$ rpki-client -vvf rpki.apnic.net/member_repository/A916BE2F/FEB122583B3011EAA9B7A027C4F9AE02/CFF490F63B3211EAA19CAB2DC4F9AE02.roa File: CFF490F63B3211EAA19CAB2DC4F9AE02.roa (raw, json) Hash identifier: Q4J9l++n+la5Zfxccf3dc2lEQlGumKMJ7Sd1OPrz7gM= Subject key identifier: 21:14:FC:D9:4B:AE:CD:AA:A1:96:92:CC:00:6D:10:28:87:B6:3B:BF Certificate issuer: /CN=A916BE2F/serialNumber=228A0B9B84EB60EB4615565B0210D5475C5188A9 Certificate serial: 0B42 Authority key identifier: 22:8A:0B:9B:84:EB:60:EB:46:15:56:5B:02:10:D5:47:5C:51:88:A9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IooLm4TrYOtGFVZbAhDVR1xRiKk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916BE2F/FEB122583B3011EAA9B7A027C4F9AE02/CFF490F63B3211EAA19CAB2DC4F9AE02.roa Signing time: Tue 24 Jun 2025 19:14:18 +0000 ROA not before: Tue 24 Jun 2025 19:14:18 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 138999 IP address blocks: 103.138.84.0/24 maxlen: 24 103.138.85.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916BE2F/FEB122583B3011EAA9B7A027C4F9AE02/IooLm4TrYOtGFVZbAhDVR1xRiKk.crl rsync://rpki.apnic.net/member_repository/A916BE2F/FEB122583B3011EAA9B7A027C4F9AE02/IooLm4TrYOtGFVZbAhDVR1xRiKk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IooLm4TrYOtGFVZbAhDVR1xRiKk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2882 (0xb42) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916BE2F, serialNumber=228A0B9B84EB60EB4615565B0210D5475C5188A9 Validity Not Before: Jun 24 19:14:18 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=685af90a-a6a3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:b2:fc:56:1b:1e:22:d1:16:2f:fc:06:9b:b5: 06:8d:39:50:1b:fa:42:2c:7d:77:41:95:76:b4:fb: de:10:f2:39:70:93:e7:31:3e:f0:12:dc:97:79:6d: 6f:81:4f:0f:87:11:ea:d3:35:3d:be:ed:a1:7e:52: 89:42:28:19:60:4f:7c:a4:c1:c8:74:4a:c1:09:b8: 80:15:ff:00:02:ac:e0:3a:76:f7:3c:02:47:03:d9: c3:12:f5:c0:83:0d:6d:bb:04:66:f8:c3:08:b0:d5: c3:22:34:7c:56:12:60:03:41:90:06:07:25:45:37: 41:61:6f:73:6b:56:04:5e:3e:1b:4e:6e:52:f3:92: 91:ed:ae:98:63:c2:da:e0:a0:10:ae:6d:dc:52:e4: f1:c7:44:7e:dd:60:e9:96:5a:44:3b:20:09:24:84: 75:08:6e:fb:10:9d:a3:78:0e:51:ea:56:04:7d:79: 04:88:f6:a0:64:b7:96:7f:f8:93:d0:bf:0d:39:46: fb:45:fa:54:3e:00:1d:be:e1:73:6a:29:6d:64:33: 4d:fc:ee:c3:94:30:e5:6d:83:0c:f2:10:65:96:36: 4b:fc:a2:5d:ba:4a:da:05:b8:be:f9:0e:5f:13:ff: 68:e0:c2:a4:f4:95:90:d9:d7:a7:ab:2f:bd:87:11: d5:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:14:FC:D9:4B:AE:CD:AA:A1:96:92:CC:00:6D:10:28:87:B6:3B:BF X509v3 Authority Key Identifier: