$ rpki-client -vvf rpki.apnic.net/member_repository/A91D8185/8501153284AC11F08D3AB979C4F9AE02/CC2C3CB684AC11F0B7B8977DC4F9AE02.roa File: CC2C3CB684AC11F0B7B8977DC4F9AE02.roa (raw, json) Hash identifier: Iyg31gxgmZNKpKPcyuwxT2WShJvbdC1BGcvDKYneqcE= Subject key identifier: 2C:D9:4B:35:B7:E8:88:C6:06:E3:77:96:FC:95:B8:4F:7D:3D:F5:B8 Certificate issuer: /CN=A91D8185/serialNumber=89784D6D938B05CC3B7B666E5E7AEE9223DE4D70 Certificate serial: 04 Authority key identifier: 89:78:4D:6D:93:8B:05:CC:3B:7B:66:6E:5E:7A:EE:92:23:DE:4D:70 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iXhNbZOLBcw7e2ZuXnrukiPeTXA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D8185/8501153284AC11F08D3AB979C4F9AE02/CC2C3CB684AC11F0B7B8977DC4F9AE02.roa Signing time: Fri 29 Aug 2025 07:51:03 +0000 ROA not before: Fri 29 Aug 2025 07:51:03 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 153995 IP address blocks: 103.161.158.0/23 maxlen: 23 103.161.158.0/24 maxlen: 24 103.161.159.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D8185/8501153284AC11F08D3AB979C4F9AE02/iXhNbZOLBcw7e2ZuXnrukiPeTXA.crl rsync://rpki.apnic.net/member_repository/A91D8185/8501153284AC11F08D3AB979C4F9AE02/iXhNbZOLBcw7e2ZuXnrukiPeTXA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iXhNbZOLBcw7e2ZuXnrukiPeTXA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 14 Sep 2025 08:39:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4 (0x4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D8185, serialNumber=89784D6D938B05CC3B7B666E5E7AEE9223DE4D70 Validity Not Before: Aug 29 07:51:03 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=68b15be6-4e82 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:c8:54:5c:5f:aa:f2:11:30:11:cb:cc:ea:a1: 0a:09:db:bf:e8:a5:b4:cc:6d:1a:b1:82:0e:42:0c: c3:64:bf:eb:f9:c2:3c:48:cc:98:8b:84:16:9d:90: 94:d4:fe:8a:d3:92:10:0d:74:a4:5e:77:a5:2d:d7: 3c:10:34:10:3d:f5:b4:9c:df:a4:70:e6:cc:76:ad: a1:22:1c:29:e0:58:bf:c2:4b:49:66:94:a1:df:e0: ab:11:73:a6:1d:3b:a3:4d:21:04:c4:cf:c2:74:18: 25:dd:33:b6:7d:3d:8d:93:82:67:42:a9:07:c4:3e: 05:09:ab:c5:e2:4b:ec:03:c4:a6:cb:61:05:ee:75: 5b:d0:94:ef:94:38:e0:b5:4c:ad:15:b2:c3:c0:af: 5b:40:6d:e5:5d:65:44:95:0a:d4:4d:0e:eb:33:76: 03:46:97:c6:91:54:da:31:9a:30:c8:48:b4:e5:c3: 44:63:5a:d8:1e:01:57:99:ac:56:17:d1:50:51:95: ac:9e:f9:93:0f:db:3c:f9:2c:dc:6e:50:ef:40:50: 14:7e:23:5e:b9:25:c5:32:2b:c7:6a:92:70:99:e5: 9d:d3:8f:b0:4f:49:dc:30:cf:db:85:88:14:c6:49: aa:3d:b6:9b:a7:7e:d0:af:55:38:69:59:05:a0:83: 71:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:D9:4B:35:B7:E8:88:C6:06:E3:77:96:FC:95:B8:4F:7D:3D:F5:B8 X509v3 Authority Key Identifier: keyid:89:78:4D:6D:93:8B:05:CC:3B:7B:66:6E:5E:7A:EE:92:23:DE:4D:70 