$ rpki-client -vvf rpki.apnic.net/member_repository/A9191D22/284001EC7B1F11EA858BCD86C4F9AE02/047A427C7E2B11EAB1B5B00DC4F9AE02.roa File: 047A427C7E2B11EAB1B5B00DC4F9AE02.roa (raw, json) Hash identifier: qNWD2C952dubOnEkDzfs2dYV+ifzVAe5Nh++PHh3QCg= Subject key identifier: DD:11:50:3A:34:12:6E:F3:07:A7:A7:B2:C6:AE:B0:BD:91:82:76:06 Certificate issuer: /CN=A9191D22/serialNumber=CCFBA0B3993930EB13B7A259272AA811F8744B23 Certificate serial: 0A32 Authority key identifier: CC:FB:A0:B3:99:39:30:EB:13:B7:A2:59:27:2A:A8:11:F8:74:4B:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zPugs5k5MOsTt6JZJyqoEfh0SyM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9191D22/284001EC7B1F11EA858BCD86C4F9AE02/047A427C7E2B11EAB1B5B00DC4F9AE02.roa Signing time: Tue 30 Sep 2025 20:21:40 +0000 ROA not before: Tue 30 Sep 2025 20:21:40 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 135337 IP address blocks: 103.94.158.0/23 maxlen: 24 103.198.8.0/23 maxlen: 24 2001:df0:8a00::/48 maxlen: 48 2406:6840::/32 maxlen: 32 2406:6840:8::/48 maxlen: 48 2406:6840:a::/48 maxlen: 48 2406:6840:c::/48 maxlen: 48 2406:6840:e::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9191D22/284001EC7B1F11EA858BCD86C4F9AE02/zPugs5k5MOsTt6JZJyqoEfh0SyM.crl rsync://rpki.apnic.net/member_repository/A9191D22/284001EC7B1F11EA858BCD86C4F9AE02/zPugs5k5MOsTt6JZJyqoEfh0SyM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zPugs5k5MOsTt6JZJyqoEfh0SyM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 20:44:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2610 (0xa32) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9191D22, serialNumber=CCFBA0B3993930EB13B7A259272AA811F8744B23 Validity Not Before: Sep 30 20:21:40 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68dc3bd4-519d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:97:cc:df:29:71:03:b2:5b:0b:8b:d2:08:7b: e0:80:d5:9f:72:49:66:6f:c5:11:50:6f:cf:ea:7b: d1:d7:a8:43:84:eb:49:38:5a:14:f0:97:bb:5d:52: 01:54:c0:9d:7f:5f:ea:f6:83:2b:34:57:4c:30:e4: de:3e:ed:36:84:5a:a7:8c:49:7d:e4:92:0e:ed:26: f6:ed:69:18:f2:0c:a4:e4:92:ea:80:6c:f8:90:ef: 3d:25:f2:24:d2:2a:49:76:bb:c1:0e:9e:cd:60:16: dd:05:75:e5:af:b2:a5:9f:b9:03:e5:19:f4:a9:69: 6f:d1:ec:eb:1a:90:8a:29:7c:1f:37:a3:a2:28:b2: fc:2f:3c:c1:32:d8:43:45:7b:63:a9:06:9b:5f:60: 3f:52:9d:ac:f0:cc:2d:1e:44:1d:8c:67:e9:22:f5: d4:5b:ba:87:de:1e:00:1c:6e:58:0f:89:a9:09:89: 4f:1c:eb:04:11:05:81:9e:8f:56:44:5f:a4:b5:46: 7e:76:79:9d:7c:f8:db:17:08:7a:4d:8f:32:ac:3c: 36:30:5b:8a:33:ab:ee:e3:be:5f:ff:9e:09:08:9c: e7:3d:d6:a1:a7:99:15:2a:78:7d:8d:79:d0:10:c4: 07:6e:de:54:6a:9c:8a:30:4d:ef:2d:61:84:d7:f6: 36:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:11:50:3A:34:12:6E:F3:07:A7:A7:B2:C6:AE:B0:BD:91:82:76:06 X509v3 Authority Key Identifier: keyid:CC:FB:A0:B3:99:39:30:EB:13:B7:A2:59:27:2A:A8:11:F8:74:4B:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9191D22/284001EC7B1F11EA858BCD86C4F9AE02/zPugs5k5MOsTt6JZJyqoEfh0SyM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zPugs5k5MOsTt6JZJyqoEfh0SyM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9191D22/284001EC7B1F11EA858BCD86C4F9AE02/047A427C7E2B11EAB1B5B00DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.94.158.0/23 103.198.8.0/23 IPv6: 2001:df0:8a00::/48 2406:6840::/32 Signature Algorithm: sha256WithRSAEncryption 56:0e:59:77:fe:ba:d5:c1:99:89:b6:95:3f:4a:e8:67:e0:6f: 11:3d:da:45:0d:16:47:08:2e:6f:73:53:5e:38:b7:2a:9c:f1: f1:3a:3e:ba:e3:74:9f:0b:bb:19:2f:e4:e1:65:f4:4f:b5:cd: 08:11:1e:18:32:cf:51:a9:ca:97:21:9e:5a:63:c9:f6:be:af: 01:51:11:f4:39:1b:a6:6e:ac:3a:62:4e:99:85:d0:d7:f8:c7: 2c:bb:42:00:f1:9f:ca:ba:01:7d:fd:c3:f9:69:ff:f0:6a:19: 9f:fe:c6:10:c8:6d:97:96:b3:99:b7:3a:f3:2f:38:f7:d4:64: c1:94:14:0e:11:24:99:83:3d:c1:cd:41:f0:50:96:af:4a:cb: d9:51:be:e9:da:fc:c4:b6:d8:8f:85:d5:bc:81:c6:44:5f:8b: 4c:91:ab:2d:80:fc:ae:f0:fb:4f:4c:36:4d:e3:be:9a:ac:a8: 21:c7:e6:66:93:4e:9d:46:56:ca:a6:d5:76:1b:e0:ac:c1:d9: a4:8f:c4:16:99:99:dd:31:e4:10:b8:5c:85:00:d2:ce:bc:aa: 8b:2a:b7:72:d5:ee:6f:db:5f:a1:9f:61:81:44:29:d1:8a:1e: 46:40:f2:f5:3b:04:e7:cd:b1:b4:91:67:92:86:64:a3:69:f1: 9e:c2:f8:61 -----BEGIN CERTIFICATE----- MIIFjzCCBHegAwIBAgICCjIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTFEMjIxMTAvBgNVBAUTKENDRkJBMEIzOTkzOTMwRUIxM0I3QTI1OTI3MkFBODEx Rjg3NDRCMjMwHhcNMjUwOTMwMjAyMTQwWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGRjM2JkNC01MTlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuJfM3ylxA7JbC4vSCHvggNWfcklmb8URUG/P6nvR16hDhOtJOFoU8Je7XVIB VMCdf1/q9oMrNFdMMOTePu02hFqnjEl95JIO7Sb27WkY8gyk5JLqgGz4kO89JfIk 0ipJdrvBDp7NYBbdBXXlr7Kln7kD5Rn0qWlv0ezrGpCKKXwfN6OiKLL8LzzBMthD RXtjqQabX2A/Up2s8MwtHkQdjGfpIvXUW7qH3h4AHG5YD4mpCYlPHOsEEQWBno9W RF+ktUZ+dnmdfPjbFwh6TY8yrDw2MFuKM6vu475f/54JCJznPdahp5kVKnh9jXnQ EMQHbt5UapyKME3vLWGE1/Y2lwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFN0RUDo0 Em7zB6enssausL2RgnYGMB8GA1UdIwQYMBaAFMz7oLOZOTDrE7eiWScqqBH4dEsj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MUQyMi8yODQwMDFFQzdC MUYxMUVBODU4QkNEODZDNEY5QUUwMi96UHVnczVrNU1Pc1R0NkpaSnlxb0VmaDBT eU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3pQdWdzNWs1TU9zVHQ2SlpKeXFvRWZoMFN5TS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTFEMjIvMjg0MDAxRUM3QjFGMTFFQTg1OEJDRDg2QzRGOUFFMDIvMDQ3QTQyN0M3 RTJCMTFFQUIxQjVCMDBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E LjAsMBIEAgABMAwDBAFnXp4DBAFnxggwFgQCAAIwEAMHACABDfCKAAMFACQGaEAw DQYJKoZIhvcNAQELBQADggEBAFYOWXf+utXBmYm2lT9K6GfgbxE92kUNFkcILm9z U144tyqc8fE6PrrjdJ8Luxkv5OFl9E+1zQgRHhgyz1Gpypchnlpjyfa+rwFREfQ5 G6ZurDpiTpmF0Nf4xyy7QgDxn8q6AX39w/lp//BqGZ/+xhDIbZeWs5m3OvMvOPfU ZMGUFA4RJJmDPcHNQfBQlq9Ky9lRvuna/MS22I+F1byBxkRfi0yRqy2A/K7w+09M Nk3jvpqsqCHH5maTTp1GVsqm1XYb4KzB2aSPxBaZmd0x5BC4XIUA0s68qosqt3LV 7m/bX6GfYYFEKdGKHkZA8vU7BOfNsbSRZ5KGZKNp8Z7C+GE= -----END CERTIFICATE-----Generated at Mon Oct 20 10:46:35 2025 by rpki-client