$ rpki-client -vvf rpki.apnic.net/member_repository/A915617E/E1ADB746C99511E9BAAAB174C4F9AE02/DBDAFF6CC99611E9A41BCF75C4F9AE02.roa File: DBDAFF6CC99611E9A41BCF75C4F9AE02.roa (raw, json) Hash identifier: bubDAyNTv3SrURQ57IlrP+BsnMnB0ZguwTBhf+r4Z54= Subject key identifier: 3B:B0:B2:6F:A0:5B:38:E2:1A:67:CE:73:C7:74:04:21:6F:10:83:4C Certificate issuer: /CN=A915617E/serialNumber=D28C52ED090C539C10F222DEECD9A73C49A16804 Certificate serial: 0D95 Authority key identifier: D2:8C:52:ED:09:0C:53:9C:10:F2:22:DE:EC:D9:A7:3C:49:A1:68:04 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0oxS7QkMU5wQ8iLe7NmnPEmhaAQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915617E/E1ADB746C99511E9BAAAB174C4F9AE02/DBDAFF6CC99611E9A41BCF75C4F9AE02.roa Signing time: Tue 22 Jul 2025 18:27:39 +0000 ROA not before: Tue 22 Jul 2025 18:27:39 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 24382 IP address blocks: 103.141.66.0/23 maxlen: 24 2001:df0:f380::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915617E/E1ADB746C99511E9BAAAB174C4F9AE02/0oxS7QkMU5wQ8iLe7NmnPEmhaAQ.crl rsync://rpki.apnic.net/member_repository/A915617E/E1ADB746C99511E9BAAAB174C4F9AE02/0oxS7QkMU5wQ8iLe7NmnPEmhaAQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0oxS7QkMU5wQ8iLe7NmnPEmhaAQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3477 (0xd95) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915617E, serialNumber=D28C52ED090C539C10F222DEECD9A73C49A16804 Validity Not Before: Jul 22 18:27:39 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=687fd81b-885c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:fe:f7:9b:b2:74:67:65:bb:e2:ea:b5:2b:1c: c7:00:44:ac:8b:33:4f:35:b2:8c:09:c1:c9:86:79: aa:2d:34:d7:6e:9d:16:bd:d8:b9:eb:96:1e:d5:f5: 00:6d:0c:0e:d5:79:b9:66:7a:65:ed:c5:75:12:49: c0:6f:31:f0:84:f9:b1:bc:9e:01:dd:d6:71:6a:30: d7:f3:1e:e6:56:6b:57:ad:69:80:cb:c6:c3:9e:49: eb:f5:ca:5f:68:2f:c4:b3:e7:bc:a5:dd:c6:a6:0d: 98:7b:49:5e:f8:1d:c0:1a:ca:49:e8:6e:74:1b:f5: c0:ec:4c:3d:d2:79:09:89:6e:a4:cc:66:50:c3:d4: e0:18:98:4f:1a:df:e9:4d:80:08:1f:a0:f0:e6:f8: 4e:94:25:7b:2c:93:5f:06:5b:7a:03:5b:4f:f0:76: 58:76:80:de:b3:f6:c9:f1:65:fd:47:e7:84:15:f8: 76:56:a3:8e:b8:88:2e:9d:04:fe:2a:90:8f:82:bf: 62:22:6a:4f:84:16:8b:36:b5:48:7b:78:e5:03:5c: 6f:35:b7:7d:34:ee:43:21:df:d4:7b:a7:3d:f6:d2: e0:f7:5e:1f:ee:94:5e:71:db:2d:94:60:60:32:af: 07:5e:56:e4:9d:dc:0a:0c:ff:bf:3f:60:25:6a:d4: 45:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:B0:B2:6F:A0:5B:38:E2:1A:67:CE:73:C7:74:04:21:6F:10:83:4C X509v3 Authority Key Identifier: keyid:D2:8C:52:ED:09:0C:53:9C:10:F2:22:DE:EC:D9:A7:3C:49:A1:68:04 