$ rpki-client -vvf rpki.apnic.net/member_repository/A91116C7/C856D6C4C6C611E882A41260C4F9AE02/0CAF01A6C6C811E8AECD6165C4F9AE02.roa File: 0CAF01A6C6C811E8AECD6165C4F9AE02.roa (raw, json) Hash identifier: OXXzoi8LLX55gX/DfWbkzrbLh+Han7QgMUGkYSwbpGo= Subject key identifier: CF:74:F6:F1:47:DF:40:B2:51:6A:45:26:E6:B3:2A:B6:03:E8:E8:10 Certificate issuer: /CN=A91116C7/serialNumber=B67C245E4B2BEEAD23C1F05DD30FF9077D87B8E6 Certificate serial: 12CC Authority key identifier: B6:7C:24:5E:4B:2B:EE:AD:23:C1:F0:5D:D3:0F:F9:07:7D:87:B8:E6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tnwkXksr7q0jwfBd0w_5B32HuOY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91116C7/C856D6C4C6C611E882A41260C4F9AE02/0CAF01A6C6C811E8AECD6165C4F9AE02.roa Signing time: Tue 02 Sep 2025 17:36:35 +0000 ROA not before: Tue 02 Sep 2025 17:36:35 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 45766 IP address blocks: 103.121.8.0/22 maxlen: 22 103.121.8.0/23 maxlen: 23 103.121.8.0/24 maxlen: 24 103.121.9.0/24 maxlen: 24 103.121.10.0/23 maxlen: 23 103.121.10.0/24 maxlen: 24 103.121.11.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91116C7/C856D6C4C6C611E882A41260C4F9AE02/tnwkXksr7q0jwfBd0w_5B32HuOY.crl rsync://rpki.apnic.net/member_repository/A91116C7/C856D6C4C6C611E882A41260C4F9AE02/tnwkXksr7q0jwfBd0w_5B32HuOY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tnwkXksr7q0jwfBd0w_5B32HuOY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 17:27:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4812 (0x12cc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91116C7, serialNumber=B67C245E4B2BEEAD23C1F05DD30FF9077D87B8E6 Validity Not Before: Sep 2 17:36:35 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=68b72b22-ca42 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:93:22:7e:ef:9a:bf:2d:c7:65:c1:bf:d4:45: f9:c7:eb:a6:38:67:38:ff:e8:27:77:ab:c0:69:2c: b2:ea:36:67:6f:e9:82:43:f7:05:a8:4f:3b:53:3a: f3:a6:39:bc:23:f6:8d:0e:6f:11:5c:84:30:8c:de: 82:f8:06:20:bc:52:b9:09:d0:fd:d6:98:67:ed:ec: 45:db:8f:af:0b:ba:cc:60:9a:09:a3:8a:97:d0:b4: de:4d:71:b0:19:d5:25:63:d3:e2:98:f7:09:44:f5: 3b:ac:34:54:52:c7:54:a9:53:90:b9:79:16:5c:b5: 51:09:7e:89:d8:de:a7:37:fe:fd:1c:c8:fc:bf:38: 4f:21:b1:e7:39:d4:59:df:68:4e:a9:43:3f:7c:cd: 5e:0c:e9:1a:e5:c1:04:55:d3:93:3f:a9:1a:e4:09: 9b:54:f7:13:92:66:62:9e:ba:21:83:d7:63:34:ae: 2f:73:df:f3:53:7a:4e:9e:d1:ec:c5:44:0b:00:2e: 3d:84:b5:ce:d6:1b:b7:22:de:6a:17:33:96:5b:ed: 6c:35:0c:1b:c5:1a:fb:91:73:b8:3b:d1:a9:1f:19: ac:de:e1:c2:73:0a:de:e1:e3:ed:68:c9:f3:19:e2: 3c:aa:44:ba:ae:9b:e0:bb:17:06:9a:9c:a6:b4:83: f8:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:74:F6:F1:47:DF:40:B2:51:6A:45:26:E6:B3:2A:B6:03:E8:E8:10 X509v3 Authority Key Identifier: