$ rpki-client -vvf rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/C54DD1F45EDA11F0A5EAB579C4F9AE02.roa File: C54DD1F45EDA11F0A5EAB579C4F9AE02.roa (raw, json) Hash identifier: yvTiS/oFSBojbCtB284WFEZBM+3n1uqQBo+L9aW7vLk= Subject key identifier: 4F:80:27:B4:87:A4:08:55:4D:1A:43:8F:96:40:92:69:9B:F4:41:28 Certificate issuer: /CN=A91A25DF/serialNumber=D3CF64D5DB1761FCB6A552F068091330C5B5F53B Certificate serial: 03 Authority key identifier: D3:CF:64:D5:DB:17:61:FC:B6:A5:52:F0:68:09:13:30:C5:B5:F5:3B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/089k1dsXYfy2pVLwaAkTMMW19Ts.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/C54DD1F45EDA11F0A5EAB579C4F9AE02.roa Signing time: Sat 12 Jul 2025 04:43:35 +0000 ROA not before: Sat 12 Jul 2025 04:43:35 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 154031 IP address blocks: 165.101.154.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/089k1dsXYfy2pVLwaAkTMMW19Ts.crl rsync://rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/089k1dsXYfy2pVLwaAkTMMW19Ts.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/089k1dsXYfy2pVLwaAkTMMW19Ts.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 08:27:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3 (0x3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A25DF, serialNumber=D3CF64D5DB1761FCB6A552F068091330C5B5F53B Validity Not Before: Jul 12 04:43:35 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=6871e7f7-6526 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:50:d9:80:7d:cf:23:2c:b9:92:9c:c8:c0:6e: e7:01:ae:c9:29:67:c9:03:41:3e:1c:d3:36:0f:b3: 35:bc:28:06:22:1e:17:f8:92:75:3c:b3:5d:ba:d6: 9e:4c:77:98:28:f1:3a:68:4b:83:84:23:79:9c:9f: d8:c9:b9:01:98:08:75:a0:a7:f9:6f:6f:46:83:d7: 33:70:80:4d:04:da:8b:48:3c:dc:cd:be:54:88:95: 1c:c0:f7:62:53:54:e0:dc:eb:96:94:55:e2:16:30: fd:da:26:33:8a:33:47:26:7c:10:1b:65:12:93:62: fa:0e:c2:cc:41:d4:f9:94:1f:7d:3d:e7:96:5f:61: 8f:64:92:57:74:f0:01:f2:96:30:07:31:be:76:b6: 69:58:55:7a:40:2a:a9:7d:2e:05:47:16:3e:c4:3b: c9:26:9c:ac:a4:47:51:f1:b8:71:d3:1d:79:20:0d: 6c:1e:68:a7:c5:9b:2e:09:f4:ee:a2:1f:33:ce:97: 29:37:30:c7:8b:5f:4e:70:15:c0:e0:88:29:10:fe: 74:87:25:d6:32:2e:00:03:57:41:8b:7f:70:95:37: cf:b3:ba:d5:76:62:c5:de:db:8a:d6:5b:83:17:bc: 24:75:d6:fb:23:1e:47:eb:d1:ba:85:9d:6b:e6:20: 98:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:80:27:B4:87:A4:08:55:4D:1A:43:8F:96:40:92:69:9B:F4:41:28 X509v3 Authority Key Identifier: keyid:D3:CF:64:D5:DB:17:61:FC:B6:A5:52:F0:68:09:13:30:C5:B5:F5:3B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/089k1dsXYfy2pVLwaAkTMMW19Ts.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/089k1dsXYfy2pVLwaAkTMMW19Ts.