$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/88A00388193111EB9E0A6A49C4F9AE02.roa File: 88A00388193111EB9E0A6A49C4F9AE02.roa (raw, json) Hash identifier: Y1hYPriqga57gQ3amB6r8RQVCp/OYrjfwjRFo7bzhN4= Subject key identifier: 71:F9:BC:20:7C:64:EC:ED:D6:92:90:69:4E:9A:6F:66:79:05:CF:0D Certificate issuer: /CN=A91A4C60/serialNumber=9EF9E4376E36653275C7963598D6B45B70AF8099 Certificate serial: 0E9D Authority key identifier: 9E:F9:E4:37:6E:36:65:32:75:C7:96:35:98:D6:B4:5B:70:AF:80:99 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/88A00388193111EB9E0A6A49C4F9AE02.roa Signing time: Tue 02 Sep 2025 18:38:02 +0000 ROA not before: Tue 02 Sep 2025 18:38:02 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 41378 IP address blocks: 103.142.140.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.crl rsync://rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 18:38:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3741 (0xe9d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A4C60, serialNumber=9EF9E4376E36653275C7963598D6B45B70AF8099 Validity Not Before: Sep 2 18:38:02 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68b7398a-ef6c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:92:2b:f1:08:22:07:7c:d2:2b:7f:f5:f1:bc: 0a:f7:63:da:ef:99:01:4e:df:07:47:bc:b8:67:ec: a5:88:ab:c9:cd:7f:48:e0:7e:b6:67:56:e4:00:4e: 92:dc:7e:1e:b4:f3:ef:69:0d:99:e9:d7:e2:79:7e: b8:8e:ba:13:57:86:ea:73:49:d3:1c:f8:b0:9d:dd: 84:ee:77:e8:83:26:ae:c6:ae:19:48:94:4e:dd:81: 28:20:5c:cb:16:66:63:49:7b:36:8e:50:58:ba:49: 61:09:2d:3d:a2:9d:b3:5c:3a:a3:fe:91:93:ab:c7: c5:ed:81:36:9d:26:63:9f:07:7f:cf:f9:74:2f:d6: db:7c:f7:f0:76:f0:7a:3e:5b:aa:25:26:b0:19:b6: 02:22:a8:1d:84:9a:31:7c:6d:b9:31:06:48:58:be: 1c:4a:83:45:18:7b:c1:eb:71:27:2e:f8:60:35:49: ea:06:a8:bd:e6:de:6a:bb:39:5e:0c:ef:42:f9:67: c2:b6:05:f7:24:5d:08:1a:1a:50:b4:5a:a2:df:27: 6a:f3:6d:60:41:8f:51:e7:a0:8a:34:21:38:8d:cd: d1:0d:e9:97:29:9e:11:43:0f:8c:fb:85:d4:7c:cd: 31:fb:9d:37:5a:b7:c2:be:01:6f:52:c1:54:a0:07: 84:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:F9:BC:20:7C:64:EC:ED:D6:92:90:69:4E:9A:6F:66:79:05:CF:0D X509v3 Authority Key Identifier: keyid:9E:F9:E4:37:6E:36:65:32:75:C7:96:35:98:D6:B4:5B:70:AF:80:99 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/88A00388193111EB9E0A6A49C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.142.140.0/23 Signature Algorithm: sha256WithRSAEncryption 