$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/2CF214DC93A611F0B9B44571C4F9AE02.roa File: 2CF214DC93A611F0B9B44571C4F9AE02.roa (raw, json) Hash identifier: gDTlO8JdKBOhrYpdJ9YbTAbJbDClxcUd9QV6sNxI620= Subject key identifier: 53:5D:47:24:11:E0:B2:6E:E3:D5:CB:73:2D:BC:E4:67:F6:E1:C2:8E Certificate issuer: /CN=A91F2152/serialNumber=243E4829ABF2F909C12DDA044FE5D36B82105392 Certificate serial: 0C94 Authority key identifier: 24:3E:48:29:AB:F2:F9:09:C1:2D:DA:04:4F:E5:D3:6B:82:10:53:92 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/2CF214DC93A611F0B9B44571C4F9AE02.roa Signing time: Thu 18 Sep 2025 07:55:10 +0000 ROA not before: Thu 18 Sep 2025 07:55:10 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 135037 IP address blocks: 103.206.228.0/23 maxlen: 23 103.206.228.0/24 maxlen: 24 103.206.229.0/24 maxlen: 24 103.206.230.0/24 maxlen: 24 2405:82c0::/32 maxlen: 32 2405:82c0::/48 maxlen: 48 2405:82c0:1000::/48 maxlen: 48 2405:82c0:2000::/48 maxlen: 48 2405:82c0:3000::/48 maxlen: 48 2405:82c0:4000::/48 maxlen: 48 2405:82c0:5000::/48 maxlen: 48 2405:82c0:6000::/48 maxlen: 48 2405:82c0:7000::/48 maxlen: 48 2405:82c0:8000::/48 maxlen: 48 2405:82c0:9000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.crl rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Sep 2025 18:36:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3220 (0xc94) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F2152, serialNumber=243E4829ABF2F909C12DDA044FE5D36B82105392 Validity Not Before: Sep 18 07:55:10 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=68cbbade-fd95 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:1e:8e:7f:29:a9:12:95:69:dd:42:2b:36:74: 7d:8c:4e:80:2c:22:f9:26:ab:90:c5:17:e2:b0:2d: 04:ec:bb:6c:e4:6e:7c:e0:c6:8b:b4:01:78:06:21: 46:9e:8a:e4:e5:83:b7:74:53:74:22:c9:40:1e:d6: 79:5b:a8:bf:e6:89:a4:96:af:f1:b4:dc:c2:88:cc: 0f:1a:2b:a6:86:23:82:5b:74:ad:88:4a:98:4a:d2: e6:e0:32:4f:28:21:f5:41:af:71:dd:3e:38:0d:7d: 93:ab:f7:f3:e1:3d:d4:25:72:22:ed:45:69:57:53: 9b:0e:2b:54:aa:c5:4a:60:ca:44:54:48:d9:d9:8c: d9:44:38:f7:3c:8c:42:17:37:e6:4b:4c:47:99:33: a5:53:84:93:4c:3e:00:d2:87:10:22:65:80:e0:23: 17:46:62:96:7c:63:5c:e2:d8:07:30:34:0b:38:04: 86:2d:4a:02:2a:d7:07:42:ef:70:8a:0c:b0:2f:08: fe:93:40:5f:ca:7d:ad:15:27:7d:86:91:11:9c:1c: 5c:73:63:30:54:0c:76:19:e0:b5:23:d4:63:dd:de: 8f:ac:be:ab:02:b2:71:5a:75:58:72:85:9d:4f:f7: 21:02:a4:3b:98:a2:70:ea:b1:d1:ea:9d:20:10:62: cc:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:5D:47:24:11:E0:B2:6E:E3:D5:CB:73:2D:BC:E4:67:F6:E1:C2:8E X509v3 Authority Key Identifier: keyid:24:3E:48:29:AB:F2:F9:09:C1:2D:DA:04:4F:E5:D3:6B:82:10:53:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/2CF214DC93A611F0B9B44571C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.206.228.0-103.206.230.255 