16:5c:7b:e5:38:ae:bd:12: 87:d4:f6:cc:c4:45:9c:02:cd:18:51:88:52:4e:84: f0:f2:5a:f4:f4:fb:4c:71:3a:2a:bd:57:d5:5d:85: 7b:00:a3:08:02:03:85:cd:df:73:2f:ff:87:7c:a8: 7d:e0:33:29:dc:76:49:a3:e3:d2:d3:23:dc:11:7b: d1:d0:c3:6a:1b:6f:b0:c2:1a:8d:e0:55:53:81:0b: 7a:3e:36:1d:85:a9:01:e1:ef:df:b2:89:a0:0e:97: 27:d2:4d:8a:93:12:55:86:2c:8a:a9:af:b6:28:de: 5e:b2:73:ef:a5:8b:4e:9c:11:9b:5f:0f:b6:bd:e5: 27:10:20:53:15:f7:64:a0:6d:7f:91:b5:b3:c2:13: 84:b7:0d:bc:07:12:b9:b4:c5:f6:ea:94:4d:87:4d: 22:9f:cf:0b:2b:65:b1:a7:d4:4d:29:51:5e:90:f6: 94:17:ba:68:28:27:8d:cd:9d:11:da:24:f8:93:61: 5a:e2:17:55:2c:3f:a0:1d:c8:09:c9:28:4a:89:91: 14:c9:ea:eb:7b:d3:ac:62:7b:f9:a3:bc:44:4a:27: b7:2a:cf:97:e6:11:2f:15:a1:51:c6:35:66:30:cc: 0e:07:e9:09:f3:a2:c7:eb:6e:e8:22:23:19:79:34: dd:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:20:36:22:CF:69:9C:34:97:03:76:77:57:43:77:3A:CD:25:B7:B5 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/900E0ED889C111ECA9865C1DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.250.216.0/22 103.69.4.0/22 103.154.246.0/23 157.119.88.0/22 Signature Algorithm: sha256WithRSAEncryption 5f:99:56:ad:e0:35:77:18:3c:b8:27:ce:47:c1:1b:9f:38:1c: f2:fd:48:c6:ef:2c:89:bf:4a:5c:67:50:89:f1:ee:96:8c:0c: 90:8e:ad:ea:7c:8f:6f:17:f6:df:86:1d:40:bf:6b:2c:3c:c5: d5:32:05:8b:f4:7a:eb:87:f4:e5:46:50:c7:45:89:9f:0f:e5: c3:2b:ae:c8:df:8a:4c:23:d3:db:0f:b3:d2:39:14:20:0e:90: 85:a0:cc:6d:8c:e2:7d:78:43:f3:72:4a:d9:8f:87:7e:d9:09: 2a:52:d4:be:1f:c0:bd:1c:c8:ca:77:32:8c:95:3c:01:31:99: f3:39:7d:be:32:7d:51:a8:ac:c6:15:c5:b1:78:95:09:95:83: 4c:c9:b5:7c:4c:d4:37:e6:d2:84:30:6b:04:17:10:18:cc:6b: a1:c8:53:5c:3e:6b:63:00:8d:6d:a7:57:70:14:c3:a0:c8:32: 5c:0c:2c:c1:e8:43:16:aa:c9:c6:29:8c:64:fc:5a:ce:05:92: 85:59:a3:6f:0c:f4:65:52:c5:4a:28:f7:49:a8:c0:6d:12:51: 85:40:88:e4:87:32:74:6c:62:87:10:78:c7:a9:4c:9a:b7:df: 09:57:71:de:08:0d:3f:26:95:ad:0f:41:35:b6:02:da:9a:74: 41:ef:cf:6f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgIDALT6MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDUwODE2MTExM1oXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjgxY2Q3YTEtYzIwMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMy8Rc/OORZce+U4rr0Sh9T2zMRFnALNGFGIUk6E8PJa9PT7THE6Kr1X1V2F ewCjCAIDhc3fcy//h3yofeAzKdx2SaPj0tMj3BF70dDDahtvsMIajeBVU4ELej42 HYWpAeHv37KJoA6XJ9JNipMSVYYsiqmvtijeXrJz76WLTpwRm18Ptr3lJxAgUxX3 ZKBtf5G1s8IThLcNvAcSubTF9uqUTYdNIp/PCytlsafUTSlRXpD2lBe6aCgnjc2d Edok+JNhWuIXVSw/oB3ICckoSomRFMnq63vTrGJ7+aO8REontyrPl+YRLxWhUcY1 ZjDMDgfpCfOix+tu6CIjGXk03RcCAwEAAaOCAqcwggKjMB0GA1UdDgQWBBTsIDYi z2mcNJcDdndXQ3c6zSW3tTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzkwMEUwRUQ4 ODlDMTExRUNBOTg2NUMxREM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDEGCCsGAQUFBwEHAQH/ BCIwIDAeBAIAATAYAwQCLfrYAwQCZ0UEAwQBZ5r2AwQCnXdYMA0GCSqGSIb3DQEB CwUAA4IBAQBfmVat4DV3GDy4J85HwRufOBzy/UjG7yyJv0pcZ1CJ8e6WjAyQjq3q fI9vF/bfhh1Av2ssPMXVMgWL9Hrrh/TlRlDHRYmfD+XDK67I34pMI9PbD7PSORQg DpCFoMxtjOJ9eEPzckrZj4d+2QkqUtS+H8C9HMjKdzKMlTwBMZnzOX2+Mn1RqKzG FcWxeJUJlYNMybV8TNQ35tKEMGsEFxAYzGuhyFNcPmtjAI1tp1dwFMOgyDJcDCzB 6EMWqsnGKYxk/FrOBZKFWaNvDPRlUsVKKPdJqMBtElGFQIjkhzJ0bGKHEHjHqUya t98JV3HeCA0/JpWtD0E1tgLamnRB789v -----END CERTIFICATE-----Generated at Wed Nov 5 16:28:27 2025 by rpki-client