$ rpki-client -vvf rpki.apnic.net/member_repository/A91C4FBE/25E826AE993211F0A354BA69C4F9AE02/0B4BDC0E993311F08534326BC4F9AE02.roa File: 0B4BDC0E993311F08534326BC4F9AE02.roa (raw, json) Hash identifier: yiX43samODsVfp7MYQJH26jbQ0swF124TZPClYLXMXM= Subject key identifier: 2B:4E:03:5C:91:AF:66:1C:C0:C1:C5:C5:0F:A8:63:C1:7C:87:41:2D Certificate issuer: /CN=A91C4FBE/serialNumber=A628757AF3A48286BDFDF83AB4E64E24D82E0C6B Certificate serial: 02 Authority key identifier: A6:28:75:7A:F3:A4:82:86:BD:FD:F8:3A:B4:E6:4E:24:D8:2E:0C:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pih1evOkgoa9_fg6tOZOJNguDGs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C4FBE/25E826AE993211F0A354BA69C4F9AE02/0B4BDC0E993311F08534326BC4F9AE02.roa Signing time: Wed 24 Sep 2025 10:41:36 +0000 ROA not before: Wed 24 Sep 2025 10:41:36 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 23726 IP address blocks: 103.149.148.0/24 maxlen: 24 2001:ded:8000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C4FBE/25E826AE993211F0A354BA69C4F9AE02/pih1evOkgoa9_fg6tOZOJNguDGs.crl rsync://rpki.apnic.net/member_repository/A91C4FBE/25E826AE993211F0A354BA69C4F9AE02/pih1evOkgoa9_fg6tOZOJNguDGs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pih1evOkgoa9_fg6tOZOJNguDGs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 08:04:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C4FBE, serialNumber=A628757AF3A48286BDFDF83AB4E64E24D82E0C6B Validity Not Before: Sep 24 10:41:36 2025 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=68d3cae0-6f3a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:5b:c1:59:36:4e:ed:3a:4f:99:ee:ce:b3:d8: ff:67:fc:80:39:80:19:f6:fd:a0:72:12:f7:3a:21: 00:b3:59:cb:02:96:c9:7d:55:46:c8:ba:96:a3:29: fe:f4:28:7c:69:20:ab:5f:7c:ea:35:e9:75:97:f9: 6b:64:56:cf:d0:0a:8b:81:14:ae:bf:de:a1:5e:38: 4d:80:3c:af:d0:95:21:b4:8b:79:d0:73:19:0b:58: d7:49:c6:57:07:93:e7:c6:6e:ed:02:05:54:04:97: 44:ed:45:33:36:ec:45:9c:63:cd:1b:51:a1:cf:91: aa:04:2b:aa:9e:5f:0c:19:af:d8:11:4b:dd:e9:83: 2f:04:d2:70:13:ff:4f:1f:6c:34:8c:3a:55:8c:7b: d5:8c:aa:da:b7:43:a6:f3:e9:01:31:83:a1:5d:9f: 0d:6a:ed:d4:d8:cd:b3:a9:2b:8d:90:6c:74:48:30: 15:2e:c7:22:43:54:8d:ec:68:22:ac:e8:b4:6f:2f: 1b:15:a0:3f:81:4d:bc:f6:06:6d:c9:9c:72:b4:ab: d9:2d:86:e8:1d:47:c5:31:94:f4:80:b4:d2:08:23: 58:a6:5a:e3:d6:df:73:a9:46:16:8a:d9:89:a9:03: b4:04:e1:09:55:61:ea:e9:a3:f8:e8:cd:e6:37:c8: 86:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:4E:03:5C:91:AF:66:1C:C0:C1:C5:C5:0F:A8:63:C1:7C:87:41:2D X509v3 Authority Key Identifier: keyid:A6:28:75:7A:F3:A4:82:86:BD:FD:F8:3A:B4:E6:4E:24:D8:2E:0C:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C4FBE/25E826AE993211F0A354BA69C4F9AE02/pih1evOkgoa9_fg6tOZOJNguDGs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pih1evOkgoa9_fg6tOZOJNguDGs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C4FBE/25E826AE993211F0A354BA69C4F9AE02/0B4BDC0E993311F08534326BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.149.148.0/24 