$ rpki-client -vvf rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/C8D6C4CAD1EF11EAA9944238C4F9AE02.roa File: C8D6C4CAD1EF11EAA9944238C4F9AE02.roa (raw, json) Hash identifier: jROfgwuidzLC7AWCncg9tK5p5d6kMRx0vRFp0MoP+qM= Subject key identifier: 3C:81:CE:69:0F:DD:95:6D:95:3F:C8:77:B0:7F:8F:29:A5:25:7F:92 Certificate issuer: /CN=A913B805/serialNumber=42D3ECB9C8570AB090EB601EDB3379C0D3D8A6D0 Certificate serial: 2646 Authority key identifier: 42:D3:EC:B9:C8:57:0A:B0:90:EB:60:1E:DB:33:79:C0:D3:D8:A6:D0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QtPsuchXCrCQ62Ae2zN5wNPYptA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/C8D6C4CAD1EF11EAA9944238C4F9AE02.roa Signing time: Sun 14 Sep 2025 17:57:31 +0000 ROA not before: Sun 14 Sep 2025 17:57:31 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 139038 IP address blocks: 103.138.210.0/24 maxlen: 24 103.138.210.254/32 maxlen: 32 2001:df0:5580::/48 maxlen: 48 2001:df0:5580::/54 maxlen: 54 2001:df0:5580:800::/54 maxlen: 54 2001:df0:5580:1000::/52 maxlen: 52 2001:df0:5580:1000::/54 maxlen: 54 2001:df0:5580:2000::/52 maxlen: 52 2001:df0:5580:3000::/52 maxlen: 52 2001:df0:5580:7000::/52 maxlen: 52 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/QtPsuchXCrCQ62Ae2zN5wNPYptA.crl rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/QtPsuchXCrCQ62Ae2zN5wNPYptA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QtPsuchXCrCQ62Ae2zN5wNPYptA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 18:12:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9798 (0x2646) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913B805, serialNumber=42D3ECB9C8570AB090EB601EDB3379C0D3D8A6D0 Validity Not Before: Sep 14 17:57:31 2025 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=68c7020b-17a5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:d0:cd:f0:38:dd:07:9c:ff:c7:b0:63:2d:c7: da:a3:32:3f:e0:ae:61:82:73:ce:97:1f:86:f0:4c: 45:a4:a3:a2:d0:08:89:62:7e:b8:46:50:13:ba:8e: f0:6e:00:db:6e:3e:da:a0:5a:72:ef:aa:19:9e:20: cb:b3:c9:77:40:13:e6:5d:67:92:ed:90:72:db:ad: bc:da:60:1f:fa:ad:48:6f:f0:20:6f:69:fa:70:25: 59:0e:f8:76:87:11:b4:31:da:80:bc:0b:cc:00:7f: fe:ca:31:59:1c:39:7e:b9:ea:eb:f5:4b:f0:81:05: 38:8e:60:fd:12:80:5c:63:3a:d9:ab:93:2c:2a:81: 3c:9d:8b:8c:b4:6d:32:f4:9a:8e:d5:56:5d:86:0d: 3f:72:ce:50:b6:53:52:bf:cd:d5:1f:4c:74:0d:fa: 97:fa:93:9a:41:d9:f4:05:18:e6:2f:6b:2a:97:c0: 94:85:b8:9f:8a:b6:ae:54:0d:09:f9:3e:2f:53:c6: 1b:3b:a4:db:6f:ed:06:66:0d:ab:8e:89:71:61:27: 2b:8c:c9:58:5d:94:fe:13:72:5d:81:03:b1:ce:95: 50:23:06:44:b8:d0:de:9d:f5:06:9e:ca:29:76:da: e8:de:34:ee:65:4f:c9:68:e6:c5:06:fb:2c:7f:99: 87:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:81:CE:69:0F:DD:95:6D:95:3F:C8:77:B0:7F:8F:29:A5:25:7F:92 X509v3 Authority Key Identifier: keyid:42:D3:EC:B9:C8:57:0A:B0:90:EB:60:1E:DB:33:79:C0:D3:D8:A6:D0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/QtPsuchXCrCQ62Ae2zN5wNPYptA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QtPsuchXCrCQ62Ae2zN5wNPYptA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/C8D6C4CAD1EF11EAA9944238C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.138.210.0/24 IPv6: 2001:df0:5580::/48 Signature Algorithm: sha256WithRSAEncryption a7:15:17:c3:04:36:a9:1d:17:e7:91:83:3f:14:80:cb:f2:cb: 66:62:17:15:5a:d5:00:9e:28:e5:92:f1:ed:41:bc:3e:05:42: 79:ba:52:af:97:67:c4:6e:ac:80:e0:fd:ce:f4:89:b0:b4:f5: ef:8d:a6:de:8c:c4:dd:ac:ce:22:54:35:a2:7b:a5:b0:95:9e: 57:f4:90:8d:3b:f2:a2:db:b5:13:54:54:2c:e6:32:58:49:30: 54:06:f9:55:98:a6:4a:89:a9:4b:da:96:fc:f8:c1:95:2a:56: f1:c8:05:2c:88:88:fd:4f:de:06:9a:a9:cd:56:64:be:81:2a: da:5c:95:c4:3f:a9:ba:5b:27:92:2b:2a:f6:25:88:c0:5a:76: 57:d7:f9:9f:25:26:e1:0f:fa:b4:ed:4f:57:c7:1c:db:6a:b6: cd:08:10:39:46:35:ca:be:a2:62:0c:e3:0b:7c:d4:40:ee:02: 4b:31:8e:c6:69:8b:b4:c5:f0:67:9e:9a:a8:a8:fc:95:04:1d: 97:9a:4c:c2:6e:75:59:1d:90:72:f7:5c:82:73:c5:3f:8e:06: 13:34:ac:aa:9a:cd:10:33:55:89:85:74:1a:7f:7a:de:00:67: 69:d1:36:49:00:ed:cc:f2:5b:5a:de:6d:cf:2d:98:dc:33:48: ef:e8:87:ec -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICJkYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0I4MDUxMTAvBgNVBAUTKDQyRDNFQ0I5Qzg1NzBBQjA5MEVCNjAxRURCMzM3OUMw RDNEOEE2RDAwHhcNMjUwOTE0MTc1NzMxWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGM3MDIwYi0xN2E1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtdDN8DjdB5z/x7BjLcfaozI/4K5hgnPOlx+G8ExFpKOi0AiJYn64RlATuo7w bgDbbj7aoFpy76oZniDLs8l3QBPmXWeS7ZBy26282mAf+q1Ib/Agb2n6cCVZDvh2 hxG0MdqAvAvMAH/+yjFZHDl+uerr9UvwgQU4jmD9EoBcYzrZq5MsKoE8nYuMtG0y 9JqO1VZdhg0/cs5QtlNSv83VH0x0DfqX+pOaQdn0BRjmL2sql8CUhbifirauVA0J +T4vU8YbO6Tbb+0GZg2rjolxYScrjMlYXZT+E3JdgQOxzpVQIwZEuNDenfUGnsop dtro3jTuZU/JaObFBvssf5mH7QIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFDyBzmkP 3ZVtlT/Id7B/jymlJX+SMB8GA1UdIwQYMBaAFELT7LnIVwqwkOtgHtszecDT2KbQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQjgwNS9GODA3NkI4QTdC N0IxMUU5OEI2RUMwNzRDNEY5QUUwMi9RdFBzdWNoWENyQ1E2MkFlMnpONXdOUFlw dEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1F0UHN1Y2hYQ3JDUTYyQWUyek41d05QWXB0QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx M0I4MDUvRjgwNzZCOEE3QjdCMTFFOThCNkVDMDc0QzRGOUFFMDIvQzhENkM0Q0FE MUVGMTFFQUE5OTQ0MjM4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBABnitIwDwQCAAIwCQMHACABDfBVgDANBgkqhkiG9w0BAQsF AAOCAQEApxUXwwQ2qR0X55GDPxSAy/LLZmIXFVrVAJ4o5ZLx7UG8PgVCebpSr5dn xG6sgOD9zvSJsLT1742m3ozE3azOIlQ1onulsJWeV/SQjTvyotu1E1RULOYyWEkw VAb5VZimSompS9qW/PjBlSpW8cgFLIiI/U/eBpqpzVZkvoEq2lyVxD+pulsnkisq 9iWIwFp2V9f5nyUm4Q/6tO1PV8cc22q2zQgQOUY1yr6iYgzjC3zUQO4CSzGOxmmL tMXwZ56aqKj8lQQdl5pMwm51WR2QcvdcgnPFP44GEzSsqprNEDNViYV0Gn963gBn adE2SQDtzPJbWt5tzy2Y3DNI7+iH7A== -----END CERTIFICATE-----Generated at Mon Oct 20 11:30:53 2025 by rpki-client