$ rpki-client -vvf rpki.apnic.net/member_repository/A91EEEB8/8E0F2CB61DA111E2B906BC9308B02CD2/32DFCCDCEB8011EAAB806163C4F9AE02.roa File: 32DFCCDCEB8011EAAB806163C4F9AE02.roa (raw, json) Hash identifier: Vy0S41quK2iU71kwrTbOz/KoqscmH6wvDknm9n/QiBc= Subject key identifier: 24:4A:4A:E5:AE:AC:76:35:D4:21:26:3E:E5:A3:D1:FB:1E:86:3A:1D Certificate issuer: /CN=A91EEEB8/serialNumber=E622C8114F3F24AA6A807C8141E3964B551BB930 Certificate serial: 3505 Authority key identifier: E6:22:C8:11:4F:3F:24:AA:6A:80:7C:81:41:E3:96:4B:55:1B:B9:30 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5iLIEU8_JKpqgHyBQeOWS1UbuTA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EEEB8/8E0F2CB61DA111E2B906BC9308B02CD2/32DFCCDCEB8011EAAB806163C4F9AE02.roa Signing time: Thu 02 Oct 2025 15:11:21 +0000 ROA not before: Thu 02 Oct 2025 15:11:21 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 133418 IP address blocks: 103.136.123.0/24 maxlen: 24 2404:8e80:4::/48 maxlen: 48 2404:8e80:8::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EEEB8/8E0F2CB61DA111E2B906BC9308B02CD2/5iLIEU8_JKpqgHyBQeOWS1UbuTA.crl rsync://rpki.apnic.net/member_repository/A91EEEB8/8E0F2CB61DA111E2B906BC9308B02CD2/5iLIEU8_JKpqgHyBQeOWS1UbuTA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5iLIEU8_JKpqgHyBQeOWS1UbuTA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 15:13:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13573 (0x3505) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EEEB8, serialNumber=E622C8114F3F24AA6A807C8141E3964B551BB930 Validity Not Before: Oct 2 15:11:21 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68de9619-bf51 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:19:a1:e2:73:a4:71:d1:90:fc:ff:5e:2a:c7: 50:92:7e:02:d2:7a:71:bb:92:c1:e8:44:64:64:9b: 45:1b:f1:57:e2:aa:88:5d:2d:f1:a4:ad:fc:89:29: d1:0b:60:b2:8d:67:f0:de:83:e6:c6:80:f6:ea:11: d8:b0:f7:f9:88:14:0b:b1:96:de:f9:6d:25:ed:ba: 61:b7:3f:a8:a4:9c:20:fe:93:72:ac:a2:7b:7a:9d: 22:15:0b:fc:22:d6:ce:69:d1:48:53:99:ca:11:e7: 49:37:49:a5:5a:c9:bb:0b:97:6c:90:7c:cb:64:dc: a5:5e:48:a8:cd:d5:83:d4:e0:77:98:bc:b4:c9:b7: 4e:be:d2:ac:0a:70:66:81:6c:7b:08:2d:01:b8:bd: c6:cd:0f:d5:34:17:7c:78:5d:96:59:60:06:cd:8c: d0:b8:60:49:6d:75:6f:a4:42:5d:13:cb:8b:7b:d7: 4e:b8:3c:07:cd:2d:4e:59:1b:e3:22:e2:8c:d3:81: a7:6b:61:ea:a7:e0:ed:90:a8:d2:d1:ec:52:f7:6f: 40:07:9c:20:a7:9c:c1:3b:77:97:6f:c7:6a:08:2f: cb:ed:e2:f3:50:c3:1d:30:dd:ae:17:a5:99:61:68: ca:72:ba:d4:d8:ac:c7:4d:9e:0c:26:3b:6a:d0:34: fc:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:4A:4A:E5:AE:AC:76:35:D4:21:26:3E:E5:A3:D1:FB:1E:86:3A:1D X509v3 Authority Key Identifier: keyid:E6:22:C8:11:4F:3F:24:AA:6A:80:7C:81:41:E3:96:4B:55:1B:B9:30 