$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/90C2DB768BA511EB92F5EF28C4F9AE02.roa File: 90C2DB768BA511EB92F5EF28C4F9AE02.roa (raw, json) Hash identifier: 1gUP/8dmxZH7eJgN0tF0KGjNM1zYUzV/d5stMladZFU= Subject key identifier: C8:7F:C8:1B:DF:41:CD:76:C8:1A:B2:2F:97:10:8B:53:F1:6B:17:7B Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: B355 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/90C2DB768BA511EB92F5EF28C4F9AE02.roa Signing time: Thu 08 May 2025 16:04:43 +0000 ROA not before: Thu 08 May 2025 16:04:43 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 135746 IP address blocks: 103.60.196.0/23 maxlen: 24 103.76.136.0/22 maxlen: 24 103.163.108.0/23 maxlen: 24 103.172.252.0/23 maxlen: 24 103.177.178.0/23 maxlen: 24 103.220.158.0/23 maxlen: 24 114.142.164.0/22 maxlen: 24 2001:df7:8080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 15:24:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45909 (0xb355) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 8 16:04:43 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681cd61b-a206 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:cf:ea:72:06:02:a9:55:15:c1:18:b0:4a:6f: 71:ac:68:ed:14:fb:7b:a0:b7:90:7c:69:d4:27:ff: 33:91:f6:58:3b:bf:80:a8:53:d6:76:67:a2:d8:30: 7d:44:b8:0e:82:9a:6d:88:33:09:2d:2c:3c:62:f2: 6a:4e:1e:62:25:04:c8:63:f8:fe:a7:5f:29:8a:11: 37:77:e3:55:fe:e0:aa:0a:0f:d4:6f:c0:0b:7b:27: bc:93:b0:a2:b0:3d:28:c1:7c:50:17:3c:db:12:c2: 47:cc:1a:ba:99:4d:bf:ea:70:6d:6d:76:ce:04:39: 04:27:20:fe:a1:9c:e5:e8:ca:b0:3e:6d:b2:22:fe: ed:b7:d5:7e:3b:ee:85:ca:3a:6d:27:1a:58:c9:57: ac:95:08:58:1e:53:00:9a:84:d4:04:05:b9:79:85: e8:3c:a7:8b:ca:20:67:20:94:de:db:1f:f9:7f:58: 25:9f:23:cd:36:19:c5:49:44:46:d7:44:46:73:9c: 35:ec:36:8e:e8:20:d9:d6:cf:1e:60:42:2d:20:b1: ed:e2:9a:a3:21:51:25:35:38:ee:8e:52:f7:36:ff: 6e:c5:27:76:14:95:02:17:41:d4:1f:33:d8:8c:49: 26:c9:1d:4c:5b:d4:ff:43:8f:b8:8e:da:b7:56:66: 5f:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:7F:C8:1B:DF:41:CD:76:C8:1A:B2:2F:97:10:8B:53:F1:6B:17:7B X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/90C2DB768BA511EB92F5EF28C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.60.196.0/23 103.76.136.0/22 103.163.108.0/23 103.172.252.0/23 103.177.178.0/23 103.220.158.0/23 114.142.164.0/22 IPv6: 2001:df7:8080::/48 Signature Algorithm: sha256WithRSAEncryption 5d:c9:87:9f:3c:c6:af:e4:49:93:29:b7:a4:a4:41:99:3d:dd: c8:5e:ce:5b:05:6a:ef:ae:4a:bb:9f:81:8a:d4:81:56:d8:1a: 72:53:b6:de:1c:c9:70:9a:d6:d0:e4:4e:1c:2b:cc:88:bf:a6: 0f:d4:b3:04:42:19:95:fd:d5:63:92:72:8b:a3:05:c3:4d:0f: aa:db:8c:47:f0:6d:67:db:57:d5:13:f0:4a:d7:e4:c0:17:d0: 3b:1e:36:98:5b:a1:30:bc:ff:af:21:93:49:0f:d4:06:fb:1d: d7:0d:44:b3:b8:1a:c1:f3:fa:ee:2f:5a:1c:66:11:b9:5f:2b: 24:43:8d:ae:ea:03:c4:fe:d5:91:d5:b6:1d:90:fb:6b:b3:cf: ee:f6:5d:d5:b7:28:ef:af:40:a9:90:8d:58:86:5c:67:81:05: 1c:d0:b1:38:dd:71:9d:98:2e:fc:77:e3:27:35:ee:f3:18:8a: 21:a7:23:ad:99:4c:06:08:74:35:64:cc:5e:9e:61:d4:09:7f: 8c:de:db:5c:dc:25:90:58:eb:38:37:3d:93:be:ab:2a:65:fc: d4:3b:b9:0e:78:f4:d2:33:9d:a2:0a:06:fb:74:a2:70:48:b0: 23:70:86:dd:3e:66:10:50:3c:5f:5d:bf:e8:f0:40:27:7d:8d: 94:85:b2:3c -----BEGIN CERTIFICATE----- MIIFpzCCBI+gAwIBAgIDALNVMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDUwODE2MDQ0M1oXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjgxY2Q2MWItYTIwNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMPP6nIGAqlVFcEYsEpvcaxo7RT7e6C3kHxp1Cf/M5H2WDu/gKhT1nZnotgw fUS4DoKabYgzCS0sPGLyak4eYiUEyGP4/qdfKYoRN3fjVf7gqgoP1G/AC3snvJOw orA9KMF8UBc82xLCR8wauplNv+pwbW12zgQ5BCcg/qGc5ejKsD5tsiL+7bfVfjvu hco6bScaWMlXrJUIWB5TAJqE1AQFuXmF6Dyni8ogZyCU3tsf+X9YJZ8jzTYZxUlE RtdERnOcNew2jugg2dbPHmBCLSCx7eKaoyFRJTU47o5S9zb/bsUndhSVAhdB1B8z 2IxJJskdTFvU/0OPuI7at1ZmX4sCAwEAAaOCAsowggLGMB0GA1UdDgQWBBTIf8gb 30HNdsgasi+XEItT8WsXezAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzkwQzJEQjc2 OEJBNTExRUI5MkY1RUYyOEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMFQGCCsGAQUFBwEHAQH/ BEUwQzAwBAIAATAqAwQBZzzEAwQCZ0yIAwQBZ6NsAwQBZ6z8AwQBZ7GyAwQBZ9ye AwQCco6kMA8EAgACMAkDBwAgAQ33gIAwDQYJKoZIhvcNAQELBQADggEBAF3Jh588 xq/kSZMpt6SkQZk93chezlsFau+uSrufgYrUgVbYGnJTtt4cyXCa1tDkThwrzIi/ pg/UswRCGZX91WOScoujBcNND6rbjEfwbWfbV9UT8ErX5MAX0DseNphboTC8/68h k0kP1Ab7HdcNRLO4GsHz+u4vWhxmEblfKyRDja7qA8T+1ZHVth2Q+2uzz+72XdW3 KO+vQKmQjViGXGeBBRzQsTjdcZ2YLvx34yc17vMYiiGnI62ZTAYIdDVkzF6eYdQJ f4ze21zcJZBY6zg3PZO+qypl/NQ7uQ549NIznaIKBvt0onBIsCNwht0+ZhBQPF9d v+jwQCd9jZSFsjw= -----END CERTIFICATE-----Generated at Thu Nov 6 01:20:33 2025 by rpki-client