$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/CEA08B0A7B7411F0B30B5E4FC4F9AE02.roa File: CEA08B0A7B7411F0B30B5E4FC4F9AE02.roa (raw, json) Hash identifier: ql4+ww0zhpLAZ6qhF7JKNz35W7z0OdqH31PA5z7n2aM= Subject key identifier: 48:9A:6A:80:C2:75:88:88:FF:7D:EE:8D:AE:4F:91:DC:B3:1F:86:7B Certificate issuer: /CN=A91E8AF2/serialNumber=7CD958A007F4F0E56E4A8D24576688622BAB7221 Certificate serial: 0150 Authority key identifier: 7C:D9:58:A0:07:F4:F0:E5:6E:4A:8D:24:57:66:88:62:2B:AB:72:21 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fNlYoAf08OVuSo0kV2aIYiurciE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/CEA08B0A7B7411F0B30B5E4FC4F9AE02.roa Signing time: Sun 17 Aug 2025 14:16:46 +0000 ROA not before: Sun 17 Aug 2025 14:16:46 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 151984 IP address blocks: 103.252.120.0/23 maxlen: 23 103.252.120.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/fNlYoAf08OVuSo0kV2aIYiurciE.crl rsync://rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/fNlYoAf08OVuSo0kV2aIYiurciE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fNlYoAf08OVuSo0kV2aIYiurciE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 04:22:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 336 (0x150) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E8AF2, serialNumber=7CD958A007F4F0E56E4A8D24576688622BAB7221 Validity Not Before: Aug 17 14:16:46 2025 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=68a1e44e-d643 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:8e:b5:19:b6:b8:7a:32:bb:9d:eb:3d:0b:94: f8:bf:42:4b:8c:fd:33:a4:20:9c:02:af:ab:dc:61: 70:83:86:37:f8:f9:85:b9:1b:f7:04:2e:be:f4:46: fa:e4:8a:55:3c:8f:bf:28:60:e0:51:8c:52:0a:f8: ca:28:a3:8c:dd:75:bf:31:22:b8:18:d2:c2:97:92: 4f:09:81:56:39:98:22:3e:5b:1a:77:e8:05:8b:b7: 4b:9b:57:94:8b:8a:d4:f2:80:69:9e:e0:09:c5:44: fb:44:08:33:02:6b:2a:4b:8c:1d:87:db:80:18:28: 93:9d:30:72:59:41:a8:16:23:38:2f:40:8d:9e:1f: 35:54:cd:ca:aa:f2:ea:3a:e6:67:04:e3:09:0e:78: 6d:72:55:d4:30:b0:5d:d9:b1:be:46:4f:f0:16:88: 7a:e1:73:b9:1b:b0:86:2a:c8:e6:fa:71:c6:24:13: 9b:e3:8e:ea:2b:e4:fb:a4:fa:cf:0e:27:ed:b6:c6: 8e:7d:ee:8e:16:6c:59:c5:6b:97:48:e5:e6:64:b1: 52:9f:01:fa:19:de:1c:31:1c:bc:e7:3c:8d:4a:ce: 51:07:08:1a:6d:0e:f0:1d:3f:0a:02:24:33:62:90: 47:f7:f0:1f:ec:39:9e:c7:3c:fb:e3:44:7a:6b:3f: 04:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:9A:6A:80:C2:75:88:88:FF:7D:EE:8D:AE:4F:91:DC:B3:1F:86:7B X509v3 Authority Key Identifier: keyid:7C:D9:58:A0:07:F4:F0:E5:6E:4A:8D:24:57:66:88:62:2B:AB:72:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/fNlYoAf08OVuSo0kV2aIYiurciE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fNlYoAf08OVuSo0kV2aIYiurciE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/CEA08B0A7B7411F0B30B5E4FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.252.120.0/23 