$ rpki-client -vvf rpki.apnic.net/member_repository/A912438F/C7590BD625AE11EB8EEC220AC4F9AE02/5C95BDC0C12E11EEA47CBB59C4F9AE02.roa File: 5C95BDC0C12E11EEA47CBB59C4F9AE02.roa (raw, json) Hash identifier: pfFLA6S00NJF9wnUh3eyO3xPwlEBQIG4Qg4AiW8MLVQ= Subject key identifier: A4:67:D9:80:48:43:66:23:35:07:37:25:00:13:E6:0A:3A:2F:AD:04 Certificate issuer: /CN=A912438F/serialNumber=C888D1EEE04BEF3E815F09DDFA19193D699B4F47 Certificate serial: 0796 Authority key identifier: C8:88:D1:EE:E0:4B:EF:3E:81:5F:09:DD:FA:19:19:3D:69:9B:4F:47 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yIjR7uBL7z6BXwnd-hkZPWmbT0c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912438F/C7590BD625AE11EB8EEC220AC4F9AE02/5C95BDC0C12E11EEA47CBB59C4F9AE02.roa Signing time: Wed 13 Aug 2025 14:22:51 +0000 ROA not before: Wed 13 Aug 2025 14:22:51 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 139325 IP address blocks: 103.158.158.0/23 maxlen: 23 103.158.158.0/24 maxlen: 24 103.158.159.0/24 maxlen: 24 2001:df5:5b80::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912438F/C7590BD625AE11EB8EEC220AC4F9AE02/yIjR7uBL7z6BXwnd-hkZPWmbT0c.crl rsync://rpki.apnic.net/member_repository/A912438F/C7590BD625AE11EB8EEC220AC4F9AE02/yIjR7uBL7z6BXwnd-hkZPWmbT0c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yIjR7uBL7z6BXwnd-hkZPWmbT0c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 02 Nov 2025 22:11:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1942 (0x796) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912438F, serialNumber=C888D1EEE04BEF3E815F09DDFA19193D699B4F47 Validity Not Before: Aug 13 14:22:51 2025 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=689c9fbb-159e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:37:4f:1a:50:a9:cc:4c:c8:f9:00:6f:4f:be: cc:b5:0c:1f:4f:af:b6:37:7d:70:4e:de:ef:b4:22: 76:fa:b6:95:dc:8f:6e:99:9c:dd:72:d4:07:93:29: 7a:de:27:6a:29:d1:86:76:a7:34:69:0e:1c:aa:83: 82:bb:8e:e6:1d:40:e4:0c:48:6b:26:48:b8:16:03: e5:14:9d:12:80:4e:d0:d6:6f:3b:d7:14:7d:ff:da: ab:c3:d5:62:58:7a:ee:86:b5:5b:10:08:47:2a:ce: 09:42:d9:59:10:be:56:3e:83:1e:df:1f:f4:83:2d: 42:6d:16:1b:47:36:77:fe:81:7d:03:b8:de:1b:9f: 99:ea:33:f0:35:15:ce:13:3a:b9:aa:58:dc:44:4b: 6f:5d:de:f6:9c:c4:39:54:d8:45:55:23:d1:04:7e: 5d:ca:36:65:cb:92:4c:d5:52:ce:75:02:d9:5f:28: 97:2e:6e:bf:00:62:51:b6:e7:f3:a7:d0:95:cf:f8: 08:e4:aa:32:3e:a6:2c:be:6e:ba:9c:95:fa:ff:23: 87:0e:33:d5:28:b0:1c:a1:c9:2c:d0:e1:30:35:4f: 42:3a:c3:df:ec:b6:5b:6d:b9:04:3c:72:48:bf:75: 69:9e:7b:1e:ac:72:95:0b:0b:bd:65:52:c3:f1:46: a1:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:67:D9:80:48:43:66:23:35:07:37:25:00:13:E6:0A:3A:2F:AD:04 X509v3 Authority Key Identifier: keyid:C8:88:D1:EE:E0:4B:EF:3E:81:5F:09:DD:FA:19:19:3D:69:9B:4F:47 