$ rpki-client -vvf rpki.apnic.net/member_repository/A91CF285/FD64F0B8340C11E9966C5A76C4F9AE02/DC83478EEB0311ED875DD72EC4F9AE02.roa File: DC83478EEB0311ED875DD72EC4F9AE02.roa (raw, json) Hash identifier: ZDjZETXLZ7zFreIAvqJ7UMCHnkhV8V9TxpsSD145ZBI= Subject key identifier: 8A:88:19:D2:D7:D7:21:7A:99:5A:6B:E2:6F:7A:52:59:03:E2:A2:C5 Certificate issuer: /CN=A91CF285/serialNumber=3E29CE6F6A7DB94B6D09133B73FED52DDEE12DAB Certificate serial: 107A Authority key identifier: 3E:29:CE:6F:6A:7D:B9:4B:6D:09:13:3B:73:FE:D5:2D:DE:E1:2D:AB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PinOb2p9uUttCRM7c_7VLd7hLas.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CF285/FD64F0B8340C11E9966C5A76C4F9AE02/DC83478EEB0311ED875DD72EC4F9AE02.roa Signing time: Fri 02 May 2025 17:56:38 +0000 ROA not before: Fri 02 May 2025 17:56:38 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 137271 IP address blocks: 103.209.4.0/23 maxlen: 23 103.209.4.0/24 maxlen: 24 103.209.5.0/24 maxlen: 24 2406:bf00:1::/48 maxlen: 48 2406:bf00:2::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CF285/FD64F0B8340C11E9966C5A76C4F9AE02/PinOb2p9uUttCRM7c_7VLd7hLas.crl rsync://rpki.apnic.net/member_repository/A91CF285/FD64F0B8340C11E9966C5A76C4F9AE02/PinOb2p9uUttCRM7c_7VLd7hLas.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PinOb2p9uUttCRM7c_7VLd7hLas.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 17:24:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4218 (0x107a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CF285, serialNumber=3E29CE6F6A7DB94B6D09133B73FED52DDEE12DAB Validity Not Before: May 2 17:56:38 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=68150756-e233 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:f0:c7:34:08:eb:7d:85:12:09:d3:5b:d3:8f: 05:6e:73:d7:15:e7:64:4f:44:9a:27:a2:cb:eb:af: 84:5d:82:19:22:63:fe:ad:6d:f2:af:8d:b4:57:e3: d9:7e:f3:56:ac:20:b5:ae:f5:7a:4b:76:d5:44:70: 6b:23:cf:63:1b:0b:cd:7a:47:cc:a2:ae:df:1e:2f: 2a:b5:0a:c5:1a:48:3d:76:f5:cf:98:b2:1c:ab:b9: 12:28:68:b7:3a:33:08:ab:75:2e:bf:62:f4:51:28: a8:e7:e3:b8:c8:34:6c:c1:59:cc:60:9f:ec:06:ff: ad:1e:49:43:30:cb:41:b1:7e:ce:8c:c1:a1:3c:f1: 99:3e:bc:d7:1c:e3:e7:81:a3:e1:06:4e:22:06:0f: ac:77:9d:d5:fd:51:85:c9:61:f2:09:97:ac:ab:56: 8d:fa:19:a8:80:56:1e:08:e5:98:66:9f:2c:ba:57: 85:6c:65:f1:c7:76:b2:c1:43:20:38:41:81:d4:56: b1:35:2e:f5:04:93:5c:25:f5:2c:fd:a8:65:51:16: 5f:9a:2e:c8:c8:6b:fa:74:fd:ac:b5:ca:6d:37:68: f3:8b:c6:cf:47:bc:fd:00:b1:77:dc:d7:6d:73:6f: 19:f2:94:ee:00:62:ad:42:8f:46:9a:e6:33:ec:b5: f9:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:88:19:D2:D7:D7:21:7A:99:5A:6B:E2:6F:7A:52:59:03:E2:A2:C5 X509v3 Authority Key Identifier: keyid:3E:29:CE:6F:6A:7D:B9:4B:6D:09:13:3B:73:FE:D5:2D:DE:E1:2D:AB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CF285/FD64F0B8340C11E9966C5A76C4F9AE02/PinOb2p9uUttCRM7c_7VLd7hLas.