$ rpki-client -vvf rpki.apnic.net/member_repository/A91E5490/321F591E146211EC9868C246C4F9AE02/8608449A356511EC9715F015C4F9AE02.roa File: 8608449A356511EC9715F015C4F9AE02.roa (raw, json) Hash identifier: 4gKis+++tXEeHG38EwpejzSM+kE6A6gIMsrjZpkNJeo= Subject key identifier: C8:6A:62:84:13:B1:B1:ED:62:89:FE:ED:75:00:02:5F:06:F3:B6:98 Certificate issuer: /CN=A91E5490/serialNumber=F96FAE288A6430ADCCF95E0EA89F085BB6E829D4 Certificate serial: 0550 Authority key identifier: F9:6F:AE:28:8A:64:30:AD:CC:F9:5E:0E:A8:9F:08:5B:B6:E8:29:D4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-W-uKIpkMK3M-V4OqJ8IW7boKdQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E5490/321F591E146211EC9868C246C4F9AE02/8608449A356511EC9715F015C4F9AE02.roa Signing time: Thu 30 Oct 2025 23:44:05 +0000 ROA not before: Thu 30 Oct 2025 23:44:05 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 147014 IP address blocks: 103.173.4.0/24 maxlen: 24 103.173.5.0/24 maxlen: 24 2407:dc40::/32 maxlen: 32 2407:dc40::/48 maxlen: 48 2407:dc40:1::/48 maxlen: 48 2407:dc40:2::/48 maxlen: 48 2407:dc40:3::/48 maxlen: 48 2407:dc40:4::/48 maxlen: 48 2407:dc40:5::/48 maxlen: 48 2407:dc40:6::/48 maxlen: 48 2407:dc40:7::/48 maxlen: 48 2407:dc40:8::/48 maxlen: 48 2407:dc40:9::/48 maxlen: 48 2407:dc40:a::/48 maxlen: 48 2407:dc40:b::/48 maxlen: 48 2407:dc40:c::/48 maxlen: 48 2407:dc40:d::/48 maxlen: 48 2407:dc40:e::/48 maxlen: 48 2407:dc40:f::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E5490/321F591E146211EC9868C246C4F9AE02/-W-uKIpkMK3M-V4OqJ8IW7boKdQ.crl rsync://rpki.apnic.net/member_repository/A91E5490/321F591E146211EC9868C246C4F9AE02/-W-uKIpkMK3M-V4OqJ8IW7boKdQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-W-uKIpkMK3M-V4OqJ8IW7boKdQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 23:32:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1360 (0x550) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5490, serialNumber=F96FAE288A6430ADCCF95E0EA89F085BB6E829D4 Validity Not Before: Oct 30 23:44:05 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=6903f845-e11d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:dd:0a:6f:f6:bc:ee:7b:2a:03:51:a6:cc:f7: d0:3c:67:d8:ba:e9:9b:5d:e6:35:3f:14:60:c6:5f: b0:1b:c6:38:52:16:ca:29:53:8d:e7:60:09:dd:c6: 6a:80:5b:05:77:dc:28:0b:af:50:60:c0:cf:18:26: ad:09:b1:66:91:82:40:f2:df:98:76:bc:41:18:4d: f6:06:ee:b7:f5:d3:e6:53:c2:fa:f7:95:8d:99:93: 2f:24:31:2c:e2:07:49:83:3a:36:ff:91:2e:8c:2a: 22:90:99:84:c3:9a:50:95:b9:13:08:50:b4:2b:53: 85:fd:1b:f4:a2:08:79:51:32:e4:50:50:6d:e6:37: d2:88:48:c3:8d:bc:2d:d0:72:fc:7c:7e:e2:4c:bd: 20:37:9f:b8:78:e8:93:4f:a4:57:e8:e7:8b:7b:9a: a8:1a:90:e2:ea:d3:af:89:74:d4:ae:65:c8:cd:4e: 2d:8d:05:5d:cc:c4:23:0b:b5:71:19:1b:53:23:38: b3:a9:d6:9b:71:d2:0d:9b:07:25:57:9a:3b:4f:6b: 12:d4:38:5c:a0:7e:0f:6d:6f:f7:37:13:a7:fa:4a: 1b:cc:aa:71:f9:cb:b7:53:42:06:0d:35:18:e8:c1: df:0e:e6:85:9e:8e:4c:22:6b:bf:6f:12:c5:9c:f1: fd:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:6A:62:84:13:B1:B1:ED:62:89:FE:ED:75:00:02:5F:06:F3:B6:98 X509v3 