$ rpki-client -vvf rpki.apnic.net/member_repository/A916A314/70D3B36A595211EBA6D78048C4F9AE02/ED7C5416CD3711EDB6A0F37BC4F9AE02.roa File: ED7C5416CD3711EDB6A0F37BC4F9AE02.roa (raw, json) Hash identifier: wIAUJo6pLOtcdDl/q+XVckYcgHnVKsYs5npKOOs0/x0= Subject key identifier: F1:6D:11:D0:38:08:4D:EA:4F:01:CA:B3:8F:C5:EF:D4:53:8F:C3:12 Certificate issuer: /CN=A916A314/serialNumber=214A5F22AA501B218B0E6015D1E0FBA1C8E43F24 Certificate serial: 0717 Authority key identifier: 21:4A:5F:22:AA:50:1B:21:8B:0E:60:15:D1:E0:FB:A1:C8:E4:3F:24 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IUpfIqpQGyGLDmAV0eD7ocjkPyQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916A314/70D3B36A595211EBA6D78048C4F9AE02/ED7C5416CD3711EDB6A0F37BC4F9AE02.roa Signing time: Tue 02 Sep 2025 22:42:42 +0000 ROA not before: Tue 02 Sep 2025 22:42:42 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 7545 IP address blocks: 103.99.101.0/24 maxlen: 24 103.242.49.0/24 maxlen: 24 2001:df3:d000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916A314/70D3B36A595211EBA6D78048C4F9AE02/IUpfIqpQGyGLDmAV0eD7ocjkPyQ.crl rsync://rpki.apnic.net/member_repository/A916A314/70D3B36A595211EBA6D78048C4F9AE02/IUpfIqpQGyGLDmAV0eD7ocjkPyQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IUpfIqpQGyGLDmAV0eD7ocjkPyQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 11 Sep 2025 22:11:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1815 (0x717) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916A314, serialNumber=214A5F22AA501B218B0E6015D1E0FBA1C8E43F24 Validity Not Before: Sep 2 22:42:42 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68b772e2-7f68 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:50:5b:3d:be:b8:7b:69:c2:70:3c:81:f8:b5: e2:72:40:69:89:74:16:1a:f4:0c:32:ed:59:a0:d7: e3:84:27:c6:9d:fb:3e:bf:3b:4f:47:66:c7:27:bf: 71:21:79:46:4a:d4:10:a7:a7:66:c4:56:25:71:e9: a1:79:1a:ad:0a:2c:2d:ca:42:f9:e4:36:6d:f8:34: 93:91:ee:6e:24:c5:f7:be:d9:9c:1d:8f:d2:98:51: ba:4b:65:29:94:bb:d5:a5:21:15:26:34:97:ed:bd: 0e:b1:bb:ca:c3:d3:23:05:66:1e:31:a4:2a:fa:02: 5d:02:d1:06:36:d4:7a:d1:33:db:b1:b9:f5:a0:10: a0:ba:a3:e1:ee:23:b3:15:45:92:c2:0c:f2:74:ad: d4:61:8b:0e:11:77:8a:0f:a7:cf:bf:b0:00:96:75: 59:60:00:f8:6d:04:2b:98:48:cd:f8:f6:2d:55:98: f6:2e:0f:b1:00:ec:45:2d:97:27:8f:04:75:6e:b4: c4:82:49:01:b8:69:be:af:41:b3:53:0d:f9:a5:a3: 4a:fa:14:7d:c6:a7:a7:5b:af:f3:54:7e:2b:5b:1d: ec:35:bf:57:44:bd:df:1b:8f:a9:2e:c8:f2:8d:98: e2:3b:93:35:d4:6f:26:c0:67:b8:da:d6:90:c1:7e: 1b:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:6D:11:D0:38:08:4D:EA:4F:01:CA:B3:8F:C5:EF:D4:53:8F:C3:12 X509v3 Authority Key Identifier: keyid:21:4A:5F:22:AA:50:1B:21:8B:0E:60:15:D1:E0:FB:A1:C8:E4:3F:24 