$ rpki-client -vvf rpki.apnic.net/member_repository/A91BBD5B/1702FC3EBB6711E6AE24040FC4F9AE02/AB9480A6BB6811E69E8D1212C4F9AE02.roa File: AB9480A6BB6811E69E8D1212C4F9AE02.roa (raw, json) Hash identifier: kiqsqwNMBPh3qwxfNJAfqtQq0GlxcHUCDHglujirUPs= Subject key identifier: F3:12:07:1D:89:56:47:00:90:D2:4B:54:85:BA:AC:59:EE:F0:E3:EE Certificate issuer: /CN=A91BBD5B/serialNumber=DB92B83F4C1878390D6A44E6AED57A7752263512 Certificate serial: 1D4F Authority key identifier: DB:92:B8:3F:4C:18:78:39:0D:6A:44:E6:AE:D5:7A:77:52:26:35:12 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/25K4P0wYeDkNakTmrtV6d1ImNRI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BBD5B/1702FC3EBB6711E6AE24040FC4F9AE02/AB9480A6BB6811E69E8D1212C4F9AE02.roa Signing time: Sat 20 Sep 2025 16:34:30 +0000 ROA not before: Sat 20 Sep 2025 16:34:30 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 132148 IP address blocks: 103.70.249.0/24 maxlen: 24 103.81.113.0/24 maxlen: 24 103.81.114.0/24 maxlen: 24 103.81.115.0/24 maxlen: 24 2001:df3:ce00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BBD5B/1702FC3EBB6711E6AE24040FC4F9AE02/25K4P0wYeDkNakTmrtV6d1ImNRI.crl rsync://rpki.apnic.net/member_repository/A91BBD5B/1702FC3EBB6711E6AE24040FC4F9AE02/25K4P0wYeDkNakTmrtV6d1ImNRI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/25K4P0wYeDkNakTmrtV6d1ImNRI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 16:26:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7503 (0x1d4f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BBD5B, serialNumber=DB92B83F4C1878390D6A44E6AED57A7752263512 Validity Not Before: Sep 20 16:34:30 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68ced796-3964 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:45:2f:b5:09:5b:e8:9e:38:b7:2f:a0:d0:12: 00:b0:86:c8:72:05:d6:be:59:c5:0d:1b:08:8b:19: 90:0b:ae:35:6a:b9:48:1e:37:c1:eb:a7:dc:96:4a: 48:a4:af:d3:dd:04:89:61:db:21:32:8b:18:db:73: 9d:31:2f:cb:26:45:52:72:8c:ad:73:7d:fb:88:16: 2c:44:4a:81:cf:5c:a4:d7:c0:4e:12:34:38:c2:11: 39:f4:ed:a9:30:1b:ec:17:c0:d6:c8:a4:f1:1f:5d: d5:f1:87:4c:a1:98:e6:36:b6:d0:d4:ed:f4:6f:39: 17:7a:3a:10:5e:c1:74:45:a1:0e:74:b6:57:dd:d3: 0b:a3:bd:2d:0e:82:ee:be:46:b4:40:9a:ba:51:ee: 70:24:e1:24:df:8f:1e:83:68:19:01:57:ee:75:30: 1a:40:8a:47:f9:07:c7:87:4c:be:81:a2:ac:05:87: ed:30:63:4b:94:52:f7:fc:c4:1a:88:94:a1:d4:81: 63:e8:b8:8b:47:f7:dc:7b:8d:9c:77:fc:4e:5b:2b: d2:f7:03:4e:d8:e4:8e:1b:6d:00:72:ea:60:0a:88: 8b:c1:3b:78:a2:a5:36:1b:d8:29:49:d2:97:8c:d1: 9d:fa:e0:79:54:0a:3b:ce:5a:f4:24:d5:7b:91:99: 72:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:12:07:1D:89:56:47:00:90:D2:4B:54:85:BA:AC:59:EE:F0:E3:EE X509v3 Authority Key Identifier: keyid:DB:92:B8:3F:4C:18:78:39:0D:6A:44:E6:AE:D5:7A:77:52:26:35:12 