$ rpki-client -vvf rpki.apnic.net/member_repository/A91D3037/8B8DE27E8EDC11F09880C478C4F9AE02/0A16B10E8EE011F09A1AE72BC4F9AE02.roa File: 0A16B10E8EE011F09A1AE72BC4F9AE02.roa (raw, json) Hash identifier: 49rBi75NWLedbZFV/zCs/LhYwYBaC9SkJOjaSAzVrHk= Subject key identifier: 66:99:97:80:16:BE:AC:B7:CD:E4:79:E6:F8:9C:66:D0:63:FD:68:F3 Certificate issuer: /CN=A91D3037/serialNumber=B64B81042AB411607D86076FEFC9E59626BB8816 Certificate serial: 0C Authority key identifier: B6:4B:81:04:2A:B4:11:60:7D:86:07:6F:EF:C9:E5:96:26:BB:88:16 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tkuBBCq0EWB9hgdv78nllia7iBY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D3037/8B8DE27E8EDC11F09880C478C4F9AE02/0A16B10E8EE011F09A1AE72BC4F9AE02.roa Signing time: Thu 11 Sep 2025 07:39:53 +0000 ROA not before: Thu 11 Sep 2025 07:39:53 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 55843 IP address blocks: 49.128.8.0/22 maxlen: 22 49.128.8.0/23 maxlen: 23 49.128.8.0/24 maxlen: 24 49.128.9.0/24 maxlen: 24 49.128.10.0/23 maxlen: 23 49.128.10.0/24 maxlen: 24 49.128.11.0/24 maxlen: 24 103.13.128.0/22 maxlen: 22 103.13.128.0/23 maxlen: 23 103.13.128.0/24 maxlen: 24 103.13.129.0/24 maxlen: 24 103.13.130.0/23 maxlen: 23 103.13.130.0/24 maxlen: 24 103.13.131.0/24 maxlen: 24 103.29.108.0/22 maxlen: 22 103.29.108.0/23 maxlen: 23 103.29.108.0/24 maxlen: 24 103.29.109.0/24 maxlen: 24 103.29.110.0/23 maxlen: 23 103.29.110.0/24 maxlen: 24 103.29.111.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D3037/8B8DE27E8EDC11F09880C478C4F9AE02/tkuBBCq0EWB9hgdv78nllia7iBY.crl rsync://rpki.apnic.net/member_repository/A91D3037/8B8DE27E8EDC11F09880C478C4F9AE02/tkuBBCq0EWB9hgdv78nllia7iBY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tkuBBCq0EWB9hgdv78nllia7iBY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 26 Sep 2025 08:53:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12 (0xc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D3037, serialNumber=B64B81042AB411607D86076FEFC9E59626BB8816 Validity Not Before: Sep 11 07:39:53 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=68c27cc9-10e5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:98:99:d5:b6:ad:ed:76:0c:e8:35:8b:a0:7f: f9:de:c5:3e:68:e4:f9:76:46:01:f5:63:0f:42:61: fb:f9:d4:9b:8e:02:11:57:6b:4e:d3:cf:f6:53:b1: 8a:42:6c:4e:2c:0e:8f:8c:00:a5:97:b8:e9:ef:b9: c4:b7:fd:aa:66:d5:ef:78:8f:65:f6:42:c5:f2:f5: 9d:ff:1d:89:47:f4:3c:7a:2d:a4:ff:79:51:34:ee: d1:3e:07:58:24:f2:0b:31:28:8f:2e:93:42:ad:9c: 9c:2c:92:5d:06:d4:93:3c:e6:9d:52:fc:1d:92:c6: e8:00:0e:56:e5:27:3a:04:54:eb:a7:a5:29:e6:f9: 3e:73:b6:d4:de:ef:b1:df:f3:8c:94:8c:4d:ed:2a: f0:1d:72:87:21:ae:39:54:6e:e2:b5:fa:ec:11:f7: f5:65:55:14:32:e7:30:56:fc:74:b9:02:d7:bc:82: 0d:0e:35:2b:f3:1f:ae:aa:ab:f1:5b:a1:48:1b:01: 94:e8:65:6f:54:ba:b7:86:81:f2:04:9f:dd:d0:ec: fa:58:c2:06:55:d2:51:54:1c:32:f3:44:81:58:6f: 88:5a:6d:f7:4c:6f:45:77:d5:0a:cd:da:aa:e1:cb: 9b:63:39:c9:5b:81:6f:e1:ac:94:d1:d9:f7:4c:aa: 57:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:99:97:80:16:BE:AC:B7:CD:E4:79:E6:F8:9C:66:D0:63:FD:68:F3 X509v3 