$ rpki-client -vvf rpki.apnic.net/member_repository/A916EF5E/F38DCF8A106B11E8B8CA020BC4F9AE02/258F8662BBDF11ED8CE89144C4F9AE02.roa File: 258F8662BBDF11ED8CE89144C4F9AE02.roa (raw, json) Hash identifier: cm97buUsPGrXaIzeG0itGzcsin7x1kihAtonowRM0BA= Subject key identifier: 91:66:CE:E3:CD:81:4F:A0:70:2F:60:F5:F5:A7:78:E4:44:F7:9B:CE Certificate issuer: /CN=A916EF5E/serialNumber=42182F5F71A58984CE8859AE60A4CACA73FE8361 Certificate serial: 101C Authority key identifier: 42:18:2F:5F:71:A5:89:84:CE:88:59:AE:60:A4:CA:CA:73:FE:83:61 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QhgvX3GliYTOiFmuYKTKynP-g2E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916EF5E/F38DCF8A106B11E8B8CA020BC4F9AE02/258F8662BBDF11ED8CE89144C4F9AE02.roa Signing time: Fri 31 Oct 2025 17:04:47 +0000 ROA not before: Fri 31 Oct 2025 17:04:47 +0000 ROA not after: Sun 01 Mar 2026 00:00:00 +0000 asID: 54415 IP address blocks: 103.99.168.0/24 maxlen: 24 2401:b140::/48 maxlen: 48 2401:b140:1::/48 maxlen: 48 2401:b140:2::/48 maxlen: 48 2401:b140:3::/48 maxlen: 48 2401:b140:4::/48 maxlen: 48 2401:b140:5::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916EF5E/F38DCF8A106B11E8B8CA020BC4F9AE02/QhgvX3GliYTOiFmuYKTKynP-g2E.crl rsync://rpki.apnic.net/member_repository/A916EF5E/F38DCF8A106B11E8B8CA020BC4F9AE02/QhgvX3GliYTOiFmuYKTKynP-g2E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QhgvX3GliYTOiFmuYKTKynP-g2E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 16:46:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4124 (0x101c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916EF5E, serialNumber=42182F5F71A58984CE8859AE60A4CACA73FE8361 Validity Not Before: Oct 31 17:04:47 2025 GMT Not After : Mar 1 00:00:00 2026 GMT Subject: CN=6904ec2f-5f37 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:f4:2a:25:cc:90:d5:89:c2:72:eb:48:90:3b: 41:2b:8e:23:be:d7:37:a1:55:90:b0:d2:21:ef:f9: d4:13:d1:51:17:6b:cd:48:46:e8:d2:ee:89:0f:3a: 55:ad:2a:32:7f:6d:2c:dc:cd:b1:cd:1d:8d:5f:fa: fe:79:09:32:bc:16:8d:05:ab:93:f3:05:11:e7:24: 2a:e6:34:ab:a6:a2:d1:ea:39:34:d2:e0:8f:ed:e9: 43:53:04:80:6e:23:c6:88:e0:74:3d:ad:de:4f:e9: 89:57:5f:8f:e1:33:91:2f:1a:31:05:03:24:c7:c1: ee:b8:5d:5e:37:e7:2b:2f:3a:ae:87:2b:0b:58:a8: 94:75:ea:13:d3:ce:eb:28:0d:37:64:03:5d:a9:a2: 58:d0:f0:83:6e:84:a4:6b:aa:25:30:f4:2b:9d:e7: 7f:60:74:1f:1a:1f:86:b4:4d:8b:66:65:d0:8c:d0: a2:c3:17:b8:82:ee:ec:38:94:af:e0:a3:6c:6b:be: 19:6d:41:6f:83:1c:68:4e:8b:7e:57:0c:b6:d7:a3: 06:ce:ec:20:ee:6d:81:f5:b5:1b:66:8d:04:f3:da: 80:ce:8d:02:1f:53:ab:0f:03:a1:1c:43:fe:f0:59: b7:08:64:00:83:c0:86:44:0e:4f:62:a7:14:44:dd: 08:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:66:CE:E3:CD:81:4F:A0:70:2F:60:F5:F5:A7:78:E4:44:F7:9B:CE X509v3 Authority Key Identifier: keyid:42:18:2F:5F:71:A5:89:84:CE:88:59:AE:60:A4:CA:CA:73:FE:83:61 