$ rpki-client -vvf rpki.apnic.net/member_repository/A91C0BE1/E46FF490AE2B11EB95627F82C4F9AE02/0C3EAFF6F84111EC926CBF53C4F9AE02.roa File: 0C3EAFF6F84111EC926CBF53C4F9AE02.roa (raw, json) Hash identifier: QP4syOi96y5XvL9Sdw2J+adgOyFXDCa3foh8bqHg19c= Subject key identifier: F7:86:93:64:9A:57:82:AC:28:BB:11:87:77:29:92:03:94:A1:9B:76 Certificate issuer: /CN=A91C0BE1/serialNumber=AA21B690C1D63CBF441AA3BD117ED8B786882229 Certificate serial: 063F Authority key identifier: AA:21:B6:90:C1:D6:3C:BF:44:1A:A3:BD:11:7E:D8:B7:86:88:22:29 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qiG2kMHWPL9EGqO9EX7Yt4aIIik.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C0BE1/E46FF490AE2B11EB95627F82C4F9AE02/0C3EAFF6F84111EC926CBF53C4F9AE02.roa Signing time: Wed 22 Oct 2025 23:42:37 +0000 ROA not before: Wed 22 Oct 2025 23:42:37 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 134676 IP address blocks: 103.195.204.0/23 maxlen: 23 103.195.204.0/24 maxlen: 24 103.195.205.0/24 maxlen: 24 2404:e3c0::/32 maxlen: 32 2404:e3c0::/48 maxlen: 48 2404:e3c0:1::/48 maxlen: 48 2404:e3c0:2::/48 maxlen: 48 2404:e3c0:3::/48 maxlen: 48 2404:e3c0:4::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C0BE1/E46FF490AE2B11EB95627F82C4F9AE02/qiG2kMHWPL9EGqO9EX7Yt4aIIik.crl rsync://rpki.apnic.net/member_repository/A91C0BE1/E46FF490AE2B11EB95627F82C4F9AE02/qiG2kMHWPL9EGqO9EX7Yt4aIIik.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qiG2kMHWPL9EGqO9EX7Yt4aIIik.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 22:46:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1599 (0x63f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C0BE1, serialNumber=AA21B690C1D63CBF441AA3BD117ED8B786882229 Validity Not Before: Oct 22 23:42:37 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=68f96bed-bd02 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:d8:47:d7:5b:2e:d0:4e:21:66:6d:af:57:4f: 6f:fa:c6:cd:5c:53:57:3b:a4:bc:53:d9:d3:ce:2d: e3:15:e8:1f:64:b9:14:61:95:d8:09:c2:47:14:4f: 3a:9a:5c:43:02:69:dd:dc:84:19:43:e8:17:dc:2a: 7d:34:b9:76:43:f2:78:6c:01:75:f2:cf:f4:06:a9: fa:cf:b9:42:ec:16:c8:76:bd:41:b5:44:24:51:90: 32:1c:b7:9a:52:28:b1:23:6c:30:93:e9:fa:a7:a3: 8a:8e:f7:84:c2:07:a5:ad:06:0f:81:c6:cb:02:60: 3a:a3:d0:f8:24:23:eb:0e:da:b6:28:07:f5:fa:84: 83:cb:a5:88:ba:06:f3:1f:01:ab:42:43:8a:61:c9: fa:1b:62:a7:b3:1a:8e:45:51:6a:ce:5c:9f:22:0f: 92:c6:a3:c4:35:09:5e:e5:37:a1:86:3f:a6:47:ee: ce:1d:1d:f9:e1:ac:f9:01:52:e6:d2:de:be:74:1f: e4:db:71:74:11:4f:20:f5:2c:e6:24:0a:65:d9:dc: 53:d4:47:05:4d:0b:26:3a:30:d8:50:c8:fa:b9:a8: 23:40:1f:f2:47:9f:ce:ef:26:dd:21:3d:36:6d:11: eb:ef:57:d2:17:c7:de:19:7b:cc:eb:46:0e:87:7c: 8a:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:86:93:64:9A:57:82:AC:28:BB:11:87:77:29:92:03:94:A1:9B:76 X509v3 Authority Key Identifier: keyid:AA:21:B6:90:C1:D6:3C:BF:44:1A:A3:BD:11:7E:D8:B7:86:88:22:29 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C0BE1/E46FF490AE2B11EB95627F82C4F9AE02/qiG2kMHWPL9EGqO9EX7Yt4aIIik.