$ rpki-client -vvf rpki.apnic.net/member_repository/A91B06CA/D2E00872776C11EC8ECA4633C4F9AE02/8EB98374776E11ECA05F7133C4F9AE02.roa File: 8EB98374776E11ECA05F7133C4F9AE02.roa (raw, json) Hash identifier: VmrxYzvVkdO/i8G3xK4fpHSWBTRD5+zxdo/h6L8f+7g= Subject key identifier: C8:64:D0:43:E3:7A:D7:5B:EB:A8:E9:FD:B5:80:76:E9:F8:5F:E5:51 Certificate issuer: /CN=A91B06CA/serialNumber=9AF0B0EF8F3EB53F14D84FA3A6106BE64BD78272 Certificate serial: 0429 Authority key identifier: 9A:F0:B0:EF:8F:3E:B5:3F:14:D8:4F:A3:A6:10:6B:E6:4B:D7:82:72 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mvCw748-tT8U2E-jphBr5kvXgnI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B06CA/D2E00872776C11EC8ECA4633C4F9AE02/8EB98374776E11ECA05F7133C4F9AE02.roa Signing time: Wed 27 Aug 2025 01:04:56 +0000 ROA not before: Wed 27 Aug 2025 01:04:56 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 133929 IP address blocks: 103.99.72.0/22 maxlen: 22 103.99.72.0/23 maxlen: 23 103.99.72.0/24 maxlen: 24 103.99.73.0/24 maxlen: 24 103.99.74.0/23 maxlen: 23 103.99.74.0/24 maxlen: 24 103.99.75.0/24 maxlen: 24 2001:df2:5100::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B06CA/D2E00872776C11EC8ECA4633C4F9AE02/mvCw748-tT8U2E-jphBr5kvXgnI.crl rsync://rpki.apnic.net/member_repository/A91B06CA/D2E00872776C11EC8ECA4633C4F9AE02/mvCw748-tT8U2E-jphBr5kvXgnI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mvCw748-tT8U2E-jphBr5kvXgnI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Sep 2025 00:36:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1065 (0x429) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B06CA, serialNumber=9AF0B0EF8F3EB53F14D84FA3A6106BE64BD78272 Validity Not Before: Aug 27 01:04:56 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68ae59b8-1ad2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:6e:66:68:0b:47:62:25:a4:d3:bf:d2:67:f6: 14:08:d3:40:ac:33:cb:df:a5:27:b0:31:9d:82:61: 70:37:98:ee:43:28:3a:3d:90:4c:5c:70:0d:be:9b: 84:3a:f3:93:2e:79:1d:d6:29:20:0e:55:eb:5c:b3: d2:ea:4a:62:ad:36:b2:45:ab:36:09:8d:0f:64:d6: 23:e9:6e:b7:95:20:eb:b5:40:11:d2:77:ae:1a:ba: 9f:e3:93:8e:43:74:dd:d5:f8:e4:ac:b8:0c:34:75: 9c:d9:ce:97:14:0c:0f:7e:a0:da:7d:68:c4:4d:23: 67:40:c8:9c:2c:c8:c5:39:59:53:5c:af:67:3f:d6: 8e:34:7a:68:10:57:e5:1b:ed:9b:12:28:97:50:77: 6c:fc:33:59:6f:3a:f0:37:a2:9c:2d:03:53:7a:45: 57:57:f1:8b:54:02:ba:e5:f2:86:ef:d3:ca:b3:4a: f4:30:42:c6:92:d9:55:53:ad:41:26:06:68:87:67: c1:c1:12:8e:ff:8f:c4:6c:75:a7:fc:d6:8e:c0:14: 34:b0:fb:31:45:32:48:4f:c7:6e:91:69:ef:de:e4: fb:cc:a2:47:c8:ca:6d:c1:c1:9c:45:93:5f:06:b7: 5c:b8:6c:13:6f:21:da:bb:8e:c1:9f:18:f9:64:64: 74:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:64:D0:43:E3:7A:D7:5B:EB:A8:E9:FD:B5:80:76:E9:F8:5F:E5:51 X509v3 Authority Key Identifier: keyid:9A:F0:B0:EF:8F:3E:B5:3F:14:D8:4F:A3:A6:10:6B:E6:4B:D7:82:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B06CA/D2E00872776C11EC8ECA4633C4F9AE02/mvCw748-tT8U2E-jphBr5kvXgnI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mvCw748-tT8U2E-jphBr5kvXgnI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B06CA/D2E00872776C11EC8ECA4633C4F9AE02/8EB98374776E11ECA05F7133C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.99.72.0/22 IPv6: 2001:df2:5100::/48 Signature Algorithm: sha256WithRSAEncryption 72:a5:e8:71:ab:9b:f2:98:82:03:8b:e0:bd:73:21:f0:2d:dc: de:9c:f8:df:48:6a:e1:f1:fa:ab:3a:44:e0:5d:f7:d7:ed:8f: e4:cd:8a:38:d0:a2:58:b3:7f:d0:26:1e:5b:b9:f0:3b:0c:33: 79:6e:10:db:41:4b:44:80:a0:c2:ee:f7:c4:e3:aa:a5:b0:6a: a5:93:d0:98:f2:27:47:ff:e7:3f:79:43:8d:8d:29:10:65:04: 95:c1:5c:e5:45:e6:73:a3:be:79:ef:e0:bb:e2:5f:17:b5:b9: a3:d9:2b:b9:7a:4e:5b:fe:15:75:bf:95:0b:dd:4f:d0:aa:bd: de:28:9e:f4:a3:63:b1:c9:ac:15:6a:c6:62:5e:b8:5f:10:7c: 12:87:29:de:c9:12:58:16:57:9b:48:50:6c:db:8a:b0:67:ee: b8:6c:e7:58:a6:00:5f:c3:89:dc:86:bf:7e:f8:ac:55:ea:fd: 7f:01:4e:9c:cf:ff:4a:0f:62:c1:e4:b2:f6:b0:59:11:96:5f: 9b:81:8c:8d:47:15:90:ef:cd:7f:19:b4:f3:a5:c3:9e:cc:fe: 6d:5a:5c:d4:42:55:8d:36:ed:2d:af:fd:72:14:9d:5e:ec:25: c3:de:f4:07:d6:e6:7f:bf:d6:bd:01:e3:96:c7:27:13:d1:25: 6d:c2:d9:0e -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICBCkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjA2Q0ExMTAvBgNVBAUTKDlBRjBCMEVGOEYzRUI1M0YxNEQ4NEZBM0E2MTA2QkU2 NEJENzgyNzIwHhcNMjUwODI3MDEwNDU2WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGFlNTliOC0xYWQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6G5maAtHYiWk07/SZ/YUCNNArDPL36UnsDGdgmFwN5juQyg6PZBMXHANvpuE OvOTLnkd1ikgDlXrXLPS6kpirTayRas2CY0PZNYj6W63lSDrtUAR0neuGrqf45OO Q3Td1fjkrLgMNHWc2c6XFAwPfqDafWjETSNnQMicLMjFOVlTXK9nP9aONHpoEFfl G+2bEiiXUHds/DNZbzrwN6KcLQNTekVXV/GLVAK65fKG79PKs0r0MELGktlVU61B JgZoh2fBwRKO/4/EbHWn/NaOwBQ0sPsxRTJIT8dukWnv3uT7zKJHyMptwcGcRZNf BrdcuGwTbyHau47Bnxj5ZGR0UQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFMhk0EPj etdb66jp/bWAdun4X+VRMB8GA1UdIwQYMBaAFJrwsO+PPrU/FNhPo6YQa+ZL14Jy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMDZDQS9EMkUwMDg3Mjc3 NkMxMUVDOEVDQTQ2MzNDNEY5QUUwMi9tdkN3NzQ4LXRUOFUyRS1qcGhCcjVrdlhn bkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL212Q3c3NDgtdFQ4VTJFLWpwaEJyNWt2WGduSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjA2Q0EvRDJFMDA4NzI3NzZDMTFFQzhFQ0E0NjMzQzRGOUFFMDIvOEVCOTgzNzQ3 NzZFMTFFQ0EwNUY3MTMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAJnY0gwDwQCAAIwCQMHACABDfJRADANBgkqhkiG9w0BAQsF AAOCAQEAcqXocaub8piCA4vgvXMh8C3c3pz430hq4fH6qzpE4F331+2P5M2KONCi WLN/0CYeW7nwOwwzeW4Q20FLRICgwu73xOOqpbBqpZPQmPInR//nP3lDjY0pEGUE lcFc5UXmc6O+ee/gu+JfF7W5o9kruXpOW/4Vdb+VC91P0Kq93iie9KNjscmsFWrG Yl64XxB8Eocp3skSWBZXm0hQbNuKsGfuuGznWKYAX8OJ3Ia/fvisVer9fwFOnM// Sg9iweSy9rBZEZZfm4GMjUcVkO/Nfxm086XDnsz+bVpc1EJVjTbtLa/9chSdXuwl w970B9bmf7/WvQHjlscnE9ElbcLZDg== -----END CERTIFICATE-----Generated at Sat Sep 6 09:43:44 2025 by rpki-client