$ rpki-client -vvf rpki.apnic.net/member_repository/A917C0CC/8FCCC7F88F5711F09C51EC3BC4F9AE02/B339551A8F5911F0AFB88342C4F9AE02.roa File: B339551A8F5911F0AFB88342C4F9AE02.roa (raw, json) Hash identifier: CNeskz25yAbEaxsLMjegHDJiYGePQTzaDUtY7werUEc= Subject key identifier: 2F:96:D3:BF:C1:45:57:9D:96:8C:66:3C:B0:5B:72:46:32:64:F9:95 Certificate issuer: /CN=A917C0CC/serialNumber=0DCAFAC145B22F1560780166CD1F151504EEF8A1 Certificate serial: 08 Authority key identifier: 0D:CA:FA:C1:45:B2:2F:15:60:78:01:66:CD:1F:15:15:04:EE:F8:A1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Dcr6wUWyLxVgeAFmzR8VFQTu-KE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917C0CC/8FCCC7F88F5711F09C51EC3BC4F9AE02/B339551A8F5911F0AFB88342C4F9AE02.roa Signing time: Thu 11 Sep 2025 21:53:07 +0000 ROA not before: Thu 11 Sep 2025 21:53:07 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 16509 IP address blocks: 103.237.104.0/24 maxlen: 24 103.237.105.0/24 maxlen: 24 103.237.106.0/24 maxlen: 24 103.237.107.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917C0CC/8FCCC7F88F5711F09C51EC3BC4F9AE02/Dcr6wUWyLxVgeAFmzR8VFQTu-KE.crl rsync://rpki.apnic.net/member_repository/A917C0CC/8FCCC7F88F5711F09C51EC3BC4F9AE02/Dcr6wUWyLxVgeAFmzR8VFQTu-KE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Dcr6wUWyLxVgeAFmzR8VFQTu-KE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 11:28:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8 (0x8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917C0CC, serialNumber=0DCAFAC145B22F1560780166CD1F151504EEF8A1 Validity Not Before: Sep 11 21:53:07 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=68c344c3-6d88 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:e9:d1:49:62:07:28:a6:79:8c:b1:f6:af:c3: da:bc:c2:a2:ea:e0:f9:a2:34:c3:bf:8e:c1:e1:cc: 57:8b:18:c2:2e:05:3c:84:55:0b:a9:f2:89:a0:f1: 8f:2d:2b:5b:0c:19:4a:de:44:f4:f9:74:5a:a7:07: c2:ba:a4:26:00:08:58:2d:0d:72:eb:54:66:fa:cb: fe:50:5a:82:69:4e:12:db:49:11:1f:3c:87:29:a5: 3d:8a:aa:a8:d8:87:f2:40:70:35:28:1c:d4:4f:ac: c1:b4:6a:b5:60:00:ce:a2:6e:3b:88:96:fa:aa:11: 01:bb:a0:e1:c8:6a:79:21:c3:f9:34:bc:b3:38:cd: 9f:db:c4:ab:55:bf:09:0f:ee:fc:ff:ac:14:82:49: e4:dc:70:66:e7:c0:65:80:59:fb:f4:c7:3e:4c:7f: da:83:5f:8d:d8:3b:c5:5d:af:e6:d4:25:78:7a:0b: b0:0f:b3:5b:6f:14:5c:9a:c0:f3:41:60:3f:dd:2d: 20:02:d2:29:84:fa:c5:2b:57:de:2e:7b:4e:94:07: e4:ed:f0:66:de:9c:73:e5:04:33:8e:da:74:95:d1: ae:03:e5:2c:ac:0a:db:18:e1:20:6f:f8:00:d1:a5: ef:60:80:06:b8:35:2a:cc:7c:bc:7f:73:71:eb:2a: 88:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:96:D3:BF:C1:45:57:9D:96:8C:66:3C:B0:5B:72:46:32:64:F9:95 X509v3 Authority Key Identifier: keyid:0D:CA:FA:C1:45:B2:2F:15:60:78:01:66:CD:1F:15:15:04:EE:F8:A1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917C0CC/8FCCC7F88F5711F09C51EC3BC4F9AE02/Dcr6wUWyLxVgeAFmzR8VFQTu-KE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Dcr6wUWyLxVgeAFmzR8VFQTu-KE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C0CC/8FCCC7F88F5711F09C51EC3BC4F9AE02/B339551A8F5911F0AFB88342C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.237.104.0/22 Signature Algorithm: sha256WithRSAEncryption 6b:00:ab:f6:8f:d0:6c:f5:9f:77:6c:22:ca:72:92:47:1f:74: d0:95:12:9e:38:52:ff:8f:9a:34:2b:36:a5:1b:7b:c7:b2:b0: 7d:17:bf:09:fe:d2:b4:19:a7:22:af:c3:59:02:79:ac:b6:a0: 30:8b:a7:f0:98:76:cd:0a:4b:6b:9b:03:f3:6a:3e:65:e4:bd: ef:9c:db:31:2b:a9:13:04:b9:7a:9d:5c:5d:b8:a2:c4:a8:3c: 1e:c7:a2:8b:17:47:d0:8e:3b:e5:50:04:e5:7c:39:1a:de:1c: 77:95:98:38:a7:e5:6f:fb:ec:44:fa:9b:bb:ac:dd:4c:cb:82: 91:17:09:d5:35:43:4a:4d:89:32:a2:2b:e4:85:b7:75:c4:14: 9f:fe:d7:57:36:74:b5:88:25:7a:74:c4:e8:f2:8a:3e:52:ed: 20:02:2e:14:48:0d:2d:29:de:c4:bf:60:6d:fe:ba:96:1e:90: d8:0c:e5:6c:5e:fe:fb:5d:13:f5:b3:4c:2b:80:13:a1:fc:85: 27:72:6e:7d:0e:2d:93:f2:19:d4:36:f3:e3:32:28:ad:2e:6a: cf:85:85:1e:42:a8:67:b5:e2:42:0a:bd:6b:df:36:16:ff:8a: e2:a3:90:a4:3e:3c:4e:dc:e1:4f:57:d8:46:b1:ae:02:e8:11: 22:ce:e5:e1 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBCDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 QzBDQzExMC8GA1UEBRMoMERDQUZBQzE0NUIyMkYxNTYwNzgwMTY2Q0QxRjE1MTUw NEVFRjhBMTAeFw0yNTA5MTEyMTUzMDdaFw0yNjA4MzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4YzM0NGMzLTZkODgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDa6dFJYgcopnmMsfavw9q8wqLq4PmiNMO/jsHhzFeLGMIuBTyEVQup8omg8Y8t K1sMGUreRPT5dFqnB8K6pCYACFgtDXLrVGb6y/5QWoJpThLbSREfPIcppT2KqqjY h/JAcDUoHNRPrMG0arVgAM6ibjuIlvqqEQG7oOHIankhw/k0vLM4zZ/bxKtVvwkP 7vz/rBSCSeTccGbnwGWAWfv0xz5Mf9qDX43YO8Vdr+bUJXh6C7APs1tvFFyawPNB YD/dLSAC0imE+sUrV94ue06UB+Tt8GbenHPlBDOO2nSV0a4D5SysCtsY4SBv+ADR pe9ggAa4NSrMfLx/c3HrKogdAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUL5bTv8FF V52WjGY8sFtyRjJk+ZUwHwYDVR0jBBgwFoAUDcr6wUWyLxVgeAFmzR8VFQTu+KEw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdDMENDLzhGQ0NDN0Y4OEY1 NzExRjA5QzUxRUMzQkM0RjlBRTAyL0RjcjZ3VVd5THhWZ2VBRm16UjhWRlFUdS1L RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvRGNyNndVV3lMeFZnZUFGbXpSOFZGUVR1LUtFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QzBDQy84RkNDQzdGODhGNTcxMUYwOUM1MUVDM0JDNEY5QUUwMi9CMzM5NTUxQThG NTkxMUYwQUZCODgzNDJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAmftaDANBgkqhkiG9w0BAQsFAAOCAQEAawCr9o/QbPWfd2wi ynKSRx900JUSnjhS/4+aNCs2pRt7x7KwfRe/Cf7StBmnIq/DWQJ5rLagMIun8Jh2 zQpLa5sD82o+ZeS975zbMSupEwS5ep1cXbiixKg8HseiixdH0I475VAE5Xw5Gt4c d5WYOKflb/vsRPqbu6zdTMuCkRcJ1TVDSk2JMqIr5IW3dcQUn/7XVzZ0tYglenTE 6PKKPlLtIAIuFEgNLSnexL9gbf66lh6Q2AzlbF7++10T9bNMK4ATofyFJ3JufQ4t k/IZ1Dbz4zIorS5qz4WFHkKoZ7XiQgq9a982Fv+K4qOQpD48TtzhT1fYRrGuAugR Is7l4Q== -----END CERTIFICATE-----Generated at Mon Oct 20 22:16:52 2025 by rpki-client