$ rpki-client -vvf rpki.apnic.net/member_repository/A91555EA/7C60B9F63B6E11EAAE5F166BC4F9AE02/436398BA3B7011EAA14F566EC4F9AE02.roa File: 436398BA3B7011EAA14F566EC4F9AE02.roa (raw, json) Hash identifier: orMTuhNCmn5/4lVWP0hvNJHm2iToMZFaKY4Tk1oMp1M= Subject key identifier: 09:21:3A:A4:3F:1E:AA:5E:E1:C3:35:69:A6:22:38:EB:85:92:8A:76 Certificate issuer: /CN=A91555EA/serialNumber=978DAE2C10A72ED04F94128FFC5E8CB7D102EACA Certificate serial: 0B69 Authority key identifier: 97:8D:AE:2C:10:A7:2E:D0:4F:94:12:8F:FC:5E:8C:B7:D1:02:EA:CA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l42uLBCnLtBPlBKP_F6Mt9EC6so.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91555EA/7C60B9F63B6E11EAAE5F166BC4F9AE02/436398BA3B7011EAA14F566EC4F9AE02.roa Signing time: Wed 06 Aug 2025 19:29:57 +0000 ROA not before: Wed 06 Aug 2025 19:29:57 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 63967 IP address blocks: 103.9.185.0/24 maxlen: 24 103.9.187.0/24 maxlen: 24 103.244.162.0/24 maxlen: 24 117.104.186.0/24 maxlen: 24 117.104.187.0/24 maxlen: 24 2404:b780::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91555EA/7C60B9F63B6E11EAAE5F166BC4F9AE02/l42uLBCnLtBPlBKP_F6Mt9EC6so.crl rsync://rpki.apnic.net/member_repository/A91555EA/7C60B9F63B6E11EAAE5F166BC4F9AE02/l42uLBCnLtBPlBKP_F6Mt9EC6so.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l42uLBCnLtBPlBKP_F6Mt9EC6so.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 19 Aug 2025 19:20:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2921 (0xb69) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91555EA, serialNumber=978DAE2C10A72ED04F94128FFC5E8CB7D102EACA Validity Not Before: Aug 6 19:29:57 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=6893ad35-d915 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:45:06:ba:4b:28:8c:10:7f:ad:4a:9c:e0:6a: 2e:50:9b:07:47:28:8f:02:6f:a1:08:e7:66:a2:61: fe:29:84:de:4e:0a:37:8a:7a:e1:5e:22:c4:d8:20: 40:ca:31:6e:44:27:59:ce:d3:57:4b:88:a1:96:02: aa:13:c3:66:d5:12:db:c4:ce:cf:cf:86:50:21:6d: ae:94:5d:00:8f:ff:53:6f:c9:6f:73:d5:d2:f6:57: 10:9d:62:3a:b4:0f:25:57:92:12:4d:68:b5:d9:e4: 71:e2:b9:e3:ed:f0:a4:9d:eb:01:0d:73:af:5a:a8: 0a:f4:41:fc:c3:58:d3:e2:91:b6:1e:b2:1c:30:05: c3:c0:b1:14:12:1b:18:46:f8:7b:30:93:72:db:8c: e1:a3:91:09:9e:ba:28:1a:cb:dc:56:d6:66:de:e9: 0e:31:07:10:a5:a7:6e:e8:df:6e:32:c7:fa:06:61: 3d:41:df:23:81:75:09:fd:af:a7:63:0e:0c:52:4d: 08:e0:34:13:56:ed:5f:45:1b:73:a6:44:f5:d6:5d: fb:a6:b5:67:90:98:60:bd:8c:7d:4e:ec:77:e1:2e: b9:4d:cb:f4:f1:05:d2:d6:af:bf:79:4e:e2:1e:47: b2:44:3f:f8:ac:c0:bd:d0:43:b6:8a:a2:07:b8:48: ea:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:21:3A:A4:3F:1E:AA:5E:E1:C3:35:69:A6:22:38:EB:85:92:8A:76 X509v3 Authority Key Identifier: keyid:97:8D:AE:2C:10:A7:2E:D0:4F:94:12:8F:FC:5E:8C:B7:D1:02:EA:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91555EA/7C60B9F63B6E11EAAE5F166BC4F9AE02/l42uLBCnLtBPlBKP_F6Mt9EC6so.