$ rpki-client -vvf rpki.apnic.net/member_repository/A91FFE9F/8BE063E07B1611E99949AC51C4F9AE02/6153EE40A64911EEA2F9C24AC4F9AE02.roa File: 6153EE40A64911EEA2F9C24AC4F9AE02.roa (raw, json) Hash identifier: gca4NiRXS/2ZRRaXGWLGL59Wf1jvZfKpV78dD1T70Vg= Subject key identifier: 1B:3D:70:17:69:F8:CF:E0:1C:CD:B3:38:82:33:B2:8F:03:0E:ED:6D Certificate issuer: /CN=A91FFE9F/serialNumber=0B095236234E6935BAA341E3235A3DB473ACC67F Certificate serial: 0F15 Authority key identifier: 0B:09:52:36:23:4E:69:35:BA:A3:41:E3:23:5A:3D:B4:73:AC:C6:7F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CwlSNiNOaTW6o0HjI1o9tHOsxn8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FFE9F/8BE063E07B1611E99949AC51C4F9AE02/6153EE40A64911EEA2F9C24AC4F9AE02.roa Signing time: Thu 10 Apr 2025 15:15:32 +0000 ROA not before: Thu 10 Apr 2025 15:15:32 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 140039 IP address blocks: 103.130.156.0/24 maxlen: 24 103.130.157.0/24 maxlen: 24 103.130.158.0/24 maxlen: 24 103.130.159.0/24 maxlen: 24 2403:bd40::/48 maxlen: 48 2403:bd40:1::/48 maxlen: 48 2403:bd40:2::/48 maxlen: 48 2403:bd40:3::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FFE9F/8BE063E07B1611E99949AC51C4F9AE02/CwlSNiNOaTW6o0HjI1o9tHOsxn8.crl rsync://rpki.apnic.net/member_repository/A91FFE9F/8BE063E07B1611E99949AC51C4F9AE02/CwlSNiNOaTW6o0HjI1o9tHOsxn8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CwlSNiNOaTW6o0HjI1o9tHOsxn8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 17:35:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3861 (0xf15) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FFE9F, serialNumber=0B095236234E6935BAA341E3235A3DB473ACC67F Validity Not Before: Apr 10 15:15:32 2025 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=67f7e094-6c68 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:a6:45:14:80:11:b0:98:2b:fb:45:07:e5:15: f9:33:7e:b9:67:20:e7:82:e2:b8:5a:e9:ce:14:30: 31:a3:fc:37:f8:9f:3b:db:ea:be:92:ab:7c:d5:a6: 36:29:2b:dd:85:1e:d6:4e:88:c6:66:41:29:4a:08: 3d:49:6e:bb:dc:ca:c7:ce:91:5e:b3:82:e6:fd:d8: 12:40:87:b0:dd:91:59:15:ef:9e:c7:03:68:37:a2: 50:47:c6:61:13:60:c4:d0:cc:db:6f:46:dc:18:51: cf:99:81:eb:08:04:ca:87:2c:1c:5b:d3:89:e4:01: db:53:0d:62:95:c5:88:01:20:8e:91:a1:cf:d8:b2: 66:e7:39:09:e2:25:a7:86:20:46:1b:21:84:70:ff: f6:d1:4c:1a:9f:9c:57:90:8a:7c:1f:c1:47:c0:58: 33:56:d7:3a:cf:cc:b9:07:c0:6e:4a:4d:5c:e5:8c: 40:75:8d:d4:a5:e4:50:75:10:74:8c:cb:23:ab:47: 4c:b5:45:b7:d2:75:28:50:f6:95:ae:1f:cd:5f:77: 53:b9:7f:e4:df:26:e0:56:66:6e:26:dd:b0:28:db: 5f:9d:90:e1:98:87:68:ed:fc:d3:02:29:c4:94:e3: fd:1f:ec:3e:34:0a:d6:8c:86:31:19:14:c8:d3:dd: 8b:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:3D:70:17:69:F8:CF:E0:1C:CD:B3:38:82:33:B2:8F:03:0E:ED:6D X509v3 Authority Key Identifier: