$ rpki-client -vvf rpki.apnic.net/member_repository/A9195FCB/880E634022A711EBB406CE7CC4F9AE02/A3E98D0E22A911EB96014E82C4F9AE02.roa File: A3E98D0E22A911EB96014E82C4F9AE02.roa (raw, json) Hash identifier: sWE9LUdizataLAzmIhBLPntdutpqhdEosVPOQbEaHm0= Subject key identifier: 0E:DA:53:61:34:01:67:A3:53:70:5C:AE:D3:21:B7:DA:65:CB:0F:59 Certificate issuer: /CN=A9195FCB/serialNumber=E951371DE4DCB10025484D2F14FDCDA2C6455B91 Certificate serial: 0788 Authority key identifier: E9:51:37:1D:E4:DC:B1:00:25:48:4D:2F:14:FD:CD:A2:C6:45:5B:91 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6VE3HeTcsQAlSE0vFP3NosZFW5E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9195FCB/880E634022A711EBB406CE7CC4F9AE02/A3E98D0E22A911EB96014E82C4F9AE02.roa Signing time: Wed 20 Aug 2025 06:54:56 +0000 ROA not before: Wed 20 Aug 2025 06:54:56 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 141398 IP address blocks: 103.158.62.0/23 maxlen: 23 103.158.62.0/24 maxlen: 24 103.158.63.0/24 maxlen: 24 2406:b240::/32 maxlen: 32 2406:b240:ffff::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9195FCB/880E634022A711EBB406CE7CC4F9AE02/6VE3HeTcsQAlSE0vFP3NosZFW5E.crl rsync://rpki.apnic.net/member_repository/A9195FCB/880E634022A711EBB406CE7CC4F9AE02/6VE3HeTcsQAlSE0vFP3NosZFW5E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6VE3HeTcsQAlSE0vFP3NosZFW5E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 21:38:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1928 (0x788) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9195FCB, serialNumber=E951371DE4DCB10025484D2F14FDCDA2C6455B91 Validity Not Before: Aug 20 06:54:56 2025 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=68a5713f-15e9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:75:b0:db:ac:89:0f:81:35:e1:8a:a2:30:a2: 94:3c:91:10:98:3b:ab:c7:bc:72:02:bd:ca:59:fe: c8:2c:bd:b9:95:02:51:38:9e:46:2e:39:6d:91:67: e8:05:0c:05:88:b7:1e:4d:3e:89:42:fb:47:e2:02: ee:d9:3f:82:ce:55:2d:c6:2d:bc:90:3a:f1:89:2f: 07:bf:3f:be:f6:7c:b4:ff:03:88:bf:cb:bb:8d:61: 26:e0:c9:b7:06:84:ff:b3:62:09:c9:84:59:15:53: 92:a1:17:16:a2:1b:24:a9:5b:55:0a:6e:f2:a0:f0: e4:3e:5d:c0:ea:ed:62:f8:86:1b:01:12:ad:23:1e: ae:a9:5f:eb:a2:01:b2:a9:d0:22:da:f7:ba:28:af: 02:cd:c9:fd:08:a9:d9:b6:72:84:5e:1b:bc:01:94: 4e:55:cf:94:c3:1a:6e:dd:37:53:74:6d:2f:ea:ba: 1e:89:d2:66:c2:37:16:fb:f6:c8:eb:54:4c:8d:58: a1:8f:b5:b5:74:ea:a3:3d:1d:7d:8f:89:b0:1c:11: b2:6c:12:7e:01:7f:d9:83:92:49:97:51:66:2b:ba: 49:15:6a:8c:0e:a6:92:97:74:d3:3e:0d:a3:b8:91: a7:0d:30:ee:f1:23:eb:15:73:20:f3:3a:e8:b1:ba: 10:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:DA:53:61:34:01:67:A3:53:70:5C:AE:D3:21:B7:DA:65:CB:0F:59 X509v3 Authority Key Identifier: keyid:E9:51:37:1D:E4:DC:B1:00:25:48:4D:2F:14:FD:CD:A2:C6:45:5B:91 