$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE821/811FB590605111E88CD8EC47C4F9AE02/2A53DA54332011EF89CABD61C4F9AE02.roa File: 2A53DA54332011EF89CABD61C4F9AE02.roa (raw, json) Hash identifier: XAFmHRo+hO35GWVsWHHscFE/9w85d60jx9W3Sf7aA0c= Subject key identifier: C8:A8:63:2C:7D:D7:94:B0:00:FE:73:3F:09:05:E6:DD:21:AB:5D:7D Certificate issuer: /CN=A91CE821/serialNumber=0637E5B38C61DF83EBB3302093BB576CB31D9B10 Certificate serial: 04A8 Authority key identifier: 06:37:E5:B3:8C:61:DF:83:EB:B3:30:20:93:BB:57:6C:B3:1D:9B:10 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Bjfls4xh34PrszAgk7tXbLMdmxA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE821/811FB590605111E88CD8EC47C4F9AE02/2A53DA54332011EF89CABD61C4F9AE02.roa Signing time: Sat 30 Aug 2025 17:06:13 +0000 ROA not before: Sat 30 Aug 2025 17:06:13 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 152605 IP address blocks: 103.115.196.0/24 maxlen: 24 103.115.197.0/24 maxlen: 24 103.115.198.0/24 maxlen: 24 103.115.199.0/24 maxlen: 24 2402:edc0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE821/811FB590605111E88CD8EC47C4F9AE02/Bjfls4xh34PrszAgk7tXbLMdmxA.crl rsync://rpki.apnic.net/member_repository/A91CE821/811FB590605111E88CD8EC47C4F9AE02/Bjfls4xh34PrszAgk7tXbLMdmxA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Bjfls4xh34PrszAgk7tXbLMdmxA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 15 Sep 2025 16:52:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1192 (0x4a8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE821, serialNumber=0637E5B38C61DF83EBB3302093BB576CB31D9B10 Validity Not Before: Aug 30 17:06:13 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=68b32f85-ddd3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:58:5f:d4:91:ad:49:01:f6:f0:c2:0f:d9:8f: 1e:0e:7a:20:63:a5:af:3f:60:6d:a2:ba:fd:40:d6: c9:52:fa:ed:e8:02:f2:1d:ba:c6:41:6d:21:8d:82: e1:78:9b:4b:48:f3:67:dd:17:de:65:d5:61:68:ca: c9:43:61:aa:43:38:27:2d:a9:a0:57:d5:a8:fd:c7: 8e:2b:4a:2f:fc:c2:60:66:05:62:d3:8c:f6:09:ae: 4b:7d:3c:29:cc:f4:ac:9b:0a:9a:9e:d8:71:ee:8d: d6:72:79:a4:e3:f4:43:1e:eb:20:82:ab:e8:2b:64: d7:1a:98:2f:0c:f1:1b:34:40:93:d9:9c:6b:1d:bf: 12:e5:b6:5a:f2:c2:f8:5b:ff:aa:eb:ff:f5:4d:a5: 12:94:35:d9:d0:5c:b6:3d:ba:3d:95:9f:8b:c9:72: 14:1f:81:c7:df:1c:ff:8e:e0:f3:ba:2a:3f:e1:2b: 81:3d:27:80:3c:bd:b1:16:07:ac:51:3e:3f:e5:2f: 63:8b:1e:f0:19:fa:d0:14:f4:6b:cf:a1:19:6d:af: 37:7f:6b:42:41:e1:0c:2a:9d:17:6d:33:44:19:af: f3:0e:56:15:04:b9:95:6e:d3:ce:67:8f:4c:0b:86: 9c:3e:a3:62:80:52:b1:f6:40:8d:1e:33:cc:ff:02: fd:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:A8:63:2C:7D:D7:94:B0:00:FE:73:3F:09:05:E6:DD:21:AB:5D:7D X509v3 Authority Key Identifier: keyid:06:37:E5:B3:8C:61:DF:83:EB:B3:30:20:93:BB:57:6C:B3:1D:9B:10 