$ rpki-client -vvf rpki.apnic.net/member_repository/A91D66A0/625FF726D9E711E988054016C4F9AE02/2BABEEB482EE11EAB170FD4BC4F9AE02.roa File: 2BABEEB482EE11EAB170FD4BC4F9AE02.roa (raw, json) Hash identifier: TU8TSmPX0pl0lGmdo+pSWKRJSfGRcwunEDD4PcVNXOE= Subject key identifier: 78:25:E3:BF:36:47:96:B5:51:3B:70:35:9A:4B:E4:38:AA:7E:85:F5 Certificate issuer: /CN=A91D66A0/serialNumber=9C94A5DCCF6A65B68986C7043846C721BD33BE99 Certificate serial: 0D48 Authority key identifier: 9C:94:A5:DC:CF:6A:65:B6:89:86:C7:04:38:46:C7:21:BD:33:BE:99 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nJSl3M9qZbaJhscEOEbHIb0zvpk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D66A0/625FF726D9E711E988054016C4F9AE02/2BABEEB482EE11EAB170FD4BC4F9AE02.roa Signing time: Tue 08 Jul 2025 18:27:47 +0000 ROA not before: Tue 08 Jul 2025 18:27:47 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 27435 IP address blocks: 116.68.157.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D66A0/625FF726D9E711E988054016C4F9AE02/nJSl3M9qZbaJhscEOEbHIb0zvpk.crl rsync://rpki.apnic.net/member_repository/A91D66A0/625FF726D9E711E988054016C4F9AE02/nJSl3M9qZbaJhscEOEbHIb0zvpk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nJSl3M9qZbaJhscEOEbHIb0zvpk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Jul 2025 18:11:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3400 (0xd48) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D66A0, serialNumber=9C94A5DCCF6A65B68986C7043846C721BD33BE99 Validity Not Before: Jul 8 18:27:47 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=686d6323-64ee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:85:53:58:a5:aa:18:02:5a:6d:ea:fb:85:7b: 07:c8:10:71:15:26:ec:f4:25:e3:29:44:34:c9:6b: eb:81:02:a8:94:cf:4f:4e:81:f6:8f:e5:62:16:19: e8:c0:3a:0d:97:b9:c3:9b:c5:a0:23:7f:18:86:06: f6:5f:9e:df:96:d5:85:cc:25:9e:cc:d7:6f:45:b4: 7b:9a:5b:3a:2f:71:6b:c7:8c:a6:81:9a:43:58:04: bf:9d:df:33:d2:08:3f:b6:3d:5d:99:d0:b1:7e:92: e2:1c:09:1b:a2:04:6c:d7:41:29:7c:7d:64:22:17: 95:10:f7:8b:76:d6:1f:7c:05:94:ce:4e:0e:c1:c8: 7f:de:bf:78:19:78:f1:02:ef:4b:1d:c0:ea:13:d0: 86:7a:82:0f:05:00:b7:b5:eb:96:d4:38:d3:62:3d: f8:5a:79:0b:0c:91:64:c8:a3:50:29:45:0e:fa:80: 6c:44:bb:25:02:c7:cf:5f:7a:1f:b6:7e:b0:4c:9a: 60:79:10:07:67:7d:1a:86:c1:c5:28:54:44:51:29: 33:d1:00:47:90:c5:d1:22:0b:2e:bd:d5:10:c5:00: cb:f3:aa:6a:e4:c9:b6:36:7e:aa:82:22:9f:68:dc: 08:56:f7:cc:86:0e:d5:f1:25:32:c9:1b:bd:e5:b8: 8f:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:25:E3:BF:36:47:96:B5:51:3B:70:35:9A:4B:E4:38:AA:7E:85:F5 X509v3 Authority Key Identifier: keyid:9C:94:A5:DC:CF:6A:65:B6:89:86:C7:04:38:46:C7:21:BD:33:BE:99 