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9195FCB/880E634022A711EBB406CE7CC4F9AE02/6VE3HeTcsQAlSE0vFP3NosZFW5E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6VE3HeTcsQAlSE0vFP3NosZFW5E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9195FCB/880E634022A711EBB406CE7CC4F9AE02/A3E98D0E22A911EB96014E82C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.158.62.0/23 IPv6: 2406:b240::/32 Signature Algorithm: sha256WithRSAEncryption 94:40:2c:f0:41:1f:ba:51:dc:c4:ea:a6:2c:6f:bc:a8:db:83: ec:05:fa:a6:43:c3:61:48:75:80:82:87:46:15:62:c4:53:be: 21:05:49:87:04:ca:f1:07:72:35:d6:04:86:28:a8:a8:f9:37: a4:ff:a6:30:9e:d8:88:f9:3d:2c:8e:3b:1e:74:fc:f4:36:40: da:0a:df:18:4d:ff:51:60:36:b9:95:dc:a9:e0:3f:61:2b:73: 53:b1:45:db:cd:54:0e:4b:2e:69:5c:8d:86:b5:2e:b6:d4:0a: ac:71:2d:c0:d4:c0:63:cf:50:38:ae:14:a4:81:8e:32:85:47: 6a:f7:f5:46:fe:25:b9:ff:de:fb:c7:11:8b:32:d4:ee:37:43: ac:2d:dc:d8:c7:7f:ea:a4:d7:58:9c:f3:53:0d:85:74:10:c5: 40:6d:a2:b8:5f:06:c3:f7:1e:86:2d:e3:7a:1c:f6:17:c3:29: 7b:f6:57:3d:dd:be:c6:af:8d:60:fe:bd:77:af:bc:0b:ab:33: e6:87:d3:06:bd:a2:50:84:61:61:fb:f2:ba:94:9e:a6:03:bb: 23:c5:91:f8:b9:76:e0:4f:18:04:90:b1:5f:08:2f:9c:83:56: 68:00:15:35:ad:ee:5c:93:40:c4:87:86:e0:f9:84:1b:01:82: 6f:50:f7:f5 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICB4gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTVGQ0IxMTAvBgNVBAUTKEU5NTEzNzFERTREQ0IxMDAyNTQ4NEQyRjE0RkRDREEy QzY0NTVCOTEwHhcNMjUwODIwMDY1NDU2WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGE1NzEzZi0xNWU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArnWw26yJD4E14YqiMKKUPJEQmDurx7xyAr3KWf7ILL25lQJROJ5GLjltkWfo BQwFiLceTT6JQvtH4gLu2T+CzlUtxi28kDrxiS8Hvz++9ny0/wOIv8u7jWEm4Mm3 BoT/s2IJyYRZFVOSoRcWohskqVtVCm7yoPDkPl3A6u1i+IYbARKtIx6uqV/rogGy qdAi2ve6KK8Czcn9CKnZtnKEXhu8AZROVc+Uwxpu3TdTdG0v6roeidJmwjcW+/bI 61RMjVihj7W1dOqjPR19j4mwHBGybBJ+AX/Zg5JJl1FmK7pJFWqMDqaSl3TTPg2j uJGnDTDu8SPrFXMg8zrosboQxQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFA7aU2E0 AWejU3BcrtMht9plyw9ZMB8GA1UdIwQYMBaAFOlRNx3k3LEAJUhNLxT9zaLGRVuR MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NUZDQi84ODBFNjM0MDIy QTcxMUVCQjQwNkNFN0NDNEY5QUUwMi82VkUzSGVUY3NRQWxTRTB2RlAzTm9zWkZX NUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzZWRTNIZVRjc1FBbFNFMHZGUDNOb3NaRlc1RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTVGQ0IvODgwRTYzNDAyMkE3MTFFQkI0MDZDRTdDQzRGOUFFMDIvQTNFOThEMEUy MkE5MTFFQjk2MDE0RTgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAFnnj4wDQQCAAIwBwMFACQGskAwDQYJKoZIhvcNAQELBQAD ggEBAJRALPBBH7pR3MTqpixvvKjbg+wF+qZDw2FIdYCCh0YVYsRTviEFSYcEyvEH cjXWBIYoqKj5N6T/pjCe2Ij5PSyOOx50/PQ2QNoK3xhN/1FgNrmV3KngP2Erc1Ox RdvNVA5LLmlcjYa1LrbUCqxxLcDUwGPPUDiuFKSBjjKFR2r39Ub+Jbn/3vvHEYsy 1O43Q6wt3NjHf+qk11ic81MNhXQQxUBtorhfBsP3HoYt43oc9hfDKXv2Vz3dvsav jWD+vXevvAurM+aH0wa9olCEYWH78rqUnqYDuyPFkfi5duBPGASQsV8IL5yDVmgA FTWt7lyTQMSHhuD5hBsBgm9Q9/U= -----END CERTIFICATE-----Generated at Sun Aug 24 01:26:05 2025 by rpki-client