$ rpki-client -vvf rpki.apnic.net/member_repository/A912A1E7/10FABED2025511EC8ED24085C4F9AE02/C3BF0EF80A5F11EC8EDB0221C4F9AE02.roa File: C3BF0EF80A5F11EC8EDB0221C4F9AE02.roa (raw, json) Hash identifier: ym0ByuNOndht95n45vmzI/LTnp1dbpbPf/6SayzC+38= Subject key identifier: 7C:40:A5:8A:38:DC:18:1A:E4:32:D3:6E:09:E4:37:F3:6D:95:2C:12 Certificate issuer: /CN=A912A1E7/serialNumber=D623A3925808BAE84C2714E16A878404E06048D1 Certificate serial: 055B Authority key identifier: D6:23:A3:92:58:08:BA:E8:4C:27:14:E1:6A:87:84:04:E0:60:48:D1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1iOjklgIuuhMJxThaoeEBOBgSNE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912A1E7/10FABED2025511EC8ED24085C4F9AE02/C3BF0EF80A5F11EC8EDB0221C4F9AE02.roa Signing time: Mon 08 Sep 2025 23:35:01 +0000 ROA not before: Mon 08 Sep 2025 23:35:01 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 136428 IP address blocks: 103.172.14.0/23 maxlen: 23 103.172.14.0/24 maxlen: 24 103.172.15.0/24 maxlen: 24 2001:df7:5b80::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912A1E7/10FABED2025511EC8ED24085C4F9AE02/1iOjklgIuuhMJxThaoeEBOBgSNE.crl rsync://rpki.apnic.net/member_repository/A912A1E7/10FABED2025511EC8ED24085C4F9AE02/1iOjklgIuuhMJxThaoeEBOBgSNE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1iOjklgIuuhMJxThaoeEBOBgSNE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 01:04:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1371 (0x55b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912A1E7, serialNumber=D623A3925808BAE84C2714E16A878404E06048D1 Validity Not Before: Sep 8 23:35:01 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68bf6825-654d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:37:88:54:b9:94:d8:8e:f4:ec:73:dc:f0:f7: 51:dc:39:4c:c1:7b:fb:c3:d2:09:b7:a9:c8:64:45: 12:7b:a0:37:23:6b:84:18:2e:1c:ae:6b:c2:fb:0f: c3:18:e5:2c:c3:48:fd:49:32:f7:c1:74:41:83:99: 12:4f:00:63:11:a0:71:f6:7b:84:ad:c0:63:a7:02: 97:dc:2b:20:52:54:14:3b:4e:be:df:11:e6:43:bf: 5b:2a:8d:13:30:d7:1d:d3:39:76:d9:57:31:59:76: 7a:88:49:7e:ae:91:06:87:ab:68:11:03:0a:2e:de: 73:38:03:81:1f:9f:3e:6f:e7:53:f6:d5:f2:97:7c: 6c:e9:bb:46:43:4c:7f:71:02:75:7e:1b:9d:d5:2c: fa:cf:3d:3b:64:52:40:9a:96:2d:ab:2d:d5:7e:31: 7b:8e:8e:8b:95:38:55:fe:2a:57:b6:90:8f:a6:9f: ce:30:d2:b7:85:7f:12:25:28:a1:01:e2:fa:70:59: 1e:3f:2c:5b:e9:77:23:a5:5a:cd:9e:af:49:08:e1: 9a:7c:88:76:a6:bc:22:ce:69:f6:8f:b6:ba:7d:40: 0d:aa:de:54:d3:8d:95:49:96:12:2c:11:60:32:ec: 57:d7:8f:ee:57:d8:91:a9:18:f3:19:4e:e1:24:ff: d8:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:40:A5:8A:38:DC:18:1A:E4:32:D3:6E:09:E4:37:F3:6D:95:2C:12 X509v3 Authority Key Identifier: keyid:D6:23:A3:92:58:08:BA:E8:4C:27:14:E1:6A:87:84:04:E0:60:48:D1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912A1E7/10FABED2025511EC8ED24085C4F9AE02/1iOjklgIuuhMJxThaoeEBOBgSNE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1iOjklgIuuhMJxThaoeEBOBgSNE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912A1E7/10FABED2025511EC8ED24085C4F9AE02/C3BF0EF80A5F11EC8EDB0221C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.172.14.0/23 IPv6: 2001:df7:5b80::/48 Signature Algorithm: sha256WithRSAEncryption 31:f8:ee:e3:21:3a:60:92:fd:ef:10:86:d2:af:6a:59:76:0e: 5e:93:50:52:de:ca:ee:fb:1e:6d:9f:98:53:89:42:d1:81:6c: ff:4e:6b:c1:84:1a:08:f9:e9:73:f8:f4:28:f2:d1:1e:52:45: 43:d1:b3:90:58:d4:4d:38:83:db:2c:e0:d1:9b:2d:2c:f8:4d: 55:e6:95:52:f6:78:3e:57:1a:1a:06:0e:49:70:24:3a:2a:2e: ca:a4:3b:33:54:0b:61:a6:82:f7:39:7f:45:27:02:44:0a:b0: d4:c5:4e:50:ed:c3:03:97:1f:d5:c1:27:1c:e9:a2:b6:0d:51: 48:f7:de:10:c8:8b:df:0d:96:72:b5:9d:5b:76:24:45:d6:8f: 9c:17:bc:aa:d3:40:a7:38:a8:43:77:52:fa:59:21:50:b4:b4: 2a:c1:f3:61:39:98:8d:fd:ad:0b:e1:0e:98:18:1f:1c:95:40: 5b:26:2f:d2:f2:9d:7b:cf:59:cc:c4:0f:00:01:db:9a:d9:41: e0:35:ad:91:d0:54:28:19:a9:5b:5a:8c:cd:ef:d3:18:ad:b5: 3b:eb:11:da:60:71:14:f5:99:88:b0:ba:8e:cf:74:fd:4e:fb: dd:78:f5:0d:05:5a:33:46:1c:5b:ed:dd:2a:be:ca:3a:da:4e: c3:6f:97:ff -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICBVswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkExRTcxMTAvBgNVBAUTKEQ2MjNBMzkyNTgwOEJBRTg0QzI3MTRFMTZBODc4NDA0 RTA2MDQ4RDEwHhcNMjUwOTA4MjMzNTAxWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGJmNjgyNS02NTRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3DeIVLmU2I707HPc8PdR3DlMwXv7w9IJt6nIZEUSe6A3I2uEGC4crmvC+w/D GOUsw0j9STL3wXRBg5kSTwBjEaBx9nuErcBjpwKX3CsgUlQUO06+3xHmQ79bKo0T MNcd0zl22VcxWXZ6iEl+rpEGh6toEQMKLt5zOAOBH58+b+dT9tXyl3xs6btGQ0x/ cQJ1fhud1Sz6zz07ZFJAmpYtqy3VfjF7jo6LlThV/ipXtpCPpp/OMNK3hX8SJSih AeL6cFkePyxb6XcjpVrNnq9JCOGafIh2prwizmn2j7a6fUANqt5U042VSZYSLBFg MuxX14/uV9iRqRjzGU7hJP/YUQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFHxApYo4 3Bga5DLTbgnkN/NtlSwSMB8GA1UdIwQYMBaAFNYjo5JYCLroTCcU4WqHhATgYEjR MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQTFFNy8xMEZBQkVEMjAy NTUxMUVDOEVEMjQwODVDNEY5QUUwMi8xaU9qa2xnSXV1aE1KeFRoYW9lRUJPQmdT TkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFpT2prbGdJdXVoTUp4VGhhb2VFQk9CZ1NORS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MkExRTcvMTBGQUJFRDIwMjU1MTFFQzhFRDI0MDg1QzRGOUFFMDIvQzNCRjBFRjgw QTVGMTFFQzhFREIwMjIxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAFnrA4wDwQCAAIwCQMHACABDfdbgDANBgkqhkiG9w0BAQsF AAOCAQEAMfju4yE6YJL97xCG0q9qWXYOXpNQUt7K7vsebZ+YU4lC0YFs/05rwYQa CPnpc/j0KPLRHlJFQ9GzkFjUTTiD2yzg0ZstLPhNVeaVUvZ4PlcaGgYOSXAkOiou yqQ7M1QLYaaC9zl/RScCRAqw1MVOUO3DA5cf1cEnHOmitg1RSPfeEMiL3w2WcrWd W3YkRdaPnBe8qtNApzioQ3dS+lkhULS0KsHzYTmYjf2tC+EOmBgfHJVAWyYv0vKd e89ZzMQPAAHbmtlB4DWtkdBUKBmpW1qMze/TGK21O+sR2mBxFPWZiLC6js90/U77 3Xj1DQVaM0YcW+3dKr7KOtpOw2+X/w== -----END CERTIFICATE-----Generated at Mon Oct 20 19:35:08 2025 by rpki-client