$ rpki-client -vvf rpki.apnic.net/member_repository/A919BEDB/5D867EBC1F8311E7B57E6053C4F9AE02/AA54657A880E11ED9BE52B17C4F9AE02.roa File: AA54657A880E11ED9BE52B17C4F9AE02.roa (raw, json) Hash identifier: m7jMoGaJOamQccyHDJiW6HrfpYtQA9+C9u4Ehg8vWNc= Subject key identifier: 1C:5B:B8:F3:58:92:CF:7D:A7:00:88:C5:C5:D4:30:DD:95:AF:01:7F Certificate issuer: /CN=A919BEDB/serialNumber=1EDE5C6E008028BCD2AE33651381BDE1FD07C5D4 Certificate serial: 1BA8 Authority key identifier: 1E:DE:5C:6E:00:80:28:BC:D2:AE:33:65:13:81:BD:E1:FD:07:C5:D4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ht5cbgCAKLzSrjNlE4G94f0HxdQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919BEDB/5D867EBC1F8311E7B57E6053C4F9AE02/AA54657A880E11ED9BE52B17C4F9AE02.roa Signing time: Mon 27 Oct 2025 10:49:15 +0000 ROA not before: Mon 27 Oct 2025 10:49:15 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 47582 IP address blocks: 103.82.128.0/22 maxlen: 24 125.62.64.0/22 maxlen: 24 2400:83c0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919BEDB/5D867EBC1F8311E7B57E6053C4F9AE02/Ht5cbgCAKLzSrjNlE4G94f0HxdQ.crl rsync://rpki.apnic.net/member_repository/A919BEDB/5D867EBC1F8311E7B57E6053C4F9AE02/Ht5cbgCAKLzSrjNlE4G94f0HxdQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ht5cbgCAKLzSrjNlE4G94f0HxdQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 16:22:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7080 (0x1ba8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919BEDB, serialNumber=1EDE5C6E008028BCD2AE33651381BDE1FD07C5D4 Validity Not Before: Oct 27 10:49:15 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=68ff4e2b-6a70 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f9:9d:63:48:8c:51:98:23:6b:70:9b:d2:3f:72: 46:82:af:a2:8e:dc:8c:ef:f7:f6:fd:50:a6:2d:4c: ca:a0:0f:f1:6c:38:03:c6:6b:e6:4f:15:94:b6:63: 84:5a:08:cd:37:17:b6:57:a3:b4:0e:e3:46:c4:84: ce:d5:02:2e:06:1e:6b:27:6a:d3:ea:22:96:14:5d: fb:a9:54:0a:a3:f0:eb:56:de:88:53:2e:de:ef:44: 8e:e4:e3:3a:00:9e:05:83:40:a7:a6:60:fe:cd:fb: ea:2f:98:e1:bf:b3:9e:e0:3d:ed:9f:99:83:67:a6: 8b:45:fd:61:bd:a9:5e:13:61:56:61:20:6f:ae:88: 0d:7f:40:f5:fc:2d:be:29:b5:a9:d9:5a:03:5d:6d: 38:87:d0:7c:a0:00:c3:c6:80:f2:c7:6c:a6:13:f6: 80:8b:8a:85:39:b2:91:47:09:42:d3:f3:11:34:92: 7c:6f:1d:c0:c8:1c:49:af:a5:5e:98:13:c4:bb:d0: 3d:be:53:8b:47:20:c5:db:4c:58:c8:04:3d:d5:c7: 42:f0:ad:e6:d0:de:1c:7a:de:0d:89:aa:ad:f0:d9: a1:11:9d:c9:17:60:7f:af:f7:d2:48:60:ca:c6:2b: 71:3e:8e:c7:b8:60:42:dc:19:3c:ed:fb:82:59:9f: 9c:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:5B:B8:F3:58:92:CF:7D:A7:00:88:C5:C5:D4:30:DD:95:AF:01:7F X509v3 Authority Key Identifier: