$ rpki-client -vvf rpki.apnic.net/member_repository/A91C37DD/24855D80096511EFA4BCE87AC4F9AE02/8670D60E096611EF99F30750C4F9AE02.roa File: 8670D60E096611EF99F30750C4F9AE02.roa (raw, json) Hash identifier: sT0cMmz3LwTY9msFrBTT0GIkbrL7Fs7LTvjg3aLQ9/g= Subject key identifier: BA:14:78:8F:90:CA:79:FA:7A:D6:90:0E:47:3C:73:87:B3:FB:D4:7A Certificate issuer: /CN=A91C37DD/serialNumber=3FE3AE355A9277B91D73E2AC52F5387F095F189A Certificate serial: DF Authority key identifier: 3F:E3:AE:35:5A:92:77:B9:1D:73:E2:AC:52:F5:38:7F:09:5F:18:9A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P-OuNVqSd7kdc-KsUvU4fwlfGJo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C37DD/24855D80096511EFA4BCE87AC4F9AE02/8670D60E096611EF99F30750C4F9AE02.roa Signing time: Wed 11 Jun 2025 11:56:51 +0000 ROA not before: Wed 11 Jun 2025 11:56:51 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 152732 IP address blocks: 103.136.212.0/23 maxlen: 23 103.136.212.0/24 maxlen: 24 103.136.213.0/24 maxlen: 24 2401:9960::/32 maxlen: 32 2401:9960::/48 maxlen: 48 2401:9960:1::/48 maxlen: 48 2401:9960:2::/48 maxlen: 48 2401:9960:3::/48 maxlen: 48 2401:9960:4::/48 maxlen: 48 2401:9960:5::/48 maxlen: 48 2401:9960:6::/48 maxlen: 48 2401:9960:7::/48 maxlen: 48 2401:9960:8::/48 maxlen: 48 2401:9960:9::/48 maxlen: 48 2401:9960:10::/48 maxlen: 48 2401:9960:100::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C37DD/24855D80096511EFA4BCE87AC4F9AE02/P-OuNVqSd7kdc-KsUvU4fwlfGJo.crl rsync://rpki.apnic.net/member_repository/A91C37DD/24855D80096511EFA4BCE87AC4F9AE02/P-OuNVqSd7kdc-KsUvU4fwlfGJo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P-OuNVqSd7kdc-KsUvU4fwlfGJo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 04:57:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 223 (0xdf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C37DD, serialNumber=3FE3AE355A9277B91D73E2AC52F5387F095F189A Validity Not Before: Jun 11 11:56:51 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=68496f03-07e0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:7e:2d:57:fb:3e:b6:d2:45:21:e1:68:96:9d: 96:00:29:16:30:ed:28:e8:f3:40:f3:48:f8:ae:48: 8f:34:3e:92:b8:4a:2e:09:ee:17:3d:db:b2:97:21: ce:d2:6c:e1:85:6e:c1:f4:75:34:af:a1:5c:c5:32: 5a:5d:74:d3:90:79:90:96:45:2e:5f:79:78:b9:99: e8:cd:07:5e:33:5a:2b:1d:16:9f:15:41:66:1d:07: 34:65:57:2e:40:9c:db:ff:55:16:4b:4c:b1:b0:46: 33:1b:27:cb:9d:fa:96:36:eb:f8:29:30:87:6f:04: 0f:57:5d:b5:83:9c:21:92:e4:bd:a4:ed:76:a8:61: 3b:a8:09:4d:63:ef:a0:8c:a6:46:ea:0a:f3:bc:f7: 28:75:c1:1b:29:6c:9b:d7:71:7f:62:c0:68:ad:87: d8:87:77:ca:bc:5b:de:fd:30:61:e7:05:4a:b8:b0: 82:f2:2c:0e:b9:67:57:6e:4e:ee:90:fa:f4:7d:76: 3e:ad:86:98:db:be:9a:bd:ad:92:f5:db:40:9e:a1: 70:67:33:1d:a5:72:57:41:5e:72:6f:b2:24:75:cb: e3:16:15:3c:a8:9e:0d:e0:1a:95:57:b0:3d:07:1c: 73:f0:0a:8b:a7:da:e7:78:95:0e:bc:d1:63:80:bc: 3c:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:14:78:8F:90:CA:79:FA:7A:D6:90:0E:47:3C:73:87:B3:FB:D4:7A X509v3 Authority Key Identifier: