$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/901F9394702B11EF9CC22083C4F9AE02.roa File: 901F9394702B11EF9CC22083C4F9AE02.roa (raw, json) Hash identifier: e+ziVppbKNq1IQJg4wasK9gwm8WffJlu40yvb3ui/j8= Subject key identifier: EE:4A:E0:8E:A2:E2:DE:7C:BB:E9:6C:3F:3B:FF:97:DD:8D:71:40:BE Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: B20C Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/901F9394702B11EF9CC22083C4F9AE02.roa Signing time: Thu 08 May 2025 15:59:38 +0000 ROA not before: Thu 08 May 2025 15:59:38 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 133724 IP address blocks: 103.44.116.0/24 maxlen: 24 103.44.117.0/24 maxlen: 24 103.44.118.0/24 maxlen: 24 103.44.119.0/24 maxlen: 24 160.19.220.0/24 maxlen: 24 160.19.221.0/24 maxlen: 24 160.19.222.0/24 maxlen: 24 160.19.223.0/24 maxlen: 24 2401:320::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 15:24:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45580 (0xb20c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 8 15:59:38 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681cd4e9-7db2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:6a:ab:23:d5:19:c7:e9:4f:5f:e8:81:99:b7: 88:e1:87:04:65:53:d5:60:89:b4:04:42:30:7e:cd: b2:7d:e5:61:27:9c:20:e0:fe:ec:cf:d4:02:ed:bd: 19:58:fb:fd:b4:f8:96:54:b5:ae:11:7c:b8:1e:36: 12:8d:cc:25:2a:b5:0f:26:d0:0f:29:5a:b4:7d:f3: 74:d4:4b:d2:0f:8e:e0:a4:15:d7:8b:7d:1a:7e:cf: 69:15:e4:62:0a:4e:39:aa:03:b1:0a:e3:e9:1c:93: 94:e1:9d:2f:72:16:dc:94:0b:1e:e8:af:c1:07:f2: 5d:31:a8:30:61:44:2a:28:ab:b0:80:65:6d:af:e6: 05:d6:26:4f:36:2d:9b:2a:1f:63:22:d8:e9:a9:6e: e0:bf:e5:16:40:70:44:1a:03:dc:58:ad:08:3e:88: 99:aa:b4:d6:98:fb:a7:ec:85:6c:79:c6:6e:86:a8: d2:f4:e7:30:0c:30:a3:dd:1e:58:ba:9f:fc:83:1d: ad:86:46:e8:58:7f:40:ae:76:72:ca:fd:0a:5b:b7: 74:d5:40:2f:0c:55:63:f8:2a:f1:58:f1:f3:e0:61: 14:fd:8b:ac:e7:d6:06:b0:c2:f3:32:71:17:9c:5d: 09:9a:6e:81:96:a4:78:3c:60:0b:54:ee:2f:49:a2: d0:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:4A:E0:8E:A2:E2:DE:7C:BB:E9:6C:3F:3B:FF:97:DD:8D:71:40:BE X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/901F9394702B11EF9CC22083C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.44.116.0/22 160.19.220.0/22 IPv6: 2401:320::/32 Signature Algorithm: sha256WithRSAEncryption 20:af:93:b8:dd:23:fd:b2:7f:7b:7e:e6:21:b3:92:4e:e1:6c: 06:8e:67:c1:7e:ce:14:ec:12:eb:98:98:d0:39:4a:8e:7a:6e: 30:fb:ec:c0:58:f2:d3:a7:9c:c0:f4:4e:41:54:85:18:ce:ba: d8:39:eb:31:af:ba:db:10:98:6c:fb:b0:d9:48:95:ae:87:3c: 7f:36:45:ee:b3:82:db:20:ea:68:2e:b6:51:34:54:c0:d3:90: bb:12:8b:48:cb:b9:57:80:07:3c:7c:78:e2:71:d1:65:64:fa: 97:9c:84:d2:6d:71:f3:53:42:df:96:23:53:ad:1a:aa:6c:9c: 98:78:f1:32:35:10:70:2b:4a:0b:6f:19:fe:0a:3d:f9:b6:f5: ef:dd:72:db:77:a1:e6:05:ea:b8:76:cc:89:4d:6e:9a:a8:68: 2b:3b:63:44:19:4c:43:78:ae:7c:d3:cf:3e:54:dd:f5:3f:ed: 9d:9e:70:f4:ef:c4:5f:37:cc:ac:a3:a4:bc:de:fb:e7:57:26: 9a:f5:fe:8d:88:b9:60:05:e4:5c:f4:ec:cf:2b:ba:f9:ae:c4: 71:29:29:56:09:d7:0d:e2:44:8b:07:d5:ad:1f:17:18:c1:5c: 55:50:01:a0:40:7d:6d:7b:14:13:7e:10:56:7e:9e:7f:81:2a: b2:91:86:21 -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgIDALIMMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDUwODE1NTkzOFoXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjgxY2Q0ZTktN2RiMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL1qqyPVGcfpT1/ogZm3iOGHBGVT1WCJtARCMH7Nsn3lYSecIOD+7M/UAu29 GVj7/bT4llS1rhF8uB42Eo3MJSq1DybQDylatH3zdNRL0g+O4KQV14t9Gn7PaRXk YgpOOaoDsQrj6RyTlOGdL3IW3JQLHuivwQfyXTGoMGFEKiirsIBlba/mBdYmTzYt myofYyLY6alu4L/lFkBwRBoD3FitCD6Imaq01pj7p+yFbHnGboao0vTnMAwwo90e WLqf/IMdrYZG6Fh/QK52csr9Clu3dNVALwxVY/gq8Vjx8+BhFP2LrOfWBrDC8zJx F5xdCZpugZakeDxgC1TuL0mi0BMCAwEAAaOCAqowggKmMB0GA1UdDgQWBBTuSuCO ouLefLvpbD87/5fdjXFAvjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzkwMUY5Mzk0 NzAyQjExRUY5Q0MyMjA4M0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDQGCCsGAQUFBwEHAQH/ BCUwIzASBAIAATAMAwQCZyx0AwQCoBPcMA0EAgACMAcDBQAkAQMgMA0GCSqGSIb3 DQEBCwUAA4IBAQAgr5O43SP9sn97fuYhs5JO4WwGjmfBfs4U7BLrmJjQOUqOem4w ++zAWPLTp5zA9E5BVIUYzrrYOesxr7rbEJhs+7DZSJWuhzx/NkXus4LbIOpoLrZR NFTA05C7EotIy7lXgAc8fHjicdFlZPqXnITSbXHzU0LfliNTrRqqbJyYePEyNRBw K0oLbxn+Cj35tvXv3XLbd6HmBeq4dsyJTW6aqGgrO2NEGUxDeK58088+VN31P+2d nnD078RfN8yso6S83vvnVyaa9f6NiLlgBeRc9OzPK7r5rsRxKSlWCdcN4kSLB9Wt HxcYwVxVUAGgQH1texQTfhBWfp5/gSqykYYh -----END CERTIFICATE-----Generated at Wed Nov 5 16:29:22 2025 by rpki-client