$ rpki-client -vvf rpki.apnic.net/member_repository/A91A05A0/9C5371782F6411F0B4F2A245C4F9AE02/25E96E4C2F6511F0A4430347C4F9AE02.roa File: 25E96E4C2F6511F0A4430347C4F9AE02.roa (raw, json) Hash identifier: YjLtFlGgcNbwn9rRIgf5MeQrG8tFe9vr3RMokUM4ipM= Subject key identifier: 7E:AB:89:12:0A:DA:07:49:51:A9:BB:4F:82:A4:75:1A:27:7B:ED:21 Certificate issuer: /CN=A91A05A0/serialNumber=A0F9EB6981DC72A278B185289906C1E11C0B35F1 Certificate serial: 23 Authority key identifier: A0:F9:EB:69:81:DC:72:A2:78:B1:85:28:99:06:C1:E1:1C:0B:35:F1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oPnraYHccqJ4sYUomQbB4RwLNfE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A05A0/9C5371782F6411F0B4F2A245C4F9AE02/25E96E4C2F6511F0A4430347C4F9AE02.roa Signing time: Tue 15 Jul 2025 08:14:55 +0000 ROA not before: Tue 15 Jul 2025 08:14:55 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 139225 IP address blocks: 103.140.3.0/24 maxlen: 24 2001:df0:a280::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A05A0/9C5371782F6411F0B4F2A245C4F9AE02/oPnraYHccqJ4sYUomQbB4RwLNfE.crl rsync://rpki.apnic.net/member_repository/A91A05A0/9C5371782F6411F0B4F2A245C4F9AE02/oPnraYHccqJ4sYUomQbB4RwLNfE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oPnraYHccqJ4sYUomQbB4RwLNfE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 18 Aug 2025 07:56:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35 (0x23) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A05A0, serialNumber=A0F9EB6981DC72A278B185289906C1E11C0B35F1 Validity Not Before: Jul 15 08:14:55 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=68760dff-8dc9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:b2:08:1f:f2:40:30:ed:bb:a2:44:62:ea:7b: 38:56:ae:38:8b:a3:cf:06:a1:06:11:f6:19:af:fd: 1f:87:f2:2b:96:b3:75:5c:e3:e7:7c:23:1a:d4:2e: e0:80:2c:0a:c8:f4:b1:ab:e9:5e:52:83:b9:06:bd: 55:33:b9:0c:10:1e:70:35:4f:af:95:71:5d:46:3a: 0b:18:37:f6:8a:5a:e2:ee:86:34:10:c9:46:1d:4e: 6f:d8:a7:77:7a:e4:6a:81:40:14:18:05:67:2c:d8: 1f:33:8c:99:03:df:8e:ee:2f:76:58:eb:3f:82:b1: 9d:3d:83:bc:ee:0a:9e:3a:0a:7b:26:b2:16:63:48: e3:a8:f3:e4:a1:33:ee:5a:0b:91:79:de:62:e3:d6: e4:5e:05:0f:93:3e:e3:d0:46:32:08:31:d6:46:f6: 8e:9c:79:6a:c3:27:12:42:ad:8e:59:61:3e:86:f4: 17:d7:5e:32:b6:c1:49:5d:fb:f2:ae:5e:81:f4:66: d6:c8:ad:fc:df:ef:75:19:ba:90:35:4b:7a:28:80: 6c:51:82:40:2e:40:2a:eb:5a:75:de:da:9b:09:71: c9:18:39:56:54:8d:bb:c5:3d:ce:41:58:c4:87:8b: 9e:1e:0a:4b:70:a9:47:12:1d:e8:f2:3c:45:aa:20: 90:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:AB:89:12:0A:DA:07:49:51:A9:BB:4F:82:A4:75:1A:27:7B:ED:21 X509v3 Authority Key Identifier: