$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/14ED07C27B8D11EDB395B621C4F9AE02.roa File: 14ED07C27B8D11EDB395B621C4F9AE02.roa (raw, json) Hash identifier: dyHXMPsWXIi28t7W1U3CSitpoKF85Llotwpf4kiO82E= Subject key identifier: 25:94:F9:10:B2:78:87:3B:AE:74:EA:0F:A9:B8:A1:B0:AB:6F:A3:A8 Certificate issuer: /CN=A91EA7B2/serialNumber=1156205EC7380A00F10F3410114D040357F00FF1 Certificate serial: 0E37 Authority key identifier: 11:56:20:5E:C7:38:0A:00:F1:0F:34:10:11:4D:04:03:57:F0:0F:F1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EVYgXsc4CgDxDzQQEU0EA1fwD_E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/14ED07C27B8D11EDB395B621C4F9AE02.roa Signing time: Wed 06 Aug 2025 18:27:40 +0000 ROA not before: Wed 06 Aug 2025 18:27:40 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 134190 IP address blocks: 103.117.128.0/24 maxlen: 24 103.117.129.0/24 maxlen: 24 103.117.129.0/25 maxlen: 32 103.117.129.128/25 maxlen: 32 103.117.131.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/EVYgXsc4CgDxDzQQEU0EA1fwD_E.crl rsync://rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/EVYgXsc4CgDxDzQQEU0EA1fwD_E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EVYgXsc4CgDxDzQQEU0EA1fwD_E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3639 (0xe37) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA7B2, serialNumber=1156205EC7380A00F10F3410114D040357F00FF1 Validity Not Before: Aug 6 18:27:40 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=68939e9c-9436 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:6e:05:79:8c:d7:b2:0d:96:96:2c:00:bf:2e: c1:ca:5d:cc:96:f1:6e:63:8b:41:de:59:f8:e1:65: 33:51:75:a8:c5:7e:41:7d:6e:ea:5a:e9:a9:79:8e: 31:f9:5c:fa:4a:39:94:82:d8:07:32:a6:d6:f6:8c: 63:42:a9:ff:52:cc:3c:c1:00:78:1a:6b:c0:fc:31: 5a:dc:88:f0:0c:95:19:b3:41:7c:7b:23:ba:35:93: ce:0e:bf:a5:63:b3:74:71:85:ac:27:62:9d:74:0a: 69:2a:95:2d:07:12:1c:ce:ed:04:01:17:5c:d3:31: ca:91:36:1c:4e:e3:b5:8a:b6:ab:61:a7:1a:53:0b: 6b:9a:05:34:ce:10:f6:8d:4d:eb:7e:73:2f:1d:49: 1f:97:32:2e:0f:63:ea:11:70:d2:1a:e4:f8:9e:9e: 9d:bf:d7:39:1b:74:cd:ea:41:d6:09:f3:48:f3:50: 2f:1d:c7:ed:dc:d9:8c:86:ea:2b:2a:cb:88:59:73: 4e:fb:e0:ba:41:45:de:0a:6a:4b:af:03:a4:dc:cb: 8c:6d:84:91:25:fa:ab:d7:58:20:6a:32:85:45:6f: f0:85:e1:f4:36:d5:ed:4a:1d:a5:5f:35:9a:42:3b: c2:a6:74:0b:58:6f:62:29:43:1b:1b:a1:4f:34:b9: 3a:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:94:F9:10:B2:78:87:3B:AE:74:EA:0F:A9:B8:A1:B0:AB:6F:A3:A8 X509v3 Authority Key Identifier: keyid:11:56:20:5E:C7:38:0A:00:F1:0F:34:10:11:4D:04:03:57:F0:0F:F1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/EVYgXsc4CgDxDzQQEU0EA1fwD_E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EVYgXsc4CgDxDzQQEU0EA1fwD_E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/14ED07C27B8D11EDB395B621C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.117.128.0/23 