keyid:B6:7C:24:5E:4B:2B:EE:AD:23:C1:F0:5D:D3:0F:F9:07:7D:87:B8:E6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91116C7/C856D6C4C6C611E882A41260C4F9AE02/tnwkXksr7q0jwfBd0w_5B32HuOY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tnwkXksr7q0jwfBd0w_5B32HuOY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91116C7/C856D6C4C6C611E882A41260C4F9AE02/0CAF01A6C6C811E8AECD6165C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.121.8.0/22 Signature Algorithm: sha256WithRSAEncryption 02:06:df:a7:20:82:c0:0f:88:46:9b:2b:63:6d:90:36:85:cf: fa:d7:92:e6:81:b0:a2:f0:e8:47:17:0b:d7:da:b0:27:5b:c0: e4:33:d8:6e:1b:9c:7e:68:0a:5c:f8:62:e6:5c:73:9c:2e:30: 95:27:44:cb:ff:c4:b8:b9:93:ae:62:ce:29:8b:4b:3b:2a:61: f3:62:75:49:2c:46:f6:5b:b7:63:28:a5:a1:1c:34:5e:5b:06: 8e:c1:6f:cf:a7:4a:7e:28:ea:ef:68:72:85:a6:05:ce:a1:95: 41:90:74:7e:9b:12:66:11:aa:6c:c9:8c:5b:44:d2:d1:5c:34: d3:37:6d:32:3d:59:2d:ee:3d:ca:0c:7a:77:b7:97:da:9b:3a: 0c:49:55:a1:04:8b:53:82:94:24:48:77:07:7b:a2:f7:a9:d6: 17:09:f0:f2:f6:1f:df:60:2c:5c:b8:80:8a:82:9c:84:ed:68: 03:f4:73:00:da:91:09:cf:40:0f:6a:7f:64:d5:8f:c5:e1:ec: fe:83:77:11:42:fd:75:2f:2f:b5:31:00:47:c6:b6:e9:4e:1a: 1d:53:9f:27:8c:1d:34:66:0c:b4:f4:44:ca:c1:7f:e9:70:2d: 42:be:5c:67:bd:6e:b3:7e:60:7e:f8:65:f5:d2:ca:a6:a7:dd: 3d:b0:d8:35 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICEswwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTE2QzcxMTAvBgNVBAUTKEI2N0MyNDVFNEIyQkVFQUQyM0MxRjA1REQzMEZGOTA3 N0Q4N0I4RTYwHhcNMjUwOTAyMTczNjM1WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGI3MmIyMi1jYTQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsJMifu+avy3HZcG/1EX5x+umOGc4/+gnd6vAaSyy6jZnb+mCQ/cFqE87Uzrz pjm8I/aNDm8RXIQwjN6C+AYgvFK5CdD91phn7exF24+vC7rMYJoJo4qX0LTeTXGw GdUlY9PimPcJRPU7rDRUUsdUqVOQuXkWXLVRCX6J2N6nN/79HMj8vzhPIbHnOdRZ 32hOqUM/fM1eDOka5cEEVdOTP6ka5AmbVPcTkmZinrohg9djNK4vc9/zU3pOntHs xUQLAC49hLXO1hu3It5qFzOWW+1sNQwbxRr7kXO4O9GpHxms3uHCcwre4ePtaMnz GeI8qkS6rpvguxcGmpymtIP4nQIDAQABo4IClTCCApEwHQYDVR0OBBYEFM909vFH 30CyUWpFJuazKrYD6OgQMB8GA1UdIwQYMBaAFLZ8JF5LK+6tI8HwXdMP+Qd9h7jm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMTZDNy9DODU2RDZDNEM2 QzYxMUU4ODJBNDEyNjBDNEY5QUUwMi90bndrWGtzcjdxMGp3ZkJkMHdfNUIzMkh1 T1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3Rud2tYa3NyN3EwandmQmQwd181QjMySHVPWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MTE2QzcvQzg1NkQ2QzRDNkM2MTFFODgyQTQxMjYwQzRGOUFFMDIvMENBRjAxQTZD NkM4MTFFOEFFQ0Q2MTY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAJneQgwDQYJKoZIhvcNAQELBQADggEBAAIG36cggsAPiEab K2NtkDaFz/rXkuaBsKLw6EcXC9fasCdbwOQz2G4bnH5oClz4YuZcc5wuMJUnRMv/ xLi5k65izimLSzsqYfNidUksRvZbt2MopaEcNF5bBo7Bb8+nSn4o6u9ocoWmBc6h lUGQdH6bEmYRqmzJjFtE0tFcNNM3bTI9WS3uPcoMene3l9qbOgxJVaEEi1OClCRI dwd7ovep1hcJ8PL2H99gLFy4gIqCnITtaAP0cwDakQnPQA9qf2TVj8Xh7P6DdxFC /XUvL7UxAEfGtulOGh1TnyeMHTRmDLT0RMrBf+lwLUK+XGe9brN+YH74ZfXSyqan 3T2w2DU= -----END CERTIFICATE-----Generated at Mon Oct 20 19:25:50 2025 by rpki-client