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/C54DD1F45EDA11F0A5EAB579C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 165.101.154.0/23 Signature Algorithm: sha256WithRSAEncryption 77:58:ab:0b:b2:9a:0f:eb:90:1a:b4:1e:66:55:9f:bd:35:69: a6:35:68:6d:32:17:08:65:cd:88:13:08:9e:d7:01:59:0a:fa: b2:e9:cd:09:50:12:ee:e9:46:a7:45:fb:1d:77:6c:a6:b7:92: 28:6b:23:57:e9:c0:64:0a:65:dd:99:d5:63:f8:29:17:77:47: 51:f3:a7:92:d9:b5:78:be:24:e0:67:be:ac:33:25:69:2a:d2: ef:5f:80:a5:54:31:90:08:c4:fe:0e:d5:6b:89:2a:dc:4d:8f: 20:c6:24:b0:cd:31:1d:43:29:26:c3:55:da:db:67:2a:2d:33: 58:76:1c:3f:35:b0:25:44:4b:25:4a:5d:2a:c4:90:88:1a:92: 03:76:d5:03:aa:96:8b:ee:a1:11:41:04:d3:77:04:31:a6:e1: 43:9c:96:55:84:f8:6c:b8:0c:53:aa:ab:db:4f:bb:6d:c8:8c: 87:3a:3c:5d:05:17:b4:ef:8b:b5:a4:93:de:f8:ff:a8:22:cb: 61:38:5c:5c:b3:6d:97:06:0e:e2:bd:7f:8c:40:f3:e4:c6:39: 63:58:82:4b:13:39:7b:22:0b:c4:3b:1a:0e:e4:ca:77:e1:5a: f7:6f:00:0e:21:4f:ff:70:dc:08:44:35:41:d3:25:6f:ab:aa: 8e:2e:16:dd -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB MjVERjExMC8GA1UEBRMoRDNDRjY0RDVEQjE3NjFGQ0I2QTU1MkYwNjgwOTEzMzBD NUI1RjUzQjAeFw0yNTA3MTIwNDQzMzVaFw0yNjEwMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4NzFlN2Y3LTY1MjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCwUNmAfc8jLLmSnMjAbucBrskpZ8kDQT4c0zYPszW8KAYiHhf4knU8s1261p5M d5go8TpoS4OEI3mcn9jJuQGYCHWgp/lvb0aD1zNwgE0E2otIPNzNvlSIlRzA92JT VODc65aUVeIWMP3aJjOKM0cmfBAbZRKTYvoOwsxB1PmUH30955ZfYY9kkld08AHy ljAHMb52tmlYVXpAKql9LgVHFj7EO8kmnKykR1HxuHHTHXkgDWweaKfFmy4J9O6i HzPOlyk3MMeLX05wFcDgiCkQ/nSHJdYyLgADV0GLf3CVN8+zutV2YsXe24rWW4MX vCR11vsjHkfr0bqFnWvmIJiVAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUT4AntIek CFVNGkOPlkCSaZv0QSgwHwYDVR0jBBgwFoAU089k1dsXYfy2pVLwaAkTMMW19Tsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUEyNURGL0U2MTI0MDgyNUVE NTExRjA5Q0YxRDUwQ0M0RjlBRTAyLzA4OWsxZHNYWWZ5MnBWTHdhQWtUTU1XMTlU cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvMDg5azFkc1hZZnkycFZMd2FBa1RNTVcxOVRzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB MjVERi9FNjEyNDA4MjVFRDUxMUYwOUNGMUQ1MENDNEY5QUUwMi9DNTRERDFGNDVF REExMUYwQTVFQUI1NzlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAaVlmjANBgkqhkiG9w0BAQsFAAOCAQEAd1irC7KaD+uQGrQe ZlWfvTVppjVobTIXCGXNiBMIntcBWQr6sunNCVAS7ulGp0X7HXdspreSKGsjV+nA ZApl3ZnVY/gpF3dHUfOnktm1eL4k4Ge+rDMlaSrS71+ApVQxkAjE/g7Va4kq3E2P IMYksM0xHUMpJsNV2ttnKi0zWHYcPzWwJURLJUpdKsSQiBqSA3bVA6qWi+6hEUEE 03cEMabhQ5yWVYT4bLgMU6qr20+7bciMhzo8XQUXtO+LtaST3vj/qCLLYThcXLNt lwYO4r1/jEDz5MY5Y1iCSxM5eyILxDsaDuTKd+Fa928ADiFP/3DcCEQ1QdMlb6uq ji4W3Q== -----END CERTIFICATE-----Generated at Sun Jul 20 14:14:10 2025 by rpki-client