Authority Key Identifier: keyid:F9:6F:AE:28:8A:64:30:AD:CC:F9:5E:0E:A8:9F:08:5B:B6:E8:29:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E5490/321F591E146211EC9868C246C4F9AE02/-W-uKIpkMK3M-V4OqJ8IW7boKdQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-W-uKIpkMK3M-V4OqJ8IW7boKdQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E5490/321F591E146211EC9868C246C4F9AE02/8608449A356511EC9715F015C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.173.4.0/23 IPv6: 2407:dc40::/32 Signature Algorithm: sha256WithRSAEncryption b1:3b:7d:6f:29:dd:a2:47:42:9f:5e:c6:d4:d8:0b:a1:27:fd: a8:10:aa:97:4b:cb:e6:85:5d:7e:47:13:fc:61:dd:d0:08:21: 00:0c:43:d2:52:dc:30:00:d3:c4:aa:ac:53:61:db:f2:6d:7c: b7:05:3c:55:2c:13:fd:2a:a4:b4:3c:d5:e6:6a:59:1c:f6:43: e7:e4:c6:91:f9:ca:96:80:49:b4:d7:05:27:13:8d:42:31:02: 8d:50:22:9b:4a:6a:97:24:2a:28:9c:8e:5f:50:ac:8d:a4:a0: 55:6b:4c:db:6b:41:04:11:5f:a1:a8:05:3f:69:39:fc:39:88: 90:4f:d6:df:4f:0b:0e:1a:f2:05:d1:a8:44:64:af:cc:6c:1b: df:1a:3c:bb:84:14:d0:05:1d:fa:60:5e:53:8a:35:ad:58:bd: da:85:5e:fc:4b:4c:8d:5d:4c:09:4d:00:97:fc:d5:5b:2e:fe: 54:a8:9a:05:26:86:26:3d:46:46:4c:b0:92:54:e6:91:22:27: d4:16:d6:9d:de:bb:fb:0a:01:de:03:d6:1d:d8:e9:26:a9:7d: d2:4d:d9:06:73:21:45:84:37:d5:18:9d:75:79:3e:a8:a3:6c: c8:b6:7b:31:89:9a:43:d7:93:ba:16:bc:b6:f2:f3:15:f0:af: 39:1b:0d:89 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICBVAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTU0OTAxMTAvBgNVBAUTKEY5NkZBRTI4OEE2NDMwQURDQ0Y5NUUwRUE4OUYwODVC QjZFODI5RDQwHhcNMjUxMDMwMjM0NDA1WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OTAzZjg0NS1lMTFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv90Kb/a87nsqA1GmzPfQPGfYuumbXeY1PxRgxl+wG8Y4UhbKKVON52AJ3cZq gFsFd9woC69QYMDPGCatCbFmkYJA8t+YdrxBGE32Bu639dPmU8L695WNmZMvJDEs 4gdJgzo2/5EujCoikJmEw5pQlbkTCFC0K1OF/Rv0ogh5UTLkUFBt5jfSiEjDjbwt 0HL8fH7iTL0gN5+4eOiTT6RX6OeLe5qoGpDi6tOviXTUrmXIzU4tjQVdzMQjC7Vx GRtTIzizqdabcdINmwclV5o7T2sS1DhcoH4PbW/3NxOn+kobzKpx+cu3U0IGDTUY 6MHfDuaFno5MImu/bxLFnPH9hwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFMhqYoQT sbHtYon+7XUAAl8G87aYMB8GA1UdIwQYMBaAFPlvriiKZDCtzPleDqifCFu26CnU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNTQ5MC8zMjFGNTkxRTE0 NjIxMUVDOTg2OEMyNDZDNEY5QUUwMi8tVy11S0lwa01LM00tVjRPcUo4SVc3Ym9L ZFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1XLXVLSXBrTUszTS1WNE9xSjhJVzdib0tkUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTU0OTAvMzIxRjU5MUUxNDYyMTFFQzk4NjhDMjQ2QzRGOUFFMDIvODYwODQ0OUEz NTY1MTFFQzk3MTVGMDE1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAFnrQQwDQQCAAIwBwMFACQH3EAwDQYJKoZIhvcNAQELBQAD ggEBALE7fW8p3aJHQp9extTYC6En/agQqpdLy+aFXX5HE/xh3dAIIQAMQ9JS3DAA 08SqrFNh2/JtfLcFPFUsE/0qpLQ81eZqWRz2Q+fkxpH5ypaASbTXBScTjUIxAo1Q IptKapckKiicjl9QrI2koFVrTNtrQQQRX6GoBT9pOfw5iJBP1t9PCw4a8gXRqERk r8xsG98aPLuEFNAFHfpgXlOKNa1YvdqFXvxLTI1dTAlNAJf81Vsu/lSomgUmhiY9 RkZMsJJU5pEiJ9QW1p3eu/sKAd4D1h3Y6SapfdJN2QZzIUWEN9UYnXV5PqijbMi2 ezGJmkPXk7oWvLby8xXwrzkbDYk= -----END CERTIFICATE-----Generated at Wed Nov 5 18:19:14 2025 by rpki-client