$ rpki-client -vvf rpki.apnic.net/member_repository/A91C56FB/E9F51046783A11E8907D521AC4F9AE02/B7F93F86E33F11EB9832A354C4F9AE02.roa File: B7F93F86E33F11EB9832A354C4F9AE02.roa (raw, json) Hash identifier: F7sXs8wz7vi0K+MviVDC99PWP7OiPZ+mlBu4ZQRrCgU= Subject key identifier: C8:13:01:83:76:AA:73:55:22:C1:D0:57:E4:BF:E3:EA:88:97:6B:08 Certificate issuer: /CN=A91C56FB/serialNumber=93C058A0DF1773012459164B5A80D85372C7E292 Certificate serial: 1478 Authority key identifier: 93:C0:58:A0:DF:17:73:01:24:59:16:4B:5A:80:D8:53:72:C7:E2:92 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/k8BYoN8XcwEkWRZLWoDYU3LH4pI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C56FB/E9F51046783A11E8907D521AC4F9AE02/B7F93F86E33F11EB9832A354C4F9AE02.roa Signing time: Mon 21 Jul 2025 22:56:06 +0000 ROA not before: Mon 21 Jul 2025 22:56:06 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 54574 IP address blocks: 103.117.100.0/22 maxlen: 22 103.117.100.0/22 maxlen: 24 103.117.100.0/24 maxlen: 24 103.117.101.0/24 maxlen: 24 103.117.102.0/24 maxlen: 24 103.117.103.0/24 maxlen: 24 103.135.248.0/22 maxlen: 24 2403:18c0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C56FB/E9F51046783A11E8907D521AC4F9AE02/k8BYoN8XcwEkWRZLWoDYU3LH4pI.crl rsync://rpki.apnic.net/member_repository/A91C56FB/E9F51046783A11E8907D521AC4F9AE02/k8BYoN8XcwEkWRZLWoDYU3LH4pI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/k8BYoN8XcwEkWRZLWoDYU3LH4pI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 04 Nov 2025 16:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5240 (0x1478) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C56FB, serialNumber=93C058A0DF1773012459164B5A80D85372C7E292 Validity Not Before: Jul 21 22:56:06 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=687ec586-cc4d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:6b:89:40:09:6b:a2:4b:e7:ca:cf:85:d0:91: 9f:b9:3f:15:24:ca:3d:ff:a4:1d:d8:b5:ea:72:ce: 8a:c7:f6:9a:0a:76:eb:58:74:40:d3:aa:ce:b5:66: 53:01:b0:c4:82:60:54:77:83:df:45:14:7d:df:c2: 90:b8:b4:16:a7:b5:f5:c0:fb:84:56:12:5b:77:28: f3:03:5c:2e:05:b5:44:88:f9:0a:2b:a7:a7:50:29: 59:01:64:f2:1b:03:07:b7:02:bd:6e:9c:83:15:44: 13:f9:5f:cc:01:10:0b:5e:a4:b8:db:6a:b2:51:15: 95:f1:cc:0a:11:cb:d5:4f:10:15:8a:1a:64:30:3d: 54:52:95:b3:79:6e:19:1b:15:6f:cc:f2:7b:ec:6c: 3f:0d:40:fe:f7:32:40:19:a8:e9:3e:03:f2:3c:a9: 00:ff:41:72:59:f0:d9:5a:46:ff:f3:36:4f:ae:39: 0c:39:40:9b:08:0c:d0:89:f8:06:8d:6a:eb:bc:c5: 22:8a:01:d5:25:aa:b9:d9:23:3e:8a:76:34:ac:a8: 3e:68:ac:ef:9f:d1:60:1b:da:a5:74:1a:c3:e4:c5: 69:c4:c6:81:86:6c:77:72:e0:5d:7b:38:1a:ab:f0: 7c:13:75:af:42:f0:f4:e1:24:a8:60:d6:85:27:f6: 23:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:13:01:83:76:AA:73:55:22:C1:D0:57:E4:BF:E3:EA:88:97:6B:08 X509v3 Authority Key Identifier: keyid:93:C0:58:A0:DF:17:73:01:24:59:16:4B:5A:80:D8:53:72:C7:E2:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C56FB/E9F51046783A11E8907D521AC4F9AE02/k8BYoN8XcwEkWRZLWoDYU3LH4pI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/k8BYoN8XcwEkWRZLWoDYU3LH4pI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C56FB/E9F51046783A11E8907D521AC4F9AE02/B7F93F86E33F11EB9832A354C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.117.100.0/22 103.135.248.0/22 IPv6: 2403:18c0::/32 Signature Algorithm: sha256WithRSAEncryption a4:0f:e6:f7:7a:8c:3d:d3:80:36:f0:64:d7:be:d7:d3:d2:f4: f4:54:99:be:44:3f:e1:b7:6f:c3:d2:8f:63:3e:2f:f1:5a:fd: 39:75:8c:82:72:ca:88:a0:63:f8:a3:3d:7e:5c:9d:23:aa:95: d1:f1:fd:74:37:5a:17:50:86:5d:ad:77:73:b0:22:b1:a5:f5: 26:b0:2a:e5:4e:42:a5:bc:67:08:79:ca:fa:74:2f:ce:ec:f5: cd:ad:59:6c:d0:63:54:03:13:85:ae:43:4d:e8:36:e7:d5:e6: 34:79:61:25:6b:3b:c0:1b:6f:96:d8:1d:e2:b1:43:00:f3:8c: c4:ea:ee:a6:17:80:ab:d4:0f:e0:16:6c:58:ac:e3:0c:61:b4: 86:14:47:4e:a4:d2:f8:85:a1:46:67:fe:e3:11:cf:ed:d8:8d: 2d:97:09:c6:57:2f:0b:6c:aa:ae:73:59:aa:8e:71:7f:5f:75: 8e:8b:d0:d0:a1:64:2b:4b:80:98:f4:d8:bd:dd:0c:99:a9:41: 72:9c:99:1b:e2:96:8d:64:35:96:84:ff:05:e1:82:53:64:1a: af:5a:21:c0:1b:46:65:eb:9b:90:49:b5:cb:fd:84:33:61:12: 61:87:93:b7:95:fd:d6:c4:cf:f0:58:7b:4a:be:2c:72:ff:c2: 9d:f4:6f:6b -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICFHgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzU2RkIxMTAvBgNVBAUTKDkzQzA1OEEwREYxNzczMDEyNDU5MTY0QjVBODBEODUz NzJDN0UyOTIwHhcNMjUwNzIxMjI1NjA2WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODdlYzU4Ni1jYzRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzGuJQAlrokvnys+F0JGfuT8VJMo9/6Qd2LXqcs6Kx/aaCnbrWHRA06rOtWZT AbDEgmBUd4PfRRR938KQuLQWp7X1wPuEVhJbdyjzA1wuBbVEiPkKK6enUClZAWTy GwMHtwK9bpyDFUQT+V/MARALXqS422qyURWV8cwKEcvVTxAVihpkMD1UUpWzeW4Z GxVvzPJ77Gw/DUD+9zJAGajpPgPyPKkA/0FyWfDZWkb/8zZPrjkMOUCbCAzQifgG jWrrvMUiigHVJaq52SM+inY0rKg+aKzvn9FgG9qldBrD5MVpxMaBhmx3cuBdezga q/B8E3WvQvD04SSoYNaFJ/YjqwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFMgTAYN2 qnNVIsHQV+S/4+qIl2sIMB8GA1UdIwQYMBaAFJPAWKDfF3MBJFkWS1qA2FNyx+KS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNTZGQi9FOUY1MTA0Njc4 M0ExMUU4OTA3RDUyMUFDNEY5QUUwMi9rOEJZb044WGN3RWtXUlpMV29EWVUzTEg0 cEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2s4QllvTjhYY3dFa1dSWkxXb0RZVTNMSDRwSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzU2RkIvRTlGNTEwNDY3ODNBMTFFODkwN0Q1MjFBQzRGOUFFMDIvQjdGOTNGODZF MzNGMTFFQjk4MzJBMzU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAJndWQDBAJnh/gwDQQCAAIwBwMFACQDGMAwDQYJKoZIhvcN AQELBQADggEBAKQP5vd6jD3TgDbwZNe+19PS9PRUmb5EP+G3b8PSj2M+L/Fa/Tl1 jIJyyoigY/ijPX5cnSOqldHx/XQ3WhdQhl2td3OwIrGl9SawKuVOQqW8Zwh5yvp0 L87s9c2tWWzQY1QDE4WuQ03oNufV5jR5YSVrO8Abb5bYHeKxQwDzjMTq7qYXgKvU D+AWbFis4wxhtIYUR06k0viFoUZn/uMRz+3YjS2XCcZXLwtsqq5zWaqOcX9fdY6L 0NChZCtLgJj02L3dDJmpQXKcmRvilo1kNZaE/wXhglNkGq9aIcAbRmXrm5BJtcv9 hDNhEmGHk7eV/dbEz/BYe0q+LHL/wp30b2s= -----END CERTIFICATE-----Generated at Wed Oct 29 18:37:51 2025 by rpki-client