$ rpki-client -vvf rpki.apnic.net/member_repository/A91F7E85/B2E0E5AE1C3411EAA8E25A5CC4F9AE02/6AFD06C0EB8B11EEA2DC1E49C4F9AE02.roa File: 6AFD06C0EB8B11EEA2DC1E49C4F9AE02.roa (raw, json) Hash identifier: Px6aMKtlWF5XwCjucHGFP24YGenLJrBION7t9QonxCU= Subject key identifier: 98:CF:A4:0E:C6:14:8B:28:F8:6E:E9:A8:E1:BF:6C:99:8E:54:2B:6D Certificate issuer: /CN=A91F7E85/serialNumber=596852D52994FBB67A6379AB1E0AF514553EE886 Certificate serial: 0C51 Authority key identifier: 59:68:52:D5:29:94:FB:B6:7A:63:79:AB:1E:0A:F5:14:55:3E:E8:86 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WWhS1SmU-7Z6Y3mrHgr1FFU-6IY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F7E85/B2E0E5AE1C3411EAA8E25A5CC4F9AE02/6AFD06C0EB8B11EEA2DC1E49C4F9AE02.roa Signing time: Fri 03 Oct 2025 05:08:21 +0000 ROA not before: Fri 03 Oct 2025 05:08:21 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 139026 IP address blocks: 103.138.164.0/23 maxlen: 23 103.138.164.0/24 maxlen: 24 103.138.165.0/24 maxlen: 24 2001:df0:4480::/48 maxlen: 48 2400:a7e0::/32 maxlen: 32 2400:a7e0::/33 maxlen: 33 2400:a7e0::/34 maxlen: 34 2400:a7e0::/38 maxlen: 38 2400:a7e0:400::/38 maxlen: 38 2400:a7e0:800::/38 maxlen: 38 2400:a7e0:c00::/38 maxlen: 38 2400:a7e0:4000::/34 maxlen: 34 2400:a7e0:8000::/33 maxlen: 33 2400:a7e0:8000::/34 maxlen: 34 2400:a7e0:c000::/34 maxlen: 34 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F7E85/B2E0E5AE1C3411EAA8E25A5CC4F9AE02/WWhS1SmU-7Z6Y3mrHgr1FFU-6IY.crl rsync://rpki.apnic.net/member_repository/A91F7E85/B2E0E5AE1C3411EAA8E25A5CC4F9AE02/WWhS1SmU-7Z6Y3mrHgr1FFU-6IY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WWhS1SmU-7Z6Y3mrHgr1FFU-6IY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 19:33:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3153 (0xc51) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F7E85, serialNumber=596852D52994FBB67A6379AB1E0AF514553EE886 Validity Not Before: Oct 3 05:08:21 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=68df5a45-22d0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:ae:16:36:bf:4d:ed:85:1b:a6:11:e5:06:03: d5:2d:cb:76:42:d4:6f:fb:ee:50:9e:29:0c:65:46: bf:8b:e4:df:61:ba:81:e3:3d:1d:e5:fb:a6:53:66: 94:84:be:2b:29:3c:15:06:23:90:4d:01:53:92:35: ff:26:f9:da:43:aa:ea:53:35:24:a3:a2:8b:66:e3: 9e:38:7e:51:50:c8:03:78:b4:ea:7d:2d:a9:51:b4: 55:16:a8:49:a9:c9:b6:6b:2a:85:bd:01:7c:4d:05: 6c:70:16:33:75:d7:c9:82:79:a2:5e:f6:24:1a:0a: 5c:49:d7:5b:73:0f:72:c5:99:09:02:e2:8e:2f:d7: b8:f8:59:58:94:cd:0d:71:7a:07:5c:db:79:3d:e8: e8:34:4a:bb:93:7e:01:f6:ec:99:26:e2:e9:1c:9b: bc:00:4d:17:40:1b:14:3e:a4:e4:d2:94:33:b3:51: 1d:4e:00:81:95:1f:d0:d5:85:71:6a:cf:20:49:78: e3:28:e1:b4:ac:94:78:05:de:67:df:a6:bc:da:b6: 8f:83:43:5d:b8:90:38:8d:c8:9e:5c:40:c7:a3:b0: 5c:50:39:6b:10:c6:ec:c5:8f:46:ef:55:71:bc:70: ad:e1:5e:2d:c5:b2:a8:93:11:8a:10:a0:70:52:20: d1:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:CF:A4:0E:C6:14:8B:28:F8:6E:E9:A8:E1:BF:6C:99:8E:54:2B:6D X509v3 Authority Key Identifier: keyid:59:68:52:D5:29:94:FB:B6:7A:63:79:AB:1E:0A:F5:14:55:3E:E8:86 