
$ rpki-client -vvf rpki.apnic.net/member_repository/A914A139/EBB9EC6024CA11EAAC2AE586C4F9AE02/10CF1D82C0E311EE81F3E987C4F9AE02.roa
File: 10CF1D82C0E311EE81F3E987C4F9AE02.roa (raw, json)
Hash identifier: DWCg5lL0mEzrArVCwICSW9aYx94oeCmf91vXy2qE580=
Subject key identifier: 6F:BC:DD:5F:B5:C4:E2:AA:E5:80:D2:EB:BB:5F:00:7A:E4:F2:6A:FD
Certificate issuer: /CN=A914A139/serialNumber=A25ED8A1427AE93B24D30DCCDFA832538B5008AD
Certificate serial: 0C0C
Authority key identifier: A2:5E:D8:A1:42:7A:E9:3B:24:D3:0D:CC:DF:A8:32:53:8B:50:08:AD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ol7YoUJ66Tsk0w3M36gyU4tQCK0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914A139/EBB9EC6024CA11EAAC2AE586C4F9AE02/10CF1D82C0E311EE81F3E987C4F9AE02.roa
Signing time: Mon 06 Oct 2025 19:19:01 +0000
ROA not before: Mon 06 Oct 2025 19:19:01 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 139325
IP address blocks: 103.141.64.0/23 maxlen: 24
2001:df0:f280::/48 maxlen: 48
2401:79e0:4000::/34 maxlen: 38
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914A139/EBB9EC6024CA11EAAC2AE586C4F9AE02/ol7YoUJ66Tsk0w3M36gyU4tQCK0.crl
rsync://rpki.apnic.net/member_repository/A914A139/EBB9EC6024CA11EAAC2AE586C4F9AE02/ol7YoUJ66Tsk0w3M36gyU4tQCK0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ol7YoUJ66Tsk0w3M36gyU4tQCK0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 Oct 2025 19:41:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3084 (0xc0c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914A139, serialNumber=A25ED8A1427AE93B24D30DCCDFA832538B5008AD
Validity
Not Before: Oct 6 19:19:01 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=68e41625-a240
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ed:32:4a:e1:28:16:2b:c7:72:cb:5d:82:d3:
2f:3d:c7:9a:cc:d1:3d:39:91:38:02:6b:3a:0d:7f:
ca:7f:d4:4e:9b:07:79:5f:e0:a0:e4:5f:03:50:71:
45:88:67:c2:4d:3b:42:44:4d:33:87:c3:d3:04:12:
25:05:a2:4a:4e:de:d2:32:17:65:64:78:f7:5e:eb:
1e:d8:cf:32:42:4a:c6:14:ff:dd:d7:ea:78:03:73:
07:fd:19:85:71:5c:44:01:45:15:0f:88:a6:4b:a5:
12:f6:47:d3:cc:a9:b8:80:3d:c9:66:2d:cc:46:83:
f5:bb:02:02:b5:18:6e:1e:fa:8a:95:e7:18:16:cf:
58:ef:71:03:b8:2c:e5:4c:a6:c5:f3:f2:6d:2b:92:
c0:e5:80:5e:6b:50:cc:b6:66:a4:fc:c8:5a:01:48:
e4:c0:b7:64:4c:d5:19:9a:b5:78:a6:55:ec:ed:df:
25:8f:62:80:1f:04:65:0f:78:92:51:0b:79:76:7c:
6d:e8:ba:3b:6e:06:bd:d2:9b:ae:ec:6c:94:7b:a8:
0d:02:83:c3:3c:c8:bb:0e:dd:f9:96:e1:6a:a9:e3:
29:f5:8c:ac:d8:a7:52:02:27:26:b8:64:4e:59:70:
2d:96:0e:34:a8:9e:52:d6:c7:49:a5:1b:c7:21:5e:
71:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:BC:DD:5F:B5:C4:E2:AA:E5:80:D2:EB:BB:5F:00:7A:E4:F2:6A:FD
X509v3 Authority Key Identifier:
