$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA13E/54D6A50E06B511EB9372D32BC4F9AE02/298965AC06B611EBBBFD6B2CC4F9AE02.roa File: 298965AC06B611EBBBFD6B2CC4F9AE02.roa (raw, json) Hash identifier: U1bQn0cREbDCYE8np1FOgxq7ZLPbZTRmflBcUUu8DFM= Subject key identifier: 92:70:FB:23:45:29:39:E2:AE:26:F4:A6:6E:F2:A8:4D:2F:55:F7:7A Certificate issuer: /CN=A91DA13E/serialNumber=DE8A8DA70E165009D140D9F624524DC4D479D5E8 Certificate serial: 07F9 Authority key identifier: DE:8A:8D:A7:0E:16:50:09:D1:40:D9:F6:24:52:4D:C4:D4:79:D5:E8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3oqNpw4WUAnRQNn2JFJNxNR51eg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DA13E/54D6A50E06B511EB9372D32BC4F9AE02/298965AC06B611EBBBFD6B2CC4F9AE02.roa Signing time: Thu 28 Aug 2025 08:51:35 +0000 ROA not before: Thu 28 Aug 2025 08:51:35 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 55720 IP address blocks: 103.27.74.0/24 maxlen: 24 103.100.152.0/24 maxlen: 24 220.158.200.0/24 maxlen: 24 220.158.201.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DA13E/54D6A50E06B511EB9372D32BC4F9AE02/3oqNpw4WUAnRQNn2JFJNxNR51eg.crl rsync://rpki.apnic.net/member_repository/A91DA13E/54D6A50E06B511EB9372D32BC4F9AE02/3oqNpw4WUAnRQNn2JFJNxNR51eg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3oqNpw4WUAnRQNn2JFJNxNR51eg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 19 Oct 2025 22:26:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2041 (0x7f9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DA13E, serialNumber=DE8A8DA70E165009D140D9F624524DC4D479D5E8 Validity Not Before: Aug 28 08:51:35 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=68b01897-a32f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:f1:28:ea:f4:27:98:59:66:b2:e3:46:ad:ba: 55:21:8a:3c:e6:d4:40:e4:33:fd:9c:f4:db:ac:48: e7:f1:10:d5:00:3e:8e:17:5c:f1:67:96:15:16:6e: 8f:ec:04:99:df:d1:db:e2:71:9b:cc:c3:ae:04:ac: 9b:1b:d6:02:18:78:55:f1:16:35:9a:9c:70:b1:fc: 6d:27:13:1a:b4:fe:d4:b4:e8:f1:24:fe:39:c5:48: 90:75:55:cb:62:3a:5a:3d:09:60:42:12:2d:41:f8: e8:e9:93:67:bc:23:32:6a:25:bb:02:8d:f0:d6:69: ca:8f:8b:a6:26:57:d5:b6:07:24:e1:42:41:06:30: ad:4f:d7:4c:8a:22:62:eb:ea:82:9d:95:0a:20:20: 96:64:d5:cc:0f:dd:d1:c6:6b:26:39:03:72:ba:cb: 84:1e:7d:52:f8:1f:37:89:80:24:f2:8f:c5:76:16: c7:00:1b:60:de:d6:5f:e6:d7:fd:9e:fc:ff:43:09: 1b:4b:47:8f:c5:e0:ac:8a:1e:f3:69:20:68:9e:7d: e6:5f:7b:85:13:e0:a5:e1:8d:83:09:9a:a0:b7:2e: fd:ea:e4:71:37:ff:9a:1d:bb:30:69:12:d9:98:f3: 17:18:fb:71:ac:05:a4:9f:0c:0d:d5:b3:8b:a2:b4: 53:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:70:FB:23:45:29:39:E2:AE:26:F4:A6:6E:F2:A8:4D:2F:55:F7:7A X509v3 Authority Key Identifier: keyid:DE:8A:8D:A7:0E:16:50:09:D1:40:D9:F6:24:52:4D:C4:D4:79:D5:E8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DA13E/54D6A50E06B511EB9372D32BC4F9AE02/3oqNpw4WUAnRQNn2JFJNxNR51eg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3oqNpw4WUAnRQNn2JFJNxNR51eg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA13E/54D6A50E06B511EB9372D32BC4F9AE02/298965AC06B611EBBBFD6B2CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.27.74.0/24 103.100.152.0/24 220.158.200.0/23 Signature Algorithm: sha256WithRSAEncryption a5:12:f3:41:49:8b:7d:c1:46:0c:90:8d:09:d4:81:00:9c:31: cb:af:83:fb:ec:fc:37:70:cb:b0:f2:56:66:c5:e8:6e:28:59: db:d3:7d:fe:bd:d1:b7:6b:b3:0b:cf:4c:c7:b0:a7:cc:00:bd: a2:83:36:a2:f4:51:36:e4:27:7a:b4:77:df:34:c3:a6:c7:05: 32:e2:06:b7:ab:7c:fe:87:31:0a:0c:77:e9:3d:d6:76:86:e5: f1:45:54:6e:a2:f7:f0:fe:6d:86:97:e3:62:ec:be:5a:0a:3e: 31:0b:82:ee:91:c4:3f:d1:27:a4:19:d5:7e:dc:77:67:49:a4: 1f:14:de:9f:00:ea:a8:5e:0a:85:a0:d6:07:59:4f:37:f0:f0: fa:65:77:47:0d:f2:50:23:30:de:21:3b:f1:0b:48:35:5c:7b: be:a2:1b:7e:b8:f4:3d:4d:12:7c:d9:6f:a8:b8:37:ef:07:e6: 0c:2f:94:87:95:48:ea:89:53:7e:e0:d5:8d:d1:84:a3:7d:8d: 2f:d8:37:8b:df:17:02:02:a6:75:fb:05:0e:07:4c:4f:53:a6: 6f:26:d1:d2:92:da:e6:0a:79:c6:46:23:d0:a7:2d:a3:39:bc: 84:fd:b3:f3:cf:67:87:ca:c5:49:ec:7c:a9:5b:a9:3c:3f:dd: 4e:25:41:8d -----BEGIN CERTIFICATE----- MIIFfTCCBGWgAwIBAgICB/kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REExM0UxMTAvBgNVBAUTKERFOEE4REE3MEUxNjUwMDlEMTQwRDlGNjI0NTI0REM0 RDQ3OUQ1RTgwHhcNMjUwODI4MDg1MTM1WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGIwMTg5Ny1hMzJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAp/Eo6vQnmFlmsuNGrbpVIYo85tRA5DP9nPTbrEjn8RDVAD6OF1zxZ5YVFm6P 7ASZ39Hb4nGbzMOuBKybG9YCGHhV8RY1mpxwsfxtJxMatP7UtOjxJP45xUiQdVXL YjpaPQlgQhItQfjo6ZNnvCMyaiW7Ao3w1mnKj4umJlfVtgck4UJBBjCtT9dMiiJi 6+qCnZUKICCWZNXMD93RxmsmOQNyusuEHn1S+B83iYAk8o/FdhbHABtg3tZf5tf9 nvz/QwkbS0ePxeCsih7zaSBonn3mX3uFE+Cl4Y2DCZqgty796uRxN/+aHbswaRLZ mPMXGPtxrAWknwwN1bOLorRTTwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFJJw+yNF KTnirib0pm7yqE0vVfd6MB8GA1UdIwQYMBaAFN6KjacOFlAJ0UDZ9iRSTcTUedXo MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTEzRS81NEQ2QTUwRTA2 QjUxMUVCOTM3MkQzMkJDNEY5QUUwMi8zb3FOcHc0V1VBblJRTm4ySkZKTnhOUjUx ZWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNvcU5wdzRXVUFuUlFObjJKRkpOeE5SNTFlZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx REExM0UvNTRENkE1MEUwNkI1MTFFQjkzNzJEMzJCQzRGOUFFMDIvMjk4OTY1QUMw NkI2MTFFQkJCRkQ2QjJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E HDAaMBgEAgABMBIDBABnG0oDBABnZJgDBAHcnsgwDQYJKoZIhvcNAQELBQADggEB AKUS80FJi33BRgyQjQnUgQCcMcuvg/vs/Ddwy7DyVmbF6G4oWdvTff690bdrswvP TMewp8wAvaKDNqL0UTbkJ3q0d980w6bHBTLiBrerfP6HMQoMd+k91naG5fFFVG6i 9/D+bYaX42LsvloKPjELgu6RxD/RJ6QZ1X7cd2dJpB8U3p8A6qheCoWg1gdZTzfw 8Ppld0cN8lAjMN4hO/ELSDVce76iG3649D1NEnzZb6i4N+8H5gwvlIeVSOqJU37g 1Y3RhKN9jS/YN4vfFwICpnX7BQ4HTE9Tpm8m0dKS2uYKecZGI9CnLaM5vIT9s/PP Z4fKxUnsfKlbqTw/3U4lQY0= -----END CERTIFICATE-----Generated at Tue Oct 14 03:11:44 2025 by rpki-client