$ rpki-client -vvf rpki.apnic.net/member_repository/A91829E3/C45F60DA143711EAACF9FA33C4F9AE02/7B96F1340C6011F088E6FD2FC4F9AE02.roa File: 7B96F1340C6011F088E6FD2FC4F9AE02.roa (raw, json) Hash identifier: AlkpfpZwpFAFSNpnhnUShgrrcb/AfgC29z6/e4zKojg= Subject key identifier: 0A:A7:F3:3D:42:F4:28:D0:D2:CA:36:3B:5C:B4:ED:86:3E:71:B0:18 Certificate issuer: /CN=A91829E3/serialNumber=23D20DA209C895C300EE6B659B6B1829925FBD4F Certificate serial: 0C5C Authority key identifier: 23:D2:0D:A2:09:C8:95:C3:00:EE:6B:65:9B:6B:18:29:92:5F:BD:4F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I9INognIlcMA7mtlm2sYKZJfvU8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91829E3/C45F60DA143711EAACF9FA33C4F9AE02/7B96F1340C6011F088E6FD2FC4F9AE02.roa Signing time: Tue 30 Sep 2025 07:02:30 +0000 ROA not before: Tue 30 Sep 2025 07:02:30 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 135076 IP address blocks: 43.245.244.0/22 maxlen: 24 103.208.180.0/22 maxlen: 24 103.240.248.0/22 maxlen: 24 137.59.180.0/22 maxlen: 22 137.59.180.0/23 maxlen: 23 137.59.180.0/24 maxlen: 24 137.59.181.0/24 maxlen: 24 137.59.182.0/23 maxlen: 23 137.59.182.0/24 maxlen: 24 137.59.183.0/24 maxlen: 24 221.120.96.0/21 maxlen: 24 2405:9e80::/32 maxlen: 32 2405:9e80::/36 maxlen: 36 2405:9e80:1000::/36 maxlen: 36 2405:9e80:2000::/36 maxlen: 36 2405:9e80:3000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91829E3/C45F60DA143711EAACF9FA33C4F9AE02/I9INognIlcMA7mtlm2sYKZJfvU8.crl rsync://rpki.apnic.net/member_repository/A91829E3/C45F60DA143711EAACF9FA33C4F9AE02/I9INognIlcMA7mtlm2sYKZJfvU8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I9INognIlcMA7mtlm2sYKZJfvU8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 19:16:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3164 (0xc5c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91829E3, serialNumber=23D20DA209C895C300EE6B659B6B1829925FBD4F Validity Not Before: Sep 30 07:02:30 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=68db8086-20c1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:dc:ed:8b:a1:18:9e:7c:a0:36:37:b8:dc:42: 62:12:38:8c:a2:0b:fa:45:2d:2b:80:10:39:36:83: 4a:ec:56:87:f8:87:c5:b2:60:e7:8d:44:57:9b:a4: ab:05:ed:f5:c5:d0:c3:ec:5a:5c:ac:b5:52:dc:fb: 7d:2c:16:a3:73:8a:41:84:10:37:9d:27:76:fe:59: 72:8a:66:3a:ea:99:63:4b:f0:01:bb:83:e0:3c:ce: 30:df:f9:75:14:41:27:d0:c8:36:20:1f:d1:2a:2c: c0:5f:19:08:d8:bc:81:37:be:c1:ea:08:2e:cc:1d: 3b:9f:ae:94:51:cf:87:6f:77:2c:65:92:f8:0a:7e: 69:48:8b:e7:1f:23:b5:5d:4f:6e:c1:5d:ef:08:2f: 0e:27:4f:2d:5f:42:13:2c:4f:22:78:05:08:bf:3d: 8e:70:8f:91:c1:82:cd:56:1c:be:13:36:87:13:d1: db:88:dc:f1:4e:70:cf:6f:f1:7d:99:23:81:09:90: 7e:b9:5a:a7:2a:14:af:3a:62:08:40:9c:5f:b1:ab: 24:f4:f9:ee:26:33:ae:23:c6:c7:03:84:8d:8d:34: c9:04:24:3c:3c:b4:64:32:44:33:e1:c9:d4:81:67: 8a:61:92:91:b2:02:02:ba:88:96:7f:e3:1d:b6:ad: c0:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:A7:F3:3D:42:F4:28:D0:D2:CA:36:3B:5C:B4:ED:86:3E:71:B0:18 X509v3 Authority Key Identifier: keyid:23:D2:0D:A2:09:C8:95:C3:00:EE:6B:65:9B:6B:18:29:92:5F:BD:4F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91829E3/C45F60DA143711EAACF9FA33C4F9AE02/I9INognIlcMA7mtlm2sYKZJfvU8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I9INognIlcMA7mtlm2sYKZJfvU8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91829E3/C45F60DA143711EAACF9FA33C4F9AE02/7B96F1340C6011F088E6FD2FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.245.244.0/22 103.208.180.0/22 103.240.248.0/22 137.59.180.0/22 221.120.96.0/21 IPv6: 2405:9e80::/32 Signature Algorithm: sha256WithRSAEncryption 67:7f:7e:c6:ee:2f:59:04:32:76:0c:14:86:fe:46:25:63:da: ad:ae:a3:85:a1:10:db:03:b5:8b:44:fe:ac:9f:7e:82:3d:09: 88:a9:c1:e0:f3:ee:05:27:f1:16:1e:24:12:3a:81:c6:25:be: 18:62:e7:54:72:48:9d:0a:e7:fd:fb:db:b5:34:f1:bf:3a:6a: 38:82:e1:73:6e:88:94:3b:ea:46:09:e3:33:f1:7f:97:b9:ca: 81:33:6c:c2:57:e3:a3:34:1f:eb:c2:54:6a:ac:6e:33:df:f5: f2:87:9a:83:e8:87:5b:96:45:41:c6:89:4f:ff:5d:2d:e0:db: 6a:8d:00:aa:8c:c7:2c:66:45:37:ce:83:3d:42:2c:c7:81:74: 2c:c1:74:21:74:7c:a7:74:59:91:68:ec:a0:15:ea:98:fd:08: 16:e6:14:27:9b:ac:cd:96:7e:ef:7e:5e:4e:1a:9b:66:fe:75: 03:57:14:ff:41:6d:82:98:3e:df:8a:37:cf:99:b5:67:4f:ec: aa:5f:b0:3d:36:4e:bc:9b:cd:0a:80:72:c5:c9:21:79:77:cf: 9a:39:1d:fc:cc:12:0c:aa:ae:09:74:2f:26:86:a3:2a:30:64: dc:8d:c5:c0:73:c6:76:ca:a6:2f:59:11:34:ad:70:97:c0:56: 18:35:f8:35 -----BEGIN CERTIFICATE----- MIIFmDCCBICgAwIBAgICDFwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODI5RTMxMTAvBgNVBAUTKDIzRDIwREEyMDlDODk1QzMwMEVFNkI2NTlCNkIxODI5 OTI1RkJENEYwHhcNMjUwOTMwMDcwMjMwWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGRiODA4Ni0yMGMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0tzti6EYnnygNje43EJiEjiMogv6RS0rgBA5NoNK7FaH+IfFsmDnjURXm6Sr Be31xdDD7FpcrLVS3Pt9LBajc4pBhBA3nSd2/llyimY66pljS/ABu4PgPM4w3/l1 FEEn0Mg2IB/RKizAXxkI2LyBN77B6gguzB07n66UUc+Hb3csZZL4Cn5pSIvnHyO1 XU9uwV3vCC8OJ08tX0ITLE8ieAUIvz2OcI+RwYLNVhy+EzaHE9HbiNzxTnDPb/F9 mSOBCZB+uVqnKhSvOmIIQJxfsask9PnuJjOuI8bHA4SNjTTJBCQ8PLRkMkQz4cnU gWeKYZKRsgICuoiWf+Mdtq3AyQIDAQABo4ICvDCCArgwHQYDVR0OBBYEFAqn8z1C 9CjQ0so2O1y07YY+cbAYMB8GA1UdIwQYMBaAFCPSDaIJyJXDAO5rZZtrGCmSX71P MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MjlFMy9DNDVGNjBEQTE0 MzcxMUVBQUNGOUZBMzNDNEY5QUUwMi9JOUlOb2duSWxjTUE3bXRsbTJzWUtaSmZ2 VTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0k5SU5vZ25JbGNNQTdtdGxtMnNZS1pKZnZVOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODI5RTMvQzQ1RjYwREExNDM3MTFFQUFDRjlGQTMzQzRGOUFFMDIvN0I5NkYxMzQw QzYwMTFGMDg4RTZGRDJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E NzA1MCQEAgABMB4DBAIr9fQDBAJn0LQDBAJn8PgDBAKJO7QDBAPdeGAwDQQCAAIw BwMFACQFnoAwDQYJKoZIhvcNAQELBQADggEBAGd/fsbuL1kEMnYMFIb+RiVj2q2u o4WhENsDtYtE/qyffoI9CYipweDz7gUn8RYeJBI6gcYlvhhi51RySJ0K5/3727U0 8b86ajiC4XNuiJQ76kYJ4zPxf5e5yoEzbMJX46M0H+vCVGqsbjPf9fKHmoPoh1uW RUHGiU//XS3g22qNAKqMxyxmRTfOgz1CLMeBdCzBdCF0fKd0WZFo7KAV6pj9CBbm FCebrM2Wfu9+Xk4am2b+dQNXFP9BbYKYPt+KN8+ZtWdP7KpfsD02TrybzQqAcsXJ IXl3z5o5HfzMEgyqrgl0LyaGoyowZNyNxcBzxnbKpi9ZETStcJfAVhg1+DU= -----END CERTIFICATE-----Generated at Mon Oct 20 22:03:42 2025 by rpki-client