$ rpki-client -vvf rpki.apnic.net/member_repository/A913DF3B/CDBA812EF03A11EB8D30E058C4F9AE02/8D7E9B7EF03D11EB804DF61FC4F9AE02.roa File: 8D7E9B7EF03D11EB804DF61FC4F9AE02.roa (raw, json) Hash identifier: 0C374rc1/yzntVHlBO2RHsCgAiQUBU23dQBcBVfekCo= Subject key identifier: 6A:65:11:04:68:08:B5:7B:A3:91:6A:E6:28:04:5C:3A:7D:AA:E6:7B Certificate issuer: /CN=A913DF3B/serialNumber=A896B170BF0D88723F36C7AC2087854AA284BD71 Certificate serial: 0577 Authority key identifier: A8:96:B1:70:BF:0D:88:72:3F:36:C7:AC:20:87:85:4A:A2:84:BD:71 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qJaxcL8NiHI_NsesIIeFSqKEvXE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913DF3B/CDBA812EF03A11EB8D30E058C4F9AE02/8D7E9B7EF03D11EB804DF61FC4F9AE02.roa Signing time: Wed 20 Aug 2025 23:35:30 +0000 ROA not before: Wed 20 Aug 2025 23:35:30 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 139781 IP address blocks: 103.170.136.0/23 maxlen: 23 103.170.136.0/24 maxlen: 24 103.170.137.0/24 maxlen: 24 2001:df7:1b80::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913DF3B/CDBA812EF03A11EB8D30E058C4F9AE02/qJaxcL8NiHI_NsesIIeFSqKEvXE.crl rsync://rpki.apnic.net/member_repository/A913DF3B/CDBA812EF03A11EB8D30E058C4F9AE02/qJaxcL8NiHI_NsesIIeFSqKEvXE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qJaxcL8NiHI_NsesIIeFSqKEvXE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 23:28:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1399 (0x577) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913DF3B, serialNumber=A896B170BF0D88723F36C7AC2087854AA284BD71 Validity Not Before: Aug 20 23:35:30 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=68a65bc1-125e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:eb:65:e1:3e:fd:d0:9e:5c:27:a6:3b:8c:8f: 7a:19:6d:f3:b9:95:49:6a:91:c1:55:e4:23:ab:d5: d7:4b:67:43:d1:94:63:c4:9c:81:1e:f4:b8:3b:30: f9:24:e0:73:ab:97:50:a8:ff:71:28:6d:59:ef:cb: c6:23:d7:b0:57:6d:cb:96:e8:83:1c:78:7f:6e:5b: 8e:8f:f4:43:79:1b:35:36:d2:fc:31:df:55:1c:e9: 43:68:66:1d:1a:d1:4a:44:ba:b2:7f:f8:73:a1:dc: e1:62:71:26:0a:c3:0f:f6:72:71:2a:e3:46:59:10: cf:70:08:9e:71:18:6e:a8:2d:a5:aa:1d:7c:0e:d3: a9:bd:4c:6e:c0:74:ef:4f:78:a9:0e:2b:f3:d4:a0: 61:53:81:8e:ca:dd:8a:0c:df:f4:18:3e:84:84:36: 7c:20:af:ae:6c:8b:02:d3:ab:7c:ab:ef:66:01:00: d3:29:eb:db:a6:68:5e:1d:f5:95:26:5d:0b:b9:47: 62:70:50:f2:b4:88:c6:50:15:35:42:28:6f:3c:a4: 79:a3:da:81:84:9a:ba:b1:69:df:95:36:09:97:1c: c9:4c:a0:f9:31:be:77:e9:77:23:92:f6:2a:85:dd: aa:c3:1d:85:3f:46:07:3b:13:a4:88:35:aa:61:2e: d8:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:65:11:04:68:08:B5:7B:A3:91:6A:E6:28:04:5C:3A:7D:AA:E6:7B X509v3 Authority Key Identifier: keyid:A8:96:B1:70:BF:0D:88:72:3F:36:C7:AC:20:87:85:4A:A2:84:BD:71 