$ rpki-client -vvf rpki.apnic.net/member_repository/A9131067/8DD00F56A6AD11EB827FC11CC4F9AE02/BD9AE4AE55D111F0A7CFBB2BC4F9AE02.roa File: BD9AE4AE55D111F0A7CFBB2BC4F9AE02.roa (raw, json) Hash identifier: +s2eZecZzBHi2TTyZXd1eJhQogRo8Y85r4PmKMG3WZA= Subject key identifier: 9E:90:39:73:6A:78:35:7B:AF:6C:49:BA:01:BD:FA:C9:35:AE:88:08 Certificate issuer: /CN=A9131067/serialNumber=B2C47C2E3D4FC7EDC99AE20E46B174B10A0375F6 Certificate serial: 0693 Authority key identifier: B2:C4:7C:2E:3D:4F:C7:ED:C9:9A:E2:0E:46:B1:74:B1:0A:03:75:F6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ssR8Lj1Px-3JmuIORrF0sQoDdfY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9131067/8DD00F56A6AD11EB827FC11CC4F9AE02/BD9AE4AE55D111F0A7CFBB2BC4F9AE02.roa Signing time: Sat 30 Aug 2025 23:46:14 +0000 ROA not before: Sat 30 Aug 2025 23:46:14 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 142063 IP address blocks: 103.166.102.0/24 maxlen: 24 103.166.103.0/24 maxlen: 24 2001:df1:b340::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9131067/8DD00F56A6AD11EB827FC11CC4F9AE02/ssR8Lj1Px-3JmuIORrF0sQoDdfY.crl rsync://rpki.apnic.net/member_repository/A9131067/8DD00F56A6AD11EB827FC11CC4F9AE02/ssR8Lj1Px-3JmuIORrF0sQoDdfY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ssR8Lj1Px-3JmuIORrF0sQoDdfY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 00:13:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1683 (0x693) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9131067, serialNumber=B2C47C2E3D4FC7EDC99AE20E46B174B10A0375F6 Validity Not Before: Aug 30 23:46:14 2025 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=68b38d45-927c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:ad:ff:d3:0a:e1:67:37:7d:56:61:de:8a:88: e9:03:1b:89:dd:fd:ac:e6:10:f1:66:0e:b9:b9:cc: d1:cf:db:66:de:a8:c5:5f:ef:c4:b6:8c:70:30:9e: 3e:33:3f:af:aa:90:8c:13:1f:ce:9b:33:ce:8a:78: 3d:9c:d8:04:76:50:05:a4:38:09:f9:36:86:55:7c: a1:e5:c5:6a:61:3a:3b:d9:38:fd:f6:af:31:32:55: af:c0:ab:81:55:db:6a:fc:37:cb:2e:d0:81:41:35: d2:ac:0d:45:0f:c7:16:22:46:de:b1:df:48:7d:fc: 5b:74:56:39:4d:aa:b3:49:4f:89:16:a6:4b:da:2c: 2c:62:c3:ed:4e:5c:62:47:0b:78:63:05:3d:b1:71: 7a:51:d3:13:ed:2f:f2:b9:a8:c6:c9:77:d5:3b:9b: 78:f8:b5:3f:2e:ee:3b:6c:cc:f1:53:ce:f2:9f:ba: 9a:29:bb:90:95:95:98:14:98:0b:28:ee:98:04:41: e8:f1:e6:39:81:0b:4d:94:89:7b:50:48:62:92:31: 19:f8:95:a3:b5:ae:ca:6a:c9:27:ce:98:44:c8:a3: 86:1c:52:6e:d9:71:2a:56:44:e5:38:1e:e8:9d:eb: f8:5e:62:af:89:65:4f:6c:5c:8c:ba:50:5b:5a:85: ea:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:90:39:73:6A:78:35:7B:AF:6C:49:BA:01:BD:FA:C9:35:AE:88:08 X509v3 Authority Key Identifier: