$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3BB3/95AEA9E8CBE411EA806A4A75C4F9AE02/D0CF108ED85111EF9DC0826CC4F9AE02.roa File: D0CF108ED85111EF9DC0826CC4F9AE02.roa (raw, json) Hash identifier: YDlJJK3r3QY2jge7AOb3CYnCW+wC8nrMDrmyeODCDi8= Subject key identifier: F1:5D:8C:16:BB:6F:EE:2D:30:9F:27:C3:88:C6:DE:FB:5F:14:50:8F Certificate issuer: /CN=A91E3BB3/serialNumber=3CDF43D717FC5849F23A94E29A772B28A5D701E3 Certificate serial: 087F Authority key identifier: 3C:DF:43:D7:17:FC:58:49:F2:3A:94:E2:9A:77:2B:28:A5:D7:01:E3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PN9D1xf8WEnyOpTimncrKKXXAeM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3BB3/95AEA9E8CBE411EA806A4A75C4F9AE02/D0CF108ED85111EF9DC0826CC4F9AE02.roa Signing time: Sat 30 Aug 2025 21:12:36 +0000 ROA not before: Sat 30 Aug 2025 21:12:36 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 140933 IP address blocks: 103.153.152.0/23 maxlen: 24 2406:46c0::/32 maxlen: 32 2406:46c0::/36 maxlen: 36 2406:46c0:1000::/36 maxlen: 36 2406:46c0:2000::/36 maxlen: 36 2406:46c0:3000::/36 maxlen: 36 2406:46c0:4000::/36 maxlen: 36 2406:46c0:5000::/36 maxlen: 36 2406:46c0:6000::/36 maxlen: 36 2406:46c0:7000::/36 maxlen: 36 2406:46c0:8000::/36 maxlen: 36 2406:46c0:9000::/36 maxlen: 36 2406:46c0:a000::/36 maxlen: 36 2406:46c0:b000::/36 maxlen: 36 2406:46c0:c000::/36 maxlen: 36 2406:46c0:d000::/36 maxlen: 36 2406:46c0:e000::/36 maxlen: 36 2406:46c0:f000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3BB3/95AEA9E8CBE411EA806A4A75C4F9AE02/PN9D1xf8WEnyOpTimncrKKXXAeM.crl rsync://rpki.apnic.net/member_repository/A91E3BB3/95AEA9E8CBE411EA806A4A75C4F9AE02/PN9D1xf8WEnyOpTimncrKKXXAeM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PN9D1xf8WEnyOpTimncrKKXXAeM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 20:37:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2175 (0x87f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3BB3, serialNumber=3CDF43D717FC5849F23A94E29A772B28A5D701E3 Validity Not Before: Aug 30 21:12:36 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=68b36944-f822 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:aa:d6:14:fe:09:b2:96:e6:55:d8:0b:7b:3c: b0:d2:a0:30:c0:92:12:8c:58:bb:e7:e0:21:6e:5b: cd:66:8c:60:1a:22:dc:a4:be:ec:21:11:fc:c9:31: bc:f9:e6:ea:43:63:67:1b:1b:f8:b9:0b:06:fa:9d: 8b:d0:41:07:49:40:ce:da:68:cf:a7:dc:bb:41:52: ef:6d:44:77:5a:18:1d:da:17:8d:57:e7:da:49:99: 51:57:c7:4d:45:25:d0:a9:77:cb:7c:e5:d5:e3:52: 9d:00:e2:05:1c:2f:e3:0f:b4:12:12:9e:6d:ae:23: e3:18:a1:f4:fd:44:c9:39:6c:08:21:ff:d1:e1:18: 78:92:42:48:e3:08:95:48:7f:2f:e0:03:e2:71:c0: e9:88:53:9c:4b:93:ab:ab:72:d2:bc:13:60:34:ee: 7b:e8:22:fe:3e:c6:19:c6:7f:0c:5e:53:83:3b:f5: df:65:07:76:ee:34:22:df:ab:82:40:2d:8b:01:79: 04:3a:88:66:ee:6f:7a:22:e0:ed:8d:0a:b7:66:ea: fc:df:40:f3:82:4a:50:68:20:80:81:f0:4e:b0:16: 4e:90:d0:43:80:b2:88:3b:6d:8e:da:63:6d:8e:e6: 5e:e2:a6:82:65:69:42:8e:07:88:04:bb:c6:ba:6c: 7d:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:5D:8C:16:BB:6F:EE:2D:30:9F:27:C3:88:C6:DE:FB:5F:14:50:8F