IPv6: 2405:82c0::/32 Signature Algorithm: sha256WithRSAEncryption 6a:72:79:23:74:05:7a:8b:9a:d9:dc:03:bc:b0:a7:f0:47:c8: 68:d8:96:67:fc:1f:98:ed:b0:b0:67:f0:4c:87:2d:02:e3:82: 80:65:a3:2f:2b:d0:27:d0:46:13:28:d8:7d:b0:11:6a:61:db: 49:b2:d3:24:eb:3c:48:7f:0b:f8:43:0c:44:64:f6:08:ec:f3: 06:73:ce:f7:8d:4d:4c:96:32:af:b0:8e:f0:0b:01:8f:ad:e5: 81:0a:60:af:60:ac:e0:44:dc:9b:4c:7b:a9:b2:fd:26:d4:46: f6:20:32:d5:81:40:a8:c7:ea:83:68:3f:af:71:16:bc:7b:c5: 4c:33:8b:07:ff:32:63:d4:75:bc:54:20:85:70:4a:a4:11:1b: cc:f5:ff:4f:f5:2c:e6:2e:b4:5f:fc:b0:f8:f2:6e:a0:8c:58: 5d:8c:7a:47:0c:03:fa:2d:98:a5:e4:7f:e6:36:96:a7:22:43: 6e:e2:b8:54:49:c1:b5:e4:6c:3d:64:bf:9a:40:93:cb:27:37: 1b:32:0b:4a:9a:30:ae:3d:f1:19:e2:28:3d:50:c6:fb:fc:2b: e3:3f:25:79:70:e5:05:5e:e0:f8:66:f2:82:dd:c3:06:05:f2: e8:b1:a3:13:bc:2f:cf:10:5a:fc:60:89:94:73:45:ec:36:b1: 90:54:ae:f0 -----BEGIN CERTIFICATE----- MIIFiDCCBHCgAwIBAgICDJQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjIxNTIxMTAvBgNVBAUTKDI0M0U0ODI5QUJGMkY5MDlDMTJEREEwNDRGRTVEMzZC ODIxMDUzOTIwHhcNMjUwOTE4MDc1NTEwWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGNiYmFkZS1mZDk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0h6OfympEpVp3UIrNnR9jE6ALCL5JquQxRfisC0E7Lts5G584MaLtAF4BiFG nork5YO3dFN0IslAHtZ5W6i/5omklq/xtNzCiMwPGiumhiOCW3StiEqYStLm4DJP KCH1Qa9x3T44DX2Tq/fz4T3UJXIi7UVpV1ObDitUqsVKYMpEVEjZ2YzZRDj3PIxC FzfmS0xHmTOlU4STTD4A0ocQImWA4CMXRmKWfGNc4tgHMDQLOASGLUoCKtcHQu9w igywLwj+k0Bfyn2tFSd9hpERnBxcc2MwVAx2GeC1I9Rj3d6PrL6rArJxWnVYcoWd T/chAqQ7mKJw6rHR6p0gEGLM5wIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFFNdRyQR 4LJu49XLcy285Gf24cKOMB8GA1UdIwQYMBaAFCQ+SCmr8vkJwS3aBE/l02uCEFOS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMjE1Mi9CN0M2QzYwMDA2 RDIxMUVBOEFBQzkzNDRDNEY5QUUwMi9KRDVJS2F2eS1RbkJMZG9FVC1YVGE0SVFV NUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0pENUlLYXZ5LVFuQkxkb0VULVhUYTRJUVU1SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjIxNTIvQjdDNkM2MDAwNkQyMTFFQThBQUM5MzQ0QzRGOUFFMDIvMkNGMjE0REM5 M0E2MTFGMEI5QjQ0NTcxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E JzAlMBQEAgABMA4wDAMEAmfO5AMEAGfO5jANBAIAAjAHAwUAJAWCwDANBgkqhkiG 9w0BAQsFAAOCAQEAanJ5I3QFeoua2dwDvLCn8EfIaNiWZ/wfmO2wsGfwTIctAuOC gGWjLyvQJ9BGEyjYfbARamHbSbLTJOs8SH8L+EMMRGT2COzzBnPO941NTJYyr7CO 8AsBj63lgQpgr2Cs4ETcm0x7qbL9JtRG9iAy1YFAqMfqg2g/r3EWvHvFTDOLB/8y Y9R1vFQghXBKpBEbzPX/T/Us5i60X/yw+PJuoIxYXYx6RwwD+i2YpeR/5jaWpyJD buK4VEnBteRsPWS/mkCTyyc3GzILSpowrj3xGeIoPVDG+/wr4z8leXDlBV7g+Gby gt3DBgXy6LGjE7wvzxBa/GCJlHNF7DaxkFSu8A== -----END CERTIFICATE-----Generated at Thu Sep 18 22:02:38 2025 by rpki-client