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915617E/E1ADB746C99511E9BAAAB174C4F9AE02/0oxS7QkMU5wQ8iLe7NmnPEmhaAQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0oxS7QkMU5wQ8iLe7NmnPEmhaAQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915617E/E1ADB746C99511E9BAAAB174C4F9AE02/DBDAFF6CC99611E9A41BCF75C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.141.66.0/23 IPv6: 2001:df0:f380::/48 Signature Algorithm: sha256WithRSAEncryption 6f:04:f3:fd:71:00:c0:6e:7a:d3:0c:d5:cd:3a:ca:a0:20:3b: f0:ce:6f:d0:3f:19:dc:91:ee:fa:ed:8a:9d:81:2a:7b:4c:b8: 2e:7e:b8:05:35:ca:17:42:f7:fc:2d:b3:56:8a:7c:3f:ab:f2: f2:8d:a0:c4:f0:65:34:7b:6f:7e:a4:1d:dd:13:37:6c:2c:9b: 0c:b1:95:d7:4a:08:5c:5d:d3:2e:3a:01:77:3c:bc:3d:07:2e: 6f:eb:6f:f6:74:3a:82:1f:87:e7:f2:1f:8a:2e:df:6b:0f:6c: 25:6c:46:4d:5b:07:9f:83:fb:20:07:85:45:f1:dc:b2:34:01: 19:e8:fd:35:8a:f6:82:ee:eb:08:48:9d:fc:f0:9d:52:54:8a: 09:1d:97:e6:e7:57:70:04:0b:5f:6c:28:cf:32:9b:7f:08:ff: d0:b9:bd:4a:bf:de:b7:bb:81:47:32:70:a7:bf:07:88:25:d2: 5d:cf:22:02:f5:80:37:dd:f5:98:b8:ac:8f:3c:89:4b:34:f5: a7:d4:c7:0a:ca:bc:19:78:b0:df:49:93:b0:13:d6:e8:47:a6: 6f:dd:3b:01:31:e1:29:c1:e4:54:38:42:ec:62:aa:5f:a1:71: 97:3f:2e:b4:39:b2:ae:65:74:ee:92:20:68:a7:ed:a7:52:4d: a2:94:2d:46 -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICDZUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTYxN0UxMTAvBgNVBAUTKEQyOEM1MkVEMDkwQzUzOUMxMEYyMjJERUVDRDlBNzND NDlBMTY4MDQwHhcNMjUwNzIyMTgyNzM5WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODdmZDgxYi04ODVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz/73m7J0Z2W74uq1KxzHAESsizNPNbKMCcHJhnmqLTTXbp0Wvdi565Ye1fUA bQwO1Xm5Znpl7cV1EknAbzHwhPmxvJ4B3dZxajDX8x7mVmtXrWmAy8bDnknr9cpf aC/Es+e8pd3Gpg2Ye0le+B3AGspJ6G50G/XA7Ew90nkJiW6kzGZQw9TgGJhPGt/p TYAIH6Dw5vhOlCV7LJNfBlt6A1tP8HZYdoDes/bJ8WX9R+eEFfh2VqOOuIgunQT+ KpCPgr9iImpPhBaLNrVIe3jlA1xvNbd9NO5DId/Ue6c99tLg914f7pRecdstlGBg Mq8HXlbkndwKDP+/P2AlatRFMwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFDuwsm+g WzjiGmfOc8d0BCFvEINMMB8GA1UdIwQYMBaAFNKMUu0JDFOcEPIi3uzZpzxJoWgE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NjE3RS9FMUFEQjc0NkM5 OTUxMUU5QkFBQUIxNzRDNEY5QUUwMi8wb3hTN1FrTVU1d1E4aUxlN05tblBFbWhh QVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzBveFM3UWtNVTV3UThpTGU3Tm1uUEVtaGFBUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTYxN0UvRTFBREI3NDZDOTk1MTFFOUJBQUFCMTc0QzRGOUFFMDIvREJEQUZGNkND OTk2MTFFOUE0MUJDRjc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAFnjUIwDwQCAAIwCQMHACABDfDzgDANBgkqhkiG9w0BAQsF AAOCAQEAbwTz/XEAwG560wzVzTrKoCA78M5v0D8Z3JHu+u2KnYEqe0y4Ln64BTXK F0L3/C2zVop8P6vy8o2gxPBlNHtvfqQd3RM3bCybDLGV10oIXF3TLjoBdzy8PQcu b+tv9nQ6gh+H5/Ifii7faw9sJWxGTVsHn4P7IAeFRfHcsjQBGej9NYr2gu7rCEid /PCdUlSKCR2X5udXcAQLX2wozzKbfwj/0Lm9Sr/et7uBRzJwp78HiCXSXc8iAvWA N931mLisjzyJSzT1p9THCsq8GXiw30mTsBPW6Eemb907ATHhKcHkVDhC7GKqX6Fx lz8utDmyrmV07pIgaKftp1JNopQtRg== -----END CERTIFICATE-----Generated at Mon Aug 11 10:31:33 2025 by rpki-client