$ rpki-client -vvf rpki.apnic.net/member_repository/A914A139/EBB9EC6024CA11EAAC2AE586C4F9AE02/10CF1D82C0E311EE81F3E987C4F9AE02.roa File: 10CF1D82C0E311EE81F3E987C4F9AE02.roa (raw, json) Hash identifier: DWCg5lL0mEzrArVCwICSW9aYx94oeCmf91vXy2qE580= Subject key identifier: 6F:BC:DD:5F:B5:C4:E2:AA:E5:80:D2:EB:BB:5F:00:7A:E4:F2:6A:FD Certificate issuer: /CN=A914A139/serialNumber=A25ED8A1427AE93B24D30DCCDFA832538B5008AD Certificate serial: 0C0C Authority key identifier: A2:5E:D8:A1:42:7A:E9:3B:24:D3:0D:CC:DF:A8:32:53:8B:50:08:AD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ol7YoUJ66Tsk0w3M36gyU4tQCK0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914A139/EBB9EC6024CA11EAAC2AE586C4F9AE02/10CF1D82C0E311EE81F3E987C4F9AE02.roa Signing time: Mon 06 Oct 2025 19:19:01 +0000 ROA not before: Mon 06 Oct 2025 19:19:01 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 139325 IP address blocks: 103.141.64.0/23 maxlen: 24 2001:df0:f280::/48 maxlen: 48 2401:79e0:4000::/34 maxlen: 38 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914A139/EBB9EC6024CA11EAAC2AE586C4F9AE02/ol7YoUJ66Tsk0w3M36gyU4tQCK0.crl rsync://rpki.apnic.net/member_repository/A914A139/EBB9EC6024CA11EAAC2AE586C4F9AE02/ol7YoUJ66Tsk0w3M36gyU4tQCK0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ol7YoUJ66Tsk0w3M36gyU4tQCK0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 19:31:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3084 (0xc0c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914A139, serialNumber=A25ED8A1427AE93B24D30DCCDFA832538B5008AD Validity Not Before: Oct 6 19:19:01 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=68e41625-a240 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:ed:32:4a:e1:28:16:2b:c7:72:cb:5d:82:d3: 2f:3d:c7:9a:cc:d1:3d:39:91:38:02:6b:3a:0d:7f: ca:7f:d4:4e:9b:07:79:5f:e0:a0:e4:5f:03:50:71: 45:88:67:c2:4d:3b:42:44:4d:33:87:c3:d3:04:12: 25:05:a2:4a:4e:de:d2:32:17:65:64:78:f7:5e:eb: 1e:d8:cf:32:42:4a:c6:14:ff:dd:d7:ea:78:03:73: 07:fd:19:85:71:5c:44:01:45:15:0f:88:a6:4b:a5: 12:f6:47:d3:cc:a9:b8:80:3d:c9:66:2d:cc:46:83: f5:bb:02:02:b5:18:6e:1e:fa:8a:95:e7:18:16:cf: 58:ef:71:03:b8:2c:e5:4c:a6:c5:f3:f2:6d:2b:92: c0:e5:80:5e:6b:50:cc:b6:66:a4:fc:c8:5a:01:48: e4:c0:b7:64:4c:d5:19:9a:b5:78:a6:55:ec:ed:df: 25:8f:62:80:1f:04:65:0f:78:92:51:0b:79:76:7c: 6d:e8:ba:3b:6e:06:bd:d2:9b:ae:ec:6c:94:7b:a8: 0d:02:83:c3:3c:c8:bb:0e:dd:f9:96:e1:6a:a9:e3: 29:f5:8c:ac:d8:a7:52:02:27:26:b8:64:4e:59:70: 2d:96:0e:34:a8:9e:52:d6:c7:49:a5:1b:c7:21:5e: 71:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:BC:DD:5F:B5:C4:E2:AA:E5:80:D2:EB:BB:5F:00:7A:E4:F2:6A:FD X509v3 Authority Key Identifier: keyid:A2:5E:D8:A1:42:7A:E9:3B:24:D3:0D:CC:DF:A8:32:53:8B:50:08:AD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914A139/EBB9EC6024CA11EAAC2AE586C4F9AE02/ol7YoUJ66Tsk0w3M36gyU4tQCK0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ol7YoUJ66Tsk0w3M36gyU4tQCK0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914A139/EBB9EC6024CA11EAAC2AE586C4F9AE02/10CF1D82C0E311EE81F3E987C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.141.64.0/23 IPv6: 2001:df0:f280::/48 2401:79e0:4000::/34 Signature Algorithm: sha256WithRSAEncryption 6f:f0:84:cc:3f:fa:7c:4a:33:e3:64:37:30:f7:a5:a9:97:90: ec:32:6b:a6:2e:7b:c9:ec:35:75:c7:9d:d2:50:e0:6f:31:33: 7f:31:cf:b3:a7:c1:35:e4:91:f2:cf:01:48:5f:06:d2:ff:29: c1:f3:e4:1f:9d:00:fc:91:08:3d:f8:a1:5b:2c:2a:05:22:71: 83:d5:eb:69:3a:f1:98:5d:66:cd:ce:6d:2b:ed:e6:0b:09:22: 28:b9:7f:a1:dd:b7:7e:88:15:21:74:a3:fd:52:69:69:c1:3a: 35:07:25:38:9f:c5:d4:98:b0:7b:51:ec:0d:98:5b:3d:bb:66: 37:0d:3a:89:07:67:1a:58:c3:0c:6e:53:ec:5d:fc:9b:e2:54: a1:14:ba:5c:a1:80:da:64:62:3d:66:95:9d:a9:60:e8:80:04: 28:4d:23:52:db:9f:6a:35:d0:6e:f2:1a:c2:e6:18:23:c6:d7: e9:b3:d1:82:1b:1b:99:73:e9:f5:ea:fe:2a:29:4d:bd:2f:df: 5f:94:19:b2:9b:d6:71:95:75:5c:35:c8:9b:fe:2e:2e:55:a5: b0:f8:55:de:6b:59:e6:2b:f3:d3:30:f0:2c:f3:ec:57:d2:39: c7:d8:18:e3:14:84:4c:6f:2f:03:be:b6:f2:31:c7:e8:26:01: 98:f4:2f:c7 -----BEGIN CERTIFICATE----- MIIFijCCBHKgAwIBAgICDAwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEExMzkxMTAvBgNVBAUTKEEyNUVEOEExNDI3QUU5M0IyNEQzMERDQ0RGQTgzMjUz OEI1MDA4QUQwHhcNMjUxMDA2MTkxOTAxWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGU0MTYyNS1hMjQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvu0ySuEoFivHcstdgtMvPceazNE9OZE4Ams6DX/Kf9ROmwd5X+Cg5F8DUHFF iGfCTTtCRE0zh8PTBBIlBaJKTt7SMhdlZHj3Xuse2M8yQkrGFP/d1+p4A3MH/RmF cVxEAUUVD4imS6US9kfTzKm4gD3JZi3MRoP1uwICtRhuHvqKlecYFs9Y73EDuCzl TKbF8/JtK5LA5YBea1DMtmak/MhaAUjkwLdkTNUZmrV4plXs7d8lj2KAHwRlD3iS UQt5dnxt6Lo7bga90puu7GyUe6gNAoPDPMi7Dt35luFqqeMp9Yys2KdSAicmuGRO WXAtlg40qJ5S1sdJpRvHIV5xkQIDAQABo4ICrjCCAqowHQYDVR0OBBYEFG+83V+1 xOKq5YDS67tfAHrk8mr9MB8GA1UdIwQYMBaAFKJe2KFCeuk7JNMNzN+oMlOLUAit MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QTEzOS9FQkI5RUM2MDI0 Q0ExMUVBQUMyQUU1ODZDNEY5QUUwMi9vbDdZb1VKNjZUc2swdzNNMzZneVU0dFFD SzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29sN1lvVUo2NlRzazB3M00zNmd5VTR0UUNLMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NEExMzkvRUJCOUVDNjAyNENBMTFFQUFDMkFFNTg2QzRGOUFFMDIvMTBDRjFEODJD MEUzMTFFRTgxRjNFOTg3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOAYIKwYBBQUHAQcBAf8E KTAnMAwEAgABMAYDBAFnjUAwFwQCAAIwEQMHACABDfDygAMGBiQBeeBAMA0GCSqG SIb3DQEBCwUAA4IBAQBv8ITMP/p8SjPjZDcw96Wpl5DsMmumLnvJ7DV1x53SUOBv MTN/Mc+zp8E15JHyzwFIXwbS/ynB8+QfnQD8kQg9+KFbLCoFInGD1etpOvGYXWbN zm0r7eYLCSIouX+h3bd+iBUhdKP9UmlpwTo1ByU4n8XUmLB7UewNmFs9u2Y3DTqJ B2caWMMMblPsXfyb4lShFLpcoYDaZGI9ZpWdqWDogAQoTSNS259qNdBu8hrC5hgj xtfps9GCGxuZc+n16v4qKU29L99flBmym9ZxlXVcNcib/i4uVaWw+FXea1nmK/PT MPAs8+xX0jnH2BjjFIRMby8DvrbyMcfoJgGY9C/H -----END CERTIFICATE-----Generated at Mon Oct 20 23:11:21 2025 by rpki-client