$ rpki-client -vvf rpki.apnic.net/member_repository/A9141274/D99F3AFAFB2311EF9F15C74AC4F9AE02/1C8955ACFB3911EFA7A85D5EC4F9AE02.roa File: 1C8955ACFB3911EFA7A85D5EC4F9AE02.roa (raw, json) Hash identifier: pXA/nNICBjxxRUXdfG7Iajai0avdelFN1HiA2VJOvYs= Subject key identifier: 60:EE:FB:84:B7:51:74:09:13:7C:93:08:B8:EB:50:47:1C:7E:88:9F Certificate issuer: /CN=A9141274/serialNumber=6958A1AB3ACF7F95EDA5AD9C9E41E449B6D117F2 Certificate serial: 57 Authority key identifier: 69:58:A1:AB:3A:CF:7F:95:ED:A5:AD:9C:9E:41:E4:49:B6:D1:17:F2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aVihqzrPf5Xtpa2cnkHkSbbRF_I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9141274/D99F3AFAFB2311EF9F15C74AC4F9AE02/1C8955ACFB3911EFA7A85D5EC4F9AE02.roa Signing time: Tue 05 Aug 2025 06:03:13 +0000 ROA not before: Tue 05 Aug 2025 06:03:13 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 135357 IP address blocks: 103.20.192.0/22 maxlen: 22 103.20.192.0/24 maxlen: 24 103.20.193.0/24 maxlen: 24 103.20.194.0/24 maxlen: 24 103.20.195.0/24 maxlen: 24 103.27.176.0/22 maxlen: 22 103.27.176.0/24 maxlen: 24 103.27.177.0/24 maxlen: 24 103.27.178.0/24 maxlen: 24 103.27.179.0/24 maxlen: 24 103.30.4.0/22 maxlen: 22 103.30.4.0/24 maxlen: 24 103.30.5.0/24 maxlen: 24 103.30.6.0/24 maxlen: 24 103.30.7.0/24 maxlen: 24 103.226.152.0/22 maxlen: 22 103.226.152.0/24 maxlen: 24 103.226.153.0/24 maxlen: 24 103.226.154.0/24 maxlen: 24 103.226.155.0/24 maxlen: 24 202.8.120.0/22 maxlen: 22 202.8.120.0/24 maxlen: 24 202.8.121.0/24 maxlen: 24 202.8.122.0/24 maxlen: 24 202.8.123.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9141274/D99F3AFAFB2311EF9F15C74AC4F9AE02/aVihqzrPf5Xtpa2cnkHkSbbRF_I.crl rsync://rpki.apnic.net/member_repository/A9141274/D99F3AFAFB2311EF9F15C74AC4F9AE02/aVihqzrPf5Xtpa2cnkHkSbbRF_I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aVihqzrPf5Xtpa2cnkHkSbbRF_I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 87 (0x57) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9141274, serialNumber=6958A1AB3ACF7F95EDA5AD9C9E41E449B6D117F2 Validity Not Before: Aug 5 06:03:13 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=68919ea1-2225 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:4d:9a:38:09:ed:0d:09:70:2f:5c:07:fe:67: 7a:9b:5b:86:19:36:7b:89:dc:0d:18:20:8c:49:8e: d8:50:7f:26:69:e4:1e:aa:83:16:ec:a3:8f:f9:f0: e2:ea:02:70:18:b3:d3:c8:28:a8:fc:6f:37:76:2c: 40:7a:5f:24:4b:c7:5d:ea:ba:d8:e2:92:3f:5e:48: 4d:b0:92:be:52:23:53:f4:39:ef:aa:9f:be:07:2c: 88:77:b1:79:e5:88:32:85:c4:68:7a:03:3d:ef:75: 38:42:d9:0a:26:39:9f:e5:75:70:3c:09:a9:e0:73: b4:f9:c5:85:52:f5:5b:1d:7c:5f:0a:b6:22:5a:f8: e3:1e:82:aa:68:27:45:53:03:23:59:b1:e4:e9:73: 83:e8:81:5a:17:05:91:f0:a5:77:00:27:61:fc:55: 0e:10:7a:8c:e7:b0:83:ac:6d:6e:c2:be:7a:8f:d9: 80:67:9b:0c:f8:a5:c7:92:c6:24:8e:bc:04:71:6c: 07:09:8c:83:3f:a3:72:26:5d:2d:d0:4b:1f:df:dd: bb:68:32:39:f3:03:cf:c0:1a:4e:cb:90:d2:0f:8b: 21:6f:d7:54:2f:8f:0b:92:ff:3b:39:58:fb:be:b2: 7f:7d:eb:99:ed:77:63:68:64:9e:d1:d9:8b:58:2b: d1:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:EE:FB:84:B7:51:74:09:13:7C:93:08:B8:EB:50:47:1C:7E:88:9F X509v3 