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916A314/70D3B36A595211EBA6D78048C4F9AE02/IUpfIqpQGyGLDmAV0eD7ocjkPyQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IUpfIqpQGyGLDmAV0eD7ocjkPyQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916A314/70D3B36A595211EBA6D78048C4F9AE02/ED7C5416CD3711EDB6A0F37BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.99.101.0/24 103.242.49.0/24 IPv6: 2001:df3:d000::/48 Signature Algorithm: sha256WithRSAEncryption 53:6b:1b:89:cd:ee:82:14:28:d0:7c:d7:29:57:fb:b9:ef:06: 99:6a:15:9d:66:de:9d:fd:3b:d0:c4:97:af:cf:ba:76:46:2b: b8:3c:42:10:d6:45:2d:e3:79:c6:50:ba:bb:15:d6:a4:55:6e: 4f:63:77:7e:76:be:ac:b7:be:58:a7:3c:8c:3a:0f:bf:9b:4d: 07:5a:34:ed:e1:f5:fe:82:05:42:06:e0:70:50:91:ea:4d:30: 46:dc:fe:04:f8:82:b4:e4:ad:5d:7f:fb:0f:27:05:5a:61:1c: 3e:ea:47:4c:b1:81:fd:3f:ec:96:b4:5d:bb:32:9d:a4:1d:ac: b9:35:8f:79:28:fb:32:47:e5:72:7a:e9:06:a1:d2:17:49:03: 20:92:31:c9:77:e0:90:34:fe:ec:f1:25:83:89:34:57:89:14: ee:90:2f:05:df:9e:c6:a9:15:a3:4e:cf:64:2f:f9:21:17:bd: 25:36:bb:53:a3:dc:60:bc:8c:43:de:86:2e:ff:dd:54:50:c9: 81:f5:55:21:74:ca:2c:8f:14:e7:41:a9:79:8e:ca:5c:1c:17: a4:25:97:58:2b:fe:90:c4:33:69:5d:f5:3f:a0:be:7f:2a:3e: 86:32:df:8e:37:91:8d:f8:23:80:fa:3c:f0:da:95:76:d4:70: 43:cc:b6:62 -----BEGIN CERTIFICATE----- MIIFiDCCBHCgAwIBAgICBxcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkEzMTQxMTAvBgNVBAUTKDIxNEE1RjIyQUE1MDFCMjE4QjBFNjAxNUQxRTBGQkEx QzhFNDNGMjQwHhcNMjUwOTAyMjI0MjQyWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGI3NzJlMi03ZjY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0VBbPb64e2nCcDyB+LXickBpiXQWGvQMMu1ZoNfjhCfGnfs+vztPR2bHJ79x IXlGStQQp6dmxFYlcemheRqtCiwtykL55DZt+DSTke5uJMX3vtmcHY/SmFG6S2Up lLvVpSEVJjSX7b0OsbvKw9MjBWYeMaQq+gJdAtEGNtR60TPbsbn1oBCguqPh7iOz FUWSwgzydK3UYYsOEXeKD6fPv7AAlnVZYAD4bQQrmEjN+PYtVZj2Lg+xAOxFLZcn jwR1brTEgkkBuGm+r0GzUw35paNK+hR9xqenW6/zVH4rWx3sNb9XRL3fG4+pLsjy jZjiO5M11G8mwGe42taQwX4bIwIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFPFtEdA4 CE3qTwHKs4/F79RTj8MSMB8GA1UdIwQYMBaAFCFKXyKqUBshiw5gFdHg+6HI5D8k MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QTMxNC83MEQzQjM2QTU5 NTIxMUVCQTZENzgwNDhDNEY5QUUwMi9JVXBmSXFwUUd5R0xEbUFWMGVEN29jamtQ eVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lVcGZJcXBRR3lHTERtQVYwZUQ3b2Nqa1B5US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NkEzMTQvNzBEM0IzNkE1OTUyMTFFQkE2RDc4MDQ4QzRGOUFFMDIvRUQ3QzU0MTZD RDM3MTFFREI2QTBGMzdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E JzAlMBIEAgABMAwDBABnY2UDBABn8jEwDwQCAAIwCQMHACABDfPQADANBgkqhkiG 9w0BAQsFAAOCAQEAU2sbic3ughQo0HzXKVf7ue8GmWoVnWbenf070MSXr8+6dkYr uDxCENZFLeN5xlC6uxXWpFVuT2N3fna+rLe+WKc8jDoPv5tNB1o07eH1/oIFQgbg cFCR6k0wRtz+BPiCtOStXX/7DycFWmEcPupHTLGB/T/slrRduzKdpB2suTWPeSj7 MkflcnrpBqHSF0kDIJIxyXfgkDT+7PElg4k0V4kU7pAvBd+exqkVo07PZC/5IRe9 JTa7U6PcYLyMQ96GLv/dVFDJgfVVIXTKLI8U50GpeY7KXBwXpCWXWCv+kMQzaV31 P6C+fyo+hjLfjjeRjfgjgPo88NqVdtRwQ8y2Yg== -----END CERTIFICATE-----Generated at Sat Sep 6 09:43:43 2025 by rpki-client