$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/28C73E085EC411F0AFDCEE52C4F9AE02.roa File: 28C73E085EC411F0AFDCEE52C4F9AE02.roa (raw, json) Hash identifier: Ju8go9OBKML8ykj6qnfvaBG6KjObv0i9KK2dLnaHCbM= Subject key identifier: 91:7E:33:7E:EA:39:E8:EF:1E:42:35:CF:F0:1A:D9:45:6D:AA:D9:23 Certificate issuer: /CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00 Certificate serial: 18F9 Authority key identifier: C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/28C73E085EC411F0AFDCEE52C4F9AE02.roa Signing time: Sat 12 Jul 2025 02:01:44 +0000 ROA not before: Sat 12 Jul 2025 02:01:44 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 18037 IP address blocks: 27.106.200.0/22 maxlen: 22 203.89.64.0/19 maxlen: 19 203.89.67.0/24 maxlen: 24 203.89.73.0/24 maxlen: 24 203.89.90.0/24 maxlen: 24 203.89.91.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Jul 2025 17:03:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6393 (0x18f9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EAE3D, serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00 Validity Not Before: Jul 12 02:01:44 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=6871c208-5ff4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f8:6b:ed:f3:42:13:bc:fe:9f:0d:f1:95:af:f6: 77:66:ed:87:64:db:3d:44:ed:52:cf:70:e4:06:4e: 10:d2:e3:92:b9:d2:81:2a:10:9b:f8:37:5a:09:c8: 9f:a7:07:c1:7c:36:ed:95:03:93:89:7b:ab:33:88: 4c:ff:15:7a:7a:d5:48:09:32:b3:c3:c5:e8:02:e3: a6:b4:fd:91:3e:45:56:34:80:aa:77:25:82:8a:bd: 0b:d9:df:c0:87:7b:09:d6:ef:73:50:d0:74:6a:32: 86:4a:06:6d:82:53:83:f4:dc:24:44:c1:f9:09:39: 08:38:aa:38:d9:dc:88:c9:78:9c:1a:bd:f8:df:a0: fe:e7:f0:bd:7d:1b:3f:3d:aa:d7:e4:13:93:ce:df: 3a:2a:83:4f:6d:46:d5:46:a6:8c:60:c9:6e:33:3e: fd:5c:05:12:b0:d9:0c:81:52:d1:63:cb:3c:73:55: 57:25:c7:e6:c3:05:88:d4:10:a5:20:63:f2:c3:87: 20:50:95:5c:70:4c:13:53:da:b5:f2:a3:76:f5:af: c3:33:71:a0:70:88:21:10:89:39:22:8a:22:6d:65: 6b:b4:32:e0:30:59:ba:75:1d:d0:15:e5:a0:01:fc: cb:de:81:9e:35:4e:4f:9a:2b:ba:68:77:4b:91:b0: a8:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:7E:33:7E:EA:39:E8:EF:1E:42:35:CF:F0:1A:D9:45:6D:AA:D9:23 X509v3 Authority Key Identifier: keyid:C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/28C73E085EC411F0AFDCEE52C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 27.106.200.0/22 203.89.64.0/19 Signature Algorithm: sha256WithRSAEncryption a8:69:57:e1:07:bd:41:19:c9:ca:ae:c2:f9:6d:62:d8:06:b9: 37:70:5c:14:63:af:f2:6e:04:b4:0d:0d:4d:0c:d6:38:89:fd: 08:a1:f8:68:e3:b3:4c:89:11:be:e3:78:c4:e3:ad:fa:75:94: c1:c0:5a:57:eb:85:1b:54:3d:38:43:84:49:1b:b9:20:85:25: 6b:71:2c:aa:b5:eb:c3:8e:04:24:a6:ca:92:fa:b1:61:31:96: 09:b3:58:9b:c0:60:1c:67:24:44:b7:00:0e:62:64:1f:2d:9a: 15:ec:a3:3b:f5:62:9a:49:42:13:39:1b:6b:85:28:59:5b:22: 34:23:69:a1:98:c6:08:ec:71:b4:43:06:9a:46:5e:1f:3a:d5: 1d:ae:da:3b:90:57:ae:53:76:c3:52:ff:5b:17:74:4a:b8:b2: 3b:e6:2e:5c:4d:72:ef:ff:94:7f:97:49:96:7d:b6:a2:d9:29: e5:1f:12:f4:b0:3b:f3:76:d1:aa:47:96:84:5e:51:99:02:39: 9d:81:2a:c3:b0:2c:1c:7c:e5:03:d9:f9:26:ae:10:79:fe:68: 62:ed:8b:ff:58:6b:20:cc:d0:5f:6e:29:9b:e2:0a:9b:3b:01: c8:65:29:64:84:cb:86:67:f8:e3:db:9a:2c:61:78:77:41:cc: 53:ca:76:4b -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICGPkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUFFM0QxMTAvBgNVBAUTKEM3MjY5QjEyNEM0MjBDNTVFMjlGQjUxRDNDMUIwRDlE NDc2Q0JEMDAwHhcNMjUwNzEyMDIwMTQ0WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODcxYzIwOC01ZmY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA+Gvt80ITvP6fDfGVr/Z3Zu2HZNs9RO1Sz3DkBk4Q0uOSudKBKhCb+DdaCcif pwfBfDbtlQOTiXurM4hM/xV6etVICTKzw8XoAuOmtP2RPkVWNICqdyWCir0L2d/A h3sJ1u9zUNB0ajKGSgZtglOD9NwkRMH5CTkIOKo42dyIyXicGr3436D+5/C9fRs/ ParX5BOTzt86KoNPbUbVRqaMYMluMz79XAUSsNkMgVLRY8s8c1VXJcfmwwWI1BCl IGPyw4cgUJVccEwTU9q18qN29a/DM3GgcIghEIk5IooibWVrtDLgMFm6dR3QFeWg AfzL3oGeNU5Pmiu6aHdLkbCoiwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFJF+M37q OejvHkI1z/Aa2UVtqtkjMB8GA1UdIwQYMBaAFMcmmxJMQgxV4p+1HTwbDZ1HbL0A MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUzRC85N0I2RTBDRTc1 REUxMUU4QjcwNEEyNDZDNEY5QUUwMi94eWFiRWt4Q0RGWGluN1VkUEJzTm5VZHN2 UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3h5YWJFa3hDREZYaW43VWRQQnNOblVkc3ZRQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUFFM0QvOTdCNkUwQ0U3NURFMTFFOEI3MDRBMjQ2QzRGOUFFMDIvMjhDNzNFMDg1 RUM0MTFGMEFGRENFRTUyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAIbasgDBAXLWUAwDQYJKoZIhvcNAQELBQADggEBAKhpV+EH vUEZycquwvltYtgGuTdwXBRjr/JuBLQNDU0M1jiJ/Qih+Gjjs0yJEb7jeMTjrfp1 lMHAWlfrhRtUPThDhEkbuSCFJWtxLKq168OOBCSmypL6sWExlgmzWJvAYBxnJES3 AA5iZB8tmhXsozv1YppJQhM5G2uFKFlbIjQjaaGYxgjscbRDBppGXh861R2u2juQ V65TdsNS/1sXdEq4sjvmLlxNcu//lH+XSZZ9tqLZKeUfEvSwO/N20apHloReUZkC OZ2BKsOwLBx85QPZ+SauEHn+aGLti/9YayDM0F9uKZviCps7AchlKWSEy4Zn+OPb mixheHdBzFPKdks= -----END CERTIFICATE-----Generated at Thu Jul 24 05:02:16 2025 by rpki-client