$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/CEA08B0A7B7411F0B30B5E4FC4F9AE02.roa File: CEA08B0A7B7411F0B30B5E4FC4F9AE02.roa (raw, json) Hash identifier: C44/AtE3Ze2iBhnia/62NjBLNjDmkSHhne0xCs9WJQ8= Subject key identifier: 0B:5F:95:A8:FF:EC:C9:03:23:F7:B3:BF:48:10:A3:B7:3A:4D:9D:F0 Certificate issuer: /CN=A91E8AF2/serialNumber=7CD958A007F4F0E56E4A8D24576688622BAB7221 Certificate serial: 0177 Authority key identifier: 7C:D9:58:A0:07:F4:F0:E5:6E:4A:8D:24:57:66:88:62:2B:AB:72:21 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fNlYoAf08OVuSo0kV2aIYiurciE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/CEA08B0A7B7411F0B30B5E4FC4F9AE02.roa Signing time: Wed 15 Oct 2025 07:01:37 +0000 ROA not before: Wed 15 Oct 2025 07:01:37 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 151984 IP address blocks: 103.252.120.0/23 maxlen: 23 103.252.120.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/fNlYoAf08OVuSo0kV2aIYiurciE.crl rsync://rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/fNlYoAf08OVuSo0kV2aIYiurciE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fNlYoAf08OVuSo0kV2aIYiurciE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 06:35:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 375 (0x177) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E8AF2, serialNumber=7CD958A007F4F0E56E4A8D24576688622BAB7221 Validity Not Before: Oct 15 07:01:37 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=68ef46d1-c332 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:95:d8:a1:51:68:5a:08:c4:82:1e:ea:13:b4: 5c:8b:5a:0c:f0:4e:03:38:50:b8:a4:d5:bb:5d:71: ad:93:85:26:38:af:0b:6e:9a:99:37:37:18:28:e1: 4c:08:5b:e9:b1:9e:00:41:a4:2c:9b:fb:ae:9f:c0: f4:02:55:20:e8:9a:13:1f:cf:81:8d:94:29:17:48: 3f:95:70:c4:26:09:b0:75:fd:32:31:04:77:0b:e1: 7b:8d:f4:36:1d:f9:8b:05:b8:be:cc:26:05:46:58: d7:d5:46:ff:8a:ec:da:a3:af:ea:7c:c8:ad:e8:e9: 27:fa:f7:15:66:3d:3e:4f:db:19:02:16:f3:3c:cc: 1b:3a:98:66:cc:de:a5:89:5a:00:56:d8:b8:81:06: 61:08:63:97:08:a4:77:d2:0e:83:74:76:7b:2a:c1: cf:a6:02:e2:5f:cc:7b:e5:e2:14:a5:5d:c5:04:ad: 47:15:c2:75:63:16:3d:6d:64:75:66:f4:56:cc:e7: fc:92:91:b0:7f:ab:00:bd:d6:e5:c8:b2:07:05:d6: 05:ad:ab:5b:b9:1d:85:e9:1b:8f:49:58:fa:58:34: 71:c9:d0:51:a1:7e:74:ce:b3:a1:eb:8a:1e:9a:2f: 77:86:aa:bd:ee:34:3c:c8:2f:9e:49:b0:5a:aa:85: 2c:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:5F:95:A8:FF:EC:C9:03:23:F7:B3:BF:48:10:A3:B7:3A:4D:9D:F0 X509v3 Authority Key Identifier: keyid:7C:D9:58:A0:07:F4:F0:E5:6E:4A:8D:24:57:66:88:62:2B:AB:72:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/fNlYoAf08OVuSo0kV2aIYiurciE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fNlYoAf08OVuSo0kV2aIYiurciE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/CEA08B0A7B7411F0B30B5E4FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.252.120.0/23 