$ rpki-client -vvf rpki.apnic.net/member_repository/A91EEEB8/8E0F2CB61DA111E2B906BC9308B02CD2/70B22B22950D11F0ACB76B28C4F9AE02.roa File: 70B22B22950D11F0ACB76B28C4F9AE02.roa (raw, json) Hash identifier: rEXx1IeVQBnFO7DidP5CAzoHoXBLOcJ2lUWGfIOm15E= Subject key identifier: E8:00:CE:E3:3E:1D:1E:4F:44:CA:10:83:4E:C2:5C:0D:D2:3E:18:82 Certificate issuer: /CN=A91EEEB8/serialNumber=E622C8114F3F24AA6A807C8141E3964B551BB930 Certificate serial: 3509 Authority key identifier: E6:22:C8:11:4F:3F:24:AA:6A:80:7C:81:41:E3:96:4B:55:1B:B9:30 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5iLIEU8_JKpqgHyBQeOWS1UbuTA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EEEB8/8E0F2CB61DA111E2B906BC9308B02CD2/70B22B22950D11F0ACB76B28C4F9AE02.roa Signing time: Thu 02 Oct 2025 15:11:24 +0000 ROA not before: Thu 02 Oct 2025 15:11:24 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 7594 IP address blocks: 103.136.122.0/24 maxlen: 24 103.136.123.0/24 maxlen: 24 103.195.14.0/24 maxlen: 24 103.195.15.0/24 maxlen: 24 203.176.158.0/24 maxlen: 24 203.176.159.0/24 maxlen: 24 2404:8e80:2::/48 maxlen: 48 2404:8e80:3::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EEEB8/8E0F2CB61DA111E2B906BC9308B02CD2/5iLIEU8_JKpqgHyBQeOWS1UbuTA.crl rsync://rpki.apnic.net/member_repository/A91EEEB8/8E0F2CB61DA111E2B906BC9308B02CD2/5iLIEU8_JKpqgHyBQeOWS1UbuTA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5iLIEU8_JKpqgHyBQeOWS1UbuTA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 15:13:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13577 (0x3509) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EEEB8, serialNumber=E622C8114F3F24AA6A807C8141E3964B551BB930 Validity Not Before: Oct 2 15:11:24 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68de961c-d9f5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:39:c7:99:04:32:c3:cb:27:1b:c1:51:83:54: 15:01:9a:79:74:60:6b:84:98:9d:32:2b:7e:2b:4d: 12:be:dc:ba:f4:29:bf:48:ca:06:c2:1f:bf:6a:f8: 25:95:0b:08:3b:c5:eb:cc:7b:ff:25:5b:04:e2:ed: 95:96:73:46:91:f8:32:9f:30:d0:b4:10:89:8f:0a: f5:eb:ba:ef:cd:79:06:86:0a:49:1b:4a:06:de:26: f9:a1:34:fd:55:0e:b7:70:fc:81:7d:66:7a:ef:a3: 97:92:03:4b:42:10:6a:ca:9d:2b:9b:a3:14:13:9c: 44:ef:f5:38:c0:8a:ab:4c:c1:5d:bf:e8:af:b1:92: ac:e2:5a:48:bd:51:04:f9:9d:46:5d:c2:e3:ae:89: e8:92:ce:95:b3:b5:3e:73:a3:5e:ea:d0:e9:87:74: 69:ab:d9:79:9c:1e:20:0a:e2:42:09:9f:27:19:75: ed:4c:be:7d:ea:7d:0c:e3:4e:30:ed:60:47:12:f3: 27:a0:12:b3:66:2f:01:db:17:90:8e:5a:3b:36:dc: e0:47:2b:24:c7:dc:aa:73:f1:a7:88:53:e3:e7:38: ff:0c:09:04:79:fa:bb:82:ce:d5:bb:7d:7f:a6:d0: 1d:83:b4:08:c6:f5:52:72:d8:b0:d8:b7:a5:2d:f7: d9:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:00:CE:E3:3E:1D:1E:4F:44:CA:10:83:4E:C2:5C:0D:D2:3E:18:82 X509v3 Authority Key Identifier: keyid:E6:22:C8:11:4F:3F:24:AA:6A:80:7C:81:41:E3:96:4B:55:1B:B9:30 