$ rpki-client -vvf rpki.apnic.net/member_repository/A91D493B/DBAD37A0CAAE11EC8241280DC4F9AE02/684DDD32CAB311ECBBCE9843C4F9AE02.roa File: 684DDD32CAB311ECBBCE9843C4F9AE02.roa (raw, json) Hash identifier: qH/kmALWQxd9w+o7ml/PHWheO95UYxgo26aceJX0/p4= Subject key identifier: 0B:F0:77:BD:B5:9A:86:C3:C3:48:1D:36:A4:4D:90:25:DA:0E:41:17 Certificate issuer: /CN=A91D493B/serialNumber=CC83BB6D0AA1779DEA169EDBA4A40228DE21BD7B Certificate serial: 031D Authority key identifier: CC:83:BB:6D:0A:A1:77:9D:EA:16:9E:DB:A4:A4:02:28:DE:21:BD:7B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zIO7bQqhd53qFp7bpKQCKN4hvXs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D493B/DBAD37A0CAAE11EC8241280DC4F9AE02/684DDD32CAB311ECBBCE9843C4F9AE02.roa Signing time: Wed 07 May 2025 01:07:49 +0000 ROA not before: Wed 07 May 2025 01:07:49 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 149660 IP address blocks: 103.185.222.0/23 maxlen: 23 103.185.222.0/24 maxlen: 24 103.185.223.0/24 maxlen: 24 2001:df0:9b40::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D493B/DBAD37A0CAAE11EC8241280DC4F9AE02/zIO7bQqhd53qFp7bpKQCKN4hvXs.crl rsync://rpki.apnic.net/member_repository/A91D493B/DBAD37A0CAAE11EC8241280DC4F9AE02/zIO7bQqhd53qFp7bpKQCKN4hvXs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zIO7bQqhd53qFp7bpKQCKN4hvXs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 00:57:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 797 (0x31d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D493B, serialNumber=CC83BB6D0AA1779DEA169EDBA4A40228DE21BD7B Validity Not Before: May 7 01:07:49 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681ab264-b806 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:15:48:e1:eb:22:d5:88:69:7e:4e:c9:58:54: 34:0e:14:05:3d:5d:0d:70:f9:27:67:03:89:68:05: 58:88:79:db:40:79:6d:ff:38:5e:0f:e6:e5:23:aa: fa:36:ef:78:37:7a:82:af:09:3b:d3:46:99:3f:5b: a9:40:40:8f:30:a2:7f:84:89:ae:98:72:eb:13:ff: e6:e3:7f:62:ec:05:10:1d:5a:bd:9e:4c:0c:48:2a: c2:b3:f8:84:13:e2:b5:ac:b1:4d:14:aa:3f:9d:2f: 6e:43:bb:4c:3b:f2:0d:18:fc:10:a9:cf:5c:25:6e: 87:b5:63:6c:b9:55:e3:b2:81:73:17:94:bd:f5:25: e5:f9:48:aa:67:5f:e4:eb:d0:aa:16:10:c0:50:d9: 87:d0:92:12:e7:59:52:2d:e3:eb:8c:c9:d1:7f:52: 40:b2:89:29:2e:37:63:18:ff:6b:de:5a:9a:73:d9: 4f:a2:04:86:96:4f:84:2d:28:a7:9e:bc:85:6c:9d: 30:e5:26:aa:d4:6d:49:c0:e0:3c:83:d2:5c:36:a6: d5:6f:9c:bc:1d:9d:aa:42:58:e7:7b:49:f1:4b:7b: 06:bd:db:27:fe:39:03:cf:cd:cb:a2:16:86:b9:cb: 90:d4:c3:87:63:41:4f:23:b4:a0:8b:27:af:b3:ce: 86:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:F0:77:BD:B5:9A:86:C3:C3:48:1D:36:A4:4D:90:25:DA:0E:41:17 X509v3 Authority Key Identifier: keyid:CC:83:BB:6D:0A:A1:77:9D:EA:16:9E:DB:A4:A4:02:28:DE:21:BD:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D493B/DBAD37A0CAAE11EC8241280DC4F9AE02/zIO7bQqhd53qFp7bpKQCKN4hvXs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zIO7bQqhd53qFp7bpKQCKN4hvXs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D493B/DBAD37A0CAAE11EC8241280DC4F9AE02/684DDD32CAB311ECBBCE9843C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.185.222.0/23 IPv6: 2001:df0:9b40::/48 Signature Algorithm: sha256WithRSAEncryption 3a:01:b5:b0:09:b5:9d:a4:ed:d9:4a:23:e4:59:23:a4:4a:cb: e0:7a:59:59:09:57:d5:e1:6b:23:18:14:40:35:65:8d:2b:cc: 18:cf:a9:c0:ed:37:25:31:af:5d:5a:bd:e1:d0:ba:01:1a:d5: 42:5b:5c:37:1c:86:14:6b:bf:11:38:72:7e:32:62:c7:c0:a9: 82:51:ce:b7:ba:8c:6b:06:ee:74:3f:ef:be:66:ac:e9:02:c6: f8:c5:8f:62:73:aa:02:98:fe:48:e3:eb:03:d2:e4:98:77:67: 39:4f:4d:c5:b3:1e:18:b7:6c:71:74:08:7f:ed:e0:0a:2c:1b: d3:89:04:c7:21:8f:c2:2a:e0:27:11:53:df:f6:72:96:89:2b: 28:d5:08:0a:fe:a5:a3:ff:59:3a:38:01:00:6e:b9:57:4c:e3: 43:0c:26:a6:a9:77:21:46:17:a3:a2:11:33:37:00:fb:c5:f8: 2f:a7:1d:b4:13:95:93:a9:da:69:da:b5:d7:6d:f0:6c:f5:2d: 46:a5:59:28:ec:6e:20:95:60:e2:bd:52:43:c0:fc:28:38:96: 6b:d7:cc:df:83:dc:f9:c6:e6:c5:71:89:ae:01:19:fb:a2:8d: dc:e0:2d:38:93:94:4a:2c:54:3a:43:46:c4:b9:0c:8c:7d:b8: 27:4e:96:04 -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICAx0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDQ5M0IxMTAvBgNVBAUTKENDODNCQjZEMEFBMTc3OURFQTE2OUVEQkE0QTQwMjI4 REUyMUJEN0IwHhcNMjUwNTA3MDEwNzQ5WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODFhYjI2NC1iODA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArBVI4esi1Yhpfk7JWFQ0DhQFPV0NcPknZwOJaAVYiHnbQHlt/zheD+blI6r6 Nu94N3qCrwk700aZP1upQECPMKJ/hImumHLrE//m439i7AUQHVq9nkwMSCrCs/iE E+K1rLFNFKo/nS9uQ7tMO/INGPwQqc9cJW6HtWNsuVXjsoFzF5S99SXl+UiqZ1/k 69CqFhDAUNmH0JIS51lSLePrjMnRf1JAsokpLjdjGP9r3lqac9lPogSGlk+ELSin nryFbJ0w5Saq1G1JwOA8g9JcNqbVb5y8HZ2qQljne0nxS3sGvdsn/jkDz83LohaG ucuQ1MOHY0FPI7Sgiyevs86GnwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFAvwd721 mobDw0gdNqRNkCXaDkEXMB8GA1UdIwQYMBaAFMyDu20KoXed6hae26SkAijeIb17 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDkzQi9EQkFEMzdBMENB QUUxMUVDODI0MTI4MERDNEY5QUUwMi96SU83YlFxaGQ1M3FGcDdicEtRQ0tONGh2 WHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3pJTzdiUXFoZDUzcUZwN2JwS1FDS040aHZYcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDQ5M0IvREJBRDM3QTBDQUFFMTFFQzgyNDEyODBEQzRGOUFFMDIvNjg0REREMzJD QUIzMTFFQ0JCQ0U5ODQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAFnud4wDwQCAAIwCQMHACABDfCbQDANBgkqhkiG9w0BAQsF AAOCAQEAOgG1sAm1naTt2Uoj5FkjpErL4HpZWQlX1eFrIxgUQDVljSvMGM+pwO03 JTGvXVq94dC6ARrVQltcNxyGFGu/EThyfjJix8CpglHOt7qMawbudD/vvmas6QLG +MWPYnOqApj+SOPrA9LkmHdnOU9NxbMeGLdscXQIf+3gCiwb04kExyGPwirgJxFT 3/ZylokrKNUICv6lo/9ZOjgBAG65V0zjQwwmpql3IUYXo6IRMzcA+8X4L6cdtBOV k6naadq1123wbPUtRqVZKOxuIJVg4r1SQ8D8KDiWa9fM34Pc+cbmxXGJrgEZ+6KN 3OAtOJOUSixUOkNGxLkMjH24J06WBA== -----END CERTIFICATE-----Generated at Wed Nov 5 07:52:59 2025 by rpki-client