keyid:1E:DE:5C:6E:00:80:28:BC:D2:AE:33:65:13:81:BD:E1:FD:07:C5:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919BEDB/5D867EBC1F8311E7B57E6053C4F9AE02/Ht5cbgCAKLzSrjNlE4G94f0HxdQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ht5cbgCAKLzSrjNlE4G94f0HxdQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919BEDB/5D867EBC1F8311E7B57E6053C4F9AE02/AA54657A880E11ED9BE52B17C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.82.128.0/22 125.62.64.0/22 IPv6: 2400:83c0::/32 Signature Algorithm: sha256WithRSAEncryption 39:9f:a9:4a:b9:9f:ae:0d:cb:e7:99:a8:a4:3a:f0:fa:db:1c: bd:ce:9a:d0:c1:70:86:c1:da:78:73:df:4c:dd:9e:bd:c6:13: 36:7a:e5:2f:06:ac:a0:32:54:ee:60:3f:fe:45:15:14:56:6c: 73:3f:00:03:14:6c:a3:a2:ab:cf:d1:0f:47:94:fd:ff:e0:18: 53:af:4a:d5:e6:12:c1:c7:72:43:aa:db:6d:43:43:83:cc:7a: b0:f2:17:7a:d4:b7:f0:a3:43:fe:8b:5c:e3:ba:81:c2:3c:dd: 66:86:df:40:25:75:3e:42:de:10:57:54:a1:27:b2:54:ac:1b: 4a:99:88:1e:3e:7a:7d:34:f2:a2:2e:68:16:b1:8b:26:48:66: 65:32:42:3f:e3:d3:c0:c5:f3:5b:cc:20:76:a5:6c:92:62:78: 1f:d1:f3:5f:bd:ae:d3:7f:66:07:ee:dd:fa:60:86:ba:97:f0: a4:37:c8:5e:9e:c9:ed:a4:ea:ef:de:5a:b6:b3:51:b5:1e:9f: 40:59:96:1b:1d:31:57:29:22:0b:90:92:c8:cf:e6:03:88:7b: 60:4c:1b:ba:f0:6b:20:63:40:68:81:97:f5:05:2b:e0:4a:5e: 95:aa:ec:89:f7:bc:11:da:2c:b6:53:8a:b3:7a:76:aa:5d:e8: bd:d3:c4:36 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICG6gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUJFREIxMTAvBgNVBAUTKDFFREU1QzZFMDA4MDI4QkNEMkFFMzM2NTEzODFCREUx RkQwN0M1RDQwHhcNMjUxMDI3MTA0OTE1WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGZmNGUyYi02YTcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA+Z1jSIxRmCNrcJvSP3JGgq+ijtyM7/f2/VCmLUzKoA/xbDgDxmvmTxWUtmOE WgjNNxe2V6O0DuNGxITO1QIuBh5rJ2rT6iKWFF37qVQKo/DrVt6IUy7e70SO5OM6 AJ4Fg0CnpmD+zfvqL5jhv7Oe4D3tn5mDZ6aLRf1hvaleE2FWYSBvrogNf0D1/C2+ KbWp2VoDXW04h9B8oADDxoDyx2ymE/aAi4qFObKRRwlC0/MRNJJ8bx3AyBxJr6Ve mBPEu9A9vlOLRyDF20xYyAQ91cdC8K3m0N4cet4Niaqt8NmhEZ3JF2B/r/fSSGDK xitxPo7HuGBC3Bk87fuCWZ+cWQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFBxbuPNY ks99pwCIxcXUMN2VrwF/MB8GA1UdIwQYMBaAFB7eXG4AgCi80q4zZROBveH9B8XU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QkVEQi81RDg2N0VCQzFG ODMxMUU3QjU3RTYwNTNDNEY5QUUwMi9IdDVjYmdDQUtMelNyak5sRTRHOTRmMEh4 ZFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0h0NWNiZ0NBS0x6U3JqTmxFNEc5NGYwSHhkUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OUJFREIvNUQ4NjdFQkMxRjgzMTFFN0I1N0U2MDUzQzRGOUFFMDIvQUE1NDY1N0E4 ODBFMTFFRDlCRTUyQjE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAJnUoADBAJ9PkAwDQQCAAIwBwMFACQAg8AwDQYJKoZIhvcN AQELBQADggEBADmfqUq5n64Ny+eZqKQ68PrbHL3OmtDBcIbB2nhz30zdnr3GEzZ6 5S8GrKAyVO5gP/5FFRRWbHM/AAMUbKOiq8/RD0eU/f/gGFOvStXmEsHHckOq221D Q4PMerDyF3rUt/CjQ/6LXOO6gcI83WaG30AldT5C3hBXVKEnslSsG0qZiB4+en00 8qIuaBaxiyZIZmUyQj/j08DF81vMIHalbJJieB/R81+9rtN/Zgfu3fpghrqX8KQ3 yF6eye2k6u/eWrazUbUen0BZlhsdMVcpIguQksjP5gOIe2BMG7rwayBjQGiBl/UF K+BKXpWq7In3vBHaLLZTirN6dqpd6L3TxDY= -----END CERTIFICATE-----Generated at Tue Nov 4 21:35:24 2025 by rpki-client