keyid:A0:F9:EB:69:81:DC:72:A2:78:B1:85:28:99:06:C1:E1:1C:0B:35:F1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A05A0/9C5371782F6411F0B4F2A245C4F9AE02/oPnraYHccqJ4sYUomQbB4RwLNfE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oPnraYHccqJ4sYUomQbB4RwLNfE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A05A0/9C5371782F6411F0B4F2A245C4F9AE02/25E96E4C2F6511F0A4430347C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.140.3.0/24 IPv6: 2001:df0:a280::/48 Signature Algorithm: sha256WithRSAEncryption 35:18:ff:8a:d0:09:da:6a:64:b2:39:6e:25:fe:56:32:c3:82: 9a:2a:ed:03:ad:21:c5:9c:24:65:c8:e6:17:51:95:bf:28:c6: f4:12:94:66:16:62:89:97:e9:83:1f:eb:56:ab:e8:1a:65:73: 64:9f:6e:a6:2e:14:e4:77:2d:ca:8d:e6:d6:1b:98:33:72:13: 3a:41:e4:ea:2b:58:46:0c:16:8a:08:a7:5a:eb:a2:48:fa:64: 63:77:5a:60:24:36:b5:e0:d4:a7:ac:ce:5f:03:24:a2:26:35: 84:67:c7:bf:64:c1:7b:af:09:94:ba:aa:76:55:96:d7:ef:d2: 1f:9a:cf:c6:3c:1f:d6:4c:d9:90:46:aa:e4:b5:36:d2:80:5c: d3:42:34:c1:67:b4:b0:47:78:7a:40:57:82:eb:8d:01:1d:2b: 5d:12:d9:d7:22:83:1c:10:23:1b:f6:ab:4b:bf:33:aa:d2:34: f5:65:f0:1e:00:8f:42:fe:a3:70:24:b5:2e:c5:b4:02:c6:a5: ac:71:c3:7c:20:aa:14:6b:4f:44:34:10:54:89:41:53:70:45: 9c:29:7b:44:da:f0:ff:8d:1b:6b:89:c1:bf:62:d8:ca:7d:5a: 95:ff:11:e3:1c:af:35:4c:a6:a6:13:22:1f:32:48:01:4b:05: 34:f4:dc:e1 -----BEGIN CERTIFICATE----- MIIFgTCCBGmgAwIBAgIBIzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB MDVBMDExMC8GA1UEBRMoQTBGOUVCNjk4MURDNzJBMjc4QjE4NTI4OTkwNkMxRTEx QzBCMzVGMTAeFw0yNTA3MTUwODE0NTVaFw0yNjA5MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY4NzYwZGZmLThkYzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDBsggf8kAw7buiRGLqezhWrjiLo88GoQYR9hmv/R+H8iuWs3Vc4+d8IxrULuCA LArI9LGr6V5Sg7kGvVUzuQwQHnA1T6+VcV1GOgsYN/aKWuLuhjQQyUYdTm/Yp3d6 5GqBQBQYBWcs2B8zjJkD347uL3ZY6z+CsZ09g7zuCp46CnsmshZjSOOo8+ShM+5a C5F53mLj1uReBQ+TPuPQRjIIMdZG9o6ceWrDJxJCrY5ZYT6G9BfXXjK2wUld+/Ku XoH0ZtbIrfzf73UZupA1S3oogGxRgkAuQCrrWnXe2psJcckYOVZUjbvFPc5BWMSH i54eCktwqUcSHejyPEWqIJD1AgMBAAGjggKmMIICojAdBgNVHQ4EFgQUfquJEgra B0lRqbtPgqR1Gid77SEwHwYDVR0jBBgwFoAUoPnraYHccqJ4sYUomQbB4RwLNfEw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUEwNUEwLzlDNTM3MTc4MkY2 NDExRjBCNEYyQTI0NUM0RjlBRTAyL29QbnJhWUhjY3FKNHNZVW9tUWJCNFJ3TE5m RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvb1BucmFZSGNjcUo0c1lVb21RYkI0UndMTmZFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB MDVBMC85QzUzNzE3ODJGNjQxMUYwQjRGMkEyNDVDNEY5QUUwMi8yNUU5NkU0QzJG NjUxMUYwQTQ0MzAzNDdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh MB8wDAQCAAEwBgMEAGeMAzAPBAIAAjAJAwcAIAEN8KKAMA0GCSqGSIb3DQEBCwUA A4IBAQA1GP+K0AnaamSyOW4l/lYyw4KaKu0DrSHFnCRlyOYXUZW/KMb0EpRmFmKJ l+mDH+tWq+gaZXNkn26mLhTkdy3KjebWG5gzchM6QeTqK1hGDBaKCKda66JI+mRj d1pgJDa14NSnrM5fAySiJjWEZ8e/ZMF7rwmUuqp2VZbX79Ifms/GPB/WTNmQRqrk tTbSgFzTQjTBZ7SwR3h6QFeC640BHStdEtnXIoMcECMb9qtLvzOq0jT1ZfAeAI9C /qNwJLUuxbQCxqWsccN8IKoUa09ENBBUiUFTcEWcKXtE2vD/jRtricG/YtjKfVqV /xHjHK81TKamEyIfMkgBSwU09Nzh -----END CERTIFICATE-----Generated at Wed Aug 13 04:27:36 2025 by rpki-client