Signature Algorithm: sha256WithRSAEncryption 3b:28:33:1f:95:6a:53:7b:94:f9:45:d7:43:a0:58:5b:cb:3f: d3:82:f4:5f:f2:5d:7f:c0:6d:93:90:bb:b9:fb:c5:7a:9a:fb: 91:6e:d7:e1:7e:12:42:a2:b3:63:bc:30:25:ac:30:97:66:37: 90:2e:9c:63:17:03:d3:76:88:f4:f1:13:97:02:98:df:1e:77: e7:fd:ca:e6:ed:ab:a9:56:32:ba:2c:7d:5f:be:05:1f:a9:d1: 21:86:48:a8:ca:76:fb:55:87:8a:d5:54:88:12:f6:a2:df:13: 6e:96:6e:e8:1f:69:58:f9:e0:2a:91:7a:a2:1d:2c:18:25:58: 5e:84:3b:2c:e4:b4:e6:b7:1f:53:d4:83:c4:95:81:14:f7:6b: 2d:04:55:2e:7e:0a:ac:8d:77:91:4e:d9:d9:46:89:44:13:c6: 7e:9e:96:58:0d:46:77:b0:43:9d:43:74:91:f8:94:41:f8:c3: 04:97:14:e2:10:a9:11:5b:5e:a4:28:22:23:c5:ea:32:1d:cf: 0d:01:b6:8c:91:b6:ce:c2:e2:86:e0:aa:95:45:e0:f5:32:38: 59:cf:04:50:14:4c:03:39:82:7c:b6:a0:8d:79:67:74:fa:5b: c4:b2:f8:95:5a:a6:7d:ea:46:f3:ac:5c:05:09:2f:43:a2:0d: c7:97:bb:11 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICAVAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RThBRjIxMTAvBgNVBAUTKDdDRDk1OEEwMDdGNEYwRTU2RTRBOEQyNDU3NjY4ODYy MkJBQjcyMjEwHhcNMjUwODE3MTQxNjQ2WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGExZTQ0ZS1kNjQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApo61Gba4ejK7nes9C5T4v0JLjP0zpCCcAq+r3GFwg4Y3+PmFuRv3BC6+9Eb6 5IpVPI+/KGDgUYxSCvjKKKOM3XW/MSK4GNLCl5JPCYFWOZgiPlsad+gFi7dLm1eU i4rU8oBpnuAJxUT7RAgzAmsqS4wdh9uAGCiTnTByWUGoFiM4L0CNnh81VM3KqvLq OuZnBOMJDnhtclXUMLBd2bG+Rk/wFoh64XO5G7CGKsjm+nHGJBOb447qK+T7pPrP DifttsaOfe6OFmxZxWuXSOXmZLFSnwH6Gd4cMRy85zyNSs5RBwgabQ7wHT8KAiQz YpBH9/Af7Dmexzz740R6az8EFQIDAQABo4IClTCCApEwHQYDVR0OBBYEFEiaaoDC dYiI/33uja5PkdyzH4Z7MB8GA1UdIwQYMBaAFHzZWKAH9PDlbkqNJFdmiGIrq3Ih MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEFGMi81NzMyQzgzODg0 NEMxMUVFQjFGMkNBMjlDNEY5QUUwMi9mTmxZb0FmMDhPVnVTbzBrVjJhSVlpdXJj aUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ZObFlvQWYwOE9WdVNvMGtWMmFJWWl1cmNpRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RThBRjIvNTczMkM4Mzg4NDRDMTFFRUIxRjJDQTI5QzRGOUFFMDIvQ0VBMDhCMEE3 Qjc0MTFGMEIzMEI1RTRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAFn/HgwDQYJKoZIhvcNAQELBQADggEBADsoMx+ValN7lPlF 10OgWFvLP9OC9F/yXX/AbZOQu7n7xXqa+5Fu1+F+EkKis2O8MCWsMJdmN5AunGMX A9N2iPTxE5cCmN8ed+f9yubtq6lWMrosfV++BR+p0SGGSKjKdvtVh4rVVIgS9qLf E26WbugfaVj54CqReqIdLBglWF6EOyzktOa3H1PUg8SVgRT3ay0EVS5+CqyNd5FO 2dlGiUQTxn6ellgNRnewQ51DdJH4lEH4wwSXFOIQqRFbXqQoIiPF6jIdzw0BtoyR ts7C4obgqpVF4PUyOFnPBFAUTAM5gny2oI15Z3T6W8Sy+JVapn3qRvOsXAUJL0Oi DceXuxE= -----END CERTIFICATE-----Generated at Sat Aug 23 23:28:11 2025 by rpki-client