Signature Algorithm: sha256WithRSAEncryption 76:43:06:d1:22:3d:32:90:3d:bf:a5:00:4b:58:52:dd:d2:29: f7:34:33:8c:d5:40:c9:d0:d3:f5:68:30:ab:44:d8:33:dc:e4: 90:52:ae:35:8b:59:e5:df:57:fa:4f:17:53:83:3a:ef:48:e1: f7:9d:9d:1e:e7:a9:a6:06:3e:d0:41:59:af:94:2a:4f:b0:bc: 2c:97:b3:e2:ce:cb:9e:14:c4:e2:0f:fa:1e:f8:00:ca:bf:93: 36:af:fb:7f:65:7d:de:dc:2a:65:be:49:e9:0a:1a:a9:0b:8d: e4:48:98:92:59:12:6a:77:20:16:8a:48:e1:c0:fa:63:ec:d1: 17:ab:ef:e9:e4:52:57:dd:95:18:1d:2e:5c:3f:c1:26:74:e1: fd:ae:a6:59:f6:c8:f0:ab:46:7f:e3:7a:13:6c:07:7d:f9:0a: d1:91:db:55:08:59:05:8b:a5:36:7a:08:87:3c:55:d3:65:a3: 15:9c:ef:cd:67:dc:af:f6:da:d0:0c:0b:c2:2c:75:d1:21:48: 94:f2:f4:65:af:d4:3c:94:16:c5:54:69:4b:25:5f:2f:b0:df: af:be:01:62:52:c2:f4:ba:bc:d8:40:26:09:0d:83:11:4e:5c: eb:43:91:c1:e8:bb:9b:b9:c9:76:aa:65:8a:55:0b:8c:07:70: 81:95:3e:a7 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICAXcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RThBRjIxMTAvBgNVBAUTKDdDRDk1OEEwMDdGNEYwRTU2RTRBOEQyNDU3NjY4ODYy MkJBQjcyMjEwHhcNMjUxMDE1MDcwMTM3WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGVmNDZkMS1jMzMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwZXYoVFoWgjEgh7qE7Rci1oM8E4DOFC4pNW7XXGtk4UmOK8LbpqZNzcYKOFM CFvpsZ4AQaQsm/uun8D0AlUg6JoTH8+BjZQpF0g/lXDEJgmwdf0yMQR3C+F7jfQ2 HfmLBbi+zCYFRljX1Ub/iuzao6/qfMit6Okn+vcVZj0+T9sZAhbzPMwbOphmzN6l iVoAVti4gQZhCGOXCKR30g6DdHZ7KsHPpgLiX8x75eIUpV3FBK1HFcJ1YxY9bWR1 ZvRWzOf8kpGwf6sAvdblyLIHBdYFratbuR2F6RuPSVj6WDRxydBRoX50zrOh64oe mi93hqq97jQ8yC+eSbBaqoUsCwIDAQABo4IClTCCApEwHQYDVR0OBBYEFAtflaj/ 7MkDI/ezv0gQo7c6TZ3wMB8GA1UdIwQYMBaAFHzZWKAH9PDlbkqNJFdmiGIrq3Ih MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEFGMi81NzMyQzgzODg0 NEMxMUVFQjFGMkNBMjlDNEY5QUUwMi9mTmxZb0FmMDhPVnVTbzBrVjJhSVlpdXJj aUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ZObFlvQWYwOE9WdVNvMGtWMmFJWWl1cmNpRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RThBRjIvNTczMkM4Mzg4NDRDMTFFRUIxRjJDQTI5QzRGOUFFMDIvQ0VBMDhCMEE3 Qjc0MTFGMEIzMEI1RTRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAFn/HgwDQYJKoZIhvcNAQELBQADggEBAHZDBtEiPTKQPb+l AEtYUt3SKfc0M4zVQMnQ0/VoMKtE2DPc5JBSrjWLWeXfV/pPF1ODOu9I4fednR7n qaYGPtBBWa+UKk+wvCyXs+LOy54UxOIP+h74AMq/kzav+39lfd7cKmW+SekKGqkL jeRImJJZEmp3IBaKSOHA+mPs0Rer7+nkUlfdlRgdLlw/wSZ04f2upln2yPCrRn/j ehNsB335CtGR21UIWQWLpTZ6CIc8VdNloxWc781n3K/22tAMC8IsddEhSJTy9GWv 1DyUFsVUaUslXy+w36++AWJSwvS6vNhAJgkNgxFOXOtDkcHou5u5yXaqZYpVC4wH cIGVPqc= -----END CERTIFICATE-----Generated at Mon Oct 20 04:40:18 2025 by rpki-client