$ rpki-client -vvf rpki.apnic.net/member_repository/A91C77BD/38937198DF4011E58232734AC4F9AE02/A257A95EA9DC11E9AA03780DC4F9AE02.roa File: A257A95EA9DC11E9AA03780DC4F9AE02.roa (raw, json) Hash identifier: PxUOEDED+JHKJelWKhOvajOHx5KTZi4sFxCqv9/Wuds= Subject key identifier: 45:21:4E:75:5F:BD:A7:E1:CD:C9:1B:1C:BC:16:2E:02:6E:24:AE:5D Certificate issuer: /CN=A91C77BD/serialNumber=A3EB7C435063BC54D3573D81DBDC1873987663E0 Certificate serial: 21B0 Authority key identifier: A3:EB:7C:43:50:63:BC:54:D3:57:3D:81:DB:DC:18:73:98:76:63:E0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o-t8Q1BjvFTTVz2B29wYc5h2Y-A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C77BD/38937198DF4011E58232734AC4F9AE02/A257A95EA9DC11E9AA03780DC4F9AE02.roa Signing time: Wed 24 Sep 2025 16:04:13 +0000 ROA not before: Wed 24 Sep 2025 16:04:13 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 134707 IP address blocks: 103.196.136.0/22 maxlen: 22 103.196.136.0/24 maxlen: 24 103.196.137.0/24 maxlen: 24 103.196.138.0/24 maxlen: 24 103.196.139.0/24 maxlen: 24 203.189.116.0/22 maxlen: 22 203.189.116.0/24 maxlen: 24 203.189.117.0/24 maxlen: 24 203.189.118.0/24 maxlen: 24 203.189.119.0/24 maxlen: 24 223.25.60.0/22 maxlen: 22 223.25.60.0/24 maxlen: 24 223.25.61.0/24 maxlen: 24 223.25.62.0/24 maxlen: 24 223.25.63.0/24 maxlen: 24 2404:3380::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C77BD/38937198DF4011E58232734AC4F9AE02/o-t8Q1BjvFTTVz2B29wYc5h2Y-A.crl rsync://rpki.apnic.net/member_repository/A91C77BD/38937198DF4011E58232734AC4F9AE02/o-t8Q1BjvFTTVz2B29wYc5h2Y-A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o-t8Q1BjvFTTVz2B29wYc5h2Y-A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 15:59:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8624 (0x21b0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C77BD, serialNumber=A3EB7C435063BC54D3573D81DBDC1873987663E0 Validity Not Before: Sep 24 16:04:13 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68d4167d-d037 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:b8:df:86:c8:f1:15:c0:08:f8:49:9d:c9:8f: cf:9b:fa:f1:8d:7a:85:3b:b3:a6:2f:f7:72:d7:e9: 17:e6:49:96:51:e8:d4:9a:c9:fd:7f:4e:43:4e:a0: 17:21:76:fd:a5:e3:7f:87:7a:c7:2e:31:02:c0:5c: 61:26:66:7f:ce:ef:62:b6:eb:fe:c9:73:c7:95:12: a6:c2:7f:50:c8:e9:b4:8d:26:d1:83:b5:01:e5:2e: 20:24:6d:6c:40:cc:04:d6:6e:bc:2a:2b:d3:66:c3: 95:bf:f3:94:fe:b2:13:07:2b:24:47:33:db:fc:ff: ba:a2:06:16:0c:2e:fb:26:ed:08:22:59:71:88:31: 34:44:a6:58:5f:9b:f7:48:e1:f1:05:eb:a0:6e:8d: 40:19:1d:a1:0c:de:c6:c6:ec:53:9b:65:8b:36:76: 7f:f7:5c:1f:dd:79:6f:9f:ad:cd:e9:3d:06:23:9d: 86:b5:e3:5c:15:7f:a8:5f:58:75:71:16:21:4a:a4: a1:fd:ce:cd:87:b1:31:ea:b5:c6:7c:db:fb:f0:7d: ca:71:87:da:c1:68:c4:e1:fc:5e:a7:49:c2:4a:14: 23:e6:36:b8:13:6b:8f:96:a5:6b:e4:a9:b0:32:e4: a4:e4:ee:6b:26:83:cf:f6:3c:d8:08:3c:c6:63:79: 18:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:21:4E:75:5F:BD:A7:E1:CD:C9:1B:1C:BC:16:2E:02:6E:24:AE:5D X509v3 Authority Key Identifier: