$ rpki-client -vvf rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/C42CEC7ECC3611EF9C79665CC4F9AE02.roa File: C42CEC7ECC3611EF9C79665CC4F9AE02.roa (raw, json) Hash identifier: +9I46oBmobqbn5rox7c5LlYsiP1+hncBa8w/SO0pYyk= Subject key identifier: C7:3F:9D:6A:12:EA:67:35:D4:58:BB:F4:D1:F4:AE:C0:01:60:8A:FD Certificate issuer: /CN=A91C5021/serialNumber=28F07110E43584A3BA6A3A4A87D68E9EB7D3E902 Certificate serial: 06F2 Authority key identifier: 28:F0:71:10:E4:35:84:A3:BA:6A:3A:4A:87:D6:8E:9E:B7:D3:E9:02 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/C42CEC7ECC3611EF9C79665CC4F9AE02.roa Signing time: Mon 20 Jan 2025 21:41:19 +0000 ROA not before: Mon 20 Jan 2025 21:41:19 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 137274 IP address blocks: 103.106.164.0/23 maxlen: 23 103.106.164.0/24 maxlen: 24 103.106.165.0/24 maxlen: 24 2406:e340::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.crl rsync://rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 21:43:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1778 (0x6f2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C5021, serialNumber=28F07110E43584A3BA6A3A4A87D68E9EB7D3E902 Validity Not Before: Jan 20 21:41:19 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=678ec2fe-bb8f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:a3:9e:ad:09:cd:0d:4b:9a:13:5c:01:8a:a2: fe:10:54:5e:a4:aa:3d:2d:87:e7:58:a2:c7:75:30: b8:63:d2:5d:1c:cc:cd:9d:ee:3c:e8:67:f9:2b:12: cd:6b:dd:7f:51:5d:13:92:e9:af:d8:33:db:8d:2b: a7:65:2a:19:f6:09:55:20:47:5e:3a:ab:7f:17:ba: 3a:a7:eb:82:22:3a:27:d3:c2:e4:40:19:20:f7:69: d3:36:2f:23:1e:d8:55:16:40:79:d1:44:23:ba:72: f2:40:71:9a:6f:1e:1c:e3:ed:75:d0:d4:d3:9f:9d: 6d:8d:dd:93:e6:24:f2:f5:f8:a2:75:92:a0:c5:7a: 5c:f3:71:54:d9:ae:73:29:8f:de:63:bd:79:a0:94: a5:62:36:55:3a:aa:fd:7f:a1:6f:56:ac:c5:95:12: c8:24:d8:c9:9f:b9:31:16:cf:a6:fd:d9:75:54:58: 14:52:3a:7c:ac:57:93:2a:0e:e4:34:fb:2b:71:af: 31:5c:37:41:4d:45:d8:7f:97:5e:3f:26:0c:64:d5: d9:2c:66:63:81:0d:98:e1:59:ef:c5:ec:cd:b0:14: 38:1f:c6:a5:f0:09:a4:ec:86:4c:31:63:d3:7d:5e: c9:1b:c7:89:d4:5a:c3:e9:a3:05:ac:31:b5:90:3c: f5:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:3F:9D:6A:12:EA:67:35:D4:58:BB:F4:D1:F4:AE:C0:01:60:8A:FD X509v3 Authority Key Identifier: keyid:28:F0:71:10:E4:35:84:A3:BA:6A:3A:4A:87:D6:8E:9E:B7:D3:E9:02 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/C42CEC7ECC3611EF9C79665CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.106.164.0/23 IPv6: 2406:e340::/32 Signature Algorithm: