$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFAB9/E853382C9F1311EC9E45D572C4F9AE02/596CCC4E9F1911EC8FDFEA7DC4F9AE02.roa File: 596CCC4E9F1911EC8FDFEA7DC4F9AE02.roa (raw, json) Hash identifier: YvFcrpBbAoiYQIP04bSjgNkLWr3WOARquHbbaVU+Mxc= Subject key identifier: F6:C6:19:85:6E:D0:A1:BA:A1:39:86:49:98:C1:4E:59:D9:F4:20:2C Certificate issuer: /CN=A91CFAB9/serialNumber=DD8A2B88654C3366FFE7FCF6556A9786002AA65B Certificate serial: 03F3 Authority key identifier: DD:8A:2B:88:65:4C:33:66:FF:E7:FC:F6:55:6A:97:86:00:2A:A6:5B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3YoriGVMM2b_5_z2VWqXhgAqpls.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFAB9/E853382C9F1311EC9E45D572C4F9AE02/596CCC4E9F1911EC8FDFEA7DC4F9AE02.roa Signing time: Tue 04 Nov 2025 02:36:54 +0000 ROA not before: Tue 04 Nov 2025 02:36:54 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 135069 IP address blocks: 103.208.140.0/22 maxlen: 22 103.208.140.0/24 maxlen: 24 103.208.141.0/24 maxlen: 24 103.208.142.0/24 maxlen: 24 103.208.143.0/24 maxlen: 24 163.47.109.0/24 maxlen: 24 180.235.104.0/22 maxlen: 22 180.235.104.0/24 maxlen: 24 180.235.105.0/24 maxlen: 24 180.235.106.0/24 maxlen: 24 180.235.107.0/24 maxlen: 24 202.37.108.0/24 maxlen: 24 203.28.247.0/24 maxlen: 24 223.26.24.0/22 maxlen: 22 223.26.24.0/24 maxlen: 24 223.26.25.0/24 maxlen: 24 223.26.26.0/24 maxlen: 24 223.26.27.0/24 maxlen: 24 2404:4880::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFAB9/E853382C9F1311EC9E45D572C4F9AE02/3YoriGVMM2b_5_z2VWqXhgAqpls.crl rsync://rpki.apnic.net/member_repository/A91CFAB9/E853382C9F1311EC9E45D572C4F9AE02/3YoriGVMM2b_5_z2VWqXhgAqpls.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3YoriGVMM2b_5_z2VWqXhgAqpls.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 02:45:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1011 (0x3f3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFAB9, serialNumber=DD8A2B88654C3366FFE7FCF6556A9786002AA65B Validity Not Before: Nov 4 02:36:54 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=690966c6-0eb3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:a9:31:f3:9f:20:9a:07:f3:37:79:ad:5a:37: b9:a8:0c:f2:b9:4a:59:df:3d:ce:c0:e9:c8:8b:a5: 33:44:e6:43:c3:d4:d8:4e:3e:18:7e:2d:3a:a2:15: 81:73:31:c0:62:38:07:a2:fe:c8:de:77:7f:5e:57: cf:b7:35:c9:81:86:ba:e8:5f:51:57:1a:45:8f:a0: 71:a2:33:ae:db:bc:72:b0:c9:02:5a:dc:22:e8:8f: ee:b1:58:de:73:5f:6e:4e:10:ce:48:47:87:53:10: 23:c2:40:32:df:18:a8:c3:49:3f:5e:d3:c7:2e:82: 41:6e:6b:b4:05:9b:7a:cd:ca:c9:0c:20:24:1c:c6: 1c:1d:90:48:96:e6:df:f3:94:9a:52:53:9d:ce:e2: 38:6f:37:34:ad:e6:8d:d5:77:cb:56:b6:d5:5e:a6: 1b:de:2c:5f:aa:35:0b:99:6b:1c:bd:bc:f1:4d:78: d8:ec:70:d6:5d:9b:9b:05:1f:89:83:d9:9a:72:eb: 1d:ae:1b:c7:91:43:81:1d:d8:94:16:a7:9b:96:5a: 6a:26:ef:42:15:d8:e7:16:08:ea:e9:e9:ef:48:2f: e9:f5:94:db:af:22:95:dd:64:11:ad:ef:e0:8b:72: 68:8d:04:80:f5:37:0d:91:4e:b7:4d:b5:99:80:b5: 86:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:C6:19:85:6E:D0:A1:BA:A1:39:86:49:98:C1:4E:59:D9:F4:20:2C X509v3 Authority Key Identifier: keyid:DD:8A:2B:88:65:4C:33:66:FF:E7:FC:F6:55:6A:97:86:00:2A:A6:5B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFAB9/E853382C9F1311EC9E45D572C4F9AE02/3YoriGVMM2b_5_z2VWqXhgAqpls.