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EEEB8/8E0F2CB61DA111E2B906BC9308B02CD2/5iLIEU8_JKpqgHyBQeOWS1UbuTA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5iLIEU8_JKpqgHyBQeOWS1UbuTA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EEEB8/8E0F2CB61DA111E2B906BC9308B02CD2/70B22B22950D11F0ACB76B28C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.136.122.0/23 103.195.14.0/23 203.176.158.0/23 IPv6: 2404:8e80:2::/47 Signature Algorithm: sha256WithRSAEncryption 3a:67:2d:b3:c3:5e:60:e9:d8:bc:ac:4d:1c:68:c1:d6:d5:de: ba:49:23:72:9a:d8:89:8d:2b:c7:fd:e1:d7:d6:74:7b:cc:4c: 8f:42:68:27:29:09:7a:39:43:58:78:ae:4f:f8:ac:a2:7e:e1: 97:a9:71:d3:4b:2a:de:8c:0c:ea:68:36:b2:9a:80:e7:b5:ab: 59:12:0a:8e:83:92:ba:e5:3c:d0:8b:79:e8:06:1b:35:eb:8e: 76:17:1a:5f:22:5f:b6:50:e4:b2:37:bd:a8:3a:fc:ee:ad:a7: 1e:cd:2c:c6:5a:4d:62:4a:09:a0:b7:cf:81:fb:65:fe:3f:ff: c4:fa:67:ce:bd:df:c3:28:de:00:c0:8a:38:a7:0b:61:f5:ab: 7c:34:12:46:dc:2c:da:d2:0e:78:71:23:3b:41:cd:e6:f2:47: 6b:96:8c:e3:47:e4:06:b8:c9:56:78:e9:0b:ef:3a:cb:0a:ec: 92:fe:ca:5f:3c:c3:97:73:67:1f:dc:0b:0e:b4:3c:04:6e:4f: 16:61:4b:63:c1:e6:71:5b:14:bf:5c:d7:d7:ff:3c:17:e7:6a: 2d:b2:70:c6:f2:bf:4b:a1:68:57:19:3a:b2:98:ae:ec:61:56: 60:9f:9c:75:bb:d2:90:99:58:bf:48:9f:8c:8b:10:98:13:ef: 06:a9:5b:f8 -----BEGIN CERTIFICATE----- MIIFjjCCBHagAwIBAgICNQkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUVFQjgxMTAvBgNVBAUTKEU2MjJDODExNEYzRjI0QUE2QTgwN0M4MTQxRTM5NjRC NTUxQkI5MzAwHhcNMjUxMDAyMTUxMTI0WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGRlOTYxYy1kOWY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwznHmQQyw8snG8FRg1QVAZp5dGBrhJidMit+K00Svty69Cm/SMoGwh+/avgl lQsIO8XrzHv/JVsE4u2VlnNGkfgynzDQtBCJjwr167rvzXkGhgpJG0oG3ib5oTT9 VQ63cPyBfWZ676OXkgNLQhBqyp0rm6MUE5xE7/U4wIqrTMFdv+ivsZKs4lpIvVEE +Z1GXcLjronoks6Vs7U+c6Ne6tDph3Rpq9l5nB4gCuJCCZ8nGXXtTL596n0M404w 7WBHEvMnoBKzZi8B2xeQjlo7NtzgRyskx9yqc/GniFPj5zj/DAkEefq7gs7Vu31/ ptAdg7QIxvVSctiw2LelLffZNQIDAQABo4ICsjCCAq4wHQYDVR0OBBYEFOgAzuM+ HR5PRMoQg07CXA3SPhiCMB8GA1UdIwQYMBaAFOYiyBFPPySqaoB8gUHjlktVG7kw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRUVCOC84RTBGMkNCNjFE QTExMUUyQjkwNkJDOTMwOEIwMkNEMi81aUxJRVU4X0pLcHFnSHlCUWVPV1MxVWJ1 VEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzVpTElFVThfSktwcWdIeUJRZU9XUzFVYnVUQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUVFQjgvOEUwRjJDQjYxREExMTFFMkI5MDZCQzkzMDhCMDJDRDIvNzBCMjJCMjI5 NTBEMTFGMEFDQjc2QjI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPAYIKwYBBQUHAQcBAf8E LTArMBgEAgABMBIDBAFniHoDBAFnww4DBAHLsJ4wDwQCAAIwCQMHASQEjoAAAjAN BgkqhkiG9w0BAQsFAAOCAQEAOmcts8NeYOnYvKxNHGjB1tXeukkjcprYiY0rx/3h 19Z0e8xMj0JoJykJejlDWHiuT/ison7hl6lx00sq3owM6mg2spqA57WrWRIKjoOS uuU80It56AYbNeuOdhcaXyJftlDksje9qDr87q2nHs0sxlpNYkoJoLfPgftl/j// xPpnzr3fwyjeAMCKOKcLYfWrfDQSRtws2tIOeHEjO0HN5vJHa5aM40fkBrjJVnjp C+86ywrskv7KXzzDl3NnH9wLDrQ8BG5PFmFLY8HmcVsUv1zX1/88F+dqLbJwxvK/ S6FoVxk6spiu7GFWYJ+cdbvSkJlYv0ifjIsQmBPvBqlb+A== -----END CERTIFICATE-----Generated at Mon Oct 20 16:40:22 2025 by rpki-client