Authority Key Identifier: keyid:69:58:A1:AB:3A:CF:7F:95:ED:A5:AD:9C:9E:41:E4:49:B6:D1:17:F2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9141274/D99F3AFAFB2311EF9F15C74AC4F9AE02/aVihqzrPf5Xtpa2cnkHkSbbRF_I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aVihqzrPf5Xtpa2cnkHkSbbRF_I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9141274/D99F3AFAFB2311EF9F15C74AC4F9AE02/1C8955ACFB3911EFA7A85D5EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.20.192.0/22 103.27.176.0/22 103.30.4.0/22 103.226.152.0/22 202.8.120.0/22 Signature Algorithm: sha256WithRSAEncryption 32:2e:7b:f0:66:60:46:3f:af:ce:24:5b:80:51:ad:d4:7a:76: 00:e2:10:30:12:e2:c0:b2:3c:d8:19:2d:ca:1a:65:ed:c9:4b: 3c:dd:f6:df:b3:a1:fc:a8:aa:f7:bf:a9:00:e4:c3:1b:83:9c: e1:1b:b7:e9:24:bb:bc:6a:6f:cf:cf:d3:1d:38:0e:16:44:f7: ca:1e:15:8b:98:d6:de:e4:76:c8:aa:00:57:e1:6b:ce:c3:af: 6c:47:e7:b1:0c:d4:bb:ac:14:ba:00:b3:16:a1:f5:f7:cb:b7: ee:72:ba:c6:a6:77:c1:7f:0e:65:32:18:5b:e4:6d:60:d9:0c: cf:c6:50:20:ea:2d:21:d7:46:94:23:3c:b4:e8:70:98:4d:58: 55:82:d5:5f:81:63:7e:c7:2a:1b:ab:41:6a:e7:a6:85:7f:e1: d6:a0:03:d1:df:a4:68:94:83:52:07:c6:48:de:18:a1:15:a9: 4f:03:1c:3d:41:fa:44:c3:60:d0:8c:ee:f4:bd:b8:79:e4:50: cb:e2:69:9e:10:83:3f:1c:ca:46:34:29:32:b5:a3:4e:8c:a4: 35:7a:87:8a:9f:83:50:10:02:08:8d:a8:86:cf:dc:87:ce:da: 71:59:ae:ac:5f:99:1e:d8:57:de:2a:28:61:5a:d3:8c:17:dd: 97:1d:8c:72 -----BEGIN CERTIFICATE----- MIIFiDCCBHCgAwIBAgIBVzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 MTI3NDExMC8GA1UEBRMoNjk1OEExQUIzQUNGN0Y5NUVEQTVBRDlDOUU0MUU0NDlC NkQxMTdGMjAeFw0yNTA4MDUwNjAzMTNaFw0yNjAzMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4OTE5ZWExLTIyMjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCuTZo4Ce0NCXAvXAf+Z3qbW4YZNnuJ3A0YIIxJjthQfyZp5B6qgxbso4/58OLq AnAYs9PIKKj8bzd2LEB6XyRLx13qutjikj9eSE2wkr5SI1P0Oe+qn74HLIh3sXnl iDKFxGh6Az3vdThC2QomOZ/ldXA8Cangc7T5xYVS9VsdfF8KtiJa+OMegqpoJ0VT AyNZseTpc4PogVoXBZHwpXcAJ2H8VQ4QeoznsIOsbW7CvnqP2YBnmwz4pceSxiSO vARxbAcJjIM/o3ImXS3QSx/f3btoMjnzA8/AGk7LkNIPiyFv11QvjwuS/zs5WPu+ sn9965ntd2NoZJ7R2YtYK9GbAgMBAAGjggKtMIICqTAdBgNVHQ4EFgQUYO77hLdR dAkTfJMIuOtQRxx+iJ8wHwYDVR0jBBgwFoAUaVihqzrPf5Xtpa2cnkHkSbbRF/Iw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQxMjc0L0Q5OUYzQUZBRkIy MzExRUY5RjE1Qzc0QUM0RjlBRTAyL2FWaWhxenJQZjVYdHBhMmNua0hrU2JiUkZf SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvYVZpaHF6clBmNVh0cGEyY25rSGtTYmJSRl9JLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 MTI3NC9EOTlGM0FGQUZCMjMxMUVGOUYxNUM3NEFDNEY5QUUwMi8xQzg5NTVBQ0ZC MzkxMUVGQTdBODVENUVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA3BggrBgEFBQcBBwEB/wQo MCYwJAQCAAEwHgMEAmcUwAMEAmcbsAMEAmceBAMEAmfimAMEAsoIeDANBgkqhkiG 9w0BAQsFAAOCAQEAMi578GZgRj+vziRbgFGt1Hp2AOIQMBLiwLI82Bktyhpl7clL PN3237Oh/Kiq97+pAOTDG4Oc4Ru36SS7vGpvz8/THTgOFkT3yh4Vi5jW3uR2yKoA V+FrzsOvbEfnsQzUu6wUugCzFqH198u37nK6xqZ3wX8OZTIYW+RtYNkMz8ZQIOot IddGlCM8tOhwmE1YVYLVX4FjfscqG6tBauemhX/h1qAD0d+kaJSDUgfGSN4YoRWp TwMcPUH6RMNg0Izu9L24eeRQy+JpnhCDPxzKRjQpMrWjToykNXqHip+DUBACCI2o hs/ch87acVmurF+ZHthX3iooYVrTjBfdlx2Mcg== -----END CERTIFICATE-----Generated at Sun Aug 10 05:41:55 2025 by rpki-client