keyid:0B:09:52:36:23:4E:69:35:BA:A3:41:E3:23:5A:3D:B4:73:AC:C6:7F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FFE9F/8BE063E07B1611E99949AC51C4F9AE02/CwlSNiNOaTW6o0HjI1o9tHOsxn8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CwlSNiNOaTW6o0HjI1o9tHOsxn8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FFE9F/8BE063E07B1611E99949AC51C4F9AE02/6153EE40A64911EEA2F9C24AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.130.156.0/22 IPv6: 2403:bd40::/46 Signature Algorithm: sha256WithRSAEncryption 61:d9:73:75:21:0c:76:74:d6:2e:7c:78:8d:0d:a8:86:e0:84: 52:0c:78:1b:cb:d1:98:2f:b9:63:e2:0a:b6:d3:21:3e:f4:11: db:29:e6:f3:66:41:4d:7e:cb:3b:4d:d4:1a:19:d0:ae:e4:e8: 99:8c:61:2f:5a:2d:e0:6d:14:ac:21:51:a0:1d:0e:05:29:33: 7a:e2:33:ef:af:30:74:2f:39:5b:28:b1:fe:40:8d:fc:52:2a: 85:0f:5f:9a:67:f7:af:67:b8:14:d9:b6:95:e4:c0:74:68:90: e2:3f:e7:8c:10:57:3e:e5:54:59:58:ac:c9:ef:84:b9:2f:f9: f1:88:5b:de:4e:21:e7:44:28:5a:0a:8a:a1:db:84:96:c1:76: 10:62:f7:ca:3b:19:7a:98:4a:4e:72:19:87:55:13:72:b4:95: 2d:ab:c3:c3:59:2b:10:10:ec:39:f2:5a:d5:bb:5f:ef:08:45: 6d:08:dc:2f:64:6c:c7:90:f7:e1:79:e0:b0:8e:12:4a:ac:73: 70:b0:52:5f:4a:6a:b5:2f:43:9d:08:a4:81:07:95:da:ee:44: 7b:1e:b6:f7:45:49:8a:7b:11:60:05:b6:ff:c8:82:fd:ca:6b: d6:40:fb:e8:7d:22:ef:ac:ff:d9:f3:17:bc:f0:6f:85:cb:30: f9:b6:f2:dd -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICDxUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkZFOUYxMTAvBgNVBAUTKDBCMDk1MjM2MjM0RTY5MzVCQUEzNDFFMzIzNUEzREI0 NzNBQ0M2N0YwHhcNMjUwNDEwMTUxNTMyWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2Y3ZTA5NC02YzY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtqZFFIARsJgr+0UH5RX5M365ZyDnguK4WunOFDAxo/w3+J872+q+kqt81aY2 KSvdhR7WTojGZkEpSgg9SW673MrHzpFes4Lm/dgSQIew3ZFZFe+exwNoN6JQR8Zh E2DE0Mzbb0bcGFHPmYHrCATKhywcW9OJ5AHbUw1ilcWIASCOkaHP2LJm5zkJ4iWn hiBGGyGEcP/20Uwan5xXkIp8H8FHwFgzVtc6z8y5B8BuSk1c5YxAdY3UpeRQdRB0 jMsjq0dMtUW30nUoUPaVrh/NX3dTuX/k3ybgVmZuJt2wKNtfnZDhmIdo7fzTAinE lOP9H+w+NArWjIYxGRTI092LhQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFBs9cBdp +M/gHM2zOIIzso8DDu1tMB8GA1UdIwQYMBaAFAsJUjYjTmk1uqNB4yNaPbRzrMZ/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRkU5Ri84QkUwNjNFMDdC MTYxMUU5OTk0OUFDNTFDNEY5QUUwMi9Dd2xTTmlOT2FUVzZvMEhqSTFvOXRIT3N4 bjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0N3bFNOaU5PYVRXNm8wSGpJMW85dEhPc3huOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RkZFOUYvOEJFMDYzRTA3QjE2MTFFOTk5NDlBQzUxQzRGOUFFMDIvNjE1M0VFNDBB NjQ5MTFFRUEyRjlDMjRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAJngpwwDwQCAAIwCQMHAiQDvUAAADANBgkqhkiG9w0BAQsF AAOCAQEAYdlzdSEMdnTWLnx4jQ2ohuCEUgx4G8vRmC+5Y+IKttMhPvQR2ynm82ZB TX7LO03UGhnQruTomYxhL1ot4G0UrCFRoB0OBSkzeuIz768wdC85Wyix/kCN/FIq hQ9fmmf3r2e4FNm2leTAdGiQ4j/njBBXPuVUWVisye+EuS/58Yhb3k4h50QoWgqK oduElsF2EGL3yjsZephKTnIZh1UTcrSVLavDw1krEBDsOfJa1btf7whFbQjcL2Rs x5D34XngsI4SSqxzcLBSX0pqtS9DnQikgQeV2u5Eex6290VJinsRYAW2/8iC/cpr 1kD76H0i76z/2fMXvPBvhcsw+bby3Q== -----END CERTIFICATE-----Generated at Tue Nov 4 19:11:25 2025 by rpki-client