$ rpki-client -vvf rpki.apnic.net/member_repository/A91798AD/70EFB4ACFE2A11E68F2C5A13C4F9AE02/398B3186FE5111E6BCEC6E72C4F9AE02.roa File: 398B3186FE5111E6BCEC6E72C4F9AE02.roa (raw, json) Hash identifier: T9+Dc0WSoJhtGdsfkrH1jqSLtL2q8TNFDLOAk1Ci3QY= Subject key identifier: 67:F9:C4:7E:9F:79:03:B8:D0:67:53:EB:6C:C9:E6:A7:1E:25:9D:9B Certificate issuer: /CN=A91798AD/serialNumber=7C1A0F48EA43231FA3343D592821EF29E8D2B31B Certificate serial: 1C91 Authority key identifier: 7C:1A:0F:48:EA:43:23:1F:A3:34:3D:59:28:21:EF:29:E8:D2:B3:1B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fBoPSOpDIx-jND1ZKCHvKejSsxs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91798AD/70EFB4ACFE2A11E68F2C5A13C4F9AE02/398B3186FE5111E6BCEC6E72C4F9AE02.roa Signing time: Tue 02 Sep 2025 16:34:39 +0000 ROA not before: Tue 02 Sep 2025 16:34:39 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 17922 IP address blocks: 114.4.64.0/24 maxlen: 24 114.4.65.0/24 maxlen: 24 114.4.66.0/24 maxlen: 24 114.4.67.0/24 maxlen: 24 114.4.68.0/24 maxlen: 24 114.4.69.0/24 maxlen: 24 114.4.70.0/24 maxlen: 24 114.4.71.0/24 maxlen: 24 124.195.38.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91798AD/70EFB4ACFE2A11E68F2C5A13C4F9AE02/fBoPSOpDIx-jND1ZKCHvKejSsxs.crl rsync://rpki.apnic.net/member_repository/A91798AD/70EFB4ACFE2A11E68F2C5A13C4F9AE02/fBoPSOpDIx-jND1ZKCHvKejSsxs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fBoPSOpDIx-jND1ZKCHvKejSsxs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Sep 2025 16:18:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7313 (0x1c91) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91798AD, serialNumber=7C1A0F48EA43231FA3343D592821EF29E8D2B31B Validity Not Before: Sep 2 16:34:39 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=68b71c9f-2202 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:57:73:d4:f1:2e:75:53:d1:c2:38:5a:d2:d7: 71:1f:46:a5:0c:02:9b:5a:8b:03:5f:a0:9b:88:80: f4:3e:55:9d:34:a4:d2:57:c6:37:c9:40:2e:23:3d: 56:4e:6d:4e:ed:c8:22:ff:fd:49:e9:d8:32:ac:6e: 28:d8:70:c4:c2:8f:ff:bb:c9:e9:1a:68:32:be:ae: 99:dd:b5:08:85:32:5d:33:06:6e:86:c0:eb:06:4c: e5:11:5d:25:d8:9e:b3:4d:58:8c:3d:f9:29:bd:85: 32:21:ae:c1:11:97:23:fa:ac:38:fb:9e:76:cc:65: 1e:70:ec:ab:c1:5e:a1:93:40:5b:55:64:42:de:2e: cf:ca:26:c8:a8:54:c6:71:7d:5a:f8:16:90:6f:ed: d5:e9:1a:da:36:6b:7e:8e:38:db:a2:b3:fa:07:46: 29:33:e8:3b:e8:af:fb:0a:96:5d:9d:9c:06:91:e6: 19:dd:09:3d:ab:51:e8:fe:61:4b:c0:17:f2:63:db: e8:b8:58:91:96:c4:85:87:9a:bf:9a:97:28:91:49: 52:4a:bc:a0:71:c8:19:26:88:01:b4:4c:21:9e:1f: fd:59:a4:dd:0a:99:28:e9:dc:15:d8:43:f4:4d:1d: 83:84:26:0f:08:84:eb:54:ed:90:9c:a3:ee:8a:a4: 03:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:F9:C4:7E:9F:79:03:B8:D0:67:53:EB:6C:C9:E6:A7:1E:25:9D:9B X509v3 Authority Key Identifier: keyid:7C:1A:0F:48:EA:43:23:1F:A3:34:3D:59:28:21:EF:29:E8:D2:B3:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91798AD/70EFB4ACFE2A11E68F2C5A13C4F9AE02/fBoPSOpDIx-jND1ZKCHvKejSsxs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fBoPSOpDIx-jND1ZKCHvKejSsxs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91798AD/70EFB4ACFE2A11E68F2C5A13C4F9AE02/398B3186FE5111E6BCEC6E72C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 114.4.64.0/21 124.195.38.0/23 Signature Algorithm: sha256WithRSAEncryption 38:24:b9:f4:f4:26:0a:48:48:a9:d8:06:cf:b6:2e:10:b3:09: 24:4c:af:85:88:be:fa:00:ea:3f:1f:65:75:5b:ad:42:6a:b7: 14:0b:9b:2e:cd:c4:73:50:65:d8:99:a5:20:57:2b:d9:fc:8c: ea:48:f0:14:f8:f1:48:8d:a2:40:a4:c9:ef:01:ef:c9:99:53: c9:99:c5:e4:12:f4:ef:71:31:1a:65:fd:cd:1b:af:43:c4:90: 6d:5b:66:21:e4:86:9b:6a:e3:12:7c:bd:93:f8:bf:5d:0c:cc: 2c:12:2c:fd:da:77:21:ed:3a:08:dc:44:c6:c3:d4:05:96:1f: 26:ab:2b:41:81:a7:40:07:1d:c1:aa:ac:9f:1f:6b:64:92:d9: bd:8d:31:2e:fd:8b:c3:4e:8f:55:4f:5e:fe:fc:e8:b0:cf:0a: 36:2c:5b:8e:d0:ba:09:6f:c8:50:cf:9c:b8:41:84:e1:aa:c9: fb:3a:67:76:81:c4:4d:7b:a4:14:20:f3:55:49:fb:a9:47:e3: fb:7f:97:5b:fa:36:c6:40:1c:7e:7c:d7:04:25:6b:1b:78:48: 15:8a:95:3b:ac:d0:5f:9a:c3:be:96:96:f3:74:42:43:96:b3: ec:77:80:15:37:d1:9c:2a:3e:7a:aa:8c:30:19:a0:0a:c8:a4: 68:af:1b:64 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICHJEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Nzk4QUQxMTAvBgNVBAUTKDdDMUEwRjQ4RUE0MzIzMUZBMzM0M0Q1OTI4MjFFRjI5 RThEMkIzMUIwHhcNMjUwOTAyMTYzNDM5WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGI3MWM5Zi0yMjAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8Fdz1PEudVPRwjha0tdxH0alDAKbWosDX6CbiID0PlWdNKTSV8Y3yUAuIz1W Tm1O7cgi//1J6dgyrG4o2HDEwo//u8npGmgyvq6Z3bUIhTJdMwZuhsDrBkzlEV0l 2J6zTViMPfkpvYUyIa7BEZcj+qw4+552zGUecOyrwV6hk0BbVWRC3i7PyibIqFTG cX1a+BaQb+3V6RraNmt+jjjborP6B0YpM+g76K/7CpZdnZwGkeYZ3Qk9q1Ho/mFL wBfyY9vouFiRlsSFh5q/mpcokUlSSrygccgZJogBtEwhnh/9WaTdCpko6dwV2EP0 TR2DhCYPCITrVO2QnKPuiqQDbwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFGf5xH6f eQO40GdT62zJ5qceJZ2bMB8GA1UdIwQYMBaAFHwaD0jqQyMfozQ9WSgh7yno0rMb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OThBRC83MEVGQjRBQ0ZF MkExMUU2OEYyQzVBMTNDNEY5QUUwMi9mQm9QU09wREl4LWpORDFaS0NIdktlalNz eHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ZCb1BTT3BESXgtak5EMVpLQ0h2S2VqU3N4cy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Nzk4QUQvNzBFRkI0QUNGRTJBMTFFNjhGMkM1QTEzQzRGOUFFMDIvMzk4QjMxODZG RTUxMTFFNkJDRUM2RTcyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBANyBEADBAF8wyYwDQYJKoZIhvcNAQELBQADggEBADgkufT0 JgpISKnYBs+2LhCzCSRMr4WIvvoA6j8fZXVbrUJqtxQLmy7NxHNQZdiZpSBXK9n8 jOpI8BT48UiNokCkye8B78mZU8mZxeQS9O9xMRpl/c0br0PEkG1bZiHkhptq4xJ8 vZP4v10MzCwSLP3adyHtOgjcRMbD1AWWHyarK0GBp0AHHcGqrJ8fa2SS2b2NMS79 i8NOj1VPXv786LDPCjYsW47QuglvyFDPnLhBhOGqyfs6Z3aBxE17pBQg81VJ+6lH 4/t/l1v6NsZAHH581wQlaxt4SBWKlTus0F+aw76WlvN0QkOWs+x3gBU30ZwqPnqq jDAZoArIpGivG2Q= -----END CERTIFICATE-----Generated at Sat Sep 6 20:02:51 2025 by rpki-client