keyid:3F:E3:AE:35:5A:92:77:B9:1D:73:E2:AC:52:F5:38:7F:09:5F:18:9A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C37DD/24855D80096511EFA4BCE87AC4F9AE02/P-OuNVqSd7kdc-KsUvU4fwlfGJo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P-OuNVqSd7kdc-KsUvU4fwlfGJo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C37DD/24855D80096511EFA4BCE87AC4F9AE02/8670D60E096611EF99F30750C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.136.212.0/23 IPv6: 2401:9960::/32 Signature Algorithm: sha256WithRSAEncryption 8b:5a:1a:38:52:42:4a:c8:ab:e2:d0:0d:6e:a2:72:88:48:4b: d0:2e:d0:4c:19:39:fe:b6:bc:ea:b7:5a:1d:00:4b:aa:61:99: c6:e2:dc:cf:43:12:8d:27:63:c8:19:0c:ec:d5:3b:81:d7:27: ed:ac:53:46:ad:d9:c4:4f:f3:da:8a:a5:ae:56:7a:b0:b1:8e: e2:e0:46:e4:a0:ab:da:fc:23:f5:9d:f9:f1:a8:65:0b:7b:0e: c4:65:f9:f5:17:e2:15:0b:11:47:e0:22:9d:fb:70:e6:bb:78: 1b:f3:6d:5d:39:ff:31:1e:25:47:0e:eb:a3:1e:eb:e1:74:09: c2:cc:e5:2c:17:06:5c:84:e3:67:8b:44:ab:03:74:a8:cb:bc: 7a:63:7a:da:77:bd:79:46:7f:9b:55:3e:2e:05:a5:aa:a1:63: b3:c3:d9:d6:07:23:0c:fd:7a:03:b4:9b:e2:d3:e2:6e:bc:b2: f1:6e:5a:8f:f9:58:20:eb:31:07:d1:bf:24:81:c1:c9:cd:4d: fd:fa:a8:40:de:61:68:54:58:76:4c:32:1a:6f:52:ff:7e:25: 8e:af:ae:db:6c:39:cd:96:ba:80:67:27:62:04:be:12:b4:74: 1c:e5:aa:13:ea:ea:7e:35:4e:d9:ef:c3:c8:6d:b5:f2:22:ba: a3:d5:1f:a3 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICAN8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzM3REQxMTAvBgNVBAUTKDNGRTNBRTM1NUE5Mjc3QjkxRDczRTJBQzUyRjUzODdG MDk1RjE4OUEwHhcNMjUwNjExMTE1NjUxWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODQ5NmYwMy0wN2UwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2n4tV/s+ttJFIeFolp2WACkWMO0o6PNA80j4rkiPND6SuEouCe4XPduylyHO 0mzhhW7B9HU0r6FcxTJaXXTTkHmQlkUuX3l4uZnozQdeM1orHRafFUFmHQc0ZVcu QJzb/1UWS0yxsEYzGyfLnfqWNuv4KTCHbwQPV121g5whkuS9pO12qGE7qAlNY++g jKZG6grzvPcodcEbKWyb13F/YsBorYfYh3fKvFve/TBh5wVKuLCC8iwOuWdXbk7u kPr0fXY+rYaY276ava2S9dtAnqFwZzMdpXJXQV5yb7IkdcvjFhU8qJ4N4BqVV7A9 Bxxz8AqLp9rneJUOvNFjgLw8twIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFLoUeI+Q ynn6etaQDkc8c4ez+9R6MB8GA1UdIwQYMBaAFD/jrjVakne5HXPirFL1OH8JXxia MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMzdERC8yNDg1NUQ4MDA5 NjUxMUVGQTRCQ0U4N0FDNEY5QUUwMi9QLU91TlZxU2Q3a2RjLUtzVXZVNGZ3bGZH Sm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1AtT3VOVnFTZDdrZGMtS3NVdlU0ZndsZkdKby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzM3REQvMjQ4NTVEODAwOTY1MTFFRkE0QkNFODdBQzRGOUFFMDIvODY3MEQ2MEUw OTY2MTFFRjk5RjMwNzUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAFniNQwDQQCAAIwBwMFACQBmWAwDQYJKoZIhvcNAQELBQAD ggEBAItaGjhSQkrIq+LQDW6icohIS9Au0EwZOf62vOq3Wh0AS6phmcbi3M9DEo0n Y8gZDOzVO4HXJ+2sU0at2cRP89qKpa5WerCxjuLgRuSgq9r8I/Wd+fGoZQt7DsRl +fUX4hULEUfgIp37cOa7eBvzbV05/zEeJUcO66Me6+F0CcLM5SwXBlyE42eLRKsD dKjLvHpjetp3vXlGf5tVPi4FpaqhY7PD2dYHIwz9egO0m+LT4m68svFuWo/5WCDr MQfRvySBwcnNTf36qEDeYWhUWHZMMhpvUv9+JY6vrttsOc2WuoBnJ2IEvhK0dBzl qhPq6n41Ttnvw8httfIiuqPVH6M= -----END CERTIFICATE-----Generated at Wed Nov 5 17:16:41 2025 by rpki-client