$ rpki-client -vvf rpki.apnic.net/member_repository/A91415AA/3EFA241462E011EAA6D59A2CC4F9AE02/CB04F4409BE611EF8AFF947CC4F9AE02.roa File: CB04F4409BE611EF8AFF947CC4F9AE02.roa (raw, json) Hash identifier: /dfKSmCCPzovaQnLyJDXl3OjPhb/TsvQWem8YYEiMIo= Subject key identifier: 55:89:EA:B8:87:B9:D4:8E:95:87:FC:B9:3A:F4:B9:BF:F6:06:A2:08 Certificate issuer: /CN=A91415AA/serialNumber=0CFCCC5980F57E6BC84DF11B4C571935D25DACCA Certificate serial: 7D Authority key identifier: 0C:FC:CC:59:80:F5:7E:6B:C8:4D:F1:1B:4C:57:19:35:D2:5D:AC:CA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DPzMWYD1fmvITfEbTFcZNdJdrMo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91415AA/3EFA241462E011EAA6D59A2CC4F9AE02/CB04F4409BE611EF8AFF947CC4F9AE02.roa Signing time: Sun 22 Jun 2025 19:44:27 +0000 ROA not before: Sun 22 Jun 2025 19:44:27 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 139025 IP address blocks: 103.138.155.0/24 maxlen: 24 103.160.158.0/24 maxlen: 24 2001:df2:c080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91415AA/3EFA241462E011EAA6D59A2CC4F9AE02/DPzMWYD1fmvITfEbTFcZNdJdrMo.crl rsync://rpki.apnic.net/member_repository/A91415AA/3EFA241462E011EAA6D59A2CC4F9AE02/DPzMWYD1fmvITfEbTFcZNdJdrMo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DPzMWYD1fmvITfEbTFcZNdJdrMo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 19:35:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 125 (0x7d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91415AA, serialNumber=0CFCCC5980F57E6BC84DF11B4C571935D25DACCA Validity Not Before: Jun 22 19:44:27 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=68585d1b-f6f1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:41:4f:71:d7:29:c9:5c:b5:61:76:23:de:df: 6f:f6:df:14:97:e8:8b:c8:b8:91:ac:3e:f6:1e:5c: a8:cc:c6:7b:45:18:c4:f2:8a:93:09:50:34:ae:70: ed:d0:a2:82:94:74:0b:98:34:dc:5d:3a:54:54:cb: 3f:80:41:dd:cc:0b:19:c0:6c:e4:34:ae:86:b6:a0: 56:5a:a9:af:26:c4:4d:b0:d2:f3:84:91:5b:26:1b: 2a:7f:01:58:44:93:a8:23:6c:27:5c:9a:fd:7b:10: 89:7b:eb:33:4b:fb:94:1c:14:96:f6:ca:d5:f2:87: c0:24:07:aa:72:67:95:25:ff:5d:74:2b:79:37:f5: 6e:d8:e1:04:54:db:52:01:e8:6a:06:98:35:da:52: 8d:94:94:a2:6a:b2:6b:19:ca:b7:38:c4:45:88:7c: c5:11:15:32:9d:e1:e9:b9:af:e6:cb:f7:7f:9c:aa: f4:dc:54:77:ab:46:c6:a4:c5:57:1b:54:8a:63:4f: 83:a4:7d:d0:9d:65:8b:76:34:bd:7e:00:8c:75:4f: 91:80:3c:56:b9:16:02:12:dd:75:8d:3c:43:46:df: 9f:68:42:f2:bc:68:b1:4c:bc:34:bb:20:7d:52:a0: e9:d7:ea:21:52:81:00:84:fd:74:89:11:20:c4:ce: c6:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:89:EA:B8:87:B9:D4:8E:95:87:FC:B9:3A:F4:B9:BF:F6:06:A2:08 X509v3 Authority Key Identifier: keyid:0C:FC:CC:59:80:F5:7E:6B:C8:4D:F1:1B:4C:57:19:35:D2:5D:AC:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91415AA/3EFA241462E011EAA6D59A2CC4F9AE02/DPzMWYD1fmvITfEbTFcZNdJdrMo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DPzMWYD1fmvITfEbTFcZNdJdrMo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91415AA/3EFA241462E011EAA6D59A2CC4F9AE02/CB04F4409BE611EF8AFF947CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.138.155.0/24 