keyid:B2:C4:7C:2E:3D:4F:C7:ED:C9:9A:E2:0E:46:B1:74:B1:0A:03:75:F6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9131067/8DD00F56A6AD11EB827FC11CC4F9AE02/ssR8Lj1Px-3JmuIORrF0sQoDdfY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ssR8Lj1Px-3JmuIORrF0sQoDdfY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9131067/8DD00F56A6AD11EB827FC11CC4F9AE02/BD9AE4AE55D111F0A7CFBB2BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.166.102.0/23 IPv6: 2001:df1:b340::/48 Signature Algorithm: sha256WithRSAEncryption 3a:da:68:47:36:38:0b:4b:ee:de:0d:3c:da:2e:9f:a2:76:ed: 27:e6:f5:44:e5:00:3d:ae:3b:9d:04:eb:47:ff:88:ab:1c:49: 0b:cf:74:ba:71:1f:b1:58:70:40:e5:8a:b2:6b:67:d5:b7:76: 50:1d:c9:5b:c8:43:37:5c:1c:3a:a7:e3:d5:de:00:70:d9:ea: 1f:df:8c:4f:b0:34:14:67:4e:4d:7b:7e:b0:2e:ad:ef:64:cd: f1:47:c5:84:2c:22:13:87:eb:c9:20:18:82:7c:6a:01:6e:47: 09:66:cc:c9:fd:a0:d1:22:e7:c7:71:fb:7c:de:89:a1:b9:51: 9a:db:14:22:cf:c7:dd:af:e8:c6:16:8c:0b:ac:d9:74:d3:dc: 14:71:69:ce:d6:93:fa:9c:a5:97:a2:06:ed:f9:ca:35:db:e7: de:91:30:05:c0:64:4b:bf:4d:29:4e:5f:86:53:0e:46:86:b8: b6:08:68:61:89:45:7c:4a:bc:8b:4f:9f:31:ef:eb:8a:d4:5c: eb:d4:65:96:a2:3c:62:52:c7:af:d3:f7:ed:b2:67:74:50:ff: 0a:fd:3d:2a:ce:b7:76:66:95:ac:68:2d:21:03:f4:6b:3b:15: 4c:98:4d:ca:ed:f1:ef:8d:f0:79:b0:91:44:fa:b8:8e:43:b6: 88:e9:0f:28 -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICBpMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzEwNjcxMTAvBgNVBAUTKEIyQzQ3QzJFM0Q0RkM3RURDOTlBRTIwRTQ2QjE3NEIx MEEwMzc1RjYwHhcNMjUwODMwMjM0NjE0WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGIzOGQ0NS05MjdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArq3/0wrhZzd9VmHeiojpAxuJ3f2s5hDxZg65uczRz9tm3qjFX+/EtoxwMJ4+ Mz+vqpCMEx/OmzPOing9nNgEdlAFpDgJ+TaGVXyh5cVqYTo72Tj99q8xMlWvwKuB Vdtq/DfLLtCBQTXSrA1FD8cWIkbesd9IffxbdFY5TaqzSU+JFqZL2iwsYsPtTlxi Rwt4YwU9sXF6UdMT7S/yuajGyXfVO5t4+LU/Lu47bMzxU87yn7qaKbuQlZWYFJgL KO6YBEHo8eY5gQtNlIl7UEhikjEZ+JWjta7KasknzphEyKOGHFJu2XEqVkTlOB7o nev4XmKviWVPbFyMulBbWoXq1wIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFJ6QOXNq eDV7r2xJugG9+sk1rogIMB8GA1UdIwQYMBaAFLLEfC49T8ftyZriDkaxdLEKA3X2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMTA2Ny84REQwMEY1NkE2 QUQxMUVCODI3RkMxMUNDNEY5QUUwMi9zc1I4TGoxUHgtM0ptdUlPUnJGMHNRb0Rk ZlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3NzUjhMajFQeC0zSm11SU9SckYwc1FvRGRmWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzEwNjcvOEREMDBGNTZBNkFEMTFFQjgyN0ZDMTFDQzRGOUFFMDIvQkQ5QUU0QUU1 NUQxMTFGMEE3Q0ZCQjJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAFnpmYwDwQCAAIwCQMHACABDfGzQDANBgkqhkiG9w0BAQsF AAOCAQEAOtpoRzY4C0vu3g082i6fonbtJ+b1ROUAPa47nQTrR/+IqxxJC890unEf sVhwQOWKsmtn1bd2UB3JW8hDN1wcOqfj1d4AcNnqH9+MT7A0FGdOTXt+sC6t72TN 8UfFhCwiE4frySAYgnxqAW5HCWbMyf2g0SLnx3H7fN6JoblRmtsUIs/H3a/oxhaM C6zZdNPcFHFpztaT+pyll6IG7fnKNdvn3pEwBcBkS79NKU5fhlMORoa4tghoYYlF fEq8i0+fMe/ritRc69RllqI8YlLHr9P37bJndFD/Cv09Ks63dmaVrGgtIQP0azsV TJhNyu3x743webCRRPq4jkO2iOkPKA== -----END CERTIFICATE-----Generated at Mon Oct 20 19:26:13 2025 by rpki-client