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qiG2kMHWPL9EGqO9EX7Yt4aIIik.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C0BE1/E46FF490AE2B11EB95627F82C4F9AE02/0C3EAFF6F84111EC926CBF53C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.195.204.0/23 IPv6: 2404:e3c0::/32 Signature Algorithm: sha256WithRSAEncryption 7e:42:9a:07:ba:3e:20:92:ac:4c:5d:cc:79:91:27:60:f3:b9: 32:2e:fc:c6:6b:57:30:e7:1a:35:48:8d:04:8b:97:de:a5:58: 4d:00:e3:f3:93:b7:79:43:d7:0a:e8:7c:50:a2:50:41:2b:87: 32:f7:a4:2f:d2:a8:8d:19:02:1a:ac:49:98:5c:8c:10:64:ff: 67:a6:ff:37:58:21:67:b6:21:18:53:06:1d:77:83:b7:63:b1: 1f:dd:3d:04:36:85:f2:a0:48:3d:af:56:eb:46:17:6e:0d:2c: 2a:71:d9:7d:07:f1:65:a0:fb:1e:29:af:de:c8:8f:59:b3:c8: 5c:c2:07:b9:a0:e9:56:39:1f:df:d7:9d:ee:03:74:fb:c6:9f: 53:25:cb:9c:02:ba:09:65:53:c5:14:46:2d:b9:17:33:de:c2: b4:5a:89:b6:7f:dc:4b:b9:29:fa:7b:03:be:59:bb:aa:3d:a1: 18:de:8c:9b:fb:a1:ce:64:bf:2d:9d:04:9b:12:c3:6a:5e:52: 15:3e:05:76:94:72:17:3e:8b:b1:57:e5:bb:be:2d:76:b4:ef: 4c:17:6b:19:28:af:bf:5e:03:7c:75:e9:98:0c:40:13:28:50: c9:21:fc:29:09:ee:6f:dd:eb:d9:b8:e6:a9:cd:95:2f:5e:87: 5a:66:92:73 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICBj8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzBCRTExMTAvBgNVBAUTKEFBMjFCNjkwQzFENjNDQkY0NDFBQTNCRDExN0VEOEI3 ODY4ODIyMjkwHhcNMjUxMDIyMjM0MjM3WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGY5NmJlZC1iZDAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtthH11su0E4hZm2vV09v+sbNXFNXO6S8U9nTzi3jFegfZLkUYZXYCcJHFE86 mlxDAmnd3IQZQ+gX3Cp9NLl2Q/J4bAF18s/0Bqn6z7lC7BbIdr1BtUQkUZAyHLea UiixI2wwk+n6p6OKjveEwgelrQYPgcbLAmA6o9D4JCPrDtq2KAf1+oSDy6WIugbz HwGrQkOKYcn6G2KnsxqORVFqzlyfIg+SxqPENQle5Tehhj+mR+7OHR354az5AVLm 0t6+dB/k23F0EU8g9SzmJApl2dxT1EcFTQsmOjDYUMj6uagjQB/yR5/O7ybdIT02 bRHr71fSF8feGXvM60YOh3yKXQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFPeGk2Sa V4KsKLsRh3cpkgOUoZt2MB8GA1UdIwQYMBaAFKohtpDB1jy/RBqjvRF+2LeGiCIp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMEJFMS9FNDZGRjQ5MEFF MkIxMUVCOTU2MjdGODJDNEY5QUUwMi9xaUcya01IV1BMOUVHcU85RVg3WXQ0YUlJ aWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3FpRzJrTUhXUEw5RUdxTzlFWDdZdDRhSUlpay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzBCRTEvRTQ2RkY0OTBBRTJCMTFFQjk1NjI3RjgyQzRGOUFFMDIvMEMzRUFGRjZG ODQxMTFFQzkyNkNCRjUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAFnw8wwDQQCAAIwBwMFACQE48AwDQYJKoZIhvcNAQELBQAD ggEBAH5Cmge6PiCSrExdzHmRJ2DzuTIu/MZrVzDnGjVIjQSLl96lWE0A4/OTt3lD 1wrofFCiUEErhzL3pC/SqI0ZAhqsSZhcjBBk/2em/zdYIWe2IRhTBh13g7djsR/d PQQ2hfKgSD2vVutGF24NLCpx2X0H8WWg+x4pr97Ij1mzyFzCB7mg6VY5H9/Xne4D dPvGn1Mly5wCugllU8UURi25FzPewrRaibZ/3Eu5Kfp7A75Zu6o9oRjejJv7oc5k vy2dBJsSw2peUhU+BXaUchc+i7FX5bu+LXa070wXaxkor79eA3x16ZgMQBMoUMkh /CkJ7m/d69m45qnNlS9eh1pmknM= -----END CERTIFICATE-----Generated at Wed Nov 5 16:09:33 2025 by rpki-client