Authority Key Identifier: keyid:B6:4B:81:04:2A:B4:11:60:7D:86:07:6F:EF:C9:E5:96:26:BB:88:16 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D3037/8B8DE27E8EDC11F09880C478C4F9AE02/tkuBBCq0EWB9hgdv78nllia7iBY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tkuBBCq0EWB9hgdv78nllia7iBY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D3037/8B8DE27E8EDC11F09880C478C4F9AE02/0A16B10E8EE011F09A1AE72BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 49.128.8.0/22 103.13.128.0/22 103.29.108.0/22 Signature Algorithm: sha256WithRSAEncryption 19:9c:8a:77:02:f5:9a:b6:32:40:2a:d9:32:89:d2:a2:e3:31: 7d:ec:ee:2f:cf:fb:c5:6d:b7:9f:24:8a:6b:1e:c5:b4:95:82: 81:6e:44:14:41:a1:a9:83:52:01:e4:55:db:28:24:b6:54:9b: ea:70:a4:9a:bd:1c:d0:de:5d:f6:a1:2e:58:0f:9a:dc:c1:1c: 25:97:73:57:d6:b3:5c:32:a3:6d:68:84:a0:96:76:d1:71:51: 11:78:c0:59:28:0a:22:7b:b4:45:1b:e3:70:0c:c6:0b:89:01: f9:78:b7:1f:08:9b:cf:14:30:1f:78:28:9f:eb:20:b2:63:2b: d4:81:2f:d6:3c:9d:15:34:6e:a4:9e:f8:03:bb:dc:5b:d5:81: ee:1e:70:c2:43:34:fb:ba:72:4d:30:d1:b8:1c:a2:83:a0:3b: 83:ff:3a:28:7b:c1:c4:61:7a:b9:de:66:60:19:79:1c:f3:80: 40:15:d7:b7:b5:ae:cf:8f:0a:7d:af:ca:de:11:0d:7e:dd:df: 90:96:83:a5:41:f0:45:10:ef:06:ec:c0:9d:a8:7b:cb:c3:a9: 05:dc:27:e0:a9:05:fe:59:72:16:c6:97:ef:d6:65:fd:0b:93: 77:5e:01:d1:c3:c8:6a:ca:8c:4c:96:22:b3:60:d7:00:5f:24: 2e:80:b5:eb -----BEGIN CERTIFICATE----- MIIFfDCCBGSgAwIBAgIBDDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE MzAzNzExMC8GA1UEBRMoQjY0QjgxMDQyQUI0MTE2MDdEODYwNzZGRUZDOUU1OTYy NkJCODgxNjAeFw0yNTA5MTEwNzM5NTNaFw0yNjA5MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY4YzI3Y2M5LTEwZTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDEmJnVtq3tdgzoNYugf/nexT5o5Pl2RgH1Yw9CYfv51JuOAhFXa07Tz/ZTsYpC bE4sDo+MAKWXuOnvucS3/apm1e94j2X2QsXy9Z3/HYlH9Dx6LaT/eVE07tE+B1gk 8gsxKI8uk0KtnJwskl0G1JM85p1S/B2SxugADlblJzoEVOunpSnm+T5zttTe77Hf 84yUjE3tKvAdcochrjlUbuK1+uwR9/VlVRQy5zBW/HS5Ate8gg0ONSvzH66qq/Fb oUgbAZToZW9UureGgfIEn93Q7PpYwgZV0lFUHDLzRIFYb4habfdMb0V31QrN2qrh y5tjOclbgW/hrJTR2fdMqldlAgMBAAGjggKhMIICnTAdBgNVHQ4EFgQUZpmXgBa+ rLfN5Hnm+Jxm0GP9aPMwHwYDVR0jBBgwFoAUtkuBBCq0EWB9hgdv78nllia7iBYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQzMDM3LzhCOERFMjdFOEVE QzExRjA5ODgwQzQ3OEM0RjlBRTAyL3RrdUJCQ3EwRVdCOWhnZHY3OG5sbGlhN2lC WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvdGt1QkJDcTBFV0I5aGdkdjc4bmxsaWE3aUJZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MzAzNy84QjhERTI3RThFREMxMUYwOTg4MEM0NzhDNEY5QUUwMi8wQTE2QjEwRThF RTAxMUYwOUExQUU3MkJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDArBggrBgEFBQcBBwEB/wQc MBowGAQCAAEwEgMEAjGACAMEAmcNgAMEAmcdbDANBgkqhkiG9w0BAQsFAAOCAQEA GZyKdwL1mrYyQCrZMonSouMxfezuL8/7xW23nySKax7FtJWCgW5EFEGhqYNSAeRV 2ygktlSb6nCkmr0c0N5d9qEuWA+a3MEcJZdzV9azXDKjbWiEoJZ20XFREXjAWSgK Inu0RRvjcAzGC4kB+Xi3HwibzxQwH3gon+sgsmMr1IEv1jydFTRupJ74A7vcW9WB 7h5wwkM0+7pyTTDRuByig6A7g/86KHvBxGF6ud5mYBl5HPOAQBXXt7Wuz48Kfa/K 3hENft3fkJaDpUHwRRDvBuzAnah7y8OpBdwn4KkF/llyFsaX79Zl/QuTd14B0cPI asqMTJYis2DXAF8kLoC16w== -----END CERTIFICATE-----Generated at Fri Sep 19 16:48:12 2025 by rpki-client