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BBD5B/1702FC3EBB6711E6AE24040FC4F9AE02/25K4P0wYeDkNakTmrtV6d1ImNRI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/25K4P0wYeDkNakTmrtV6d1ImNRI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BBD5B/1702FC3EBB6711E6AE24040FC4F9AE02/AB9480A6BB6811E69E8D1212C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.70.249.0/24 103.81.113.0-103.81.115.255 IPv6: 2001:df3:ce00::/48 Signature Algorithm: sha256WithRSAEncryption 23:03:15:13:c4:b7:a1:c3:97:c0:2c:45:5a:c9:03:4e:19:73: f3:c0:16:a0:04:9b:37:f0:c3:25:38:6b:c3:89:46:96:5c:a2: 17:d0:25:aa:1c:c6:38:3a:75:cb:23:4f:85:f3:78:f6:bb:3e: b4:0a:a8:bb:d0:98:b8:bf:d4:a3:d5:d2:f5:09:c7:9d:d8:0e: 4c:02:45:57:2c:66:2a:cb:4b:14:4f:7c:dd:86:8d:c0:16:89: e0:7c:03:66:6b:c5:d4:a8:cc:eb:85:c8:1b:2c:4d:64:31:d4: bf:38:e7:62:6a:86:0b:01:ad:7a:41:6e:e9:c8:ee:7a:5f:0d: 9c:2e:d1:b5:32:3b:10:61:fd:e4:3b:8e:00:25:8e:56:ed:4b: 6f:bc:e2:46:6f:5d:d7:15:a6:0b:63:a5:c6:c4:d4:2e:b5:3c: 06:06:16:f0:c0:8e:2e:31:a4:71:a4:52:92:2a:16:7f:a4:80: 02:6a:a2:29:86:d5:bf:b3:bd:08:3a:1b:35:06:92:91:d3:84: 29:00:84:6c:d9:7b:02:6c:1a:15:c0:c8:1b:99:3e:74:44:67: 4a:3d:b4:5f:4f:54:02:f4:df:c3:84:6f:ca:5f:9b:fe:1b:eb: 85:9c:e5:1e:61:ae:08:98:d8:8c:ef:d9:9c:98:e6:92:74:dc: 25:45:34:13 -----BEGIN CERTIFICATE----- MIIFkDCCBHigAwIBAgICHU8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkJENUIxMTAvBgNVBAUTKERCOTJCODNGNEMxODc4MzkwRDZBNDRFNkFFRDU3QTc3 NTIyNjM1MTIwHhcNMjUwOTIwMTYzNDMwWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGNlZDc5Ni0zOTY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuUUvtQlb6J44ty+g0BIAsIbIcgXWvlnFDRsIixmQC641arlIHjfB66fclkpI pK/T3QSJYdshMosY23OdMS/LJkVScoytc337iBYsREqBz1yk18BOEjQ4whE59O2p MBvsF8DWyKTxH13V8YdMoZjmNrbQ1O30bzkXejoQXsF0RaEOdLZX3dMLo70tDoLu vka0QJq6Ue5wJOEk348eg2gZAVfudTAaQIpH+QfHh0y+gaKsBYftMGNLlFL3/MQa iJSh1IFj6LiLR/fce42cd/xOWyvS9wNO2OSOG20AcupgCoiLwTt4oqU2G9gpSdKX jNGd+uB5VAo7zlr0JNV7kZlybQIDAQABo4ICtDCCArAwHQYDVR0OBBYEFPMSBx2J VkcAkNJLVIW6rFnu8OPuMB8GA1UdIwQYMBaAFNuSuD9MGHg5DWpE5q7VendSJjUS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQkQ1Qi8xNzAyRkMzRUJC NjcxMUU2QUUyNDA0MEZDNEY5QUUwMi8yNUs0UDB3WWVEa05ha1RtcnRWNmQxSW1O UkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzI1SzRQMHdZZURrTmFrVG1ydFY2ZDFJbU5SSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkJENUIvMTcwMkZDM0VCQjY3MTFFNkFFMjQwNDBGQzRGOUFFMDIvQUI5NDgwQTZC QjY4MTFFNjlFOEQxMjEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPgYIKwYBBQUHAQcBAf8E LzAtMBoEAgABMBQDBABnRvkwDAMEAGdRcQMEAmdRcDAPBAIAAjAJAwcAIAEN884A MA0GCSqGSIb3DQEBCwUAA4IBAQAjAxUTxLehw5fALEVayQNOGXPzwBagBJs38MMl OGvDiUaWXKIX0CWqHMY4OnXLI0+F83j2uz60Cqi70Ji4v9Sj1dL1Cced2A5MAkVX LGYqy0sUT3zdho3AFongfANma8XUqMzrhcgbLE1kMdS/OOdiaoYLAa16QW7pyO56 Xw2cLtG1MjsQYf3kO44AJY5W7UtvvOJGb13XFaYLY6XGxNQutTwGBhbwwI4uMaRx pFKSKhZ/pIACaqIphtW/s70IOhs1BpKR04QpAIRs2XsCbBoVwMgbmT50RGdKPbRf T1QC9N/DhG/KX5v+G+uFnOUeYa4ImNiM79mcmOaSdNwlRTQT -----END CERTIFICATE-----Generated at Mon Oct 20 13:59:20 2025 by rpki-client