$ rpki-client -vvf rpki.apnic.net/member_repository/A91AC5BC/71E5D8BE59F211F0B4FAE95FC4F9AE02/90CF95CE66DD11F09FD37312C4F9AE02.roa File: 90CF95CE66DD11F09FD37312C4F9AE02.roa (raw, json) Hash identifier: BBZhX9HK3NBq65o9RCyGDdGBDo4hsR5Etdc6G3lRbjc= Subject key identifier: B9:62:32:17:2F:FB:2E:99:04:56:64:15:3C:A7:08:B1:0B:E8:9A:F6 Certificate issuer: /CN=A91AC5BC/serialNumber=A145241D9830AF24A71567351255EC8E7ED53EFE Certificate serial: 17 Authority key identifier: A1:45:24:1D:98:30:AF:24:A7:15:67:35:12:55:EC:8E:7E:D5:3E:FE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oUUkHZgwrySnFWc1ElXsjn7VPv4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AC5BC/71E5D8BE59F211F0B4FAE95FC4F9AE02/90CF95CE66DD11F09FD37312C4F9AE02.roa Signing time: Wed 23 Jul 2025 19:23:43 +0000 ROA not before: Wed 23 Jul 2025 19:23:43 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 149513 IP address blocks: 163.223.72.0/23 maxlen: 24 2402:1920::/32 maxlen: 32 2402:1920:fc00::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AC5BC/71E5D8BE59F211F0B4FAE95FC4F9AE02/oUUkHZgwrySnFWc1ElXsjn7VPv4.crl rsync://rpki.apnic.net/member_repository/A91AC5BC/71E5D8BE59F211F0B4FAE95FC4F9AE02/oUUkHZgwrySnFWc1ElXsjn7VPv4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oUUkHZgwrySnFWc1ElXsjn7VPv4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 01 Aug 2025 08:29:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23 (0x17) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AC5BC, serialNumber=A145241D9830AF24A71567351255EC8E7ED53EFE Validity Not Before: Jul 23 19:23:43 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=688136bf-cd18 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:54:21:06:55:85:52:66:88:ae:40:a6:80:1e: 0f:30:fe:ff:ea:58:fb:e7:50:56:66:21:bd:50:14: 11:d8:4e:a0:69:83:8a:1e:2c:62:a8:73:88:7c:4f: 10:44:9d:66:62:7a:0b:13:a4:82:11:06:65:28:0c: 71:8d:33:07:95:f3:e1:a1:b9:5d:92:60:4d:98:7a: 6a:0f:11:ee:f1:79:90:93:35:c4:47:ff:07:25:c8: e6:cd:d6:89:c6:00:5d:d6:78:15:f0:ee:da:40:b7: ae:ce:b9:20:6a:72:ec:a5:6f:ee:7c:13:ca:d8:24: f6:b7:f0:3b:41:80:ec:c4:19:5c:ed:e2:67:c8:c7: ae:74:fb:26:be:55:b4:f5:03:2a:fc:0f:ab:f2:4c: 8c:f4:f5:98:2e:ce:6e:6d:5e:33:31:8a:50:4a:e0: a2:4c:38:3a:2c:08:7b:17:7a:ed:1b:c1:34:2c:2a: 16:7a:d1:a2:5d:e3:02:79:e6:33:ec:08:0c:88:50: 47:d1:28:61:8e:d0:e4:45:dc:94:0c:96:22:49:33: 6f:a4:14:e3:91:cf:2f:b3:b2:4e:28:d2:e8:63:49: 80:01:cb:c1:8f:a6:6c:b3:e9:65:63:1f:fc:e6:aa: eb:98:27:94:45:4e:46:ef:71:6c:ab:46:e2:eb:90: 2c:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:62:32:17:2F:FB:2E:99:04:56:64:15:3C:A7:08:B1:0B:E8:9A:F6 X509v3 Authority Key Identifier: keyid:A1:45:24:1D:98:30:AF:24:A7:15:67:35:12:55:EC:8E:7E:D5:3E:FE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AC5BC/71E5D8BE59F211F0B4FAE95FC4F9AE02/oUUkHZgwrySnFWc1ElXsjn7VPv4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oUUkHZgwrySnFWc1ElXsjn7VPv4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AC5BC/71E5D8BE59F211F0B4FAE95FC4F9AE02/90CF95CE66DD11F09FD37312C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 163.223.72.0/23 IPv6: 2402:1920::/32 Signature Algorithm: sha256WithRSAEncryption 43:e1:9f:01:a2:dc:80:f8:b1:45:d0:97:f9:16:f3:89:dd:4e: 11:c4:f0:62:86:0a:56:7b:50:cd:af:6b:a7:7e:cb:3b:6c:a8: 2c:c1:24:50:bf:6f:89:9f:a0:5a:b4:ac:97:fb:c8:ef:cb:56: e6:7b:70:48:ac:7a:22:60:f8:ba:a4:6d:c9:66:3a:c2:2a:ab: 03:68:34:fe:9e:9f:75:bc:21:c3:31:a1:42:82:75:06:f4:94: 50:1f:b2:fc:e3:99:21:d2:fc:e4:6e:35:61:99:22:e8:ac:37: 7d:c6:ed:5b:24:75:0a:3c:d8:b6:97:77:fc:8d:c9:1e:19:cc: 54:d2:bc:61:c4:be:e8:7d:0e:52:42:99:ad:53:18:7f:0c:15: a4:8b:4c:09:77:83:ad:30:9b:d2:26:78:17:8a:1a:76:cc:0d: 33:c3:8e:73:21:50:f2:b0:87:30:3c:62:f7:37:ea:e4:7e:98: dd:95:79:c6:97:13:93:12:10:d1:bf:b5:cc:d5:50:5d:e6:46: cb:43:c7:59:5b:5e:93:e8:0a:b6:d9:b3:8b:a1:51:0b:45:e6: 29:87:25:a8:10:31:87:41:8a:40:75:80:9c:57:a5:41:14:2c: ce:f6:da:ad:0c:74:b7:13:23:49:bc:35:e6:8b:85:b2:a9:d6: 7e:15:69:37 -----BEGIN CERTIFICATE----- MIIFfzCCBGegAwIBAgIBFzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB QzVCQzExMC8GA1UEBRMoQTE0NTI0MUQ5ODMwQUYyNEE3MTU2NzM1MTI1NUVDOEU3 RUQ1M0VGRTAeFw0yNTA3MjMxOTIzNDNaFw0yNjA3MDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4ODEzNmJmLWNkMTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCiVCEGVYVSZoiuQKaAHg8w/v/qWPvnUFZmIb1QFBHYTqBpg4oeLGKoc4h8TxBE nWZiegsTpIIRBmUoDHGNMweV8+GhuV2SYE2YemoPEe7xeZCTNcRH/wclyObN1onG AF3WeBXw7tpAt67OuSBqcuylb+58E8rYJPa38DtBgOzEGVzt4mfIx650+ya+VbT1 Ayr8D6vyTIz09Zguzm5tXjMxilBK4KJMODosCHsXeu0bwTQsKhZ60aJd4wJ55jPs CAyIUEfRKGGO0ORF3JQMliJJM2+kFOORzy+zsk4o0uhjSYABy8GPpmyz6WVjH/zm quuYJ5RFTkbvcWyrRuLrkCyrAgMBAAGjggKkMIICoDAdBgNVHQ4EFgQUuWIyFy/7 LpkEVmQVPKcIsQvomvYwHwYDVR0jBBgwFoAUoUUkHZgwrySnFWc1ElXsjn7VPv4w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFDNUJDLzcxRTVEOEJFNTlG MjExRjBCNEZBRTk1RkM0RjlBRTAyL29VVWtIWmd3cnlTbkZXYzFFbFhzam43VlB2 NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvb1VVa0haZ3dyeVNuRldjMUVsWHNqbjdWUHY0LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QzVCQy83MUU1RDhCRTU5RjIxMUYwQjRGQUU5NUZDNEY5QUUwMi85MENGOTVDRTY2 REQxMUYwOUZEMzczMTJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf MB0wDAQCAAEwBgMEAaPfSDANBAIAAjAHAwUAJAIZIDANBgkqhkiG9w0BAQsFAAOC AQEAQ+GfAaLcgPixRdCX+Rbzid1OEcTwYoYKVntQza9rp37LO2yoLMEkUL9viZ+g WrSsl/vI78tW5ntwSKx6ImD4uqRtyWY6wiqrA2g0/p6fdbwhwzGhQoJ1BvSUUB+y /OOZIdL85G41YZki6Kw3fcbtWyR1CjzYtpd3/I3JHhnMVNK8YcS+6H0OUkKZrVMY fwwVpItMCXeDrTCb0iZ4F4oadswNM8OOcyFQ8rCHMDxi9zfq5H6Y3ZV5xpcTkxIQ 0b+1zNVQXeZGy0PHWVtek+gKttmzi6FRC0XmKYclqBAxh0GKQHWAnFelQRQszvba rQx0txMjSbw15ouFsqnWfhVpNw== -----END CERTIFICATE-----Generated at Sat Jul 26 21:02:21 2025 by rpki-client