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE821/811FB590605111E88CD8EC47C4F9AE02/Bjfls4xh34PrszAgk7tXbLMdmxA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Bjfls4xh34PrszAgk7tXbLMdmxA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE821/811FB590605111E88CD8EC47C4F9AE02/2A53DA54332011EF89CABD61C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.115.196.0/22 IPv6: 2402:edc0::/32 Signature Algorithm: sha256WithRSAEncryption 78:55:23:38:68:e6:63:bc:44:2b:e8:fc:e1:d1:8f:33:79:16: 5d:e2:11:e0:7a:8c:19:32:66:e0:81:6e:92:99:30:2f:6e:c7: 9a:ea:ad:94:6d:b5:ab:dd:7b:ce:ac:43:8e:01:c8:31:13:68: 13:cd:37:6b:27:93:15:0b:58:02:4e:ef:04:11:ce:0c:13:e1: a6:93:df:13:76:5c:3b:81:88:2d:5d:37:a2:33:82:db:a5:4f: 08:06:27:42:38:95:da:0d:2b:90:c5:44:35:ba:cb:33:0f:b2: be:a5:87:a9:8b:d9:bc:1f:48:7a:e4:75:cd:ad:4f:19:64:e2: f2:92:d5:36:69:5c:38:f0:68:1a:24:de:18:92:51:5b:98:06: de:bf:b8:54:e5:dd:d2:54:99:bf:38:d1:5f:34:75:1d:11:32: 5e:b5:1b:aa:ed:4f:18:29:15:3b:cf:42:cb:f5:cb:43:ee:01: 76:03:ea:f1:24:10:d3:cf:ed:54:52:99:9f:7d:df:9e:2a:69: 00:94:db:31:d8:31:ed:d0:fe:0c:cd:20:b2:2b:0f:a9:87:62: ee:7f:c4:5e:bb:a9:69:39:76:1b:31:fa:69:4c:19:15:9d:7f: 6d:49:01:72:83:18:1e:1b:be:80:b7:ad:92:36:5b:c5:37:3a: f5:03:29:a7 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICBKgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0U4MjExMTAvBgNVBAUTKDA2MzdFNUIzOEM2MURGODNFQkIzMzAyMDkzQkI1NzZD QjMxRDlCMTAwHhcNMjUwODMwMTcwNjEzWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGIzMmY4NS1kZGQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0lhf1JGtSQH28MIP2Y8eDnogY6WvP2Btorr9QNbJUvrt6ALyHbrGQW0hjYLh eJtLSPNn3RfeZdVhaMrJQ2GqQzgnLamgV9Wo/ceOK0ov/MJgZgVi04z2Ca5LfTwp zPSsmwqanthx7o3Wcnmk4/RDHusggqvoK2TXGpgvDPEbNECT2ZxrHb8S5bZa8sL4 W/+q6//1TaUSlDXZ0Fy2Pbo9lZ+LyXIUH4HH3xz/juDzuio/4SuBPSeAPL2xFges UT4/5S9jix7wGfrQFPRrz6EZba83f2tCQeEMKp0XbTNEGa/zDlYVBLmVbtPOZ49M C4acPqNigFKx9kCNHjPM/wL90wIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFMioYyx9 15SwAP5zPwkF5t0hq119MB8GA1UdIwQYMBaAFAY35bOMYd+D67MwIJO7V2yzHZsQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTgyMS84MTFGQjU5MDYw NTExMUU4OENEOEVDNDdDNEY5QUUwMi9CamZsczR4aDM0UHJzekFnazd0WGJMTWRt eEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0JqZmxzNHhoMzRQcnN6QWdrN3RYYkxNZG14QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0U4MjEvODExRkI1OTA2MDUxMTFFODhDRDhFQzQ3QzRGOUFFMDIvMkE1M0RBNTQz MzIwMTFFRjg5Q0FCRDYxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAJnc8QwDQQCAAIwBwMFACQC7cAwDQYJKoZIhvcNAQELBQAD ggEBAHhVIzho5mO8RCvo/OHRjzN5Fl3iEeB6jBkyZuCBbpKZMC9ux5rqrZRttavd e86sQ44ByDETaBPNN2snkxULWAJO7wQRzgwT4aaT3xN2XDuBiC1dN6IzgtulTwgG J0I4ldoNK5DFRDW6yzMPsr6lh6mL2bwfSHrkdc2tTxlk4vKS1TZpXDjwaBok3hiS UVuYBt6/uFTl3dJUmb840V80dR0RMl61G6rtTxgpFTvPQsv1y0PuAXYD6vEkENPP 7VRSmZ99354qaQCU2zHYMe3Q/gzNILIrD6mHYu5/xF67qWk5dhsx+mlMGRWdf21J AXKDGB4bvoC3rZI2W8U3OvUDKac= -----END CERTIFICATE-----Generated at Tue Sep 9 00:46:39 2025 by rpki-client