IPv6: 2001:ded:8000::/48 Signature Algorithm: sha256WithRSAEncryption 7e:40:c2:3b:61:c5:c3:5e:a6:20:b6:5d:79:9c:7b:86:d2:3d: 31:18:2b:fe:36:8e:30:dc:ee:c8:75:ee:27:84:1e:7c:1d:a3: 18:16:db:d3:c0:97:13:78:90:e2:19:06:46:05:2f:ce:8d:ae: 53:1d:00:cf:f3:8e:d7:45:18:f9:91:f9:ac:82:bd:b2:cc:20: 1b:71:e3:5a:d6:2e:83:20:a8:33:73:9f:d0:1f:09:e8:c7:c0: 7b:66:e4:6e:32:49:6e:64:f5:9d:d4:67:65:cf:4d:fd:a9:78: b8:07:96:17:fc:bd:5f:0f:7a:51:d6:b1:77:69:dd:34:37:b7: 09:a7:88:c3:b3:97:5e:fd:eb:e7:f6:38:4f:6c:bd:06:3b:a3: 15:a3:30:5a:c4:f8:40:ee:cd:93:cf:45:57:e3:f9:9f:f9:2e: 6d:35:a1:6f:82:ac:38:80:38:4c:f2:db:77:f0:03:53:c3:cd: 83:81:5a:41:0a:a8:20:ad:2f:08:84:62:c9:ef:4a:2b:8b:12: 8a:fa:17:c7:30:96:48:bb:7d:6b:08:be:e2:16:82:9d:8c:e7: f4:14:5f:c6:5d:f0:10:52:a6:97:02:8c:f0:09:b0:50:9a:d1: ce:df:e0:f6:b8:a5:88:65:af:97:dc:e3:05:4b:18:10:ff:11: df:4c:9c:91 -----BEGIN CERTIFICATE----- MIIFgTCCBGmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD NEZCRTExMC8GA1UEBRMoQTYyODc1N0FGM0E0ODI4NkJERkRGODNBQjRFNjRFMjRE ODJFMEM2QjAeFw0yNTA5MjQxMDQxMzZaFw0yNTEyMzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY4ZDNjYWUwLTZmM2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC3W8FZNk7tOk+Z7s6z2P9n/IA5gBn2/aByEvc6IQCzWcsClsl9VUbIupajKf70 KHxpIKtffOo16XWX+WtkVs/QCouBFK6/3qFeOE2APK/QlSG0i3nQcxkLWNdJxlcH k+fGbu0CBVQEl0TtRTM27EWcY80bUaHPkaoEK6qeXwwZr9gRS93pgy8E0nAT/08f bDSMOlWMe9WMqtq3Q6bz6QExg6Fdnw1q7dTYzbOpK42QbHRIMBUuxyJDVI3saCKs 6LRvLxsVoD+BTbz2Bm3JnHK0q9kthugdR8UxlPSAtNIII1imWuPW33OpRhaK2Ymp A7QE4QlVYerpo/jozeY3yIZlAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUK04DXJGv ZhzAwcXFD6hjwXyHQS0wHwYDVR0jBBgwFoAUpih1evOkgoa9/fg6tOZOJNguDGsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM0RkJFLzI1RTgyNkFFOTkz MjExRjBBMzU0QkE2OUM0RjlBRTAyL3BpaDFldk9rZ29hOV9mZzZ0T1pPSk5ndURH cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvcGloMWV2T2tnb2E5X2ZnNnRPWk9KTmd1REdzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD NEZCRS8yNUU4MjZBRTk5MzIxMUYwQTM1NEJBNjlDNEY5QUUwMi8wQjRCREMwRTk5 MzMxMUYwODUzNDMyNkJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh MB8wDAQCAAEwBgMEAGeVlDAPBAIAAjAJAwcAIAEN7YAAMA0GCSqGSIb3DQEBCwUA A4IBAQB+QMI7YcXDXqYgtl15nHuG0j0xGCv+No4w3O7Ide4nhB58HaMYFtvTwJcT eJDiGQZGBS/Oja5THQDP847XRRj5kfmsgr2yzCAbceNa1i6DIKgzc5/QHwnox8B7 ZuRuMkluZPWd1Gdlz039qXi4B5YX/L1fD3pR1rF3ad00N7cJp4jDs5de/evn9jhP bL0GO6MVozBaxPhA7s2Tz0VX4/mf+S5tNaFvgqw4gDhM8tt38ANTw82DgVpBCqgg rS8IhGLJ70orixKK+hfHMJZIu31rCL7iFoKdjOf0FF/GXfAQUqaXAozwCbBQmtHO 3+D2uKWIZa+X3OMFSxgQ/xHfTJyR -----END CERTIFICATE-----Generated at Wed Nov 5 09:39:10 2025 by rpki-client