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D8185/8501153284AC11F08D3AB979C4F9AE02/iXhNbZOLBcw7e2ZuXnrukiPeTXA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iXhNbZOLBcw7e2ZuXnrukiPeTXA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D8185/8501153284AC11F08D3AB979C4F9AE02/CC2C3CB684AC11F0B7B8977DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.161.158.0/23 Signature Algorithm: sha256WithRSAEncryption 5e:b9:2c:cf:79:64:cc:e7:5e:e2:89:bd:6d:67:6a:1d:d1:41: af:3d:10:9a:db:5e:db:e8:85:59:b4:02:36:7b:0c:3a:91:60: 3b:42:f4:03:de:6f:73:22:8b:3a:43:02:51:13:bb:d4:0b:0c: 76:e6:38:23:ec:e2:8c:03:d1:b1:c3:d6:6e:3b:aa:84:58:f4: fc:0d:f0:eb:5b:c5:fb:cc:3a:00:8d:ca:c4:67:c9:26:42:8b: 40:26:84:e7:1c:0e:20:d6:b9:51:46:d1:ae:6e:dc:ab:b3:5e: 2f:64:17:e0:ee:99:c2:41:96:be:1f:45:3b:6f:c6:7e:e9:70: a9:fa:4b:62:2b:e3:15:7c:23:4a:a1:42:b7:94:3c:e4:0b:a8: c6:4a:36:bf:a6:e2:e4:b9:93:7a:35:3a:f0:e6:04:05:a8:84: 96:6a:21:bc:48:f6:e0:72:66:fe:99:d5:6f:8b:c0:92:59:69: 34:19:e7:88:22:97:70:16:02:b0:e1:87:7f:0a:b4:cf:2f:06: 2a:1c:f9:6e:9f:30:55:d9:11:74:99:6a:7b:65:b9:4b:23:7a: fe:75:80:fb:33:2f:8c:da:33:f8:ef:f2:3f:4c:c9:33:d3:92: 61:0c:be:ef:d4:e4:a6:c4:28:84:9f:3d:f4:30:8b:f7:36:03: c8:70:54:7b -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE ODE4NTExMC8GA1UEBRMoODk3ODRENkQ5MzhCMDVDQzNCN0I2NjZFNUU3QUVFOTIy M0RFNEQ3MDAeFw0yNTA4MjkwNzUxMDNaFw0yNjAzMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4YjE1YmU2LTRlODIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDfyFRcX6ryETARy8zqoQoJ27/opbTMbRqxgg5CDMNkv+v5wjxIzJiLhBadkJTU /orTkhANdKRed6Ut1zwQNBA99bSc36Rw5sx2raEiHCngWL/CS0lmlKHf4KsRc6Yd O6NNIQTEz8J0GCXdM7Z9PY2TgmdCqQfEPgUJq8XiS+wDxKbLYQXudVvQlO+UOOC1 TK0VssPAr1tAbeVdZUSVCtRNDuszdgNGl8aRVNoxmjDISLTlw0RjWtgeAVeZrFYX 0VBRlaye+ZMP2zz5LNxuUO9AUBR+I165JcUyK8dqknCZ5Z3Tj7BPSdwwz9uFiBTG Sao9tpunftCvVThpWQWgg3GNAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQULNlLNbfo iMYG43eW/JW4T3099bgwHwYDVR0jBBgwFoAUiXhNbZOLBcw7e2ZuXnrukiPeTXAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ4MTg1Lzg1MDExNTMyODRB QzExRjA4RDNBQjk3OUM0RjlBRTAyL2lYaE5iWk9MQmN3N2UyWnVYbnJ1a2lQZVRY QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvaVhoTmJaT0xCY3c3ZTJadVhucnVraVBlVFhBLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE ODE4NS84NTAxMTUzMjg0QUMxMUYwOEQzQUI5NzlDNEY5QUUwMi9DQzJDM0NCNjg0 QUMxMUYwQjdCODk3N0RDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAWehnjANBgkqhkiG9w0BAQsFAAOCAQEAXrksz3lkzOde4om9 bWdqHdFBrz0Qmtte2+iFWbQCNnsMOpFgO0L0A95vcyKLOkMCURO71AsMduY4I+zi jAPRscPWbjuqhFj0/A3w61vF+8w6AI3KxGfJJkKLQCaE5xwOINa5UUbRrm7cq7Ne L2QX4O6ZwkGWvh9FO2/GfulwqfpLYivjFXwjSqFCt5Q85Auoxko2v6bi5LmTejU6 8OYEBaiElmohvEj24HJm/pnVb4vAkllpNBnniCKXcBYCsOGHfwq0zy8GKhz5bp8w VdkRdJlqe2W5SyN6/nWA+zMvjNoz+O/yP0zJM9OSYQy+79TkpsQohJ899DCL9zYD yHBUew== -----END CERTIFICATE-----Generated at Tue Sep 9 08:00:48 2025 by rpki-client