$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB92A/FC12E31084AE11F096C09D29C4F9AE02/8CAFF0E884AF11F0A1FF182BC4F9AE02.roa File: 8CAFF0E884AF11F0A1FF182BC4F9AE02.roa (raw, json) Hash identifier: SWZOIIyqYqeKGjNImIfW9J7E02rh/5URfQeoSZwvbmc= Subject key identifier: F2:1B:8D:89:EC:D2:FB:0B:26:4C:FA:FC:6A:3B:8F:F1:29:E5:A6:CF Certificate issuer: /CN=A91CB92A/serialNumber=AD152AF6EF0299620BF9F77FD60CD8B3140417AF Certificate serial: 02 Authority key identifier: AD:15:2A:F6:EF:02:99:62:0B:F9:F7:7F:D6:0C:D8:B3:14:04:17:AF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rRUq9u8CmWIL-fd_1gzYsxQEF68.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CB92A/FC12E31084AE11F096C09D29C4F9AE02/8CAFF0E884AF11F0A1FF182BC4F9AE02.roa Signing time: Fri 29 Aug 2025 08:09:56 +0000 ROA not before: Fri 29 Aug 2025 08:09:56 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 153995 IP address blocks: 103.147.16.0/23 maxlen: 23 103.147.16.0/24 maxlen: 24 103.147.17.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CB92A/FC12E31084AE11F096C09D29C4F9AE02/rRUq9u8CmWIL-fd_1gzYsxQEF68.crl rsync://rpki.apnic.net/member_repository/A91CB92A/FC12E31084AE11F096C09D29C4F9AE02/rRUq9u8CmWIL-fd_1gzYsxQEF68.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rRUq9u8CmWIL-fd_1gzYsxQEF68.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 14 Sep 2025 08:39:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CB92A, serialNumber=AD152AF6EF0299620BF9F77FD60CD8B3140417AF Validity Not Before: Aug 29 08:09:56 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=68b16054-bc83 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:4b:fb:85:0d:38:1f:bc:17:75:ff:f2:76:c1: 81:77:7a:14:82:e1:08:e2:6d:3c:cd:42:27:cd:29: 91:31:17:1d:e7:4c:2f:29:0b:3c:d9:a0:b8:15:ad: 68:74:03:cc:b6:6b:92:64:b2:54:d5:a1:ae:1b:aa: c1:f9:30:40:55:4d:0c:22:30:8b:f3:9d:6f:ca:d9: 9c:b5:9a:e0:5d:15:5d:72:d2:08:c9:ab:2a:6c:e8: a6:4f:80:3f:2f:67:c8:0b:84:17:12:81:c0:1a:ff: 58:e4:a8:a0:85:9e:2f:90:8d:b7:fb:32:61:76:54: 63:0a:0b:c4:43:f5:63:55:e7:fe:49:43:6f:19:13: 23:45:59:f3:ee:15:70:65:7e:a3:02:fb:95:55:dc: 3a:1d:83:d2:43:69:ae:ab:f8:86:87:58:83:e5:da: 98:c9:f5:6f:23:02:17:0d:39:4c:36:c3:4b:29:c1: ac:11:05:a7:55:b2:e5:81:d3:0b:64:c6:74:c0:52: 73:77:10:c5:71:cf:11:86:29:d8:ef:bd:c2:fb:60: b9:68:ed:54:41:b0:e0:2f:da:3b:00:8b:6e:19:b7: c5:be:82:96:a2:ec:5e:1f:b8:ed:18:ae:4d:ea:8d: ad:a9:86:e7:c4:06:76:91:0a:c8:a6:fe:6a:1c:d4: cb:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:1B:8D:89:EC:D2:FB:0B:26:4C:FA:FC:6A:3B:8F:F1:29:E5:A6:CF X509v3 Authority Key Identifier: keyid:AD:15:2A:F6:EF:02:99:62:0B:F9:F7:7F:D6:0C:D8:B3:14:04:17:AF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CB92A/FC12E31084AE11F096C09D29C4F9AE02/rRUq9u8CmWIL-fd_1gzYsxQEF68.