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913DF3B/CDBA812EF03A11EB8D30E058C4F9AE02/qJaxcL8NiHI_NsesIIeFSqKEvXE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qJaxcL8NiHI_NsesIIeFSqKEvXE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913DF3B/CDBA812EF03A11EB8D30E058C4F9AE02/8D7E9B7EF03D11EB804DF61FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.170.136.0/23 IPv6: 2001:df7:1b80::/48 Signature Algorithm: sha256WithRSAEncryption 4e:4e:f3:d8:ae:ec:3e:e7:c4:8c:48:60:06:f5:30:e3:fe:ad: 9e:3c:6f:a6:52:ee:e3:4c:26:b7:be:fb:82:85:03:61:05:8a: 53:6e:71:5e:ae:fc:1c:4c:9c:eb:48:ac:76:40:d2:6d:50:5b: 78:48:e8:47:70:5e:2f:1f:46:95:ea:10:75:6a:bf:68:4c:e4: d5:e8:85:64:ae:67:3c:f1:1c:46:f7:97:f3:5c:62:b1:b6:4a: 9e:22:90:d9:35:1d:e7:78:2b:98:aa:62:43:4a:2e:a1:ef:d7: d3:cb:67:f2:50:85:f6:ea:53:4f:93:2e:93:09:cf:67:36:e7: 3b:00:e8:1c:ce:7d:d5:cc:55:37:9f:f5:d6:e7:1a:6d:4f:79: 82:ba:9a:6c:eb:74:d6:f4:f8:3e:f8:87:9c:a5:36:8c:14:0e: eb:c5:28:6d:b0:d2:f1:88:1a:a3:b7:c9:02:6a:8a:03:69:34: ac:8a:e5:8c:c8:62:cd:70:82:67:fc:0c:a1:07:71:54:da:9d: b4:75:de:6d:e4:bc:d6:7f:c1:42:07:d6:a6:56:b8:56:43:0c: 2e:ee:35:04:fa:f3:b2:7a:ed:65:52:d9:eb:2b:6d:4c:66:60: 08:91:00:d4:9c:ef:8e:4b:11:c5:fa:1c:c4:6e:b6:c7:ca:83: b0:1f:ce:e5 -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICBXcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0RGM0IxMTAvBgNVBAUTKEE4OTZCMTcwQkYwRDg4NzIzRjM2QzdBQzIwODc4NTRB QTI4NEJENzEwHhcNMjUwODIwMjMzNTMwWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGE2NWJjMS0xMjVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwetl4T790J5cJ6Y7jI96GW3zuZVJapHBVeQjq9XXS2dD0ZRjxJyBHvS4OzD5 JOBzq5dQqP9xKG1Z78vGI9ewV23LluiDHHh/bluOj/RDeRs1NtL8Md9VHOlDaGYd GtFKRLqyf/hzodzhYnEmCsMP9nJxKuNGWRDPcAiecRhuqC2lqh18DtOpvUxuwHTv T3ipDivz1KBhU4GOyt2KDN/0GD6EhDZ8IK+ubIsC06t8q+9mAQDTKevbpmheHfWV Jl0LuUdicFDytIjGUBU1QihvPKR5o9qBhJq6sWnflTYJlxzJTKD5Mb536XcjkvYq hd2qwx2FP0YHOxOkiDWqYS7YYwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFGplEQRo CLV7o5Fq5igEXDp9quZ7MB8GA1UdIwQYMBaAFKiWsXC/DYhyPzbHrCCHhUqihL1x MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzREYzQi9DREJBODEyRUYw M0ExMUVCOEQzMEUwNThDNEY5QUUwMi9xSmF4Y0w4TmlISV9Oc2VzSUllRlNxS0V2 WEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3FKYXhjTDhOaUhJX05zZXNJSWVGU3FLRXZYRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx M0RGM0IvQ0RCQTgxMkVGMDNBMTFFQjhEMzBFMDU4QzRGOUFFMDIvOEQ3RTlCN0VG MDNEMTFFQjgwNERGNjFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAFnqogwDwQCAAIwCQMHACABDfcbgDANBgkqhkiG9w0BAQsF AAOCAQEATk7z2K7sPufEjEhgBvUw4/6tnjxvplLu40wmt777goUDYQWKU25xXq78 HEyc60isdkDSbVBbeEjoR3BeLx9GleoQdWq/aEzk1eiFZK5nPPEcRveX81xisbZK niKQ2TUd53grmKpiQ0ouoe/X08tn8lCF9upTT5MukwnPZzbnOwDoHM591cxVN5/1 1ucabU95grqabOt01vT4PviHnKU2jBQO68UobbDS8Ygao7fJAmqKA2k0rIrljMhi zXCCZ/wMoQdxVNqdtHXebeS81n/BQgfWpla4VkMMLu41BPrzsnrtZVLZ6yttTGZg CJEA1JzvjksRxfocxG62x8qDsB/O5Q== -----END CERTIFICATE-----Generated at Sun Aug 24 06:04:22 2025 by rpki-client