$ rpki-client -vvf rpki.apnic.net/member_repository/A9171B1A/51FFC4E4F41111E9A435B04CC4F9AE02/6E3B1338F41211E9AAF5924EC4F9AE02.roa File: 6E3B1338F41211E9AAF5924EC4F9AE02.roa (raw, json) Hash identifier: crrlwPJBnOLvYmfJKxmn3crboPF6B78h7qVd3khCwOc= Subject key identifier: C3:A9:09:F9:3D:D8:D9:06:0E:CC:00:3B:83:F2:3B:59:B7:CF:16:A3 Certificate issuer: /CN=A9171B1A/serialNumber=918E7289E28C1A4922A23CB565BD821B7E20A611 Certificate serial: 0CDA Authority key identifier: 91:8E:72:89:E2:8C:1A:49:22:A2:3C:B5:65:BD:82:1B:7E:20:A6:11 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kY5yieKMGkkiojy1Zb2CG34gphE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9171B1A/51FFC4E4F41111E9A435B04CC4F9AE02/6E3B1338F41211E9AAF5924EC4F9AE02.roa Signing time: Mon 08 Sep 2025 18:28:11 +0000 ROA not before: Mon 08 Sep 2025 18:28:11 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 63526 IP address blocks: 103.101.197.0/24 maxlen: 24 103.101.199.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9171B1A/51FFC4E4F41111E9A435B04CC4F9AE02/kY5yieKMGkkiojy1Zb2CG34gphE.crl rsync://rpki.apnic.net/member_repository/A9171B1A/51FFC4E4F41111E9A435B04CC4F9AE02/kY5yieKMGkkiojy1Zb2CG34gphE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kY5yieKMGkkiojy1Zb2CG34gphE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 18:47:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3290 (0xcda) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9171B1A, serialNumber=918E7289E28C1A4922A23CB565BD821B7E20A611 Validity Not Before: Sep 8 18:28:11 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68bf203a-b95d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:42:86:e6:bb:aa:3f:2c:9f:c0:bf:ea:9f:51: 26:af:74:b1:c8:43:71:93:7c:53:85:d6:72:b3:05: 75:c7:8a:56:b7:47:0b:56:e3:ba:c7:c7:43:54:6d: ba:2c:8f:11:53:81:76:ca:c8:87:16:fb:02:9d:87: c1:98:69:52:4a:46:b2:f8:b2:9a:10:66:b0:c0:e1: a4:ef:b2:6f:7a:7b:83:09:4e:47:35:0c:de:1e:25: 9a:61:42:46:20:60:0c:eb:21:fd:21:0f:c3:fe:48: 26:47:fd:f2:2d:90:20:93:3c:f1:c8:2e:89:1e:70: e5:72:8f:18:33:aa:91:01:30:3d:b2:d8:18:0a:cb: 6e:a2:d9:69:76:c4:c5:47:bd:f3:46:d6:51:d8:fa: 5e:3b:06:db:db:77:40:56:9b:0b:09:5b:9a:fd:85: 0f:44:4e:c7:9d:d8:9c:3a:d9:fa:d3:bf:7e:8a:c9: d7:c4:52:a5:8c:23:33:9f:96:34:8b:f1:1b:74:ce: 1f:fd:ed:f9:36:1f:90:d3:ea:8e:86:48:1c:2b:c9: 03:9b:1a:63:94:c7:47:00:ca:3c:fa:c7:9e:34:f8: a4:9a:dc:b5:cf:70:ed:fc:0b:92:61:94:c9:ab:3e: d8:83:72:88:db:f3:f0:2c:93:82:65:92:cf:f2:9b: fa:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:A9:09:F9:3D:D8:D9:06:0E:CC:00:3B:83:F2:3B:59:B7:CF:16:A3 X509v3 Authority Key Identifier: keyid:91:8E:72:89:E2:8C:1A:49:22:A2:3C:B5:65:BD:82:1B:7E:20:A6:11 