36:08:5a:81:ed:15:9f:40:bd:7e:f0:aa:3d:7a:8f:d6:ce:3a: 1f:c6:f2:8a:a8:bb:5f:35:1f:ae:e7:97:e6:c8:c0:ce:27:f9: 99:e5:47:53:dc:62:ec:9d:17:73:e9:29:d4:b4:9a:ba:c3:a9: 01:89:f7:a6:0c:08:7f:6b:ad:90:62:49:b0:1a:c3:aa:9c:22: 18:aa:22:45:c7:99:0a:9f:a5:fa:53:3b:5a:a9:14:09:ba:9f: 4b:2c:d3:9e:ad:68:e2:a5:0e:fb:ca:ea:18:6e:a3:69:42:70: 5c:3f:11:5c:34:cc:2c:a0:f8:6d:35:19:3e:72:41:56:79:2a: 3f:a6:b7:09:b7:99:e4:06:20:c2:1b:0a:f2:b9:08:5c:49:68: 28:eb:42:d4:e4:78:7c:7e:02:db:fb:d9:ed:42:ab:4b:6b:f4: c8:09:83:70:e1:64:c5:1f:a0:01:38:4a:08:c7:98:f6:01:fc: 58:16:e7:ea:ac:e8:13:82:8b:5c:38:f8:6b:37:de:ce:eb:f4: f8:0b:4f:4a:9c:97:f9:c2:ee:cf:96:68:a7:71:95:78:e2:a7: 8d:87:8a:d9:c9:e6:70:78:79:a5:34:0a:e5:1e:47:8c:31:54: 25:1f:4f:01:c5:35:02:0d:44:d2:47:f6:92:bc:51:49:36:bc: 6e:16:41:c9 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICDp0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTRDNjAxMTAvBgNVBAUTKDlFRjlFNDM3NkUzNjY1MzI3NUM3OTYzNTk4RDZCNDVC NzBBRjgwOTkwHhcNMjUwOTAyMTgzODAyWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGI3Mzk4YS1lZjZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5JIr8QgiB3zSK3/18bwK92Pa75kBTt8HR7y4Z+yliKvJzX9I4H62Z1bkAE6S 3H4etPPvaQ2Z6dfieX64jroTV4bqc0nTHPiwnd2E7nfogyauxq4ZSJRO3YEoIFzL FmZjSXs2jlBYuklhCS09op2zXDqj/pGTq8fF7YE2nSZjnwd/z/l0L9bbfPfwdvB6 PluqJSawGbYCIqgdhJoxfG25MQZIWL4cSoNFGHvB63EnLvhgNUnqBqi95t5quzle DO9C+WfCtgX3JF0IGhpQtFqi3ydq821gQY9R56CKNCE4jc3RDemXKZ4RQw+M+4XU fM0x+503WrfCvgFvUsFUoAeE3QIDAQABo4IClTCCApEwHQYDVR0OBBYEFHH5vCB8 ZOzt1pKQaU6ab2Z5Bc8NMB8GA1UdIwQYMBaAFJ755DduNmUydceWNZjWtFtwr4CZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNEM2MC9CNTI2RkY3NEQ4 NDExMUU5QTQ1MjE0MTNDNEY5QUUwMi9udm5rTjI0MlpUSjF4NVkxbU5hMFczQ3Zn SmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL252bmtOMjQyWlRKMXg1WTFtTmEwVzNDdmdKay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTRDNjAvQjUyNkZGNzREODQxMTFFOUE0NTIxNDEzQzRGOUFFMDIvODhBMDAzODgx OTMxMTFFQjlFMEE2QTQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAFnjowwDQYJKoZIhvcNAQELBQADggEBADYIWoHtFZ9AvX7w qj16j9bOOh/G8oqou181H67nl+bIwM4n+ZnlR1PcYuydF3PpKdS0mrrDqQGJ96YM CH9rrZBiSbAaw6qcIhiqIkXHmQqfpfpTO1qpFAm6n0ss056taOKlDvvK6hhuo2lC cFw/EVw0zCyg+G01GT5yQVZ5Kj+mtwm3meQGIMIbCvK5CFxJaCjrQtTkeHx+Atv7 2e1Cq0tr9MgJg3DhZMUfoAE4SgjHmPYB/FgW5+qs6BOCi1w4+Gs33s7r9PgLT0qc l/nC7s+WaKdxlXjip42HitnJ5nB4eaU0CuUeR4wxVCUfTwHFNQINRNJH9pK8UUk2 vG4WQck= -----END CERTIFICATE-----Generated at Thu Sep 4 10:28:45 2025 by rpki-client