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rRUq9u8CmWIL-fd_1gzYsxQEF68.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB92A/FC12E31084AE11F096C09D29C4F9AE02/8CAFF0E884AF11F0A1FF182BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.147.16.0/23 Signature Algorithm: sha256WithRSAEncryption 7f:06:53:e9:6a:c5:d7:56:85:70:06:12:5e:09:06:1c:89:a4: 39:e8:03:9a:fa:07:2a:3d:37:45:f2:c3:15:a9:46:7b:80:22: 30:03:d1:6d:4a:5b:41:dc:80:df:26:65:41:9f:54:a4:6f:cc: c9:4f:21:92:91:54:77:83:9f:ea:dc:36:67:8f:8c:2d:50:81: 96:7e:41:94:6d:a5:cd:7f:ef:e3:d6:a8:68:30:26:2c:5d:75: eb:92:d3:10:d2:97:02:8f:f4:5b:91:ab:e8:58:21:ac:4b:a0: 74:ea:53:d2:65:26:d0:4c:d1:87:99:a9:11:05:53:67:36:51: de:c2:89:e2:a7:41:87:ae:7a:93:55:ef:62:3c:b7:6a:96:92: ae:cd:c0:ce:1c:ad:0a:62:de:9a:34:01:8c:57:df:62:84:00: 67:97:a3:82:1b:5a:13:1a:70:94:3e:7c:be:1d:f7:b0:2b:df: 40:e9:f6:f3:4d:66:74:c4:e6:6b:62:d0:f4:b0:77:49:eb:88: 51:34:14:19:08:48:91:12:17:ee:04:ab:25:25:7d:85:4b:33: a7:4f:10:86:6b:f8:22:57:1d:66:a8:e2:a0:63:51:40:8c:60: d0:eb:5c:b3:ad:a2:fa:3e:a8:36:fd:a9:a8:0e:c1:73:4d:94: 6b:62:4a:bf -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD QjkyQTExMC8GA1UEBRMoQUQxNTJBRjZFRjAyOTk2MjBCRjlGNzdGRDYwQ0Q4QjMx NDA0MTdBRjAeFw0yNTA4MjkwODA5NTZaFw0yNjAzMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4YjE2MDU0LWJjODMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDqS/uFDTgfvBd1//J2wYF3ehSC4QjibTzNQifNKZExFx3nTC8pCzzZoLgVrWh0 A8y2a5JkslTVoa4bqsH5MEBVTQwiMIvznW/K2Zy1muBdFV1y0gjJqyps6KZPgD8v Z8gLhBcSgcAa/1jkqKCFni+Qjbf7MmF2VGMKC8RD9WNV5/5JQ28ZEyNFWfPuFXBl fqMC+5VV3Dodg9JDaa6r+IaHWIPl2pjJ9W8jAhcNOUw2w0spwawRBadVsuWB0wtk xnTAUnN3EMVxzxGGKdjvvcL7YLlo7VRBsOAv2jsAi24Zt8W+gpai7F4fuO0Yrk3q ja2phufEBnaRCsim/moc1MvDAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU8huNiezS +wsmTPr8ajuP8Snlps8wHwYDVR0jBBgwFoAUrRUq9u8CmWIL+fd/1gzYsxQEF68w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNCOTJBL0ZDMTJFMzEwODRB RTExRjA5NkMwOUQyOUM0RjlBRTAyL3JSVXE5dThDbVdJTC1mZF8xZ3pZc3hRRUY2 OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvclJVcTl1OENtV0lMLWZkXzFnellzeFFFRjY4LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD QjkyQS9GQzEyRTMxMDg0QUUxMUYwOTZDMDlEMjlDNEY5QUUwMi84Q0FGRjBFODg0 QUYxMUYwQTFGRjE4MkJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAWeTEDANBgkqhkiG9w0BAQsFAAOCAQEAfwZT6WrF11aFcAYS XgkGHImkOegDmvoHKj03RfLDFalGe4AiMAPRbUpbQdyA3yZlQZ9UpG/MyU8hkpFU d4Of6tw2Z4+MLVCBln5BlG2lzX/v49aoaDAmLF1165LTENKXAo/0W5Gr6FghrEug dOpT0mUm0EzRh5mpEQVTZzZR3sKJ4qdBh656k1XvYjy3apaSrs3AzhytCmLemjQB jFffYoQAZ5ejghtaExpwlD58vh33sCvfQOn2801mdMTma2LQ9LB3SeuIUTQUGQhI kRIX7gSrJSV9hUszp08Qhmv4IlcdZqjioGNRQIxg0Otcs62i+j6oNv2pqA7Bc02U a2JKvw== -----END CERTIFICATE-----Generated at Tue Sep 9 08:00:44 2025 by rpki-client