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912438F/C7590BD625AE11EB8EEC220AC4F9AE02/yIjR7uBL7z6BXwnd-hkZPWmbT0c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yIjR7uBL7z6BXwnd-hkZPWmbT0c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912438F/C7590BD625AE11EB8EEC220AC4F9AE02/5C95BDC0C12E11EEA47CBB59C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.158.158.0/23 IPv6: 2001:df5:5b80::/48 Signature Algorithm: sha256WithRSAEncryption 7f:20:01:8a:6b:a9:e8:c8:5f:2a:31:a9:7d:a7:f9:c0:8b:02: 59:4e:30:cb:d6:3d:8f:3f:dd:46:1e:de:9d:55:b3:0a:e4:0b: 01:eb:52:41:1d:e3:1a:ae:f5:9c:88:d4:0c:b4:a1:80:f8:28: b4:84:d3:0f:45:56:52:94:4e:9f:58:c9:60:57:17:ef:95:d8: db:c5:d2:1a:5a:4e:aa:b8:be:8f:d9:34:ea:16:7e:5d:04:4a: 26:93:2f:6c:78:81:cc:61:76:87:21:3d:f3:08:da:09:62:b4: a2:75:c1:d4:cb:3f:82:3a:6c:2b:8b:6a:65:a0:f7:0a:e7:e0: 8c:76:d4:06:03:82:87:23:69:51:23:2f:90:da:e9:90:b9:5e: 41:3a:64:f1:9c:ff:da:c8:6b:49:70:ca:13:9e:77:ad:0c:43: 75:9f:e9:40:de:eb:8b:b5:1d:65:1d:e5:d3:95:77:4b:4b:f2: 3d:c6:91:a6:ac:16:03:03:2e:53:4b:f9:92:d2:4d:bc:65:76: 8d:1a:71:af:9d:58:62:20:c3:48:f7:9c:6f:76:2b:b0:ad:af: cc:65:f9:44:24:c8:40:3c:87:7f:26:fb:cc:7a:c3:d0:70:9e: 4e:40:34:e9:d1:e9:84:8f:6f:4e:95:08:3d:91:e6:64:5b:fc: 1d:49:12:cd -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICB5YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjQzOEYxMTAvBgNVBAUTKEM4ODhEMUVFRTA0QkVGM0U4MTVGMDlEREZBMTkxOTNE Njk5QjRGNDcwHhcNMjUwODEzMTQyMjUxWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02ODljOWZiYi0xNTllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApjdPGlCpzEzI+QBvT77MtQwfT6+2N31wTt7vtCJ2+raV3I9umZzdctQHkyl6 3idqKdGGdqc0aQ4cqoOCu47mHUDkDEhrJki4FgPlFJ0SgE7Q1m871xR9/9qrw9Vi WHruhrVbEAhHKs4JQtlZEL5WPoMe3x/0gy1CbRYbRzZ3/oF9A7jeG5+Z6jPwNRXO Ezq5qljcREtvXd72nMQ5VNhFVSPRBH5dyjZly5JM1VLOdQLZXyiXLm6/AGJRtufz p9CVz/gI5KoyPqYsvm66nJX6/yOHDjPVKLAcocks0OEwNU9COsPf7LZbbbkEPHJI v3VpnnserHKVCwu9ZVLD8UahZQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFKRn2YBI Q2YjNQc3JQAT5go6L60EMB8GA1UdIwQYMBaAFMiI0e7gS+8+gV8J3foZGT1pm09H MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNDM4Ri9DNzU5MEJENjI1 QUUxMUVCOEVFQzIyMEFDNEY5QUUwMi95SWpSN3VCTDd6NkJYd25kLWhrWlBXbWJU MGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lJalI3dUJMN3o2Qlh3bmQtaGtaUFdtYlQwYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MjQzOEYvQzc1OTBCRDYyNUFFMTFFQjhFRUMyMjBBQzRGOUFFMDIvNUM5NUJEQzBD MTJFMTFFRUE0N0NCQjU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAFnnp4wDwQCAAIwCQMHACABDfVbgDANBgkqhkiG9w0BAQsF AAOCAQEAfyABimup6MhfKjGpfaf5wIsCWU4wy9Y9jz/dRh7enVWzCuQLAetSQR3j Gq71nIjUDLShgPgotITTD0VWUpROn1jJYFcX75XY28XSGlpOqri+j9k06hZ+XQRK JpMvbHiBzGF2hyE98wjaCWK0onXB1Ms/gjpsK4tqZaD3CufgjHbUBgOChyNpUSMv kNrpkLleQTpk8Zz/2shrSXDKE553rQxDdZ/pQN7ri7UdZR3l05V3S0vyPcaRpqwW AwMuU0v5ktJNvGV2jRpxr51YYiDDSPecb3YrsK2vzGX5RCTIQDyHfyb7zHrD0HCe TkA06dHphI9vTpUIPZHmZFv8HUkSzQ== -----END CERTIFICATE-----Generated at Mon Oct 27 22:47:46 2025 by rpki-client