$ rpki-client -vvf rpki.apnic.net/member_repository/A91C956C/FB305A5E0C8A11ECA3191B0CC4F9AE02/2F3F56C42BB411EF8D887F3AC4F9AE02.roa File: 2F3F56C42BB411EF8D887F3AC4F9AE02.roa (raw, json) Hash identifier: +Mi7BZoKW+xr25lpsKkabZrOyuilHhAO129Cyy+dlGI= Subject key identifier: 3B:BA:D4:D1:D1:3C:6F:9D:45:95:96:A2:8A:28:2C:7D:54:BE:35:4C Certificate issuer: /CN=A91C956C/serialNumber=512D9BDE813CB7BC77190A84F9B18DB8EB4E225F Certificate serial: 055C Authority key identifier: 51:2D:9B:DE:81:3C:B7:BC:77:19:0A:84:F9:B1:8D:B8:EB:4E:22:5F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/US2b3oE8t7x3GQqE-bGNuOtOIl8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C956C/FB305A5E0C8A11ECA3191B0CC4F9AE02/2F3F56C42BB411EF8D887F3AC4F9AE02.roa Signing time: Thu 02 Oct 2025 23:54:49 +0000 ROA not before: Thu 02 Oct 2025 23:54:49 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 151952 IP address blocks: 103.172.142.0/23 maxlen: 23 103.172.142.0/24 maxlen: 24 103.172.143.0/24 maxlen: 24 2001:df0:6a40::/48 maxlen: 48 2001:df0:6a40::/49 maxlen: 49 2001:df0:6a40:8000::/49 maxlen: 49 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C956C/FB305A5E0C8A11ECA3191B0CC4F9AE02/US2b3oE8t7x3GQqE-bGNuOtOIl8.crl rsync://rpki.apnic.net/member_repository/A91C956C/FB305A5E0C8A11ECA3191B0CC4F9AE02/US2b3oE8t7x3GQqE-bGNuOtOIl8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/US2b3oE8t7x3GQqE-bGNuOtOIl8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 01:10:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1372 (0x55c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C956C, serialNumber=512D9BDE813CB7BC77190A84F9B18DB8EB4E225F Validity Not Before: Oct 2 23:54:49 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68df10c9-56b2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:de:35:d9:6c:fc:b5:a0:03:81:83:18:43:f2: 3a:b2:cb:9d:29:85:5f:99:78:c9:a7:22:d0:86:0a: 37:c8:d2:2c:7a:f5:36:68:56:d3:ec:69:25:f1:82: 70:0f:f3:7e:b6:15:42:a8:d7:0e:35:80:bc:65:b3: 73:fd:02:51:5f:d6:ad:53:a9:55:87:e0:08:c4:a2: 00:30:74:7f:d8:45:b3:0b:0a:92:01:99:52:bc:af: 57:1e:6d:05:95:48:56:39:04:f4:2f:62:a5:e7:75: bd:69:83:7d:02:d5:61:58:db:d6:48:db:4a:ad:d5: dc:55:03:9b:bd:e3:8f:8e:a0:5c:b2:ef:fa:20:eb: 9c:71:c9:99:a9:12:a2:8b:a6:98:78:2a:d0:c8:81: 02:2e:59:fa:5f:a2:91:1c:1d:e2:48:ff:f6:5b:49: ba:54:82:83:46:ed:ed:5d:24:34:5d:99:1a:50:6b: 03:f6:f9:2b:99:11:87:3b:76:0d:5f:4e:a8:64:0a: 1f:cd:6d:67:f3:61:28:55:54:31:f2:24:5d:29:ed: 09:83:f4:5a:8d:c7:89:c4:8c:2f:8f:22:62:b8:eb: 6f:ac:ff:17:c9:ab:ed:b0:df:8b:8f:d3:ae:f8:28: 4a:16:56:49:1e:03:67:df:4c:71:f1:b0:a5:d2:31: 6d:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:BA:D4:D1:D1:3C:6F:9D:45:95:96:A2:8A:28:2C:7D:54:BE:35:4C X509v3 Authority Key Identifier: keyid:51:2D:9B:DE:81:3C:B7:BC:77:19:0A:84:F9:B1:8D:B8:EB:4E:22:5F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C956C/FB305A5E0C8A11ECA3191B0CC4F9AE02/US2b3oE8t7x3GQqE-bGNuOtOIl8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/US2b3oE8t7x3GQqE-bGNuOtOIl8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C956C/FB305A5E0C8A11ECA3191B0CC4F9AE02/2F3F56C42BB411EF8D887F3AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.172.142.0/23 IPv6: 2001:df0:6a40::/48 Signature Algorithm: sha256WithRSAEncryption 54:45:e6:a1:40:36:0c:9e:b8:ab:52:56:29:29:24:69:8d:df: ef:7d:df:27:40:3e:10:d4:6e:d1:87:c7:7d:47:ec:e8:d0:ec: e3:07:3b:80:1c:66:f4:d5:61:2b:2a:d8:2a:0b:f7:5c:9e:d9: a1:35:e3:97:fd:92:81:68:75:64:53:12:ae:e8:73:88:63:da: 22:fd:c7:2c:bc:9c:14:43:75:6c:72:d0:28:bf:da:51:f3:34: c3:d9:eb:d2:3a:2c:84:97:2b:5c:9e:f2:a4:d9:4f:bb:93:de: 2c:4e:ba:1d:c9:e2:0f:02:89:f7:3b:a3:ad:41:f3:cf:8e:b6: 54:d6:64:48:a7:8b:d2:25:2e:58:52:d6:28:49:ae:1f:34:d6: 7c:d5:2b:00:fd:9d:b1:0f:dc:c5:b6:b7:b0:13:28:2c:9c:44: 42:36:f8:5f:e2:d2:91:24:3b:26:e5:af:49:92:1d:80:8b:f1: da:40:a4:5c:90:e9:07:34:c5:91:c2:1f:65:a0:f4:80:c0:c3: d0:fe:de:72:ec:60:1f:8a:c0:1d:82:32:8a:c3:bb:29:1e:b8: ef:6d:36:de:c4:ad:6a:ce:a2:4d:de:46:8d:88:bd:37:79:43: 6e:1a:b4:89:8f:51:03:99:97:61:05:82:a6:2b:b8:54:17:8b: d3:71:17:81 -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICBVwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qzk1NkMxMTAvBgNVBAUTKDUxMkQ5QkRFODEzQ0I3QkM3NzE5MEE4NEY5QjE4REI4 RUI0RTIyNUYwHhcNMjUxMDAyMjM1NDQ5WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGRmMTBjOS01NmIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxd412Wz8taADgYMYQ/I6ssudKYVfmXjJpyLQhgo3yNIsevU2aFbT7Gkl8YJw D/N+thVCqNcONYC8ZbNz/QJRX9atU6lVh+AIxKIAMHR/2EWzCwqSAZlSvK9XHm0F lUhWOQT0L2Kl53W9aYN9AtVhWNvWSNtKrdXcVQObveOPjqBcsu/6IOucccmZqRKi i6aYeCrQyIECLln6X6KRHB3iSP/2W0m6VIKDRu3tXSQ0XZkaUGsD9vkrmRGHO3YN X06oZAofzW1n82EoVVQx8iRdKe0Jg/RajceJxIwvjyJiuOtvrP8XyavtsN+Lj9Ou +ChKFlZJHgNn30xx8bCl0jFt6wIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFDu61NHR PG+dRZWWooooLH1UvjVMMB8GA1UdIwQYMBaAFFEtm96BPLe8dxkKhPmxjbjrTiJf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOTU2Qy9GQjMwNUE1RTBD OEExMUVDQTMxOTFCMENDNEY5QUUwMi9VUzJiM29FOHQ3eDNHUXFFLWJHTnVPdE9J bDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1VTMmIzb0U4dDd4M0dRcUUtYkdOdU90T0lsOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Qzk1NkMvRkIzMDVBNUUwQzhBMTFFQ0EzMTkxQjBDQzRGOUFFMDIvMkYzRjU2QzQy QkI0MTFFRjhEODg3RjNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAFnrI4wDwQCAAIwCQMHACABDfBqQDANBgkqhkiG9w0BAQsF AAOCAQEAVEXmoUA2DJ64q1JWKSkkaY3f733fJ0A+ENRu0YfHfUfs6NDs4wc7gBxm 9NVhKyrYKgv3XJ7ZoTXjl/2SgWh1ZFMSruhziGPaIv3HLLycFEN1bHLQKL/aUfM0 w9nr0joshJcrXJ7ypNlPu5PeLE66HcniDwKJ9zujrUHzz462VNZkSKeL0iUuWFLW KEmuHzTWfNUrAP2dsQ/cxba3sBMoLJxEQjb4X+LSkSQ7JuWvSZIdgIvx2kCkXJDp BzTFkcIfZaD0gMDD0P7ecuxgH4rAHYIyisO7KR6472023sStas6iTd5GjYi9N3lD bhq0iY9RA5mXYQWCpiu4VBeL03EXgQ== -----END CERTIFICATE-----Generated at Mon Oct 20 16:17:35 2025 by rpki-client