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D66A0/625FF726D9E711E988054016C4F9AE02/nJSl3M9qZbaJhscEOEbHIb0zvpk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nJSl3M9qZbaJhscEOEbHIb0zvpk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D66A0/625FF726D9E711E988054016C4F9AE02/2BABEEB482EE11EAB170FD4BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 116.68.157.0/24 Signature Algorithm: sha256WithRSAEncryption ba:dd:82:7f:c0:c0:03:67:42:7e:e1:a8:24:77:c4:39:db:94: 0d:05:e2:8f:08:bc:b7:10:54:e1:2f:65:54:c3:92:56:0c:7e: 39:d4:66:ac:c0:9f:dd:cf:09:9a:d1:de:04:79:de:71:cf:da: 5e:cd:71:00:83:29:a1:1b:a9:64:c0:7a:9a:32:75:2a:c5:44: 89:82:2c:cc:ba:c0:90:0a:12:6c:b1:9e:db:41:c3:6c:52:a7: 86:e0:3c:c3:d5:b3:20:1b:91:9d:85:99:32:44:bf:7e:86:ce: 00:63:cb:c7:f6:96:35:63:d7:3b:51:6b:66:93:60:7c:94:b7: f4:d7:30:c9:a5:48:cf:17:be:4d:6b:10:c0:9c:60:58:1f:36: 0c:a2:4c:35:d3:cc:28:ca:ff:d2:84:e7:64:37:71:f3:22:42: 55:77:8b:9c:de:0e:d7:b6:1e:b9:27:44:87:cb:5b:b7:e2:44: f9:2c:2e:49:32:76:e1:a8:b2:cf:07:2d:c7:11:af:2c:8e:f0: 81:5f:c4:2b:38:a3:80:65:46:f0:ec:a9:5e:55:cb:35:ed:9c: 7a:e3:5e:1b:9e:54:45:96:32:54:aa:66:c2:1f:0d:5f:2e:da: ae:3d:f4:b1:66:4f:15:ac:69:e5:98:f0:11:5f:39:b5:34:54: c4:0d:55:c4 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICDUgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDY2QTAxMTAvBgNVBAUTKDlDOTRBNURDQ0Y2QTY1QjY4OTg2QzcwNDM4NDZDNzIx QkQzM0JFOTkwHhcNMjUwNzA4MTgyNzQ3WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODZkNjMyMy02NGVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqYVTWKWqGAJaber7hXsHyBBxFSbs9CXjKUQ0yWvrgQKolM9PToH2j+ViFhno wDoNl7nDm8WgI38Yhgb2X57fltWFzCWezNdvRbR7mls6L3Frx4ymgZpDWAS/nd8z 0gg/tj1dmdCxfpLiHAkbogRs10EpfH1kIheVEPeLdtYffAWUzk4Owch/3r94GXjx Au9LHcDqE9CGeoIPBQC3teuW1DjTYj34WnkLDJFkyKNQKUUO+oBsRLslAsfPX3of tn6wTJpgeRAHZ30ahsHFKFREUSkz0QBHkMXRIgsuvdUQxQDL86pq5Mm2Nn6qgiKf aNwIVvfMhg7V8SUyyRu95biPhwIDAQABo4IClTCCApEwHQYDVR0OBBYEFHgl4782 R5a1UTtwNZpL5DiqfoX1MB8GA1UdIwQYMBaAFJyUpdzPamW2iYbHBDhGxyG9M76Z MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENjZBMC82MjVGRjcyNkQ5 RTcxMUU5ODgwNTQwMTZDNEY5QUUwMi9uSlNsM005cVpiYUpoc2NFT0ViSEliMHp2 cGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL25KU2wzTTlxWmJhSmhzY0VPRWJISWIwenZway5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDY2QTAvNjI1RkY3MjZEOUU3MTFFOTg4MDU0MDE2QzRGOUFFMDIvMkJBQkVFQjQ4 MkVFMTFFQUIxNzBGRDRCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAB0RJ0wDQYJKoZIhvcNAQELBQADggEBALrdgn/AwANnQn7h qCR3xDnblA0F4o8IvLcQVOEvZVTDklYMfjnUZqzAn93PCZrR3gR53nHP2l7NcQCD KaEbqWTAepoydSrFRImCLMy6wJAKEmyxnttBw2xSp4bgPMPVsyAbkZ2FmTJEv36G zgBjy8f2ljVj1ztRa2aTYHyUt/TXMMmlSM8Xvk1rEMCcYFgfNgyiTDXTzCjK/9KE 52Q3cfMiQlV3i5zeDte2HrknRIfLW7fiRPksLkkyduGoss8HLccRryyO8IFfxCs4 o4BlRvDsqV5VyzXtnHrjXhueVEWWMlSqZsIfDV8u2q499LFmTxWsaeWY8BFfObU0 VMQNVcQ= -----END CERTIFICATE-----Generated at Thu Jul 24 12:09:12 2025 by rpki-client