$ rpki-client -vvf rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/4D12993446CC11F08EB9471AC4F9AE02.roa File: 4D12993446CC11F08EB9471AC4F9AE02.roa (raw, json) Hash identifier: CSY6qOROtmw30A6xQccy8vmsJfZI5dJ5MZbhg1cI3+o= Subject key identifier: 3C:8B:BE:4E:5A:B3:1B:7D:7D:0F:E2:C6:08:5C:17:3B:D7:15:93:E3 Certificate issuer: /CN=A91590E3/serialNumber=BB976A598E5ECB05E37FAC00A5B7888E57F51C52 Certificate serial: 193C Authority key identifier: BB:97:6A:59:8E:5E:CB:05:E3:7F:AC:00:A5:B7:88:8E:57:F5:1C:52 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u5dqWY5eywXjf6wApbeIjlf1HFI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/4D12993446CC11F08EB9471AC4F9AE02.roa Signing time: Fri 26 Sep 2025 16:45:41 +0000 ROA not before: Fri 26 Sep 2025 16:45:41 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 136948 IP address blocks: 103.99.249.0/24 maxlen: 24 103.99.250.0/24 maxlen: 24 103.99.251.0/24 maxlen: 24 2401:b640::/32 maxlen: 32 2401:b640::/48 maxlen: 48 2401:b640:1::/48 maxlen: 48 2401:b640:2::/48 maxlen: 48 2401:b640:3::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/u5dqWY5eywXjf6wApbeIjlf1HFI.crl rsync://rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/u5dqWY5eywXjf6wApbeIjlf1HFI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u5dqWY5eywXjf6wApbeIjlf1HFI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 16:33:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6460 (0x193c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91590E3, serialNumber=BB976A598E5ECB05E37FAC00A5B7888E57F51C52 Validity Not Before: Sep 26 16:45:41 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68d6c335-c1a4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:74:c1:23:a4:38:32:13:cc:71:84:ff:97:54: 1f:08:5f:11:93:30:e6:47:de:2b:d3:48:f0:d2:bd: 3a:65:9b:dd:5d:1c:fc:b4:5f:ab:4f:8f:d6:75:e2: 60:2b:04:97:af:59:28:a5:2d:7c:36:ba:33:25:83: 03:f7:7b:fa:c9:4f:c3:0a:3b:e3:88:d1:d5:59:90: 28:53:ed:fe:ca:20:67:dd:37:64:77:ac:c6:48:91: ee:2d:8e:51:b5:ee:d1:83:26:45:1d:69:6b:cb:72: e5:5a:ed:6a:55:0a:05:71:05:fb:64:41:15:79:83: dc:0e:37:b9:1b:bc:4c:6f:b5:1c:f6:b1:a0:dd:40: cc:e1:4f:d1:47:2b:29:3e:fd:a9:4d:56:e6:d0:c6: 1f:6c:4c:51:84:38:04:2d:52:ff:db:2a:9a:3b:f0: 3b:ea:f2:8a:a8:f6:a2:ae:8c:61:43:f9:59:ff:0e: b8:9d:40:c0:55:2e:bf:de:8f:a6:27:9a:1f:4d:7e: d5:e4:8b:6a:c9:b7:4c:0e:71:45:31:e8:c5:77:b4: ef:c1:2e:95:b2:6d:66:1d:7d:5f:1b:9e:f6:7e:ff: b4:16:93:a2:a5:cd:56:85:6a:0d:6e:9c:ac:a7:5f: e2:d0:f2:78:67:fd:05:4e:8c:1e:7b:16:ab:1f:8f: fe:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:8B:BE:4E:5A:B3:1B:7D:7D:0F:E2:C6:08:5C:17:3B:D7:15:93:E3 X509v3 Authority Key Identifier: keyid:BB:97:6A:59:8E:5E:CB:05:E3:7F:AC:00:A5:B7:88:8E:57:F5:1C:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/u5dqWY5eywXjf6wApbeIjlf1HFI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u5dqWY5eywXjf6wApbeIjlf1HFI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/4D12993446CC11F08EB9471AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.99.249.0-103.99.251.255 IPv6: 2401:b640::/32 Signature Algorithm: sha256WithRSAEncryption 15:f4:57:ef:10:5d:1d:52:03:94:ba:8e:f0:18:9d:3d:d2:ba: 35:fc:9a:20:8b:f4:bf:d0:90:6c:26:4a:08:41:bd:e9:47:8d: 77:c1:ca:82:c0:6e:c4:4e:91:75:1d:58:b5:c1:ae:3b:64:c6: b6:e8:11:60:5c:8e:c9:a2:7c:20:57:99:78:f7:d1:50:64:75: 2f:56:a3:47:72:29:ba:5c:e7:5f:28:65:9a:58:de:ce:7e:83: c2:35:c9:f0:0b:a1:3a:90:ab:64:ec:12:c6:df:7b:bd:d4:53: 71:ad:5e:4b:8b:be:84:5e:db:90:c1:ea:6a:e9:d9:51:a0:5a: 1e:86:ed:80:fa:46:81:6f:c9:e1:01:2a:3b:a1:28:1c:b0:92: 0d:e6:39:6e:bc:98:10:ca:69:55:af:22:ce:c4:4c:2c:af:9d: b5:f3:8b:69:97:12:3e:0a:e4:6d:9f:17:0f:27:e3:75:22:cf: 10:ff:66:80:c2:9f:a4:7c:39:19:0d:e2:a4:96:1f:7f:91:62: 15:b4:0c:b9:8c:d7:fa:c1:68:41:3f:fb:5e:02:ed:6b:cc:68: 34:d4:8a:c9:38:65:ed:86:9a:57:24:c9:2a:d8:0f:a1:0f:fa: a5:c5:fc:68:dd:51:52:3b:bb:81:14:9e:2b:93:53:ec:cd:d4: a7:7f:2c:7b -----BEGIN CERTIFICATE----- MIIFiDCCBHCgAwIBAgICGTwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTkwRTMxMTAvBgNVBAUTKEJCOTc2QTU5OEU1RUNCMDVFMzdGQUMwMEE1Qjc4ODhF NTdGNTFDNTIwHhcNMjUwOTI2MTY0NTQxWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGQ2YzMzNS1jMWE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2nTBI6Q4MhPMcYT/l1QfCF8RkzDmR94r00jw0r06ZZvdXRz8tF+rT4/WdeJg KwSXr1kopS18NrozJYMD93v6yU/DCjvjiNHVWZAoU+3+yiBn3Tdkd6zGSJHuLY5R te7RgyZFHWlry3LlWu1qVQoFcQX7ZEEVeYPcDje5G7xMb7Uc9rGg3UDM4U/RRysp Pv2pTVbm0MYfbExRhDgELVL/2yqaO/A76vKKqPairoxhQ/lZ/w64nUDAVS6/3o+m J5ofTX7V5ItqybdMDnFFMejFd7TvwS6Vsm1mHX1fG572fv+0FpOipc1WhWoNbpys p1/i0PJ4Z/0FToweexarH4/+awIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFDyLvk5a sxt9fQ/ixghcFzvXFZPjMB8GA1UdIwQYMBaAFLuXalmOXssF43+sAKW3iI5X9RxS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OTBFMy9EQTE4QjE4NDlB NDkxMUU3OUE5RjMwMzBDNEY5QUUwMi91NWRxV1k1ZXl3WGpmNndBcGJlSWpsZjFI RkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3U1ZHFXWTVleXdYamY2d0FwYmVJamxmMUhGSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTkwRTMvREExOEIxODQ5QTQ5MTFFNzlBOUYzMDMwQzRGOUFFMDIvNEQxMjk5MzQ0 NkNDMTFGMDhFQjk0NzFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E JzAlMBQEAgABMA4wDAMEAGdj+QMEAmdj+DANBAIAAjAHAwUAJAG2QDANBgkqhkiG 9w0BAQsFAAOCAQEAFfRX7xBdHVIDlLqO8BidPdK6NfyaIIv0v9CQbCZKCEG96UeN d8HKgsBuxE6RdR1YtcGuO2TGtugRYFyOyaJ8IFeZePfRUGR1L1ajR3IpulznXyhl mljezn6DwjXJ8AuhOpCrZOwSxt97vdRTca1eS4u+hF7bkMHqaunZUaBaHobtgPpG gW/J4QEqO6EoHLCSDeY5bryYEMppVa8izsRMLK+dtfOLaZcSPgrkbZ8XDyfjdSLP EP9mgMKfpHw5GQ3ipJYff5FiFbQMuYzX+sFoQT/7XgLta8xoNNSKyThl7YaaVyTJ KtgPoQ/6pcX8aN1RUju7gRSeK5NT7M3Up38sew== -----END CERTIFICATE-----Generated at Wed Nov 5 01:58:24 2025 by rpki-client