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PinOb2p9uUttCRM7c_7VLd7hLas.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CF285/FD64F0B8340C11E9966C5A76C4F9AE02/DC83478EEB0311ED875DD72EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.209.4.0/23 IPv6: 2406:bf00:1::-2406:bf00:2:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption a1:66:09:8e:bf:ac:57:4a:39:87:02:00:d1:c8:94:1f:c0:79: d8:4e:dd:77:0f:80:7e:45:1f:14:c2:00:6a:cb:50:0c:7e:f5: ff:66:eb:1d:0b:9a:20:30:24:86:af:3d:7d:d5:ae:5b:3d:e6: e8:08:60:1e:30:b1:d2:20:5a:c0:49:76:e0:a0:8c:ee:dc:74: 28:d2:9f:f3:ec:c6:9f:c4:ff:99:c3:11:b1:ff:55:16:e2:2d: 7e:3e:a1:fc:52:19:30:a9:e0:fa:43:51:9c:a3:2a:f3:01:16: 9a:0a:62:c2:65:a1:29:b5:36:7c:01:c6:8e:3d:b5:40:1c:94: f3:58:e2:59:8a:fe:ac:c4:a4:a8:b2:99:40:dd:2c:91:f9:2f: 65:91:1f:94:91:44:dc:5d:71:76:5d:c6:bf:23:e0:1e:cb:d8: 04:fd:c6:d9:64:1f:83:dd:df:7f:2d:f0:f8:ba:36:b8:51:e9: 57:54:dd:04:a1:8c:a6:cc:70:3c:74:fb:71:25:c7:ba:72:17: 3b:3d:11:ab:ce:3a:64:fa:c9:70:d9:64:d8:e6:b7:55:8d:4d: 00:10:ec:aa:37:e6:bc:d1:26:2f:a4:86:dc:b1:fd:45:58:e1: e5:25:38:b6:2e:38:a6:89:53:1c:e4:2f:5f:d3:24:6c:18:a4: 55:31:8f:3d -----BEGIN CERTIFICATE----- MIIFjTCCBHWgAwIBAgICEHowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0YyODUxMTAvBgNVBAUTKDNFMjlDRTZGNkE3REI5NEI2RDA5MTMzQjczRkVENTJE REVFMTJEQUIwHhcNMjUwNTAyMTc1NjM4WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODE1MDc1Ni1lMjMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtfDHNAjrfYUSCdNb048FbnPXFedkT0SaJ6LL66+EXYIZImP+rW3yr420V+PZ fvNWrCC1rvV6S3bVRHBrI89jGwvNekfMoq7fHi8qtQrFGkg9dvXPmLIcq7kSKGi3 OjMIq3Uuv2L0USio5+O4yDRswVnMYJ/sBv+tHklDMMtBsX7OjMGhPPGZPrzXHOPn gaPhBk4iBg+sd53V/VGFyWHyCZesq1aN+hmogFYeCOWYZp8suleFbGXxx3aywUMg OEGB1FaxNS71BJNcJfUs/ahlURZfmi7IyGv6dP2stcptN2jzi8bPR7z9ALF33Ndt c28Z8pTuAGKtQo9GmuYz7LX5/wIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFIqIGdLX 1yF6mVpr4m96UlkD4qLFMB8GA1UdIwQYMBaAFD4pzm9qfblLbQkTO3P+1S3e4S2r MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRjI4NS9GRDY0RjBCODM0 MEMxMUU5OTY2QzVBNzZDNEY5QUUwMi9QaW5PYjJwOXVVdHRDUk03Y183VkxkN2hM YXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1Bpbk9iMnA5dVV0dENSTTdjXzdWTGQ3aExhcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0YyODUvRkQ2NEYwQjgzNDBDMTFFOTk2NkM1QTc2QzRGOUFFMDIvREM4MzQ3OEVF QjAzMTFFRDg3NURENzJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E LDAqMAwEAgABMAYDBAFn0QQwGgQCAAIwFDASAwcAJAa/AAABAwcAJAa/AAACMA0G CSqGSIb3DQEBCwUAA4IBAQChZgmOv6xXSjmHAgDRyJQfwHnYTt13D4B+RR8UwgBq y1AMfvX/ZusdC5ogMCSGrz191a5bPeboCGAeMLHSIFrASXbgoIzu3HQo0p/z7Maf xP+ZwxGx/1UW4i1+PqH8UhkwqeD6Q1GcoyrzARaaCmLCZaEptTZ8AcaOPbVAHJTz WOJZiv6sxKSosplA3SyR+S9lkR+UkUTcXXF2Xca/I+Aey9gE/cbZZB+D3d9/LfD4 uja4UelXVN0EoYymzHA8dPtxJce6chc7PRGrzjpk+slw2WTY5rdVjU0AEOyqN+a8 0SYvpIbcsf1FWOHlJTi2LjimiVMc5C9f0yRsGKRVMY89 -----END CERTIFICATE-----Generated at Wed Nov 5 11:35:39 2025 by rpki-client