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9171B1A/51FFC4E4F41111E9A435B04CC4F9AE02/kY5yieKMGkkiojy1Zb2CG34gphE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kY5yieKMGkkiojy1Zb2CG34gphE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171B1A/51FFC4E4F41111E9A435B04CC4F9AE02/6E3B1338F41211E9AAF5924EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.101.197.0/24 103.101.199.0/24 Signature Algorithm: sha256WithRSAEncryption 24:00:46:a5:ec:0d:0f:1f:e6:2f:16:90:0d:b2:7c:6a:38:51: a1:6c:21:52:49:25:a0:2f:d7:f9:86:65:ea:b0:2e:b0:b5:a9: 5f:fe:24:03:9b:5d:28:0c:8d:61:06:f3:0d:27:ca:43:35:eb: b2:de:f9:6d:c3:b0:7d:df:c0:5e:f7:a3:42:1e:35:43:91:66: f5:47:ed:b3:b7:32:ce:5b:c5:62:f6:c2:8f:ae:5b:f4:cf:ba: f4:30:79:e1:37:fc:80:c3:32:4e:e7:3e:7c:d1:91:d9:6c:27: ea:5c:3f:25:b6:94:0e:85:f6:0f:3a:4a:94:c1:12:f2:96:62: 9c:f7:10:69:0a:3b:0b:fd:fe:73:62:11:4d:71:17:99:d5:26: 47:2d:75:91:21:b0:32:09:21:ac:4c:bb:d8:83:15:d5:fc:6a: 6e:dc:36:b9:ff:9a:5f:3f:e4:3d:7b:07:59:6b:04:ca:c0:5d: ac:42:86:96:b5:b6:d6:ec:97:7e:69:54:b7:d2:03:16:3f:1e: f3:21:23:97:4b:da:14:03:b7:7e:d4:13:ef:90:99:67:f1:c2: 1c:df:ef:83:f1:88:bb:5a:9d:76:46:6c:d5:a2:16:ac:db:b3: 92:c3:da:86:51:e6:c4:1a:ff:ba:29:f0:00:87:a1:2e:b8:6e: 9b:90:78:01 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICDNowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzFCMUExMTAvBgNVBAUTKDkxOEU3Mjg5RTI4QzFBNDkyMkEyM0NCNTY1QkQ4MjFC N0UyMEE2MTEwHhcNMjUwOTA4MTgyODExWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGJmMjAzYS1iOTVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1EKG5ruqPyyfwL/qn1Emr3SxyENxk3xThdZyswV1x4pWt0cLVuO6x8dDVG26 LI8RU4F2ysiHFvsCnYfBmGlSSkay+LKaEGawwOGk77JvenuDCU5HNQzeHiWaYUJG IGAM6yH9IQ/D/kgmR/3yLZAgkzzxyC6JHnDlco8YM6qRATA9stgYCstuotlpdsTF R73zRtZR2PpeOwbb23dAVpsLCVua/YUPRE7HndicOtn6079+isnXxFKljCMzn5Y0 i/EbdM4f/e35Nh+Q0+qOhkgcK8kDmxpjlMdHAMo8+seeNPikmty1z3Dt/AuSYZTJ qz7Yg3KI2/PwLJOCZZLP8pv6aQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFMOpCfk9 2NkGDswAO4PyO1m3zxajMB8GA1UdIwQYMBaAFJGOconijBpJIqI8tWW9ght+IKYR MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MUIxQS81MUZGQzRFNEY0 MTExMUU5QTQzNUIwNENDNEY5QUUwMi9rWTV5aWVLTUdra2lvankxWmIyQ0czNGdw aEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tZNXlpZUtNR2traW9qeTFaYjJDRzM0Z3BoRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzFCMUEvNTFGRkM0RTRGNDExMTFFOUE0MzVCMDRDQzRGOUFFMDIvNkUzQjEzMzhG NDEyMTFFOUFBRjU5MjRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBABnZcUDBABnZccwDQYJKoZIhvcNAQELBQADggEBACQARqXs DQ8f5i8WkA2yfGo4UaFsIVJJJaAv1/mGZeqwLrC1qV/+JAObXSgMjWEG8w0nykM1 67Le+W3DsH3fwF73o0IeNUORZvVH7bO3Ms5bxWL2wo+uW/TPuvQweeE3/IDDMk7n PnzRkdlsJ+pcPyW2lA6F9g86SpTBEvKWYpz3EGkKOwv9/nNiEU1xF5nVJkctdZEh sDIJIaxMu9iDFdX8am7cNrn/ml8/5D17B1lrBMrAXaxChpa1ttbsl35pVLfSAxY/ HvMhI5dL2hQDt37UE++QmWfxwhzf74PxiLtanXZGbNWiFqzbs5LD2oZR5sQa/7op 8ACHoS64bpuQeAE= -----END CERTIFICATE-----Generated at Mon Oct 20 19:11:31 2025 by rpki-client