sha256WithRSAEncryption ad:2e:36:4d:ce:e1:74:70:68:41:f4:d3:81:2a:78:fb:89:cd: 80:1d:7a:52:df:20:19:ea:9f:5e:36:92:59:af:e1:22:9e:42: 53:f7:19:76:f3:1f:72:cb:b7:16:8e:ba:1d:3b:c0:38:4a:bd: 4f:76:82:23:e0:50:77:92:3a:1a:3b:94:5d:56:e3:96:75:65: 8c:c1:ca:34:62:9d:4b:07:b8:6a:16:58:9b:8e:65:5b:92:e6: 5f:c9:9b:92:e3:db:2e:6a:48:d5:ab:18:90:d0:e3:7b:3d:7c: 74:ea:6a:00:32:ef:b4:5c:6e:6d:0d:59:2a:08:bf:d8:e1:4b: ee:13:b4:06:c9:79:48:b5:a8:0b:97:b1:44:ac:7f:7f:bc:9b: dc:2c:62:c7:00:92:e9:b1:41:6f:88:e6:eb:20:8e:56:9c:df: 74:23:e2:3e:c6:6b:28:6b:ae:cd:4f:9b:20:a7:5a:da:cd:f1: 64:58:24:f2:92:0f:af:08:6c:9d:6a:6a:cd:bc:98:41:0e:46: 85:ef:5e:54:80:51:6a:bb:80:f1:7f:e0:bc:e3:02:c3:e5:2b: 11:21:d8:98:56:2a:f5:c3:ba:29:f4:cb:6b:14:0a:d7:91:cf: 6b:82:97:f3:2f:05:67:45:78:5c:01:d2:01:03:99:45:84:f6: 4a:5f:01:72 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICBvIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzUwMjExMTAvBgNVBAUTKDI4RjA3MTEwRTQzNTg0QTNCQTZBM0E0QTg3RDY4RTlF QjdEM0U5MDIwHhcNMjUwMTIwMjE0MTE5WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzhlYzJmZS1iYjhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoKOerQnNDUuaE1wBiqL+EFRepKo9LYfnWKLHdTC4Y9JdHMzNne486Gf5KxLN a91/UV0Tkumv2DPbjSunZSoZ9glVIEdeOqt/F7o6p+uCIjon08LkQBkg92nTNi8j HthVFkB50UQjunLyQHGabx4c4+110NTTn51tjd2T5iTy9fiidZKgxXpc83FU2a5z KY/eY715oJSlYjZVOqr9f6FvVqzFlRLIJNjJn7kxFs+m/dl1VFgUUjp8rFeTKg7k NPsrca8xXDdBTUXYf5dePyYMZNXZLGZjgQ2Y4VnvxezNsBQ4H8al8Amk7IZMMWPT fV7JG8eJ1FrD6aMFrDG1kDz1SQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFMc/nWoS 6mc11Fi79NH0rsABYIr9MB8GA1UdIwQYMBaAFCjwcRDkNYSjumo6SofWjp630+kC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNTAyMS85QUZENDg2QzNC QkMxMUVCQTc3NkYxNjFDNEY5QUUwMi9LUEJ4RU9RMWhLTzZhanBLaDlhT25yZlQ2 UUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tQQnhFT1ExaEtPNmFqcEtoOWFPbnJmVDZRSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzUwMjEvOUFGRDQ4NkMzQkJDMTFFQkE3NzZGMTYxQzRGOUFFMDIvQzQyQ0VDN0VD QzM2MTFFRjlDNzk2NjVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAFnaqQwDQQCAAIwBwMFACQG40AwDQYJKoZIhvcNAQELBQAD ggEBAK0uNk3O4XRwaEH004EqePuJzYAdelLfIBnqn142klmv4SKeQlP3GXbzH3LL txaOuh07wDhKvU92giPgUHeSOho7lF1W45Z1ZYzByjRinUsHuGoWWJuOZVuS5l/J m5Lj2y5qSNWrGJDQ43s9fHTqagAy77Rcbm0NWSoIv9jhS+4TtAbJeUi1qAuXsUSs f3+8m9wsYscAkumxQW+I5usgjlac33Qj4j7Gayhrrs1PmyCnWtrN8WRYJPKSD68I bJ1qas28mEEORoXvXlSAUWq7gPF/4LzjAsPlKxEh2JhWKvXDuin0y2sUCteRz2uC l/MvBWdFeFwB0gEDmUWE9kpfAXI= -----END CERTIFICATE-----Generated at Wed Nov 5 16:16:57 2025 by rpki-client