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3YoriGVMM2b_5_z2VWqXhgAqpls.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFAB9/E853382C9F1311EC9E45D572C4F9AE02/596CCC4E9F1911EC8FDFEA7DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.208.140.0/22 163.47.109.0/24 180.235.104.0/22 202.37.108.0/24 203.28.247.0/24 223.26.24.0/22 IPv6: 2404:4880::/32 Signature Algorithm: sha256WithRSAEncryption 6b:09:4d:e9:df:73:03:be:84:b0:32:de:84:1d:71:93:08:cb: 2e:3d:9e:ec:17:d4:d6:ed:bd:94:79:ab:1f:3c:81:39:97:1e: 72:73:35:74:fb:c8:a6:63:30:3b:13:65:c2:73:e1:da:14:be: 12:d4:50:cb:91:eb:97:89:e3:b7:de:b0:ee:cf:40:20:4a:0e: 6b:45:6c:69:74:83:6b:4b:66:de:da:ec:38:01:0a:8f:2d:20: 9e:9c:53:b3:84:24:d0:38:be:62:d7:4f:cd:98:90:90:db:57: ab:9b:86:e3:b6:b2:47:6f:e3:02:db:ac:36:76:d7:d3:f9:88: 36:c4:c4:51:a2:ed:3f:d4:e7:6d:83:d0:7e:48:fe:78:bf:12: 5b:9f:12:37:eb:f0:ff:07:17:65:6c:3a:b1:fa:b5:c7:f9:d0: d6:ea:69:1d:5c:b6:08:d6:14:45:a6:f0:ee:c1:76:b0:63:6a: cd:69:9b:ed:c6:29:82:4d:0a:cb:99:c3:2b:77:60:e0:79:fb: 25:44:07:dd:36:88:9d:85:ea:13:8d:b9:12:bc:2d:eb:58:5a: b4:b8:2c:7d:3b:00:6f:de:99:ba:c8:61:d3:db:0c:c1:d5:16: 2b:38:3c:49:24:3e:1c:ca:ba:74:13:5d:4a:5a:96:ce:6a:17: 71:70:0e:f9 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgICA/MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0ZBQjkxMTAvBgNVBAUTKEREOEEyQjg4NjU0QzMzNjZGRkU3RkNGNjU1NkE5Nzg2 MDAyQUE2NUIwHhcNMjUxMTA0MDIzNjU0WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02OTA5NjZjNi0wZWIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvakx858gmgfzN3mtWje5qAzyuUpZ3z3OwOnIi6UzROZDw9TYTj4Yfi06ohWB czHAYjgHov7I3nd/XlfPtzXJgYa66F9RVxpFj6BxojOu27xysMkCWtwi6I/usVje c19uThDOSEeHUxAjwkAy3xiow0k/XtPHLoJBbmu0BZt6zcrJDCAkHMYcHZBIlubf 85SaUlOdzuI4bzc0reaN1XfLVrbVXqYb3ixfqjULmWscvbzxTXjY7HDWXZubBR+J g9macusdrhvHkUOBHdiUFqebllpqJu9CFdjnFgjq6envSC/p9ZTbryKV3WQRre/g i3JojQSA9TcNkU63TbWZgLWG6QIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFPbGGYVu 0KG6oTmGSZjBTlnZ9CAsMB8GA1UdIwQYMBaAFN2KK4hlTDNm/+f89lVql4YAKqZb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkFCOS9FODUzMzgyQzlG MTMxMUVDOUU0NUQ1NzJDNEY5QUUwMi8zWW9yaUdWTU0yYl81X3oyVldxWGhnQXFw bHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNZb3JpR1ZNTTJiXzVfejJWV3FYaGdBcXBscy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0ZBQjkvRTg1MzM4MkM5RjEzMTFFQzlFNDVENTcyQzRGOUFFMDIvNTk2Q0NDNEU5 RjE5MTFFQzhGREZFQTdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTAYIKwYBBQUHAQcBAf8E PTA7MCoEAgABMCQDBAJn0IwDBACjL20DBAK062gDBADKJWwDBADLHPcDBALfGhgw DQQCAAIwBwMFACQESIAwDQYJKoZIhvcNAQELBQADggEBAGsJTenfcwO+hLAy3oQd cZMIyy49nuwX1NbtvZR5qx88gTmXHnJzNXT7yKZjMDsTZcJz4doUvhLUUMuR65eJ 47fesO7PQCBKDmtFbGl0g2tLZt7a7DgBCo8tIJ6cU7OEJNA4vmLXT82YkJDbV6ub huO2skdv4wLbrDZ219P5iDbExFGi7T/U522D0H5I/ni/ElufEjfr8P8HF2VsOrH6 tcf50NbqaR1ctgjWFEWm8O7BdrBjas1pm+3GKYJNCsuZwyt3YOB5+yVEB902iJ2F 6hONuRK8LetYWrS4LH07AG/embrIYdPbDMHVFis4PEkkPhzKunQTXUpals5qF3Fw Dvk= -----END CERTIFICATE-----Generated at Tue Nov 4 09:25:35 2025 by rpki-client