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916EF5E/F38DCF8A106B11E8B8CA020BC4F9AE02/QhgvX3GliYTOiFmuYKTKynP-g2E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QhgvX3GliYTOiFmuYKTKynP-g2E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916EF5E/F38DCF8A106B11E8B8CA020BC4F9AE02/258F8662BBDF11ED8CE89144C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.99.168.0/24 IPv6: 2401:b140::-2401:b140:5:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 43:b9:ae:c5:b5:82:a4:19:7b:8e:57:9d:8e:b4:d1:3d:45:5c: b3:61:14:65:8d:b3:9a:7c:c4:05:f8:0c:7f:c1:b6:d0:a7:29: 4e:b7:82:ca:3a:bd:32:c6:f5:c4:74:5e:3f:c6:2e:e9:c8:2b: 3c:7c:9e:0d:23:09:45:b1:a9:ab:10:f7:d3:be:70:84:53:36: 79:55:9d:c2:6a:6f:cd:2c:f0:9d:fb:5b:c1:cb:a6:50:38:af: 61:7c:ac:d9:d2:40:71:3c:95:e1:11:24:03:9d:04:1e:29:30: b1:d1:ce:4f:36:c1:4b:d6:0e:e2:5e:ef:49:71:49:5c:fe:63: c0:11:ed:a1:2b:91:a5:49:65:40:46:7f:20:78:1b:95:30:a4: 2f:2e:20:7e:ea:c4:1e:b8:f8:79:0f:e9:52:f4:46:68:7d:71: 03:23:32:92:d3:09:56:d9:e3:ac:4c:a2:04:2c:4a:b2:65:39: a7:43:27:26:94:7f:be:03:b3:4a:07:23:19:ac:fa:f8:dd:c5: dd:01:1b:6b:2c:af:cf:67:50:45:d5:0d:4c:62:cb:3e:f9:1e: 10:d6:42:99:b6:65:0f:10:a7:83:a6:71:33:e2:47:63:d4:b9: d3:75:9c:c1:5d:6e:9b:ff:0e:76:44:e8:46:07:bd:d1:1f:b4: 26:74:18:f5 -----BEGIN CERTIFICATE----- MIIFizCCBHOgAwIBAgICEBwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkVGNUUxMTAvBgNVBAUTKDQyMTgyRjVGNzFBNTg5ODRDRTg4NTlBRTYwQTRDQUNB NzNGRTgzNjEwHhcNMjUxMDMxMTcwNDQ3WhcNMjYwMzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OTA0ZWMyZi01ZjM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuPQqJcyQ1YnCcutIkDtBK44jvtc3oVWQsNIh7/nUE9FRF2vNSEbo0u6JDzpV rSoyf20s3M2xzR2NX/r+eQkyvBaNBauT8wUR5yQq5jSrpqLR6jk00uCP7elDUwSA biPGiOB0Pa3eT+mJV1+P4TORLxoxBQMkx8HuuF1eN+crLzquhysLWKiUdeoT087r KA03ZANdqaJY0PCDboSka6olMPQrned/YHQfGh+GtE2LZmXQjNCiwxe4gu7sOJSv 4KNsa74ZbUFvgxxoTot+Vwy216MGzuwg7m2B9bUbZo0E89qAzo0CH1OrDwOhHEP+ 8Fm3CGQAg8CGRA5PYqcURN0I7QIDAQABo4ICrzCCAqswHQYDVR0OBBYEFJFmzuPN gU+gcC9g9fWneORE95vOMB8GA1UdIwQYMBaAFEIYL19xpYmEzohZrmCkyspz/oNh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RUY1RS9GMzhEQ0Y4QTEw NkIxMUU4QjhDQTAyMEJDNEY5QUUwMi9RaGd2WDNHbGlZVE9pRm11WUtUS3luUC1n MkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FoZ3ZYM0dsaVlUT2lGbXVZS1RLeW5QLWcyRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NkVGNUUvRjM4RENGOEExMDZCMTFFOEI4Q0EwMjBCQzRGOUFFMDIvMjU4Rjg2NjJC QkRGMTFFRDhDRTg5MTQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E KjAoMAwEAgABMAYDBABnY6gwGAQCAAIwEjAQAwUGJAGxQAMHASQBsUAABDANBgkq hkiG9w0BAQsFAAOCAQEAQ7muxbWCpBl7jledjrTRPUVcs2EUZY2zmnzEBfgMf8G2 0KcpTreCyjq9Msb1xHReP8Yu6cgrPHyeDSMJRbGpqxD3075whFM2eVWdwmpvzSzw nftbwcumUDivYXys2dJAcTyV4REkA50EHikwsdHOTzbBS9YO4l7vSXFJXP5jwBHt oSuRpUllQEZ/IHgblTCkLy4gfurEHrj4eQ/pUvRGaH1xAyMyktMJVtnjrEyiBCxK smU5p0MnJpR/vgOzSgcjGaz6+N3F3QEbayyvz2dQRdUNTGLLPvkeENZCmbZlDxCn g6ZxM+JHY9S503WcwV1um/8OdkToRge90R+0JnQY9Q== -----END CERTIFICATE-----Generated at Wed Nov 5 04:26:05 2025 by rpki-client