keyid:A3:EB:7C:43:50:63:BC:54:D3:57:3D:81:DB:DC:18:73:98:76:63:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C77BD/38937198DF4011E58232734AC4F9AE02/o-t8Q1BjvFTTVz2B29wYc5h2Y-A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o-t8Q1BjvFTTVz2B29wYc5h2Y-A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C77BD/38937198DF4011E58232734AC4F9AE02/A257A95EA9DC11E9AA03780DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.196.136.0/22 203.189.116.0/22 223.25.60.0/22 IPv6: 2404:3380::/32 Signature Algorithm: sha256WithRSAEncryption dd:6f:38:ee:87:44:65:b0:6f:b5:3a:af:94:83:3d:ad:4b:f0: 33:9c:8c:da:ba:d2:50:ad:d2:5f:5f:0c:d1:ba:74:ec:fe:36: a6:e2:89:4b:da:a2:5f:ac:84:04:cc:f1:de:fe:81:32:62:2a: ec:62:46:e9:ab:51:d3:16:67:04:9d:d9:48:e1:60:fe:58:c1: 28:47:9b:ec:ad:3e:cd:a6:3a:d2:6e:92:47:b1:33:ac:af:b7: 58:f7:21:86:07:48:3b:d1:b7:5a:00:db:81:0f:dd:50:1d:e9: 9c:a9:8e:85:71:2d:b7:3b:7b:f3:1a:31:e1:82:04:92:e2:be: d0:6a:39:a3:e6:11:44:1b:16:07:4d:69:2c:25:07:92:93:9b: 6e:aa:b3:34:3b:c5:75:f3:3a:60:95:76:e8:b9:e3:5e:ee:ba: 5d:8c:09:12:1e:cb:8a:af:bc:15:61:99:42:c3:56:b0:9d:c2: 1a:81:c7:2e:04:57:39:5a:fd:a0:0d:d2:25:23:25:b8:ab:26: c9:39:cc:68:0b:0a:82:b0:f1:ed:77:dd:cd:7e:f8:08:ba:35: c7:35:7d:2f:72:89:ce:cf:9a:38:d7:64:b0:1c:ef:ba:14:8a: ff:a5:87:88:9c:5f:62:81:aa:33:71:f9:60:b0:e7:4f:b6:73: da:a8:c9:6a -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICIbAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qzc3QkQxMTAvBgNVBAUTKEEzRUI3QzQzNTA2M0JDNTREMzU3M0Q4MURCREMxODcz OTg3NjYzRTAwHhcNMjUwOTI0MTYwNDEzWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGQ0MTY3ZC1kMDM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt7jfhsjxFcAI+EmdyY/Pm/rxjXqFO7OmL/dy1+kX5kmWUejUmsn9f05DTqAX IXb9peN/h3rHLjECwFxhJmZ/zu9ituv+yXPHlRKmwn9QyOm0jSbRg7UB5S4gJG1s QMwE1m68KivTZsOVv/OU/rITByskRzPb/P+6ogYWDC77Ju0IIllxiDE0RKZYX5v3 SOHxBeugbo1AGR2hDN7GxuxTm2WLNnZ/91wf3Xlvn63N6T0GI52GteNcFX+oX1h1 cRYhSqSh/c7Nh7Ex6rXGfNv78H3KcYfawWjE4fxep0nCShQj5ja4E2uPlqVr5Kmw MuSk5O5rJoPP9jzYCDzGY3kYFQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFEUhTnVf vafhzckbHLwWLgJuJK5dMB8GA1UdIwQYMBaAFKPrfENQY7xU01c9gdvcGHOYdmPg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNzdCRC8zODkzNzE5OERG NDAxMUU1ODIzMjczNEFDNEY5QUUwMi9vLXQ4UTFCanZGVFRWejJCMjl3WWM1aDJZ LUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL28tdDhRMUJqdkZUVFZ6MkIyOXdZYzVoMlktQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Qzc3QkQvMzg5MzcxOThERjQwMTFFNTgyMzI3MzRBQzRGOUFFMDIvQTI1N0E5NUVB OURDMTFFOUFBMDM3ODBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAJnxIgDBALLvXQDBALfGTwwDQQCAAIwBwMFACQEM4AwDQYJ KoZIhvcNAQELBQADggEBAN1vOO6HRGWwb7U6r5SDPa1L8DOcjNq60lCt0l9fDNG6 dOz+NqbiiUvaol+shATM8d7+gTJiKuxiRumrUdMWZwSd2UjhYP5YwShHm+ytPs2m OtJukkexM6yvt1j3IYYHSDvRt1oA24EP3VAd6ZypjoVxLbc7e/MaMeGCBJLivtBq OaPmEUQbFgdNaSwlB5KTm26qszQ7xXXzOmCVdui5417uul2MCRIey4qvvBVhmULD VrCdwhqBxy4EVzla/aAN0iUjJbirJsk5zGgLCoKw8e133c1++Ai6Ncc1fS9yic7P mjjXZLAc77oUiv+lh4icX2KBqjNx+WCw50+2c9qoyWo= -----END CERTIFICATE-----Generated at Wed Nov 5 13:35:21 2025 by rpki-client