X509v3 Authority Key Identifier: keyid:3C:DF:43:D7:17:FC:58:49:F2:3A:94:E2:9A:77:2B:28:A5:D7:01:E3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3BB3/95AEA9E8CBE411EA806A4A75C4F9AE02/PN9D1xf8WEnyOpTimncrKKXXAeM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PN9D1xf8WEnyOpTimncrKKXXAeM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3BB3/95AEA9E8CBE411EA806A4A75C4F9AE02/D0CF108ED85111EF9DC0826CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.153.152.0/23 IPv6: 2406:46c0::/32 Signature Algorithm: sha256WithRSAEncryption 7f:8a:0d:8f:fb:b3:68:4e:35:41:5b:f9:ce:5f:5a:2a:01:0c: d7:6a:e9:5a:e1:22:c3:49:ff:73:4f:46:bb:bf:55:59:f2:29: 21:2d:1d:6d:9e:b5:bc:47:95:3e:30:fb:5d:af:4d:2d:22:90: b3:c7:49:7f:cd:95:a8:d0:16:e5:ab:1b:2f:ab:d7:af:9e:a3: 87:d7:23:01:c9:5f:c8:ed:90:23:7d:81:79:9c:89:15:f7:1b: 15:e2:00:02:64:a1:3b:5e:0d:71:40:bb:ab:05:cf:cc:8f:35: 7c:71:9a:30:22:5f:dd:16:be:61:cb:5d:11:6e:16:67:6f:3e: 6d:58:bf:b3:97:84:1c:7f:70:36:5f:e7:ad:72:8b:5c:16:18: 52:80:2e:0a:6c:dc:6c:99:14:8b:53:bb:0d:67:17:95:e9:97: 88:41:4c:3c:1f:b4:47:39:7b:ff:77:00:58:0b:06:c6:c1:b6: b1:72:67:2b:ba:e7:d0:3f:a8:b5:80:03:1d:fd:08:66:b5:ec: 40:59:7c:48:c9:1d:64:a9:14:14:e5:02:64:b5:97:c5:fd:ab: 65:6f:23:8b:ad:93:c6:f6:e9:63:a4:c2:01:89:6d:51:a9:c6: d6:79:f1:b6:93:95:83:8b:15:03:02:03:17:12:71:6a:ca:63: 2f:99:39:e0 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICCH8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNCQjMxMTAvBgNVBAUTKDNDREY0M0Q3MTdGQzU4NDlGMjNBOTRFMjlBNzcyQjI4 QTVENzAxRTMwHhcNMjUwODMwMjExMjM2WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGIzNjk0NC1mODIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwKrWFP4JspbmVdgLezyw0qAwwJISjFi75+AhblvNZoxgGiLcpL7sIRH8yTG8 +ebqQ2NnGxv4uQsG+p2L0EEHSUDO2mjPp9y7QVLvbUR3Whgd2heNV+faSZlRV8dN RSXQqXfLfOXV41KdAOIFHC/jD7QSEp5triPjGKH0/UTJOWwIIf/R4Rh4kkJI4wiV SH8v4APiccDpiFOcS5Orq3LSvBNgNO576CL+PsYZxn8MXlODO/XfZQd27jQi36uC QC2LAXkEOohm7m96IuDtjQq3Zur830DzgkpQaCCAgfBOsBZOkNBDgLKIO22O2mNt juZe4qaCZWlCjgeIBLvGumx9rQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFPFdjBa7 b+4tMJ8nw4jG3vtfFFCPMB8GA1UdIwQYMBaAFDzfQ9cX/FhJ8jqU4pp3Kyil1wHj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0JCMy85NUFFQTlFOENC RTQxMUVBODA2QTRBNzVDNEY5QUUwMi9QTjlEMXhmOFdFbnlPcFRpbW5jcktLWFhB ZU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1BOOUQxeGY4V0VueU9wVGltbmNyS0tYWEFlTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTNCQjMvOTVBRUE5RThDQkU0MTFFQTgwNkE0QTc1QzRGOUFFMDIvRDBDRjEwOEVE ODUxMTFFRjlEQzA4MjZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAFnmZgwDQQCAAIwBwMFACQGRsAwDQYJKoZIhvcNAQELBQAD ggEBAH+KDY/7s2hONUFb+c5fWioBDNdq6VrhIsNJ/3NPRru/VVnyKSEtHW2etbxH lT4w+12vTS0ikLPHSX/NlajQFuWrGy+r16+eo4fXIwHJX8jtkCN9gXmciRX3GxXi AAJkoTteDXFAu6sFz8yPNXxxmjAiX90WvmHLXRFuFmdvPm1Yv7OXhBx/cDZf561y i1wWGFKALgps3GyZFItTuw1nF5Xpl4hBTDwftEc5e/93AFgLBsbBtrFyZyu659A/ qLWAAx39CGa17EBZfEjJHWSpFBTlAmS1l8X9q2VvI4utk8b26WOkwgGJbVGpxtZ5 8baTlYOLFQMCAxcScWrKYy+ZOeA= -----END CERTIFICATE-----Generated at Wed Nov 5 15:47:50 2025 by rpki-client