keyid:A2:5E:D8:A1:42:7A:E9:3B:24:D3:0D:CC:DF:A8:32:53:8B:50:08:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914A139/EBB9EC6024CA11EAAC2AE586C4F9AE02/ol7YoUJ66Tsk0w3M36gyU4tQCK0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ol7YoUJ66Tsk0w3M36gyU4tQCK0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914A139/EBB9EC6024CA11EAAC2AE586C4F9AE02/10CF1D82C0E311EE81F3E987C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.141.64.0/23
IPv6:
2001:df0:f280::/48
2401:79e0:4000::/34
Signature Algorithm: sha256WithRSAEncryption
6f:f0:84:cc:3f:fa:7c:4a:33:e3:64:37:30:f7:a5:a9:97:90:
ec:32:6b:a6:2e:7b:c9:ec:35:75:c7:9d:d2:50:e0:6f:31:33:
7f:31:cf:b3:a7:c1:35:e4:91:f2:cf:01:48:5f:06:d2:ff:29:
c1:f3:e4:1f:9d:00:fc:91:08:3d:f8:a1:5b:2c:2a:05:22:71:
83:d5:eb:69:3a:f1:98:5d:66:cd:ce:6d:2b:ed:e6:0b:09:22:
28:b9:7f:a1:dd:b7:7e:88:15:21:74:a3:fd:52:69:69:c1:3a:
35:07:25:38:9f:c5:d4:98:b0:7b:51:ec:0d:98:5b:3d:bb:66:
37:0d:3a:89:07:67:1a:58:c3:0c:6e:53:ec:5d:fc:9b:e2:54:
a1:14:ba:5c:a1:80:da:64:62:3d:66:95:9d:a9:60:e8:80:04:
28:4d:23:52:db:9f:6a:35:d0:6e:f2:1a:c2:e6:18:23:c6:d7:
e9:b3:d1:82:1b:1b:99:73:e9:f5:ea:fe:2a:29:4d:bd:2f:df:
5f:94:19:b2:9b:d6:71:95:75:5c:35:c8:9b:fe:2e:2e:55:a5:
b0:f8:55:de:6b:59:e6:2b:f3:d3:30:f0:2c:f3:ec:57:d2:39:
c7:d8:18:e3:14:84:4c:6f:2f:03:be:b6:f2:31:c7:e8:26:01:
98:f4:2f:c7
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgICDAwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEExMzkxMTAvBgNVBAUTKEEyNUVEOEExNDI3QUU5M0IyNEQzMERDQ0RGQTgzMjUz
OEI1MDA4QUQwHhcNMjUxMDA2MTkxOTAxWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGU0MTYyNS1hMjQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvu0ySuEoFivHcstdgtMvPceazNE9OZE4Ams6DX/Kf9ROmwd5X+Cg5F8DUHFF
iGfCTTtCRE0zh8PTBBIlBaJKTt7SMhdlZHj3Xuse2M8yQkrGFP/d1+p4A3MH/RmF
cVxEAUUVD4imS6US9kfTzKm4gD3JZi3MRoP1uwICtRhuHvqKlecYFs9Y73EDuCzl
TKbF8/JtK5LA5YBea1DMtmak/MhaAUjkwLdkTNUZmrV4plXs7d8lj2KAHwRlD3iS
UQt5dnxt6Lo7bga90puu7GyUe6gNAoPDPMi7Dt35luFqqeMp9Yys2KdSAicmuGRO
WXAtlg40qJ5S1sdJpRvHIV5xkQIDAQABo4ICrjCCAqowHQYDVR0OBBYEFG+83V+1
xOKq5YDS67tfAHrk8mr9MB8GA1UdIwQYMBaAFKJe2KFCeuk7JNMNzN+oMlOLUAit
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QTEzOS9FQkI5RUM2MDI0
Q0ExMUVBQUMyQUU1ODZDNEY5QUUwMi9vbDdZb1VKNjZUc2swdzNNMzZneVU0dFFD
SzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29sN1lvVUo2NlRzazB3M00zNmd5VTR0UUNLMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEExMzkvRUJCOUVDNjAyNENBMTFFQUFDMkFFNTg2QzRGOUFFMDIvMTBDRjFEODJD
MEUzMTFFRTgxRjNFOTg3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOAYIKwYBBQUHAQcBAf8E
KTAnMAwEAgABMAYDBAFnjUAwFwQCAAIwEQMHACABDfDygAMGBiQBeeBAMA0GCSqG
SIb3DQEBCwUAA4IBAQBv8ITMP/p8SjPjZDcw96Wpl5DsMmumLnvJ7DV1x53SUOBv
MTN/Mc+zp8E15JHyzwFIXwbS/ynB8+QfnQD8kQg9+KFbLCoFInGD1etpOvGYXWbN
zm0r7eYLCSIouX+h3bd+iBUhdKP9UmlpwTo1ByU4n8XUmLB7UewNmFs9u2Y3DTqJ
B2caWMMMblPsXfyb4lShFLpcoYDaZGI9ZpWdqWDogAQoTSNS259qNdBu8hrC5hgj
xtfps9GCGxuZc+n16v4qKU29L99flBmym9ZxlXVcNcib/i4uVaWw+FXea1nmK/PT
MPAs8+xX0jnH2BjjFIRMby8DvrbyMcfoJgGY9C/H
-----END CERTIFICATE-----
Generated at Mon Oct 20 19:12:17 2025 by rpki-client