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l42uLBCnLtBPlBKP_F6Mt9EC6so.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91555EA/7C60B9F63B6E11EAAE5F166BC4F9AE02/436398BA3B7011EAA14F566EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.9.185.0/24 103.9.187.0/24 103.244.162.0/24 117.104.186.0/23 IPv6: 2404:b780::/32 Signature Algorithm: sha256WithRSAEncryption 32:b5:46:d8:4d:75:1f:ac:03:ab:b0:ea:b6:3c:87:90:c5:0b: 56:c3:ba:2f:12:a5:50:90:1a:ad:9c:46:f9:81:16:b7:4e:19: 96:60:7a:8f:95:96:43:ad:b5:1c:9f:e7:9b:a8:94:2c:0e:f7: 57:1f:b5:16:4b:1e:f3:e5:96:1d:96:4d:56:f7:34:56:18:66: 7f:6c:46:14:5a:b1:37:e3:64:43:b0:52:94:0f:8b:53:b5:0f: ab:d0:4b:06:bd:15:3e:6b:7a:27:90:d3:45:ba:d2:1d:b4:96: 09:19:11:2f:f9:f4:c5:5f:34:89:8b:cc:11:d5:ad:3f:9e:13: 9b:a6:05:73:d0:53:56:80:b1:d1:42:41:3b:64:4e:63:57:41: 72:85:56:0e:ce:46:97:01:85:e1:19:75:0d:bc:b2:48:28:53: 4b:75:30:e0:db:1d:12:94:a8:5b:7e:8b:ea:f9:d8:53:b1:fe: 39:74:97:d3:42:90:f4:98:b2:1b:74:01:49:41:d3:8f:e3:54: ab:bb:59:a3:98:b5:28:dd:e4:68:2a:b5:83:4c:b4:ed:7e:6a: fd:25:ca:8d:51:c4:d6:c2:44:9e:54:f8:27:60:85:3c:62:53: fb:40:cd:4a:75:f5:f6:12:94:ac:46:fe:dd:1d:a1:54:02:da: ea:48:d9:25 -----BEGIN CERTIFICATE----- MIIFkjCCBHqgAwIBAgICC2kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTU1RUExMTAvBgNVBAUTKDk3OERBRTJDMTBBNzJFRDA0Rjk0MTI4RkZDNUU4Q0I3 RDEwMkVBQ0EwHhcNMjUwODA2MTkyOTU3WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODkzYWQzNS1kOTE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvEUGuksojBB/rUqc4GouUJsHRyiPAm+hCOdmomH+KYTeTgo3inrhXiLE2CBA yjFuRCdZztNXS4ihlgKqE8Nm1RLbxM7Pz4ZQIW2ulF0Aj/9Tb8lvc9XS9lcQnWI6 tA8lV5ISTWi12eRx4rnj7fCknesBDXOvWqgK9EH8w1jT4pG2HrIcMAXDwLEUEhsY Rvh7MJNy24zho5EJnrooGsvcVtZm3ukOMQcQpadu6N9uMsf6BmE9Qd8jgXUJ/a+n Yw4MUk0I4DQTVu1fRRtzpkT11l37prVnkJhgvYx9Tux34S65Tcv08QXS1q+/eU7i HkeyRD/4rMC90EO2iqIHuEjqHwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFAkhOqQ/ Hqpe4cM1aaYiOOuFkop2MB8GA1UdIwQYMBaAFJeNriwQpy7QT5QSj/xejLfRAurK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NTVFQS83QzYwQjlGNjNC NkUxMUVBQUU1RjE2NkJDNEY5QUUwMi9sNDJ1TEJDbkx0QlBsQktQX0Y2TXQ5RUM2 c28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2w0MnVMQkNuTHRCUGxCS1BfRjZNdDlFQzZzby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTU1RUEvN0M2MEI5RjYzQjZFMTFFQUFFNUYxNjZCQzRGOUFFMDIvNDM2Mzk4QkEz QjcwMTFFQUExNEY1NjZFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E MTAvMB4EAgABMBgDBABnCbkDBABnCbsDBABn9KIDBAF1aLowDQQCAAIwBwMFACQE t4AwDQYJKoZIhvcNAQELBQADggEBADK1RthNdR+sA6uw6rY8h5DFC1bDui8SpVCQ Gq2cRvmBFrdOGZZgeo+VlkOttRyf55uolCwO91cftRZLHvPllh2WTVb3NFYYZn9s RhRasTfjZEOwUpQPi1O1D6vQSwa9FT5reieQ00W60h20lgkZES/59MVfNImLzBHV rT+eE5umBXPQU1aAsdFCQTtkTmNXQXKFVg7ORpcBheEZdQ28skgoU0t1MODbHRKU qFt+i+r52FOx/jl0l9NCkPSYsht0AUlB04/jVKu7WaOYtSjd5GgqtYNMtO1+av0l yo1RxNbCRJ5U+CdghTxiU/tAzUp19fYSlKxG/t0doVQC2upI2SU= -----END CERTIFICATE-----Generated at Wed Aug 13 19:07:15 2025 by rpki-client