$ rpki-client -vvf rpki.apnic.net/member_repository/A91E9721/8AEC2AC43FC411E992A3E62DC4F9AE02/16EA264C3FC611E9A0E68A30C4F9AE02.roa File: 16EA264C3FC611E9A0E68A30C4F9AE02.roa (raw, json) Hash identifier: dldKM97yEUd08i981SQo623EWErkeJZ6nMm6B405eVg= Subject key identifier: 19:89:DE:A7:8A:D7:7A:CB:84:AA:F4:FC:23:A4:0B:A7:77:F6:D8:56 Certificate issuer: /CN=A91E9721/serialNumber=7DA589CED57F1E5CC48603D1384223936E16027E Certificate serial: 1051 Authority key identifier: 7D:A5:89:CE:D5:7F:1E:5C:C4:86:03:D1:38:42:23:93:6E:16:02:7E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/faWJztV_HlzEhgPROEIjk24WAn4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E9721/8AEC2AC43FC411E992A3E62DC4F9AE02/16EA264C3FC611E9A0E68A30C4F9AE02.roa Signing time: Fri 04 Jul 2025 17:56:41 +0000 ROA not before: Fri 04 Jul 2025 17:56:41 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 45259 IP address blocks: 103.139.109.0/24 maxlen: 24 202.59.230.0/24 maxlen: 24 202.90.36.0/24 maxlen: 24 2001:df1:ba00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E9721/8AEC2AC43FC411E992A3E62DC4F9AE02/faWJztV_HlzEhgPROEIjk24WAn4.crl rsync://rpki.apnic.net/member_repository/A91E9721/8AEC2AC43FC411E992A3E62DC4F9AE02/faWJztV_HlzEhgPROEIjk24WAn4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/faWJztV_HlzEhgPROEIjk24WAn4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 17:34:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4177 (0x1051) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E9721, serialNumber=7DA589CED57F1E5CC48603D1384223936E16027E Validity Not Before: Jul 4 17:56:41 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=686815d8-2378 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:7a:4b:63:7e:53:25:bc:cd:0a:c9:66:80:19: 85:90:1a:41:ce:9f:8a:e6:91:0c:df:79:2c:8d:0d: 79:e2:58:bc:70:4d:22:43:d2:cb:31:1a:d2:88:9e: e9:2d:ce:73:b4:be:7c:8d:97:44:e3:96:0f:d4:9c: a1:dd:36:c4:1e:85:83:84:dd:d3:b0:10:78:75:44: 3e:a4:4f:ee:b5:c2:70:af:ad:99:17:48:0e:fa:24: 10:72:ba:8c:34:13:d0:72:56:ae:50:a3:6a:af:f7: a3:0e:e5:b3:14:ba:8f:9a:83:57:31:c0:22:4b:2b: 4f:ef:ef:89:40:16:0e:b5:2c:42:0d:c0:9b:74:0e: 25:36:c8:e5:40:3c:ae:b9:49:bc:43:41:f2:ab:ad: bf:22:5a:40:a7:8c:89:e9:fd:36:bb:d6:7b:b0:17: 8a:a4:80:99:c4:98:84:07:c1:46:db:bb:92:f0:d8: 76:d6:c7:a7:e6:b0:51:48:48:8e:53:48:62:22:27: 41:f6:c3:2f:3d:f9:4f:fe:23:5d:b6:1e:01:cc:c8: a0:40:73:d2:ae:cf:68:20:09:7b:0f:31:ac:eb:18: bd:25:66:d1:5f:61:c1:aa:d0:49:36:d6:93:3a:01: 2e:40:a0:17:b0:e3:41:95:7e:18:a8:c7:10:6e:f2: b0:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:89:DE:A7:8A:D7:7A:CB:84:AA:F4:FC:23:A4:0B:A7:77:F6:D8:56 X509v3 Authority Key Identifier: keyid:7D:A5:89:CE:D5:7F:1E:5C:C4:86:03:D1:38:42:23:93:6E:16:02:7E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E9721/8AEC2AC43FC411E992A3E62DC4F9AE02/faWJztV_HlzEhgPROEIjk24WAn4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/faWJztV_HlzEhgPROEIjk24WAn4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E9721/8AEC2AC43FC411E992A3E62DC4F9AE02/16EA264C3FC611E9A0E68A30C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.139.109.0/24 202.59.230.0/24 202.90.36.0/24 IPv6: 2001:df1:ba00::/48 Signature Algorithm: sha256WithRSAEncryption 43:92:fc:54:7f:5d:84:85:ca:74:c1:2f:6f:d6:1a:fc:f9:d6: 9d:78:e5:e4:4d:97:ed:9f:6a:4a:70:a8:51:37:38:7c:fd:b0: f3:59:82:97:63:2f:76:08:35:5b:f5:65:67:0e:2a:d5:ff:25: 94:bc:f6:3f:30:76:65:11:6d:0a:68:24:d5:3c:dc:f5:a0:f5: 53:06:74:c3:36:23:04:22:49:8b:69:db:18:55:e6:f5:0c:30: 6c:c5:0e:e5:91:8c:9f:05:8f:1b:ba:b6:60:19:ae:17:e5:f3: ac:18:4e:74:51:5c:0b:fd:dd:3a:7b:c9:c2:bf:fe:4f:26:11: e7:51:75:30:57:56:fc:a2:81:ef:81:c9:60:fd:0b:a8:68:ef: 99:92:9e:63:8f:a4:d3:18:ee:9f:50:ae:e5:ab:bc:f6:2f:f0: ef:f2:7b:3d:80:03:82:05:2f:ea:f3:21:4b:c7:a0:fb:7e:7a: 70:74:f2:e6:3c:f0:31:8a:f8:e6:6b:51:6c:02:8f:61:7a:68: e5:7c:db:e4:e4:6f:62:b5:0c:6d:22:48:85:d5:c2:a4:c7:97: 56:fb:86:b0:2a:9e:cd:bf:60:c9:65:05:9c:23:23:f4:98:74: 21:c4:70:94:4b:ab:4d:2d:22:97:db:2c:dd:31:97:2e:53:aa: 71:a5:c7:13 -----BEGIN CERTIFICATE----- MIIFjjCCBHagAwIBAgICEFEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTk3MjExMTAvBgNVBAUTKDdEQTU4OUNFRDU3RjFFNUNDNDg2MDNEMTM4NDIyMzkz NkUxNjAyN0UwHhcNMjUwNzA0MTc1NjQxWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODY4MTVkOC0yMzc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzHpLY35TJbzNCslmgBmFkBpBzp+K5pEM33ksjQ154li8cE0iQ9LLMRrSiJ7p Lc5ztL58jZdE45YP1Jyh3TbEHoWDhN3TsBB4dUQ+pE/utcJwr62ZF0gO+iQQcrqM NBPQclauUKNqr/ejDuWzFLqPmoNXMcAiSytP7++JQBYOtSxCDcCbdA4lNsjlQDyu uUm8Q0Hyq62/IlpAp4yJ6f02u9Z7sBeKpICZxJiEB8FG27uS8Nh21sen5rBRSEiO U0hiIidB9sMvPflP/iNdth4BzMigQHPSrs9oIAl7DzGs6xi9JWbRX2HBqtBJNtaT OgEuQKAXsONBlX4YqMcQbvKw1QIDAQABo4ICsjCCAq4wHQYDVR0OBBYEFBmJ3qeK 13rLhKr0/COkC6d39thWMB8GA1UdIwQYMBaAFH2lic7Vfx5cxIYD0ThCI5NuFgJ+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOTcyMS84QUVDMkFDNDNG QzQxMUU5OTJBM0U2MkRDNEY5QUUwMi9mYVdKenRWX0hsekVoZ1BST0VJamsyNFdB bjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ZhV0p6dFZfSGx6RWhnUFJPRUlqazI0V0FuNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTk3MjEvOEFFQzJBQzQzRkM0MTFFOTkyQTNFNjJEQzRGOUFFMDIvMTZFQTI2NEMz RkM2MTFFOUEwRTY4QTMwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPAYIKwYBBQUHAQcBAf8E LTArMBgEAgABMBIDBABni20DBADKO+YDBADKWiQwDwQCAAIwCQMHACABDfG6ADAN BgkqhkiG9w0BAQsFAAOCAQEAQ5L8VH9dhIXKdMEvb9Ya/PnWnXjl5E2X7Z9qSnCo UTc4fP2w81mCl2Mvdgg1W/VlZw4q1f8llLz2PzB2ZRFtCmgk1Tzc9aD1UwZ0wzYj BCJJi2nbGFXm9QwwbMUO5ZGMnwWPG7q2YBmuF+XzrBhOdFFcC/3dOnvJwr/+TyYR 51F1MFdW/KKB74HJYP0LqGjvmZKeY4+k0xjun1Cu5au89i/w7/J7PYADggUv6vMh S8eg+356cHTy5jzwMYr45mtRbAKPYXpo5Xzb5ORvYrUMbSJIhdXCpMeXVvuGsCqe zb9gyWUFnCMj9Jh0IcRwlEurTS0il9ss3TGXLlOqcaXHEw== -----END CERTIFICATE-----Generated at Sun Jul 20 06:43:21 2025 by rpki-client