$ rpki-client -vvf rpki.apnic.net/member_repository/A91D0432/E3CA18EC7B8711EDB59E3B80C4F9AE02/539DF534D1FB11EDA0A31C2FC4F9AE02.roa File: 539DF534D1FB11EDA0A31C2FC4F9AE02.roa (raw, json) Hash identifier: ZwuvYUkBHuPjyaZwcok71ZoBlPTV1oL4tY+NTXiSqLA= Subject key identifier: E3:FD:00:17:08:A9:0A:10:8B:C1:CB:2F:4B:B3:04:FE:93:0C:0E:E0 Certificate issuer: /CN=A91D0432/serialNumber=BE37704B8C7DF3975617194AF2ADEEDA1CC9BCF6 Certificate serial: 01CC Authority key identifier: BE:37:70:4B:8C:7D:F3:97:56:17:19:4A:F2:AD:EE:DA:1C:C9:BC:F6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vjdwS4x985dWFxlK8q3u2hzJvPY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D0432/E3CA18EC7B8711EDB59E3B80C4F9AE02/539DF534D1FB11EDA0A31C2FC4F9AE02.roa Signing time: Tue 13 May 2025 02:21:43 +0000 ROA not before: Tue 13 May 2025 02:21:43 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 132080 IP address blocks: 103.136.20.0/22 maxlen: 22 103.136.20.0/24 maxlen: 24 103.136.21.0/24 maxlen: 24 103.136.22.0/24 maxlen: 24 103.136.23.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D0432/E3CA18EC7B8711EDB59E3B80C4F9AE02/vjdwS4x985dWFxlK8q3u2hzJvPY.crl rsync://rpki.apnic.net/member_repository/A91D0432/E3CA18EC7B8711EDB59E3B80C4F9AE02/vjdwS4x985dWFxlK8q3u2hzJvPY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vjdwS4x985dWFxlK8q3u2hzJvPY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 02:14:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 460 (0x1cc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D0432, serialNumber=BE37704B8C7DF3975617194AF2ADEEDA1CC9BCF6 Validity Not Before: May 13 02:21:43 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=6822acb7-229e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:08:7e:80:ac:0f:a4:57:e2:65:e1:ab:74:b1: 17:c1:34:0b:cb:7a:6b:c3:94:95:b4:a9:63:29:b0: 7b:81:9c:58:fd:6d:51:28:35:08:b5:81:94:35:fc: 7f:76:99:0d:81:05:79:48:59:af:96:60:d1:0b:68: be:aa:48:05:fc:e2:08:4d:42:25:b8:a3:67:08:91: a2:3b:2e:60:9d:ea:b0:71:75:76:6d:75:3a:8a:6a: fa:73:36:a4:c7:1d:c9:cc:c4:14:29:7a:36:b4:f4: f8:5a:7c:13:1c:c5:b3:74:4d:e9:3d:63:94:b3:cd: d0:d5:b9:6e:c5:c6:5e:f0:65:e2:21:f4:00:25:0f: e2:c4:c4:01:9a:96:d7:32:2d:40:d6:5d:f0:41:c1: af:a5:73:f0:42:e8:ee:7a:f0:f0:7e:6f:66:c7:cf: d7:91:a4:3f:9a:57:ed:a9:01:81:24:0b:f9:c5:33: 74:3d:94:8f:fd:26:07:43:ef:a8:52:e1:80:17:c0: c0:ed:d8:37:4b:0e:ac:3e:cc:de:36:f6:d3:1b:a5: 03:78:15:68:b0:bb:2f:3e:a6:a5:6d:c5:77:d8:ed: b4:cb:09:14:c2:96:3c:a1:dd:30:df:58:91:c3:33: c2:7b:a0:d0:0d:a4:3a:63:37:50:91:05:da:7c:9e: 76:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:FD:00:17:08:A9:0A:10:8B:C1:CB:2F:4B:B3:04:FE:93:0C:0E:E0 X509v3 Authority Key Identifier: keyid:BE:37:70:4B:8C:7D:F3:97:56:17:19:4A:F2:AD:EE:DA:1C:C9:BC:F6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D0432/E3CA18EC7B8711EDB59E3B80C4F9AE02/vjdwS4x985dWFxlK8q3u2hzJvPY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vjdwS4x985dWFxlK8q3u2hzJvPY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D0432/E3CA18EC7B8711EDB59E3B80C4F9AE02/539DF534D1FB11EDA0A31C2FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.136.20.0/22 Signature Algorithm: sha256WithRSAEncryption 7c:33:98:d0:33:1b:a2:38:5e:44:1e:90:96:a9:d9:4e:10:dd: 52:82:13:9b:10:4b:3e:33:c0:5f:e8:82:68:c4:13:5f:7e:c1: b4:49:4e:0b:6f:50:84:06:8d:bb:e9:fe:f0:68:23:9d:0a:a0: 2a:6b:86:57:91:75:f4:76:a7:96:07:3a:25:3b:2b:f7:7d:fa: e8:6f:ba:f9:66:b1:0f:cb:f2:f2:13:9c:79:7f:62:ef:d8:9f: 12:8d:39:b9:78:e0:aa:16:6e:2b:b0:3d:ae:a9:50:d0:a5:1b: 7a:db:f7:2e:47:84:c7:3e:91:52:65:a3:76:b8:57:82:37:f2: 66:51:70:aa:56:1b:ac:1c:15:7e:af:18:9d:9e:b2:5f:4a:a9: e0:ee:84:11:73:08:7c:37:ea:aa:a2:d2:05:b1:02:6f:14:0b: 12:7e:cb:35:2d:ee:ca:40:fc:b0:04:82:d6:7f:b7:76:70:40: 3b:4f:7b:e5:16:ac:32:2b:82:f8:04:1e:60:f9:17:d5:9d:5c: 1a:68:72:ac:7e:6c:2f:60:90:ed:f0:da:37:57:f3:a2:c7:32: 3b:b3:fe:e4:4e:c7:47:40:07:ae:05:24:d9:53:a8:ec:08:0f: a1:9f:c5:73:2b:ee:94:60:91:29:f9:93:e4:a4:99:b5:1e:fd: ad:c7:a3:43 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICAcwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDA0MzIxMTAvBgNVBAUTKEJFMzc3MDRCOEM3REYzOTc1NjE3MTk0QUYyQURFRURB MUNDOUJDRjYwHhcNMjUwNTEzMDIyMTQzWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODIyYWNiNy0yMjllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8Qh+gKwPpFfiZeGrdLEXwTQLy3prw5SVtKljKbB7gZxY/W1RKDUItYGUNfx/ dpkNgQV5SFmvlmDRC2i+qkgF/OIITUIluKNnCJGiOy5gneqwcXV2bXU6imr6czak xx3JzMQUKXo2tPT4WnwTHMWzdE3pPWOUs83Q1bluxcZe8GXiIfQAJQ/ixMQBmpbX Mi1A1l3wQcGvpXPwQujuevDwfm9mx8/XkaQ/mlftqQGBJAv5xTN0PZSP/SYHQ++o UuGAF8DA7dg3Sw6sPszeNvbTG6UDeBVosLsvPqalbcV32O20ywkUwpY8od0w31iR wzPCe6DQDaQ6YzdQkQXafJ52DQIDAQABo4IClTCCApEwHQYDVR0OBBYEFOP9ABcI qQoQi8HLL0uzBP6TDA7gMB8GA1UdIwQYMBaAFL43cEuMffOXVhcZSvKt7tocybz2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMDQzMi9FM0NBMThFQzdC ODcxMUVEQjU5RTNCODBDNEY5QUUwMi92amR3UzR4OTg1ZFdGeGxLOHEzdTJoekp2 UFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ZqZHdTNHg5ODVkV0Z4bEs4cTN1Mmh6SnZQWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDA0MzIvRTNDQTE4RUM3Qjg3MTFFREI1OUUzQjgwQzRGOUFFMDIvNTM5REY1MzRE MUZCMTFFREEwQTMxQzJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAJniBQwDQYJKoZIhvcNAQELBQADggEBAHwzmNAzG6I4XkQe kJap2U4Q3VKCE5sQSz4zwF/ogmjEE19+wbRJTgtvUIQGjbvp/vBoI50KoCprhleR dfR2p5YHOiU7K/d9+uhvuvlmsQ/L8vITnHl/Yu/YnxKNObl44KoWbiuwPa6pUNCl G3rb9y5HhMc+kVJlo3a4V4I38mZRcKpWG6wcFX6vGJ2esl9KqeDuhBFzCHw36qqi 0gWxAm8UCxJ+yzUt7spA/LAEgtZ/t3ZwQDtPe+UWrDIrgvgEHmD5F9WdXBpocqx+ bC9gkO3w2jdX86LHMjuz/uROx0dAB64FJNlTqOwID6GfxXMr7pRgkSn5k+SkmbUe /a3Ho0M= -----END CERTIFICATE-----Generated at Wed Nov 5 11:50:24 2025 by rpki-client