$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/C145485EAE9A11E9B17AC77EC4F9AE02.roa File: C145485EAE9A11E9B17AC77EC4F9AE02.roa (raw, json) Hash identifier: 0ehGM9KvqQVlyysL0bR6r4knV2UFgPR8E2jylMcTv9Y= Subject key identifier: D8:AE:1C:5B:4C:FD:F7:26:E0:22:29:50:EA:5A:55:F0:B2:ED:A1:4B Certificate issuer: /CN=A91EA7B2/serialNumber=1156205EC7380A00F10F3410114D040357F00FF1 Certificate serial: 0E38 Authority key identifier: 11:56:20:5E:C7:38:0A:00:F1:0F:34:10:11:4D:04:03:57:F0:0F:F1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EVYgXsc4CgDxDzQQEU0EA1fwD_E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/C145485EAE9A11E9B17AC77EC4F9AE02.roa Signing time: Wed 06 Aug 2025 18:27:41 +0000 ROA not before: Wed 06 Aug 2025 18:27:41 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 137932 IP address blocks: 103.117.128.0/24 maxlen: 24 103.117.129.0/24 maxlen: 24 103.117.130.0/24 maxlen: 24 103.117.131.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/EVYgXsc4CgDxDzQQEU0EA1fwD_E.crl rsync://rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/EVYgXsc4CgDxDzQQEU0EA1fwD_E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EVYgXsc4CgDxDzQQEU0EA1fwD_E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 19 Aug 2025 17:56:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3640 (0xe38) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA7B2, serialNumber=1156205EC7380A00F10F3410114D040357F00FF1 Validity Not Before: Aug 6 18:27:41 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=68939e9d-f1f2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:a7:7e:d7:38:b5:62:1f:3d:66:ba:e9:ff:c0: 4b:bc:41:27:2c:d6:45:97:e0:ef:4e:c7:36:29:a0: 8b:81:5f:6f:61:25:b1:64:f2:6c:c7:cb:9b:27:aa: 24:bf:c5:f7:45:b0:2c:e4:c1:3f:d1:e6:df:44:19: ba:7f:95:ec:2b:46:db:33:5a:7b:af:02:91:0e:39: cd:ea:5f:92:4c:4f:bf:63:71:8c:63:ce:19:c0:55: 25:50:60:00:49:c2:94:e6:5c:36:ab:71:47:42:5f: f8:52:5a:c4:58:6a:9f:40:5c:f9:0d:73:ff:ce:08: ac:95:c7:62:93:61:10:96:5c:a4:c0:e8:f7:b8:f6: 9c:df:0d:23:00:12:02:17:af:21:10:39:1c:0b:39: 14:58:f6:03:72:c9:34:5d:88:73:a3:ac:e0:65:77: ee:c6:f8:86:33:6d:95:25:4e:56:3e:ae:d1:57:9a: 8d:89:20:09:25:18:bb:91:95:0c:7f:7f:10:1b:35: 08:3f:47:35:8d:22:0f:68:7b:da:e0:10:d3:4a:1a: 67:1a:23:80:b9:8e:fb:44:bb:b3:77:e3:89:9b:a4: ec:52:0d:fe:5b:c5:5f:b3:3e:80:35:bf:7b:b8:21: a0:42:df:23:8c:09:f0:e9:bc:c2:6e:7e:c6:22:d5: e7:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:AE:1C:5B:4C:FD:F7:26:E0:22:29:50:EA:5A:55:F0:B2:ED:A1:4B X509v3 Authority Key Identifier: keyid:11:56:20:5E:C7:38:0A:00:F1:0F:34:10:11:4D:04:03:57:F0:0F:F1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/EVYgXsc4CgDxDzQQEU0EA1fwD_E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EVYgXsc4CgDxDzQQEU0EA1fwD_E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/C145485EAE9A11E9B17AC77EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.117.128.0/22 Signature Algorithm: sha256WithRSAEncryption 90:ac:ec:c4:c0:24:39:22:d7:04:70:2c:c0:93:9a:5c:fa:70: ea:ac:bf:f6:70:78:da:41:9b:5f:8b:4f:98:c1:e2:78:67:53: a2:d8:77:c5:ad:e4:36:83:32:e7:73:8a:ce:62:ad:59:c0:c0: c6:7c:b1:20:63:ed:8d:ac:76:8a:cc:7c:14:06:8e:0f:47:7f: 00:4e:3b:15:cf:bb:39:78:b9:32:b9:9c:e6:b6:64:a3:18:01: 9a:f5:70:9f:d4:87:45:df:87:0b:f1:37:bc:f6:c2:fb:8f:f3: 92:3e:0b:60:21:00:f5:10:6e:2e:15:ab:7a:af:e5:0e:4f:78: 46:47:71:64:a2:0b:2a:ac:c5:d0:aa:90:07:1e:0d:6e:b9:4b: b5:b8:7f:9b:4f:e5:d7:dc:48:89:bf:f5:4f:16:fa:44:ff:cb: d3:0e:25:d8:ae:a6:7c:6e:23:e4:74:8f:57:e8:9d:65:d1:66: 9d:43:5d:26:ee:bd:8c:c4:2a:81:4d:98:78:aa:85:28:d1:4a: 44:43:ed:ae:cf:75:c1:bd:08:f9:4b:15:ad:47:51:30:f1:6a: 58:0a:c9:54:e9:f8:dd:ea:86:a4:e1:f4:84:81:cc:aa:2d:40: 42:6c:27:87:9f:a9:5b:86:3b:f6:82:43:f0:fe:ca:46:06:f8: 7c:80:9f:1c -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICDjgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUE3QjIxMTAvBgNVBAUTKDExNTYyMDVFQzczODBBMDBGMTBGMzQxMDExNEQwNDAz NTdGMDBGRjEwHhcNMjUwODA2MTgyNzQxWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODkzOWU5ZC1mMWYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz6d+1zi1Yh89Zrrp/8BLvEEnLNZFl+DvTsc2KaCLgV9vYSWxZPJsx8ubJ6ok v8X3RbAs5ME/0ebfRBm6f5XsK0bbM1p7rwKRDjnN6l+STE+/Y3GMY84ZwFUlUGAA ScKU5lw2q3FHQl/4UlrEWGqfQFz5DXP/zgislcdik2EQllykwOj3uPac3w0jABIC F68hEDkcCzkUWPYDcsk0XYhzo6zgZXfuxviGM22VJU5WPq7RV5qNiSAJJRi7kZUM f38QGzUIP0c1jSIPaHva4BDTShpnGiOAuY77RLuzd+OJm6TsUg3+W8Vfsz6ANb97 uCGgQt8jjAnw6bzCbn7GItXnrwIDAQABo4IClTCCApEwHQYDVR0OBBYEFNiuHFtM /fcm4CIpUOpaVfCy7aFLMB8GA1UdIwQYMBaAFBFWIF7HOAoA8Q80EBFNBANX8A/x MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTdCMi8zRUUzMjM1QUFF OTkxMUU5QUM1MEUxN0JDNEY5QUUwMi9FVllnWHNjNENnRHhEelFRRVUwRUExZndE X0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0VWWWdYc2M0Q2dEeER6UVFFVTBFQTFmd0RfRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUE3QjIvM0VFMzIzNUFBRTk5MTFFOUFDNTBFMTdCQzRGOUFFMDIvQzE0NTQ4NUVB RTlBMTFFOUIxN0FDNzdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAJndYAwDQYJKoZIhvcNAQELBQADggEBAJCs7MTAJDki1wRw LMCTmlz6cOqsv/ZweNpBm1+LT5jB4nhnU6LYd8Wt5DaDMudzis5irVnAwMZ8sSBj 7Y2sdorMfBQGjg9HfwBOOxXPuzl4uTK5nOa2ZKMYAZr1cJ/Uh0XfhwvxN7z2wvuP 85I+C2AhAPUQbi4Vq3qv5Q5PeEZHcWSiCyqsxdCqkAceDW65S7W4f5tP5dfcSIm/ 9U8W+kT/y9MOJdiupnxuI+R0j1fonWXRZp1DXSbuvYzEKoFNmHiqhSjRSkRD7a7P dcG9CPlLFa1HUTDxalgKyVTp+N3qhqTh9ISBzKotQEJsJ4efqVuGO/aCQ/D+ykYG +HyAnxw= -----END CERTIFICATE-----Generated at Wed Aug 13 09:45:06 2025 by rpki-client