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EEEB8/8E0F2CB61DA111E2B906BC9308B02CD2/5iLIEU8_JKpqgHyBQeOWS1UbuTA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5iLIEU8_JKpqgHyBQeOWS1UbuTA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EEEB8/8E0F2CB61DA111E2B906BC9308B02CD2/32DFCCDCEB8011EAAB806163C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.136.123.0/24 IPv6: 2404:8e80:4::/48 2404:8e80:8::/48 Signature Algorithm: sha256WithRSAEncryption 90:12:54:b3:81:95:70:9c:ba:2e:79:32:5d:c5:f2:d5:23:46: 32:ae:a7:a6:aa:b8:da:44:68:4f:3e:0e:12:a6:7e:01:5a:3e: ce:bc:98:d9:71:c5:98:52:f6:4a:30:fb:84:6a:b5:9f:a0:b1: fe:b8:86:81:91:d3:6a:c5:80:8f:2b:d0:ba:04:00:58:2b:cb: 42:3c:33:cf:6c:d7:df:13:64:0a:b2:82:8f:61:9e:97:48:b2: ca:bf:a8:18:62:83:41:fc:f1:e4:53:40:de:06:0a:4c:e4:1b: be:e4:0a:a5:d9:1a:48:fa:90:e1:22:51:47:40:be:9b:57:f5: 17:c3:a7:ed:d7:dd:22:b8:68:6d:69:3e:a8:b4:33:92:3a:94: 22:25:77:c4:7e:eb:b5:83:a2:01:4a:3b:5d:51:af:86:5c:1f: 17:9c:3e:18:69:ce:8e:bb:45:2f:15:99:09:be:03:4a:b0:d4: b5:69:33:a9:bc:c3:7f:c6:8d:6a:0c:1f:ac:5e:99:c3:8f:d4: 53:5d:12:e0:19:77:ad:73:2e:f1:ec:be:72:33:d9:aa:5c:6b: e5:93:69:29:61:76:58:13:10:79:54:19:70:c4:02:29:2f:88: a8:29:5b:2b:96:12:05:22:17:d5:7c:fb:e3:f1:a8:f2:56:14: f8:d6:d4:24 -----BEGIN CERTIFICATE----- MIIFizCCBHOgAwIBAgICNQUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUVFQjgxMTAvBgNVBAUTKEU2MjJDODExNEYzRjI0QUE2QTgwN0M4MTQxRTM5NjRC NTUxQkI5MzAwHhcNMjUxMDAyMTUxMTIxWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGRlOTYxOS1iZjUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAphmh4nOkcdGQ/P9eKsdQkn4C0npxu5LB6ERkZJtFG/FX4qqIXS3xpK38iSnR C2CyjWfw3oPmxoD26hHYsPf5iBQLsZbe+W0l7bphtz+opJwg/pNyrKJ7ep0iFQv8 ItbOadFIU5nKEedJN0mlWsm7C5dskHzLZNylXkiozdWD1OB3mLy0ybdOvtKsCnBm gWx7CC0BuL3GzQ/VNBd8eF2WWWAGzYzQuGBJbXVvpEJdE8uLe9dOuDwHzS1OWRvj IuKM04Gna2Hqp+DtkKjS0exS929AB5wgp5zBO3eXb8dqCC/L7eLzUMMdMN2uF6WZ YWjKcrrU2KzHTZ4MJjtq0DT8YwIDAQABo4ICrzCCAqswHQYDVR0OBBYEFCRKSuWu rHY11CEmPuWj0fsehjodMB8GA1UdIwQYMBaAFOYiyBFPPySqaoB8gUHjlktVG7kw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRUVCOC84RTBGMkNCNjFE QTExMUUyQjkwNkJDOTMwOEIwMkNEMi81aUxJRVU4X0pLcHFnSHlCUWVPV1MxVWJ1 VEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzVpTElFVThfSktwcWdIeUJRZU9XUzFVYnVUQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUVFQjgvOEUwRjJDQjYxREExMTFFMkI5MDZCQzkzMDhCMDJDRDIvMzJERkNDRENF QjgwMTFFQUFCODA2MTYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E KjAoMAwEAgABMAYDBABniHswGAQCAAIwEgMHACQEjoAABAMHACQEjoAACDANBgkq hkiG9w0BAQsFAAOCAQEAkBJUs4GVcJy6LnkyXcXy1SNGMq6npqq42kRoTz4OEqZ+ AVo+zryY2XHFmFL2SjD7hGq1n6Cx/riGgZHTasWAjyvQugQAWCvLQjwzz2zX3xNk CrKCj2Gel0iyyr+oGGKDQfzx5FNA3gYKTOQbvuQKpdkaSPqQ4SJRR0C+m1f1F8On 7dfdIrhobWk+qLQzkjqUIiV3xH7rtYOiAUo7XVGvhlwfF5w+GGnOjrtFLxWZCb4D SrDUtWkzqbzDf8aNagwfrF6Zw4/UU10S4Bl3rXMu8ey+cjPZqlxr5ZNpKWF2WBMQ eVQZcMQCKS+IqClbK5YSBSIX1Xz74/Go8lYU+NbUJA== -----END CERTIFICATE-----Generated at Mon Oct 20 16:47:13 2025 by rpki-client