$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE558/3DF14F08539411EABF6B4F5FC4F9AE02/966FD4648D2411EF9914EF63C4F9AE02.roa File: 966FD4648D2411EF9914EF63C4F9AE02.roa (raw, json) Hash identifier: YF3wvRDD0dzUZakdeFWJrsLYoJUpMBgClY/hZFPMmvI= Subject key identifier: 02:28:B1:DE:5B:09:B2:E1:10:8E:BA:28:45:B8:7F:81:DB:94:30:A0 Certificate issuer: /CN=A91CE558/serialNumber=B36B971724A3BABD890B754598933720F972FEAF Certificate serial: 0B78 Authority key identifier: B3:6B:97:17:24:A3:BA:BD:89:0B:75:45:98:93:37:20:F9:72:FE:AF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s2uXFySjur2JC3VFmJM3IPly_q8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE558/3DF14F08539411EABF6B4F5FC4F9AE02/966FD4648D2411EF9914EF63C4F9AE02.roa Signing time: Sat 12 Jul 2025 19:59:30 +0000 ROA not before: Sat 12 Jul 2025 19:59:30 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 17819 IP address blocks: 101.97.33.0/24 maxlen: 24 101.97.38.0/24 maxlen: 24 202.177.216.0/24 maxlen: 24 2404:4f00::/32 maxlen: 32 2404:4f00::/33 maxlen: 33 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE558/3DF14F08539411EABF6B4F5FC4F9AE02/s2uXFySjur2JC3VFmJM3IPly_q8.crl rsync://rpki.apnic.net/member_repository/A91CE558/3DF14F08539411EABF6B4F5FC4F9AE02/s2uXFySjur2JC3VFmJM3IPly_q8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s2uXFySjur2JC3VFmJM3IPly_q8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Jul 2025 19:42:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2936 (0xb78) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE558, serialNumber=B36B971724A3BABD890B754598933720F972FEAF Validity Not Before: Jul 12 19:59:30 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=6872bea2-8f41 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:d7:8d:8b:5a:de:50:2e:08:a3:47:44:90:c8: 6b:74:39:be:3f:4f:cb:b8:9f:f9:68:fb:81:ad:6a: e0:07:10:d6:1d:95:27:90:3e:3a:de:bd:ec:bf:0d: 17:7c:f1:75:8a:37:93:43:45:c2:3b:73:17:80:92: 74:7e:24:86:4b:2a:47:90:31:4e:97:37:d1:7f:85: 50:24:49:32:e3:a0:e1:7d:2e:83:96:68:59:a1:61: eb:3d:7b:02:79:d9:56:b2:b1:e4:e9:00:b6:4e:1b: 65:be:08:3a:d6:3f:7d:a4:f3:c2:41:68:53:8c:88: 34:6b:72:59:e1:c4:d3:7e:3e:4b:b7:ca:98:c4:1e: 08:a8:ae:c4:17:3a:b1:12:98:75:b0:01:de:c5:af: f3:62:44:23:6a:78:89:1e:d6:60:75:76:72:3e:85: 25:0b:c1:0c:87:1d:18:7e:cf:06:9a:cd:37:c2:8c: 8f:8a:9b:9d:f8:fe:56:71:d7:63:56:07:a7:8a:9e: 5d:5d:dd:22:0d:35:44:cd:59:55:76:b7:24:c6:00: be:fe:25:89:f1:23:80:0d:36:26:65:7e:35:30:29: be:fe:52:e9:e2:e3:84:8c:af:9a:a0:ae:10:8c:b9: 05:3b:90:56:22:fe:f7:4f:4f:b1:0c:a8:64:81:0a: 84:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:28:B1:DE:5B:09:B2:E1:10:8E:BA:28:45:B8:7F:81:DB:94:30:A0 X509v3 Authority Key Identifier: keyid:B3:6B:97:17:24:A3:BA:BD:89:0B:75:45:98:93:37:20:F9:72:FE:AF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE558/3DF14F08539411EABF6B4F5FC4F9AE02/s2uXFySjur2JC3VFmJM3IPly_q8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s2uXFySjur2JC3VFmJM3IPly_q8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE558/3DF14F08539411EABF6B4F5FC4F9AE02/966FD4648D2411EF9914EF63C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 101.97.33.0/24 101.97.38.0/24 202.177.216.0/24 IPv6: 2404:4f00::/32 Signature Algorithm: sha256WithRSAEncryption af:0e:47:b3:60:df:95:31:c5:28:94:06:5b:ee:15:de:47:fd: 91:99:fb:89:72:5c:39:81:79:57:52:71:13:ca:f3:ba:27:17: 1e:fe:96:d2:5a:47:5e:cd:c2:33:39:8e:8d:fb:1b:18:d4:a7: e2:c7:05:d1:9d:af:17:b8:91:75:e6:43:c0:72:2e:87:e0:9a: 87:5f:88:7c:66:7d:c2:76:ea:0c:dd:97:91:40:ad:0b:2d:29: c5:c8:27:33:34:9a:72:e4:e1:25:eb:c2:a6:65:15:a0:ee:2a: 72:5d:f6:64:61:b8:a9:04:07:ba:fc:e7:26:b5:b2:82:2c:f9: 57:63:ee:36:d8:8c:c6:b4:11:3e:c8:67:ee:f1:ff:cb:1a:da: ec:80:ea:6b:a0:fd:fc:37:79:bb:ad:ed:a9:c5:a2:4d:5d:d7: 5d:42:85:7a:42:97:89:e1:ef:38:9a:30:48:4a:fb:81:61:2f: 8e:87:41:51:ef:74:f4:a5:5c:d1:20:be:1b:a8:f0:07:ce:a7: bb:cc:4f:74:04:f5:78:ef:66:5b:26:77:19:96:49:57:4b:c8: 97:d5:16:f4:df:0f:99:03:9c:8b:73:ec:9f:bb:f5:7c:76:bb: ac:c3:ee:24:8f:fc:d7:e6:f5:f9:e0:75:5d:e9:e6:b2:19:ec: d3:4e:d3:aa -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICC3gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0U1NTgxMTAvBgNVBAUTKEIzNkI5NzE3MjRBM0JBQkQ4OTBCNzU0NTk4OTMzNzIw Rjk3MkZFQUYwHhcNMjUwNzEyMTk1OTMwWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODcyYmVhMi04ZjQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApteNi1reUC4Io0dEkMhrdDm+P0/LuJ/5aPuBrWrgBxDWHZUnkD463r3svw0X fPF1ijeTQ0XCO3MXgJJ0fiSGSypHkDFOlzfRf4VQJEky46DhfS6DlmhZoWHrPXsC edlWsrHk6QC2Thtlvgg61j99pPPCQWhTjIg0a3JZ4cTTfj5Lt8qYxB4IqK7EFzqx Eph1sAHexa/zYkQjaniJHtZgdXZyPoUlC8EMhx0Yfs8Gms03woyPipud+P5Wcddj Vgenip5dXd0iDTVEzVlVdrckxgC+/iWJ8SOADTYmZX41MCm+/lLp4uOEjK+aoK4Q jLkFO5BWIv73T0+xDKhkgQqEAQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFAIosd5b CbLhEI66KEW4f4HblDCgMB8GA1UdIwQYMBaAFLNrlxcko7q9iQt1RZiTNyD5cv6v MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTU1OC8zREYxNEYwODUz OTQxMUVBQkY2QjRGNUZDNEY5QUUwMi9zMnVYRnlTanVyMkpDM1ZGbUpNM0lQbHlf cTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3MydVhGeVNqdXIySkMzVkZtSk0zSVBseV9xOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0U1NTgvM0RGMTRGMDg1Mzk0MTFFQUJGNkI0RjVGQzRGOUFFMDIvOTY2RkQ0NjQ4 RDI0MTFFRjk5MTRFRjYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBABlYSEDBABlYSYDBADKsdgwDQQCAAIwBwMFACQETwAwDQYJ KoZIhvcNAQELBQADggEBAK8OR7Ng35UxxSiUBlvuFd5H/ZGZ+4lyXDmBeVdScRPK 87onFx7+ltJaR17NwjM5jo37GxjUp+LHBdGdrxe4kXXmQ8ByLofgmodfiHxmfcJ2 6gzdl5FArQstKcXIJzM0mnLk4SXrwqZlFaDuKnJd9mRhuKkEB7r85ya1soIs+Vdj 7jbYjMa0ET7IZ+7x/8sa2uyA6mug/fw3ebut7anFok1d111ChXpCl4nh7ziaMEhK +4FhL46HQVHvdPSlXNEgvhuo8AfOp7vMT3QE9XjvZlsmdxmWSVdLyJfVFvTfD5kD nItz7J+79Xx2u6zD7iSP/Nfm9fngdV3p5rIZ7NNO06o= -----END CERTIFICATE-----Generated at Wed Jul 23 17:35:21 2025 by rpki-client