$ rpki-client -vvf rpki.apnic.net/member_repository/A9127898/2069F5FCFC0D11EBAE95147BC4F9AE02/BFD5DDF0D95311EF9B045445C4F9AE02.roa File: BFD5DDF0D95311EF9B045445C4F9AE02.roa (raw, json) Hash identifier: hVEGhELX1A8z+OTyICUg8ehNwNYoGDS6osi29y06XSk= Subject key identifier: 39:D4:56:A5:07:21:27:7A:0D:D1:EC:B3:F8:41:CA:D6:CB:88:46:57 Certificate issuer: /CN=A9127898/serialNumber=95655EE72E177A02096C0CB60676AA1E669AE7E0 Certificate serial: 01A1 Authority key identifier: 95:65:5E:E7:2E:17:7A:02:09:6C:0C:B6:06:76:AA:1E:66:9A:E7:E0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lWVe5y4XegIJbAy2BnaqHmaa5-A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9127898/2069F5FCFC0D11EBAE95147BC4F9AE02/BFD5DDF0D95311EF9B045445C4F9AE02.roa Signing time: Mon 22 Sep 2025 23:46:21 +0000 ROA not before: Mon 22 Sep 2025 23:46:21 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 137059 IP address blocks: 103.171.142.0/23 maxlen: 23 103.171.142.0/24 maxlen: 24 103.171.143.0/24 maxlen: 24 2001:df7:4a80::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9127898/2069F5FCFC0D11EBAE95147BC4F9AE02/lWVe5y4XegIJbAy2BnaqHmaa5-A.crl rsync://rpki.apnic.net/member_repository/A9127898/2069F5FCFC0D11EBAE95147BC4F9AE02/lWVe5y4XegIJbAy2BnaqHmaa5-A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lWVe5y4XegIJbAy2BnaqHmaa5-A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 01:00:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 417 (0x1a1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9127898, serialNumber=95655EE72E177A02096C0CB60676AA1E669AE7E0 Validity Not Before: Sep 22 23:46:21 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=68d1dfcc-3b5b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:a9:f2:0c:32:4a:0f:d8:bd:3e:a0:a2:ff:a4: e7:f4:97:d8:bb:21:2b:e9:94:ee:93:31:ee:17:d5: 1f:61:de:e4:01:ac:66:17:de:11:bf:91:60:33:2a: 9b:5f:2c:c1:71:b4:0b:d9:7b:73:0f:2e:e2:1e:73: d8:55:24:d3:6b:3d:10:b8:e9:cc:77:63:6c:f3:4b: 0d:a4:c4:7b:c1:50:ea:d4:3f:e3:aa:cd:ad:91:79: e6:15:4c:76:64:75:dc:08:ab:d3:58:a8:40:9b:7d: 2b:be:b6:e8:62:68:93:35:b6:17:7c:41:26:c7:e8: 3e:19:90:73:ed:a0:75:df:37:a1:3c:78:02:b8:30: f4:a0:b5:6c:bc:8d:cb:ef:5b:69:84:a8:d3:c9:b9: ee:c2:ae:a2:64:23:a4:18:f4:09:44:f9:be:14:37: e3:fc:fa:85:94:f0:3b:90:ce:f9:5d:17:4c:6e:08: 87:47:69:9c:11:23:47:9c:d5:9e:fc:f2:e7:11:7b: 5d:8c:06:57:6e:3a:ab:98:48:dc:85:df:81:fb:26: 67:64:de:13:f5:17:b3:59:83:bf:ce:b7:37:5a:23: ae:ad:77:ca:7c:e1:83:6d:47:b1:6b:2c:a0:3c:af: b8:81:97:3c:30:93:94:3e:ea:be:10:ae:98:33:4a: e0:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:D4:56:A5:07:21:27:7A:0D:D1:EC:B3:F8:41:CA:D6:CB:88:46:57 X509v3 Authority Key Identifier: keyid:95:65:5E:E7:2E:17:7A:02:09:6C:0C:B6:06:76:AA:1E:66:9A:E7:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9127898/2069F5FCFC0D11EBAE95147BC4F9AE02/lWVe5y4XegIJbAy2BnaqHmaa5-A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lWVe5y4XegIJbAy2BnaqHmaa5-A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9127898/2069F5FCFC0D11EBAE95147BC4F9AE02/BFD5DDF0D95311EF9B045445C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.171.142.0/23 IPv6: 2001:df7:4a80::/48 Signature Algorithm: sha256WithRSAEncryption 91:26:d5:b5:71:f8:62:d0:b4:d0:cf:db:36:8d:6b:f9:ad:5f: 79:8a:5f:4d:f6:f6:e3:0d:1e:e7:4b:48:21:72:00:26:03:59: 87:17:1d:72:13:1d:f0:68:18:af:95:26:8c:f3:bd:79:70:d2: 3a:a1:21:3e:e1:82:81:2e:23:29:e0:e8:d0:df:47:65:72:0d: da:e4:9a:5c:03:6a:66:03:f2:ec:51:38:55:ec:87:fd:39:15: 9f:27:ee:cd:71:a0:55:1e:e0:6f:f1:7a:87:a3:bb:b2:4d:59: f5:46:e5:31:29:64:4d:95:b2:36:9c:ca:22:5c:f7:7d:bd:fd: fb:55:63:be:1d:3e:eb:7d:70:51:47:62:34:68:de:d8:6a:f0: 83:ed:b3:84:9a:15:0c:d6:6c:d2:8f:ad:5e:28:09:7f:3a:ff: f8:3d:90:c8:c9:be:c9:20:6d:8d:d7:e0:06:fe:6f:02:04:52: f7:9a:bb:16:0d:97:63:b4:e3:1c:a9:89:fd:cd:47:b3:9f:88: ec:eb:e5:34:a8:b0:31:21:a1:72:28:05:8b:de:45:42:07:f8: d4:b5:1b:01:6e:56:a5:41:08:b0:3f:ac:05:7b:3a:d3:5d:12: c0:6a:36:ff:36:51:4d:08:b0:b6:d3:ba:e5:08:a4:1d:33:59: 14:cd:29:45 -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICAaEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Mjc4OTgxMTAvBgNVBAUTKDk1NjU1RUU3MkUxNzdBMDIwOTZDMENCNjA2NzZBQTFF NjY5QUU3RTAwHhcNMjUwOTIyMjM0NjIxWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGQxZGZjYy0zYjViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqanyDDJKD9i9PqCi/6Tn9JfYuyEr6ZTukzHuF9UfYd7kAaxmF94Rv5FgMyqb XyzBcbQL2XtzDy7iHnPYVSTTaz0QuOnMd2Ns80sNpMR7wVDq1D/jqs2tkXnmFUx2 ZHXcCKvTWKhAm30rvrboYmiTNbYXfEEmx+g+GZBz7aB13zehPHgCuDD0oLVsvI3L 71tphKjTybnuwq6iZCOkGPQJRPm+FDfj/PqFlPA7kM75XRdMbgiHR2mcESNHnNWe /PLnEXtdjAZXbjqrmEjchd+B+yZnZN4T9RezWYO/zrc3WiOurXfKfOGDbUexayyg PK+4gZc8MJOUPuq+EK6YM0rg3wIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFDnUVqUH ISd6DdHss/hBytbLiEZXMB8GA1UdIwQYMBaAFJVlXucuF3oCCWwMtgZ2qh5mmufg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNzg5OC8yMDY5RjVGQ0ZD MEQxMUVCQUU5NTE0N0JDNEY5QUUwMi9sV1ZlNXk0WGVnSUpiQXkyQm5hcUhtYWE1 LUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xXVmU1eTRYZWdJSmJBeTJCbmFxSG1hYTUtQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Mjc4OTgvMjA2OUY1RkNGQzBEMTFFQkFFOTUxNDdCQzRGOUFFMDIvQkZENURERjBE OTUzMTFFRjlCMDQ1NDQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAFnq44wDwQCAAIwCQMHACABDfdKgDANBgkqhkiG9w0BAQsF AAOCAQEAkSbVtXH4YtC00M/bNo1r+a1feYpfTfb24w0e50tIIXIAJgNZhxcdchMd 8GgYr5UmjPO9eXDSOqEhPuGCgS4jKeDo0N9HZXIN2uSaXANqZgPy7FE4VeyH/TkV nyfuzXGgVR7gb/F6h6O7sk1Z9UblMSlkTZWyNpzKIlz3fb39+1Vjvh0+631wUUdi NGje2Grwg+2zhJoVDNZs0o+tXigJfzr/+D2QyMm+ySBtjdfgBv5vAgRS95q7Fg2X Y7TjHKmJ/c1Hs5+I7OvlNKiwMSGhcigFi95FQgf41LUbAW5WpUEIsD+sBXs6010S wGo2/zZRTQiwttO65QikHTNZFM0pRQ== -----END CERTIFICATE-----Generated at Tue Oct 21 08:09:17 2025 by rpki-client