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F7E85/B2E0E5AE1C3411EAA8E25A5CC4F9AE02/WWhS1SmU-7Z6Y3mrHgr1FFU-6IY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WWhS1SmU-7Z6Y3mrHgr1FFU-6IY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F7E85/B2E0E5AE1C3411EAA8E25A5CC4F9AE02/6AFD06C0EB8B11EEA2DC1E49C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.138.164.0/23 IPv6: 2001:df0:4480::/48 2400:a7e0::/32 Signature Algorithm: sha256WithRSAEncryption ba:08:31:2f:90:e1:62:f1:60:0d:7a:4b:9f:c5:e0:bf:9c:71: 83:49:4f:0b:32:c5:b5:59:c0:e9:36:2b:e2:3d:0b:7a:14:0a: 6b:b0:3a:17:6d:81:42:e3:2b:a0:23:2f:06:aa:93:58:af:a5: af:45:43:90:d2:93:7b:1d:fc:f5:df:69:0e:b9:72:60:bf:e7: 1e:80:41:10:c6:b6:5d:2e:26:45:1c:ac:48:7d:23:d7:f4:d1: 7b:6b:b0:d6:d2:4b:8d:41:ef:d1:29:1d:fd:1b:ed:f7:13:ec: a2:4d:8d:95:23:e2:03:8e:bf:21:71:f3:37:77:3f:ae:08:3f: 3a:d8:b1:d6:82:d1:88:60:54:a1:0d:19:01:33:39:d9:5f:c3: ab:61:e3:84:be:51:27:0b:15:ed:02:b0:5c:97:f2:e4:5d:70: 4f:74:a6:2c:45:37:26:9d:52:e7:58:e8:d9:5e:84:15:95:10: 71:ac:7e:08:5a:20:7f:81:c7:dc:1b:36:af:00:9c:b4:9e:f2: 64:4e:fe:30:87:aa:35:34:7b:07:33:51:64:12:48:0c:2f:11: ab:91:07:b7:f0:fb:f8:f1:d3:9e:ff:4e:88:98:59:db:37:8d: 7b:49:ce:be:85:6f:a3:1b:e2:f5:3e:ff:02:e3:d5:ce:26:fc: b2:90:08:c7 -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgICDFEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjdFODUxMTAvBgNVBAUTKDU5Njg1MkQ1Mjk5NEZCQjY3QTYzNzlBQjFFMEFGNTE0 NTUzRUU4ODYwHhcNMjUxMDAzMDUwODIxWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGRmNWE0NS0yMmQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2a4WNr9N7YUbphHlBgPVLct2QtRv++5QnikMZUa/i+TfYbqB4z0d5fumU2aU hL4rKTwVBiOQTQFTkjX/JvnaQ6rqUzUko6KLZuOeOH5RUMgDeLTqfS2pUbRVFqhJ qcm2ayqFvQF8TQVscBYzddfJgnmiXvYkGgpcSddbcw9yxZkJAuKOL9e4+FlYlM0N cXoHXNt5PejoNEq7k34B9uyZJuLpHJu8AE0XQBsUPqTk0pQzs1EdTgCBlR/Q1YVx as8gSXjjKOG0rJR4Bd5n36a82raPg0NduJA4jcieXEDHo7BcUDlrEMbsxY9G71Vx vHCt4V4txbKokxGKEKBwUiDRvQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFJjPpA7G FIso+G7pqOG/bJmOVCttMB8GA1UdIwQYMBaAFFloUtUplPu2emN5qx4K9RRVPuiG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGN0U4NS9CMkUwRTVBRTFD MzQxMUVBQThFMjVBNUNDNEY5QUUwMi9XV2hTMVNtVS03WjZZM21ySGdyMUZGVS02 SVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1dXaFMxU21VLTdaNlkzbXJIZ3IxRkZVLTZJWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjdFODUvQjJFMEU1QUUxQzM0MTFFQUE4RTI1QTVDQzRGOUFFMDIvNkFGRDA2QzBF QjhCMTFFRUEyREMxRTQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E KDAmMAwEAgABMAYDBAFniqQwFgQCAAIwEAMHACABDfBEgAMFACQAp+AwDQYJKoZI hvcNAQELBQADggEBALoIMS+Q4WLxYA16S5/F4L+ccYNJTwsyxbVZwOk2K+I9C3oU CmuwOhdtgULjK6AjLwaqk1ivpa9FQ5DSk3sd/PXfaQ65cmC/5x6AQRDGtl0uJkUc rEh9I9f00XtrsNbSS41B79EpHf0b7fcT7KJNjZUj4gOOvyFx8zd3P64IPzrYsdaC 0YhgVKENGQEzOdlfw6th44S+UScLFe0CsFyX8uRdcE90pixFNyadUudY6NlehBWV EHGsfghaIH+Bx9wbNq8AnLSe8mRO/jCHqjU0ewczUWQSSAwvEauRB7fw+/jx057/ ToiYWds3jXtJzr6Fb6Mb4vU+/wLj1c4m/LKQCMc= -----END CERTIFICATE-----Generated at Mon Oct 20 09:35:03 2025 by rpki-client