$ rpki-client -vvf rpki.apnic.net/member_repository/A9145D25/67F2B0D80BD211ECBAA4806AC4F9AE02/131FA4B092AD11F0AF4F4C85C4F9AE02.roa File: 131FA4B092AD11F0AF4F4C85C4F9AE02.roa (raw, json) Hash identifier: 2I5Ge7KBh0e5lEpfrh8ZbOfF9fHkRChHLpkEq2RW7oE= Subject key identifier: 58:4B:B3:88:96:AB:20:21:E8:10:85:F2:69:67:51:2D:44:4A:42:5D Certificate issuer: /CN=A9145D25/serialNumber=C2F28E9D188439C4FE69F63A4CAA6DA42496291D Certificate serial: 0598 Authority key identifier: C2:F2:8E:9D:18:84:39:C4:FE:69:F6:3A:4C:AA:6D:A4:24:96:29:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wvKOnRiEOcT-afY6TKptpCSWKR0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9145D25/67F2B0D80BD211ECBAA4806AC4F9AE02/131FA4B092AD11F0AF4F4C85C4F9AE02.roa Signing time: Tue 16 Sep 2025 03:27:30 +0000 ROA not before: Tue 16 Sep 2025 03:27:30 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 209242 IP address blocks: 103.135.208.0/22 maxlen: 22 103.172.110.0/23 maxlen: 23 103.204.13.0/24 maxlen: 24 203.168.128.0/22 maxlen: 22 222.167.32.0/22 maxlen: 22 2001:df7:6e80::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9145D25/67F2B0D80BD211ECBAA4806AC4F9AE02/wvKOnRiEOcT-afY6TKptpCSWKR0.crl rsync://rpki.apnic.net/member_repository/A9145D25/67F2B0D80BD211ECBAA4806AC4F9AE02/wvKOnRiEOcT-afY6TKptpCSWKR0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wvKOnRiEOcT-afY6TKptpCSWKR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 23 Sep 2025 23:51:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1432 (0x598) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9145D25, serialNumber=C2F28E9D188439C4FE69F63A4CAA6DA42496291D Validity Not Before: Sep 16 03:27:30 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68c8d921-f8dd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:02:b9:1a:3e:d0:64:01:0d:b5:e4:fb:f9:e9: 0a:35:e6:cc:8a:0b:20:71:5e:a1:fe:65:f0:f0:53: 42:81:88:cd:41:c4:5f:72:30:fb:24:7c:f4:29:c8: 31:ab:71:8a:ea:68:c5:1d:de:1a:fc:39:20:57:e9: 13:3e:dd:de:0d:af:43:49:a7:50:6d:2f:db:9a:b8: a0:07:0f:72:ca:6d:56:35:47:1b:31:73:68:e2:39: 8c:86:78:31:0a:89:ab:3e:c0:02:94:4e:f7:18:39: 00:10:17:ed:41:ff:64:61:14:f7:42:bc:bd:ef:24: 46:d0:34:95:b5:40:cd:14:39:49:14:05:b0:11:fe: 4a:01:78:f6:a9:ce:20:eb:38:e1:dc:45:3a:9c:a7: 8c:de:f4:bd:fd:4b:64:e3:8e:0e:1a:51:09:c8:53: e5:27:1f:ae:d5:3e:3e:98:70:e6:16:50:6e:48:a0: cb:ff:4d:01:a6:31:d4:63:45:8b:f5:92:b6:42:1e: 14:53:3e:a4:b3:18:11:d0:ba:af:d2:21:1a:ec:eb: 0b:70:cd:85:05:fa:09:d0:1b:c6:e6:7e:e8:82:48: 6d:0d:e2:83:9a:4c:58:f0:14:02:5b:72:bc:6d:20: 2a:ea:b1:6a:4a:df:8f:a0:01:84:85:c6:4a:01:69: c7:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:4B:B3:88:96:AB:20:21:E8:10:85:F2:69:67:51:2D:44:4A:42:5D X509v3 Authority Key Identifier: keyid:C2:F2:8E:9D:18:84:39:C4:FE:69:F6:3A:4C:AA:6D:A4:24:96:29:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9145D25/67F2B0D80BD211ECBAA4806AC4F9AE02/wvKOnRiEOcT-afY6TKptpCSWKR0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wvKOnRiEOcT-afY6TKptpCSWKR0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9145D25/67F2B0D80BD211ECBAA4806AC4F9AE02/131FA4B092AD11F0AF4F4C85C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.135.208.0/22 103.172.110.0/23 103.204.13.0/24 203.168.128.0/22 222.167.32.0/22 IPv6: 2001:df7:6e80::/48 Signature Algorithm: sha256WithRSAEncryption 5e:21:44:ad:c6:c6:b0:9f:2e:0c:57:88:93:4f:c6:34:60:ce: 60:82:cb:93:64:94:68:ee:0a:2c:c2:e5:35:09:04:06:f3:19: fa:7d:17:b2:84:b8:76:d7:b3:54:68:c9:78:0f:bb:6e:e6:09: 25:e4:b8:5e:c1:5d:e5:e4:fc:34:f2:c6:7e:24:cb:2e:dd:ce: dd:5b:c3:07:71:54:15:70:fe:bc:63:20:02:6f:9c:66:d3:58: 73:c5:70:82:41:19:f8:f7:50:1e:90:70:02:35:a6:d6:d6:75: a1:e1:f7:6c:5d:20:0a:3e:f8:c7:d7:b9:a7:b9:36:07:68:27: 0c:aa:4e:1b:39:a9:f4:65:58:ee:82:48:c4:96:1e:da:55:46: f3:28:d0:b2:70:d7:06:52:89:45:98:6d:56:48:95:b6:91:7d: a3:51:0a:55:fc:39:03:90:53:7b:a2:64:53:59:8f:50:c7:79: 1f:9f:b9:f7:49:1f:fc:dd:fe:63:36:d0:cb:db:23:3c:8e:a9: 95:85:e1:a1:9a:2b:c4:f9:df:2c:24:54:1c:d5:aa:54:73:1b: 1e:9b:c0:b9:93:46:7d:62:ac:86:ec:84:7b:b3:40:89:bc:ba: d8:0e:71:dc:48:e6:4a:f5:cc:44:64:ec:cd:35:a1:40:e5:09: 1f:8b:63:dd -----BEGIN CERTIFICATE----- MIIFmjCCBIKgAwIBAgICBZgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDVEMjUxMTAvBgNVBAUTKEMyRjI4RTlEMTg4NDM5QzRGRTY5RjYzQTRDQUE2REE0 MjQ5NjI5MUQwHhcNMjUwOTE2MDMyNzMwWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGM4ZDkyMS1mOGRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApgK5Gj7QZAENteT7+ekKNebMigsgcV6h/mXw8FNCgYjNQcRfcjD7JHz0Kcgx q3GK6mjFHd4a/DkgV+kTPt3eDa9DSadQbS/bmrigBw9yym1WNUcbMXNo4jmMhngx ComrPsAClE73GDkAEBftQf9kYRT3Qry97yRG0DSVtUDNFDlJFAWwEf5KAXj2qc4g 6zjh3EU6nKeM3vS9/Utk444OGlEJyFPlJx+u1T4+mHDmFlBuSKDL/00BpjHUY0WL 9ZK2Qh4UUz6ksxgR0Lqv0iEa7OsLcM2FBfoJ0BvG5n7ogkhtDeKDmkxY8BQCW3K8 bSAq6rFqSt+PoAGEhcZKAWnHJwIDAQABo4ICvjCCArowHQYDVR0OBBYEFFhLs4iW qyAh6BCF8mlnUS1ESkJdMB8GA1UdIwQYMBaAFMLyjp0YhDnE/mn2OkyqbaQklikd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NUQyNS82N0YyQjBEODBC RDIxMUVDQkFBNDgwNkFDNEY5QUUwMi93dktPblJpRU9jVC1hZlk2VEtwdHBDU1dL UjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3d2S09uUmlFT2NULWFmWTZUS3B0cENTV0tSMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDVEMjUvNjdGMkIwRDgwQkQyMTFFQ0JBQTQ4MDZBQzRGOUFFMDIvMTMxRkE0QjA5 MkFEMTFGMEFGNEY0Qzg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSAYIKwYBBQUHAQcBAf8E OTA3MCQEAgABMB4DBAJnh9ADBAFnrG4DBABnzA0DBALLqIADBALepyAwDwQCAAIw CQMHACABDfdugDANBgkqhkiG9w0BAQsFAAOCAQEAXiFErcbGsJ8uDFeIk0/GNGDO YILLk2SUaO4KLMLlNQkEBvMZ+n0XsoS4dtezVGjJeA+7buYJJeS4XsFd5eT8NPLG fiTLLt3O3VvDB3FUFXD+vGMgAm+cZtNYc8VwgkEZ+PdQHpBwAjWm1tZ1oeH3bF0g Cj74x9e5p7k2B2gnDKpOGzmp9GVY7oJIxJYe2lVG8yjQsnDXBlKJRZhtVkiVtpF9 o1EKVfw5A5BTe6JkU1mPUMd5H5+590kf/N3+YzbQy9sjPI6plYXhoZorxPnfLCRU HNWqVHMbHpvAuZNGfWKshuyEe7NAiby62A5x3EjmSvXMRGTszTWhQOUJH4tj3Q== -----END CERTIFICATE-----Generated at Wed Sep 17 23:26:49 2025 by rpki-client