$ rpki-client -vvf rpki.apnic.net/member_repository/A91BF312/AA92B9780C2911EB9540DD61C4F9AE02/DF3CAFC44D9E11F0B1307858C4F9AE02.roa File: DF3CAFC44D9E11F0B1307858C4F9AE02.roa (raw, json) Hash identifier: nNMfwVwGreVHShqHhiSA1wDrVojq2wBr5IqezlVe7oA= Subject key identifier: F3:B4:AC:CC:54:C9:13:60:0D:7B:43:01:C0:27:B6:2A:E8:F9:78:72 Certificate issuer: /CN=A91BF312/serialNumber=F0297D0E4531A1D62A95AF5D2F22EF2408DAD29C Certificate serial: 07AE Authority key identifier: F0:29:7D:0E:45:31:A1:D6:2A:95:AF:5D:2F:22:EF:24:08:DA:D2:9C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8Cl9DkUxodYqla9dLyLvJAja0pw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BF312/AA92B9780C2911EB9540DD61C4F9AE02/DF3CAFC44D9E11F0B1307858C4F9AE02.roa Signing time: Fri 20 Jun 2025 06:21:59 +0000 ROA not before: Fri 20 Jun 2025 06:21:59 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 55720 IP address blocks: 103.212.68.0/24 maxlen: 24 103.212.69.0/24 maxlen: 24 103.212.70.0/24 maxlen: 24 103.212.71.0/24 maxlen: 24 139.5.177.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BF312/AA92B9780C2911EB9540DD61C4F9AE02/8Cl9DkUxodYqla9dLyLvJAja0pw.crl rsync://rpki.apnic.net/member_repository/A91BF312/AA92B9780C2911EB9540DD61C4F9AE02/8Cl9DkUxodYqla9dLyLvJAja0pw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8Cl9DkUxodYqla9dLyLvJAja0pw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 21:07:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1966 (0x7ae) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BF312, serialNumber=F0297D0E4531A1D62A95AF5D2F22EF2408DAD29C Validity Not Before: Jun 20 06:21:59 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=6854fe07-3472 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:2d:b0:00:a8:89:eb:59:24:17:cb:93:12:fa: a7:ec:03:e8:4e:84:41:0f:da:73:70:56:29:af:ac: 02:bc:c7:0c:aa:6c:44:95:5d:a9:68:79:d0:2e:f8: 9a:30:96:0d:9f:94:1e:bf:85:c5:99:44:5a:0a:2f: c1:fa:3f:76:cf:3b:d9:e7:d0:99:98:31:ea:b3:5a: 5b:ff:1d:04:dd:f9:21:b1:c1:60:0c:ca:b1:b7:b3: f3:8c:e4:d9:bf:b2:d1:58:26:d2:80:0a:e1:25:4f: ff:ea:d9:3d:80:b1:e3:db:aa:17:60:f5:36:fc:a6: 9e:91:6d:6a:23:34:b9:1c:ad:0f:19:7b:41:91:5d: 02:c7:34:1c:bd:45:cd:98:bf:5d:4b:b7:b7:eb:58: 84:0e:60:2b:82:37:6b:ae:a5:b0:3d:dc:cd:ce:35: 4c:7a:a0:bd:bd:a1:c7:f7:f6:a3:76:ea:29:5c:c6: 08:e0:2a:28:63:96:e1:cc:fb:68:7e:c4:d2:e2:9f: e9:9e:fc:5b:3e:c9:ac:80:c8:90:b6:d7:04:81:0d: ca:01:6a:8c:5c:27:74:53:b6:ed:77:90:52:56:96: d3:94:01:31:e0:f8:61:c1:2b:1a:88:8c:c5:06:da: d9:c3:c7:5c:82:c9:da:6b:65:c8:de:a3:7d:cd:34: a3:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:B4:AC:CC:54:C9:13:60:0D:7B:43:01:C0:27:B6:2A:E8:F9:78:72 X509v3 Authority Key Identifier: keyid:F0:29:7D:0E:45:31:A1:D6:2A:95:AF:5D:2F:22:EF:24:08:DA:D2:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BF312/AA92B9780C2911EB9540DD61C4F9AE02/8Cl9DkUxodYqla9dLyLvJAja0pw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8Cl9DkUxodYqla9dLyLvJAja0pw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BF312/AA92B9780C2911EB9540DD61C4F9AE02/DF3CAFC44D9E11F0B1307858C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.212.68.0/22 139.5.177.0/24 Signature Algorithm: sha256WithRSAEncryption 08:cb:18:f4:dd:83:fd:4e:9a:be:21:69:da:6d:b0:11:b6:3c: 09:11:a8:16:f7:40:97:d6:ec:bf:f6:1c:ec:53:f6:5f:5d:e7: bb:8d:72:ed:ca:bb:12:8d:92:97:da:29:74:85:75:f3:b2:74: da:58:e0:38:a1:8d:c3:d3:ee:96:34:c0:9f:fd:8e:04:c5:5d: ea:53:78:07:f9:67:96:df:87:bc:7d:74:8e:b8:5d:e0:24:0a: 4b:07:f3:77:0d:17:23:b5:05:de:03:cc:92:38:8b:67:9b:88: 31:d6:34:cb:46:a0:83:f8:8d:a0:39:2f:f6:da:94:74:03:e0: 79:58:57:44:15:dc:8f:00:ed:b0:99:c3:d9:40:30:d1:81:18: ff:24:81:90:09:53:34:74:ce:f9:ed:6f:6a:f8:28:01:09:92: 2e:1e:22:66:9c:26:68:29:f9:84:2d:11:c9:c2:79:06:85:b6: f9:92:49:13:c0:05:c3:a9:b3:37:4a:08:48:a4:d6:5b:82:a2: b9:8a:30:dd:50:e3:64:0b:0e:31:72:73:f0:07:0a:43:5f:5a: b2:80:84:80:79:ba:76:0f:69:66:c7:22:76:56:6e:48:e4:5e: 10:17:40:74:9e:3d:01:01:69:90:78:b9:53:fa:7e:48:0c:b5: dd:b1:e8:93 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICB64wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkYzMTIxMTAvBgNVBAUTKEYwMjk3RDBFNDUzMUExRDYyQTk1QUY1RDJGMjJFRjI0 MDhEQUQyOUMwHhcNMjUwNjIwMDYyMTU5WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODU0ZmUwNy0zNDcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsS2wAKiJ61kkF8uTEvqn7APoToRBD9pzcFYpr6wCvMcMqmxElV2paHnQLvia MJYNn5Qev4XFmURaCi/B+j92zzvZ59CZmDHqs1pb/x0E3fkhscFgDMqxt7PzjOTZ v7LRWCbSgArhJU//6tk9gLHj26oXYPU2/KaekW1qIzS5HK0PGXtBkV0CxzQcvUXN mL9dS7e361iEDmArgjdrrqWwPdzNzjVMeqC9vaHH9/ajduopXMYI4CooY5bhzPto fsTS4p/pnvxbPsmsgMiQttcEgQ3KAWqMXCd0U7btd5BSVpbTlAEx4PhhwSsaiIzF BtrZw8dcgsnaa2XI3qN9zTSjUwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFPO0rMxU yRNgDXtDAcAntiro+XhyMB8GA1UdIwQYMBaAFPApfQ5FMaHWKpWvXS8i7yQI2tKc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRjMxMi9BQTkyQjk3ODBD MjkxMUVCOTU0MERENjFDNEY5QUUwMi84Q2w5RGtVeG9kWXFsYTlkTHlMdkpBamEw cHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzhDbDlEa1V4b2RZcWxhOWRMeUx2SkFqYTBwdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkYzMTIvQUE5MkI5NzgwQzI5MTFFQjk1NDBERDYxQzRGOUFFMDIvREYzQ0FGQzQ0 RDlFMTFGMEIxMzA3ODU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAJn1EQDBACLBbEwDQYJKoZIhvcNAQELBQADggEBAAjLGPTd g/1Omr4hadptsBG2PAkRqBb3QJfW7L/2HOxT9l9d57uNcu3KuxKNkpfaKXSFdfOy dNpY4DihjcPT7pY0wJ/9jgTFXepTeAf5Z5bfh7x9dI64XeAkCksH83cNFyO1Bd4D zJI4i2ebiDHWNMtGoIP4jaA5L/balHQD4HlYV0QV3I8A7bCZw9lAMNGBGP8kgZAJ UzR0zvntb2r4KAEJki4eImacJmgp+YQtEcnCeQaFtvmSSRPABcOpszdKCEik1luC ormKMN1Q42QLDjFyc/AHCkNfWrKAhIB5unYPaWbHInZWbkjkXhAXQHSePQEBaZB4 uVP6fkgMtd2x6JM= -----END CERTIFICATE-----Generated at Tue Nov 4 16:36:08 2025 by rpki-client