103.160.158.0/24 IPv6: 2001:df2:c080::/48 Signature Algorithm: sha256WithRSAEncryption 47:66:91:cc:60:44:3a:c7:c3:71:6b:fe:dc:47:38:07:1c:39: 19:fc:a2:ee:09:09:00:f1:5d:5c:24:c1:b6:1f:c5:4a:98:83: ae:5d:68:24:ed:9c:ef:bc:3e:2f:d3:22:e8:b4:bd:05:68:0b: 4b:ea:9e:3d:e9:ce:eb:e8:2e:f0:98:75:01:2d:c1:1f:fb:eb: ee:8f:2a:5b:af:1a:d8:12:4a:07:d4:28:fe:fa:f7:22:b7:83: 3f:fe:02:9b:fe:f3:d4:fb:6f:8b:c9:88:0e:d1:6b:24:4c:00: 9f:9c:52:8f:ce:a5:d6:fd:c3:78:33:a6:f1:b6:87:3d:90:03: 4e:23:33:65:4c:38:d8:e4:31:21:96:25:31:6a:48:53:d9:72: 1c:fa:68:41:88:0f:39:6c:8f:dc:b2:19:2e:50:94:86:1b:e7: 19:c8:01:4f:7e:27:b4:44:7e:27:59:ec:55:3a:74:8f:7b:a3: 2e:62:73:41:88:df:21:ea:06:e7:d0:1d:b6:a2:8d:1c:78:75: 8e:11:7a:db:36:af:a6:b2:e8:b9:fe:cd:2b:c5:18:e2:ef:36: a8:39:47:33:95:c8:b0:e4:80:5b:ce:e8:ae:dc:94:b9:c6:f8: 2a:20:fe:c9:7d:54:d8:d3:e0:f2:4a:d6:fc:35:bf:b3:50:93: 41:55:1f:ea -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgIBfTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 MTVBQTExMC8GA1UEBRMoMENGQ0NDNTk4MEY1N0U2QkM4NERGMTFCNEM1NzE5MzVE MjVEQUNDQTAeFw0yNTA2MjIxOTQ0MjdaFw0yNjA3MDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4NTg1ZDFiLWY2ZjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQChQU9x1ynJXLVhdiPe32/23xSX6IvIuJGsPvYeXKjMxntFGMTyipMJUDSucO3Q ooKUdAuYNNxdOlRUyz+AQd3MCxnAbOQ0roa2oFZaqa8mxE2w0vOEkVsmGyp/AVhE k6gjbCdcmv17EIl76zNL+5QcFJb2ytXyh8AkB6pyZ5Ul/110K3k39W7Y4QRU21IB 6GoGmDXaUo2UlKJqsmsZyrc4xEWIfMURFTKd4em5r+bL93+cqvTcVHerRsakxVcb VIpjT4OkfdCdZYt2NL1+AIx1T5GAPFa5FgIS3XWNPENG359oQvK8aLFMvDS7IH1S oOnX6iFSgQCE/XSJESDEzsb/AgMBAAGjggKsMIICqDAdBgNVHQ4EFgQUVYnquIe5 1I6Vh/y5OvS5v/YGoggwHwYDVR0jBBgwFoAUDPzMWYD1fmvITfEbTFcZNdJdrMow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQxNUFBLzNFRkEyNDE0NjJF MDExRUFBNkQ1OUEyQ0M0RjlBRTAyL0RQek1XWUQxZm12SVRmRWJURmNaTmRKZHJN by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvRFB6TVdZRDFmbXZJVGZFYlRGY1pOZEpkck1vLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 MTVBQS8zRUZBMjQxNDYyRTAxMUVBQTZENTlBMkNDNEY5QUUwMi9DQjA0RjQ0MDlC RTYxMUVGOEFGRjk0N0NDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA2BggrBgEFBQcBBwEB/wQn MCUwEgQCAAEwDAMEAGeKmwMEAGegnjAPBAIAAjAJAwcAIAEN8sCAMA0GCSqGSIb3 DQEBCwUAA4IBAQBHZpHMYEQ6x8Nxa/7cRzgHHDkZ/KLuCQkA8V1cJMG2H8VKmIOu XWgk7ZzvvD4v0yLotL0FaAtL6p496c7r6C7wmHUBLcEf++vujypbrxrYEkoH1Cj+ +vcit4M//gKb/vPU+2+LyYgO0WskTACfnFKPzqXW/cN4M6bxtoc9kANOIzNlTDjY 5DEhliUxakhT2XIc+mhBiA85bI/cshkuUJSGG+cZyAFPfie0RH4nWexVOnSPe6Mu YnNBiN8h6gbn0B22oo0ceHWOEXrbNq+msui5/s0rxRji7zaoOUczlciw5IBbzuiu 3JS5xvgqIP7JfVTY0+DyStb8Nb+zUJNBVR/q -----END CERTIFICATE-----Generated at Wed Nov 5 21:28:16 2025 by rpki-client