103.117.131.0/24 Signature Algorithm: sha256WithRSAEncryption 5f:e2:e1:1c:c5:3d:7c:62:e4:c9:b0:5d:2f:10:37:31:5d:46: 3d:e9:05:00:db:13:57:bc:5a:7c:d3:5e:e8:ab:f3:58:ea:07: f9:83:0e:b3:5d:c8:17:49:2a:fc:cc:65:9f:e0:d6:71:85:5c: b8:7d:00:ea:c4:e7:1b:0b:1d:a9:08:e5:67:d8:f7:8e:8f:0a: a4:27:61:90:88:39:cb:c8:ab:63:12:dd:af:81:14:7c:b1:f1: 19:43:c7:8c:59:2b:ad:ee:ee:e1:6b:d3:a5:e2:08:0f:52:10: f0:ff:ac:ff:ff:93:e6:31:d8:48:d9:1d:b4:05:29:2b:f3:26: 42:95:0a:6f:47:e4:5e:90:8b:d9:d0:4a:50:29:72:f4:57:53: 34:54:73:15:d8:a7:b0:76:cd:ad:78:e3:4d:2d:50:41:37:e6: 31:be:0f:64:e8:66:81:ae:27:5d:44:76:38:fd:8f:34:72:ad: 63:79:60:7c:32:af:02:4d:9b:d0:1f:8a:9e:7e:83:69:1e:79: ba:7b:b3:d8:0e:50:40:c4:03:9f:7a:84:4d:af:da:c6:dc:68: 33:e4:59:13:f2:6c:7d:fe:35:ed:71:78:cd:09:bf:80:e0:5b: 95:04:a3:6e:51:51:6c:bb:62:8d:79:24:05:ad:a0:1f:67:be: 6f:dc:45:7d -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICDjcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUE3QjIxMTAvBgNVBAUTKDExNTYyMDVFQzczODBBMDBGMTBGMzQxMDExNEQwNDAz NTdGMDBGRjEwHhcNMjUwODA2MTgyNzQwWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODkzOWU5Yy05NDM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvm4FeYzXsg2WliwAvy7Byl3MlvFuY4tB3ln44WUzUXWoxX5BfW7qWumpeY4x +Vz6SjmUgtgHMqbW9oxjQqn/Usw8wQB4GmvA/DFa3IjwDJUZs0F8eyO6NZPODr+l Y7N0cYWsJ2KddAppKpUtBxIczu0EARdc0zHKkTYcTuO1irarYacaUwtrmgU0zhD2 jU3rfnMvHUkflzIuD2PqEXDSGuT4np6dv9c5G3TN6kHWCfNI81AvHcft3NmMhuor KsuIWXNO++C6QUXeCmpLrwOk3MuMbYSRJfqr11ggajKFRW/wheH0NtXtSh2lXzWa QjvCpnQLWG9iKUMbG6FPNLk61QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFCWU+RCy eIc7rnTqD6m4obCrb6OoMB8GA1UdIwQYMBaAFBFWIF7HOAoA8Q80EBFNBANX8A/x MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTdCMi8zRUUzMjM1QUFF OTkxMUU5QUM1MEUxN0JDNEY5QUUwMi9FVllnWHNjNENnRHhEelFRRVUwRUExZndE X0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0VWWWdYc2M0Q2dEeER6UVFFVTBFQTFmd0RfRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUE3QjIvM0VFMzIzNUFBRTk5MTFFOUFDNTBFMTdCQzRGOUFFMDIvMTRFRDA3QzI3 QjhEMTFFREIzOTVCNjIxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAFndYADBABndYMwDQYJKoZIhvcNAQELBQADggEBAF/i4RzF PXxi5MmwXS8QNzFdRj3pBQDbE1e8WnzTXuir81jqB/mDDrNdyBdJKvzMZZ/g1nGF XLh9AOrE5xsLHakI5WfY946PCqQnYZCIOcvIq2MS3a+BFHyx8RlDx4xZK63u7uFr 06XiCA9SEPD/rP//k+Yx2EjZHbQFKSvzJkKVCm9H5F6Qi9nQSlApcvRXUzRUcxXY p7B2za14400tUEE35jG+D2ToZoGuJ11Edjj9jzRyrWN5YHwyrwJNm9Afip5+g2ke ebp7s9gOUEDEA596hE2v2sbcaDPkWRPybH3+Ne1xeM0Jv4DgW5UEo25RUWy7Yo15 JAWtoB9nvm/cRX0= -----END CERTIFICATE-----Generated at Sun Aug 10 04:29:30 2025 by rpki-client