$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/40E5348CE56411EBBDFCC829C4F9AE02.roa File: 40E5348CE56411EBBDFCC829C4F9AE02.roa (raw, json) Hash identifier: kCA1Hurknj8cHzk7XbnReJ9WgouQQMaPz0nco+Be8Eg= Subject key identifier: 39:92:C8:96:03:3C:09:FC:E0:19:AA:2A:9F:E9:D7:BC:24:0B:63:B6 Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A Certificate serial: 4D36 Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/40E5348CE56411EBBDFCC829C4F9AE02.roa Signing time: Thu 28 Aug 2025 14:54:11 +0000 ROA not before: Thu 28 Aug 2025 14:54:11 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 140807 IP address blocks: 103.21.96.0/23 maxlen: 23 103.21.100.0/23 maxlen: 23 103.139.42.0/23 maxlen: 23 103.148.254.0/23 maxlen: 23 103.162.94.0/23 maxlen: 23 103.171.94.0/23 maxlen: 23 2404:dac0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 14 Sep 2025 16:20:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19766 (0x4d36) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A560A, serialNumber=167C3B221775FEC05039468150CE814756AC6F0A Validity Not Before: Aug 28 14:54:11 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=68b06d93-142b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:b3:1c:b5:f3:94:31:2f:96:16:31:0d:33:10: aa:b5:11:b3:c6:16:4a:23:dd:f2:3c:cb:c9:86:7f: ea:5f:51:6b:18:73:67:d6:1d:0c:55:3e:99:bd:1e: 56:28:74:c8:df:4e:67:51:e5:0d:71:36:fb:2d:8d: b6:98:e3:ff:b3:25:af:80:39:5b:87:33:42:86:fd: 6f:32:43:74:96:0f:ad:bc:12:8a:09:99:bc:a3:25: 1f:33:9b:6f:1c:86:f0:f6:7e:b1:d2:a1:8a:94:7f: d6:e6:53:ee:76:02:37:3e:ec:39:a5:a9:06:be:9c: 13:01:f5:55:00:f1:61:bd:cf:06:4f:cb:15:98:1a: 5f:c0:ad:7d:31:a3:4e:05:a5:6b:fc:1e:9a:09:fd: f0:9c:ed:a5:8e:27:14:3f:b0:2c:f3:9a:d0:10:67: 80:44:11:3c:94:e4:a6:af:39:87:15:b7:a8:31:8f: c0:cc:d6:5d:cd:d6:60:9b:e0:e3:a1:3d:35:9f:75: 5b:97:f7:55:c1:49:88:1d:a8:c7:78:6d:a1:02:56: 41:17:d3:bc:36:52:6e:03:8f:7b:b1:f6:e2:6d:16: b8:35:2f:dd:51:1a:94:3e:e2:fd:d4:1f:16:75:d9: ff:6d:17:70:61:b7:d6:d2:e3:9d:88:bc:da:92:ba: 33:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:92:C8:96:03:3C:09:FC:E0:19:AA:2A:9F:E9:D7:BC:24:0B:63:B6 X509v3 Authority Key Identifier: keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/40E5348CE56411EBBDFCC829C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.21.96.0/23 103.21.100.0/23 103.139.42.0/23 103.148.254.0/23 103.162.94.0/23 103.171.94.0/23 IPv6: 2404:dac0::/48 Signature Algorithm: sha256WithRSAEncryption 40:eb:69:59:cb:77:ef:1d:10:c8:a1:38:63:c4:9e:dd:c9:ae: a4:85:0b:25:90:86:75:a4:03:ed:ca:61:c9:b7:10:c1:74:d1: f7:23:52:02:98:3e:99:5e:6a:fb:d4:1e:3d:cf:ae:31:ae:70: a2:b4:f6:dc:77:20:0d:02:85:2e:36:e3:52:bb:1e:d7:ba:96: 87:c6:8d:80:57:56:56:e5:7f:1c:86:f5:2e:db:93:36:f9:f0: fe:2e:bb:0b:45:80:1e:96:d4:47:ad:ec:4b:67:dc:0b:37:35: 5e:8f:a8:0d:93:b6:46:e5:e5:9b:5a:08:f5:ee:ed:1d:12:1e: 2f:16:ec:f1:41:c2:ae:60:8d:2d:e1:31:04:08:98:07:89:9c: ad:35:a3:94:e9:fb:c0:b2:09:a9:9a:07:33:90:97:be:cb:07: 5d:19:39:5f:3c:4d:b5:6a:99:c0:70:74:d9:7a:47:5e:56:ae: fc:cd:b2:ed:62:45:81:6f:8f:3e:00:54:a8:f2:4b:54:97:88: b3:59:c3:2f:02:4a:bc:a6:8e:b6:90:d1:e9:07:d4:d7:a1:df: 4b:f9:d0:cc:5f:39:8a:73:c7:35:0a:ae:39:50:5f:93:d4:2b: ee:8a:bf:55:fb:94:a0:e8:b0:a1:92:46:77:7a:9c:4d:40:63: f8:21:87:f4 -----BEGIN CERTIFICATE----- MIIFoDCCBIigAwIBAgICTTYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3 NTZBQzZGMEEwHhcNMjUwODI4MTQ1NDExWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGIwNmQ5My0xNDJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA07MctfOUMS+WFjENMxCqtRGzxhZKI93yPMvJhn/qX1FrGHNn1h0MVT6ZvR5W KHTI305nUeUNcTb7LY22mOP/syWvgDlbhzNChv1vMkN0lg+tvBKKCZm8oyUfM5tv HIbw9n6x0qGKlH/W5lPudgI3Puw5pakGvpwTAfVVAPFhvc8GT8sVmBpfwK19MaNO BaVr/B6aCf3wnO2ljicUP7As85rQEGeARBE8lOSmrzmHFbeoMY/AzNZdzdZgm+Dj oT01n3Vbl/dVwUmIHajHeG2hAlZBF9O8NlJuA497sfbibRa4NS/dURqUPuL91B8W ddn/bRdwYbfW0uOdiLzakroz9QIDAQABo4ICxDCCAsAwHQYDVR0OBBYEFDmSyJYD PAn84BmqKp/p17wkC2O2MB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvNDBFNTM0OENF NTY0MTFFQkJERkNDODI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTgYIKwYBBQUHAQcBAf8E PzA9MCoEAgABMCQDBAFnFWADBAFnFWQDBAFniyoDBAFnlP4DBAFnol4DBAFnq14w DwQCAAIwCQMHACQE2sAAADANBgkqhkiG9w0BAQsFAAOCAQEAQOtpWct37x0QyKE4 Y8Se3cmupIULJZCGdaQD7cphybcQwXTR9yNSApg+mV5q+9QePc+uMa5worT23Hcg DQKFLjbjUrse17qWh8aNgFdWVuV/HIb1LtuTNvnw/i67C0WAHpbUR63sS2fcCzc1 Xo+oDZO2RuXlm1oI9e7tHRIeLxbs8UHCrmCNLeExBAiYB4mcrTWjlOn7wLIJqZoH M5CXvssHXRk5XzxNtWqZwHB02XpHXlau/M2y7WJFgW+PPgBUqPJLVJeIs1nDLwJK vKaOtpDR6QfU16HfS/nQzF85inPHNQquOVBfk9Qr7oq/VfuUoOiwoZJGd3qcTUBj +CGH9A== -----END CERTIFICATE-----Generated at Mon Sep 8 05:38:31 2025 by rpki-client