keyid:22:8A:0B:9B:84:EB:60:EB:46:15:56:5B:02:10:D5:47:5C:51:88:A9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916BE2F/FEB122583B3011EAA9B7A027C4F9AE02/IooLm4TrYOtGFVZbAhDVR1xRiKk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IooLm4TrYOtGFVZbAhDVR1xRiKk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916BE2F/FEB122583B3011EAA9B7A027C4F9AE02/CFF490F63B3211EAA19CAB2DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.138.84.0/23 Signature Algorithm: sha256WithRSAEncryption 47:97:41:49:c1:cb:20:ae:96:82:ae:5c:d2:44:43:ac:26:f0: 43:45:4b:96:e3:4a:1b:e5:c5:a1:62:63:b1:d7:fe:3c:d0:ec: ec:ee:27:c7:08:57:d4:ba:1c:ce:0d:54:f0:34:93:f2:a6:a2: 82:b3:eb:3f:42:c1:53:f9:20:03:c8:7c:59:6c:7a:bc:54:55: e9:cb:6b:23:97:af:04:e7:1c:db:da:53:c1:82:77:38:58:c2: 7d:b4:dd:1a:66:a6:c0:c4:85:2d:a3:c1:96:e2:2b:44:11:98: 81:ec:10:3b:aa:53:2d:f5:0b:4b:87:4d:dd:33:72:bf:71:3a: cc:52:37:b3:ac:9d:da:fe:59:04:e4:6f:93:19:98:5c:00:64: f9:01:dc:a2:f3:ce:48:ca:88:50:61:a0:cf:7d:4b:82:4c:ad: d0:4c:d7:62:2c:04:a6:04:5f:e8:8f:d3:62:5e:e6:92:77:27: 43:50:47:39:80:e6:23:3e:4e:a7:c0:d8:64:38:fc:e2:7a:0f: 4c:e3:00:71:bc:b3:99:a1:61:36:8f:4e:cd:29:8d:f2:c2:e9: 27:82:e8:5d:45:06:6f:27:aa:2b:25:67:d4:75:48:d6:0a:5d: ca:c2:10:d1:a4:44:73:5e:4b:15:4f:fa:a5:4c:6a:9e:e4:7e: c3:45:2d:55 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICC0IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkJFMkYxMTAvBgNVBAUTKDIyOEEwQjlCODRFQjYwRUI0NjE1NTY1QjAyMTBENTQ3 NUM1MTg4QTkwHhcNMjUwNjI0MTkxNDE4WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODVhZjkwYS1hNmEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvbL8VhseItEWL/wGm7UGjTlQG/pCLH13QZV2tPveEPI5cJPnMT7wEtyXeW1v gU8PhxHq0zU9vu2hflKJQigZYE98pMHIdErBCbiAFf8AAqzgOnb3PAJHA9nDEvXA gw1tuwRm+MMIsNXDIjR8VhJgA0GQBgclRTdBYW9za1YEXj4bTm5S85KR7a6YY8La 4KAQrm3cUuTxx0R+3WDpllpEOyAJJIR1CG77EJ2jeA5R6lYEfXkEiPagZLeWf/iT 0L8NOUb7RfpUPgAdvuFzailtZDNN/O7DlDDlbYMM8hBlljZL/KJdukraBbi++Q5f E/9o4MKk9JWQ2denqy+9hxHVfwIDAQABo4IClTCCApEwHQYDVR0OBBYEFCEU/NlL rs2qoZaSzABtECiHtju/MB8GA1UdIwQYMBaAFCKKC5uE62DrRhVWWwIQ1UdcUYip MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QkUyRi9GRUIxMjI1ODNC MzAxMUVBQTlCN0EwMjdDNEY5QUUwMi9Jb29MbTRUcllPdEdGVlpiQWhEVlIxeFJp S2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lvb0xtNFRyWU90R0ZWWmJBaERWUjF4UmlLay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NkJFMkYvRkVCMTIyNTgzQjMwMTFFQUE5QjdBMDI3QzRGOUFFMDIvQ0ZGNDkwRjYz QjMyMTFFQUExOUNBQjJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAFnilQwDQYJKoZIhvcNAQELBQADggEBAEeXQUnByyCuloKu XNJEQ6wm8ENFS5bjShvlxaFiY7HX/jzQ7OzuJ8cIV9S6HM4NVPA0k/KmooKz6z9C wVP5IAPIfFlserxUVenLayOXrwTnHNvaU8GCdzhYwn203RpmpsDEhS2jwZbiK0QR mIHsEDuqUy31C0uHTd0zcr9xOsxSN7Osndr+WQTkb5MZmFwAZPkB3KLzzkjKiFBh oM99S4JMrdBM12IsBKYEX+iP02Je5pJ3J0NQRzmA5iM+TqfA2GQ4/OJ6D0zjAHG8 s5mhYTaPTs0pjfLC6SeC6F1FBm8nqislZ9R1SNYKXcrCENGkRHNeSxVP+qVMap7k fsNFLVU= -----END CERTIFICATE-----Generated at Sun Aug 10 16:03:24 2025 by rpki-client