$ rpki-client -vvf rpki.apnic.net/member_repository/A91789F9/FD806BA2CC1311EC827A2687C4F9AE02/41789B66CC1611EC80603209C4F9AE02.roa File: 41789B66CC1611EC80603209C4F9AE02.roa (raw, json) Hash identifier: ERhWo0W4P0/i1i0Btr7k8IVeQA2SJMiw/31p7bzmBlQ= Subject key identifier: 22:40:49:7B:16:75:47:7D:CA:D2:A9:58:E2:70:0C:AC:74:AE:8A:7E Certificate issuer: /CN=A91789F9/serialNumber=5BA8D05DC99A9310462C63C5D0269F5E885E489D Certificate serial: 0367 Authority key identifier: 5B:A8:D0:5D:C9:9A:93:10:46:2C:63:C5:D0:26:9F:5E:88:5E:48:9D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/W6jQXcmakxBGLGPF0CafXoheSJ0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91789F9/FD806BA2CC1311EC827A2687C4F9AE02/41789B66CC1611EC80603209C4F9AE02.roa Signing time: Mon 29 Sep 2025 01:28:26 +0000 ROA not before: Mon 29 Sep 2025 01:28:26 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 58606 IP address blocks: 103.196.68.0/24 maxlen: 24 103.196.69.0/24 maxlen: 24 103.196.70.0/24 maxlen: 24 103.196.71.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91789F9/FD806BA2CC1311EC827A2687C4F9AE02/W6jQXcmakxBGLGPF0CafXoheSJ0.crl rsync://rpki.apnic.net/member_repository/A91789F9/FD806BA2CC1311EC827A2687C4F9AE02/W6jQXcmakxBGLGPF0CafXoheSJ0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/W6jQXcmakxBGLGPF0CafXoheSJ0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 02:56:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 871 (0x367) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91789F9, serialNumber=5BA8D05DC99A9310462C63C5D0269F5E885E489D Validity Not Before: Sep 29 01:28:26 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68d9e0ba-f98f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:73:f7:4e:1c:2b:5f:30:68:af:ca:5f:8f:85: e4:2c:71:f9:a9:c2:b7:be:9b:df:9d:eb:05:51:85: 36:d4:e8:ab:74:06:2a:6c:c5:8d:1f:95:d6:70:ce: e6:cf:98:0e:73:47:01:53:f3:5d:57:ba:60:d0:57: 98:a3:35:96:f6:d6:b2:f4:fe:a4:a3:86:42:35:31: 74:83:ff:a0:ae:f9:f7:2d:5a:87:50:47:60:5f:fa: 5d:3f:9a:d8:4d:07:2e:9a:ba:a6:07:cb:67:c8:ef: 4a:2b:63:f9:b5:f0:df:1c:1b:80:91:84:04:f2:c0: a4:97:bb:63:b0:ce:77:c3:52:d4:88:60:1d:d5:f7: cf:74:9e:f5:2d:17:2c:21:90:86:b8:b6:c6:61:98: ff:48:20:fc:92:2a:d2:79:7f:48:fd:93:cb:ec:9a: 13:42:ec:9a:04:79:55:e3:fc:62:32:c1:a4:6d:48: d8:7b:c4:73:a3:20:3c:61:09:d8:eb:33:b1:9f:f3: 39:16:74:2c:02:9e:bb:8a:da:e6:51:31:2b:44:b9: 1c:8a:ca:7d:ca:dd:e2:96:44:6f:32:61:5d:1f:0f: 97:ea:47:1b:37:fc:99:4e:f3:59:0b:1e:20:c0:cc: 44:13:a3:d7:a5:85:cb:f2:ae:f6:54:a9:d4:be:76: 72:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:40:49:7B:16:75:47:7D:CA:D2:A9:58:E2:70:0C:AC:74:AE:8A:7E X509v3 Authority Key Identifier: keyid:5B:A8:D0:5D:C9:9A:93:10:46:2C:63:C5:D0:26:9F:5E:88:5E:48:9D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91789F9/FD806BA2CC1311EC827A2687C4F9AE02/W6jQXcmakxBGLGPF0CafXoheSJ0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/W6jQXcmakxBGLGPF0CafXoheSJ0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91789F9/FD806BA2CC1311EC827A2687C4F9AE02/41789B66CC1611EC80603209C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.196.68.0/22 Signature Algorithm: sha256WithRSAEncryption 59:34:18:83:0e:ba:ef:8e:3c:35:95:d3:ce:e0:bd:65:89:a1: 35:8d:fa:24:c7:30:54:d5:32:a1:4b:a8:1b:19:cb:e3:9c:4b: a8:6c:af:69:41:a3:c2:bb:14:e8:e6:38:80:89:65:b3:20:8e: 1a:a9:d7:7b:46:b3:fb:2c:20:ff:3a:c5:07:78:8e:f2:b2:c3: 9b:ba:c0:8c:4c:f7:90:e6:23:be:6f:6f:2d:74:0d:0a:69:70: 8c:4b:b9:a9:53:62:41:07:ed:bb:9d:c6:71:db:ca:ec:50:de: 06:14:2e:e1:db:10:72:47:f8:3a:dc:e9:ee:07:f9:0c:65:72: e3:69:b2:a3:29:12:4b:ec:b5:a0:0d:21:34:80:e9:c2:3a:0a: b9:9f:ee:ad:2a:5d:ea:78:69:0e:77:8b:33:20:2a:dd:60:68: 9a:f9:00:40:b1:07:1b:13:0d:23:01:19:7e:ff:30:9e:14:8d: 08:db:c3:9d:6e:0b:0a:68:49:4a:17:66:5b:dd:f5:17:66:7c: 0f:d9:df:98:92:a9:7b:bc:e8:38:c5:d5:c1:38:a6:ef:a8:99: 8b:27:2f:32:98:65:b8:88:96:9d:22:09:1d:15:c9:23:59:1a: 7d:5b:46:24:49:c2:3b:eb:4d:a4:65:af:76:85:a9:5b:38:ff: 11:fe:7a:ac -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICA2cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Nzg5RjkxMTAvBgNVBAUTKDVCQThEMDVEQzk5QTkzMTA0NjJDNjNDNUQwMjY5RjVF ODg1RTQ4OUQwHhcNMjUwOTI5MDEyODI2WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGQ5ZTBiYS1mOThmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA9XP3ThwrXzBor8pfj4XkLHH5qcK3vpvfnesFUYU21OirdAYqbMWNH5XWcM7m z5gOc0cBU/NdV7pg0FeYozWW9tay9P6ko4ZCNTF0g/+grvn3LVqHUEdgX/pdP5rY TQcumrqmB8tnyO9KK2P5tfDfHBuAkYQE8sCkl7tjsM53w1LUiGAd1ffPdJ71LRcs IZCGuLbGYZj/SCD8kirSeX9I/ZPL7JoTQuyaBHlV4/xiMsGkbUjYe8RzoyA8YQnY 6zOxn/M5FnQsAp67itrmUTErRLkcisp9yt3ilkRvMmFdHw+X6kcbN/yZTvNZCx4g wMxEE6PXpYXL8q72VKnUvnZy5QIDAQABo4IClTCCApEwHQYDVR0OBBYEFCJASXsW dUd9ytKpWOJwDKx0rop+MB8GA1UdIwQYMBaAFFuo0F3JmpMQRixjxdAmn16IXkid MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3ODlGOS9GRDgwNkJBMkND MTMxMUVDODI3QTI2ODdDNEY5QUUwMi9XNmpRWGNtYWt4QkdMR1BGMENhZlhvaGVT SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1c2alFYY21ha3hCR0xHUEYwQ2FmWG9oZVNKMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Nzg5RjkvRkQ4MDZCQTJDQzEzMTFFQzgyN0EyNjg3QzRGOUFFMDIvNDE3ODlCNjZD QzE2MTFFQzgwNjAzMjA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAJnxEQwDQYJKoZIhvcNAQELBQADggEBAFk0GIMOuu+OPDWV 087gvWWJoTWN+iTHMFTVMqFLqBsZy+OcS6hsr2lBo8K7FOjmOICJZbMgjhqp13tG s/ssIP86xQd4jvKyw5u6wIxM95DmI75vby10DQppcIxLualTYkEH7budxnHbyuxQ 3gYULuHbEHJH+Drc6e4H+QxlcuNpsqMpEkvstaANITSA6cI6Crmf7q0qXep4aQ53 izMgKt1gaJr5AECxBxsTDSMBGX7/MJ4UjQjbw51uCwpoSUoXZlvd9RdmfA/Z35iS qXu86DjF1cE4pu+omYsnLzKYZbiIlp0iCR0VySNZGn1bRiRJwjvrTaRlr3aFqVs4 /xH+eqw= -----END CERTIFICATE-----Generated at Mon Oct 20 12:42:34 2025 by rpki-client