$ rpki-client -vvf rpki.sub.apnic.net/repository/A91DD5100000/0/34332e3235322e32302e302f32342d3234203d3e203134363138.roa File: 34332e3235322e32302e302f32342d3234203d3e203134363138.roa (raw, json) Hash identifier: POeaLZ7jyGbDhNwka17vD8hm5iiL/jnjTj3d8a5jHPw= Subject key identifier: 12:E5:8C:9E:AB:9E:A4:DF:92:F6:86:77:74:8E:B9:70:CA:AC:A9:EB Certificate issuer: /CN=A91DD5100000/serialNumber=5D707B0D3569622432B4BDCBFD320F9A8B6DDC7B Certificate serial: 291651E0ECFE12F58E58402AD42CCD99E5F8F8E8 Authority key identifier: 5D:70:7B:0D:35:69:62:24:32:B4:BD:CB:FD:32:0F:9A:8B:6D:DC:7B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XXB7DTVpYiQytL3L_TIPmott3Hs.cer Subject info access: rsync://rpki.sub.apnic.net/repository/A91DD5100000/0/34332e3235322e32302e302f32342d3234203d3e203134363138.roa Signing time: Mon 08 Sep 2025 09:25:16 +0000 ROA not before: Mon 08 Sep 2025 09:20:16 +0000 ROA not after: Mon 07 Sep 2026 09:25:16 +0000 asID: 14618 IP address blocks: 43.252.20.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.sub.apnic.net/repository/A91DD5100000/0/5D707B0D3569622432B4BDCBFD320F9A8B6DDC7B.crl rsync://rpki.sub.apnic.net/repository/A91DD5100000/0/5D707B0D3569622432B4BDCBFD320F9A8B6DDC7B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XXB7DTVpYiQytL3L_TIPmott3Hs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 09 Oct 2025 15:59:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:16:51:e0:ec:fe:12:f5:8e:58:40:2a:d4:2c:cd:99:e5:f8:f8:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DD5100000, serialNumber=5D707B0D3569622432B4BDCBFD320F9A8B6DDC7B Validity Not Before: Sep 8 09:20:16 2025 GMT Not After : Sep 7 09:25:16 2026 GMT Subject: CN=12E58C9EAB9EA4DF92F68677748EB970CAACA9EB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:83:63:31:a2:4a:5b:61:db:1d:d3:e7:37:c4: b5:18:42:24:e2:9e:79:27:ab:14:ed:f4:bd:d9:40: af:b3:de:96:e5:03:39:e7:ac:15:f0:69:cb:7d:88: 5e:b5:f9:ef:89:03:04:e1:c7:cb:54:71:3c:95:51: 6b:84:23:ab:9f:e5:59:27:d1:a7:7a:45:14:57:0c: 0b:55:c7:9e:fd:dd:11:0a:b7:ae:9e:16:bc:26:5d: 25:71:2b:d1:91:6a:e5:a2:fe:4a:36:8c:b5:af:53: 3e:ae:f4:29:7f:53:02:28:eb:52:aa:d1:fd:06:56: 9f:7d:c0:23:35:ca:bb:56:53:3d:66:82:a0:b1:bb: c3:45:d2:70:28:e2:b8:18:3c:c4:a5:dc:71:b6:5a: 40:cf:91:32:d3:4b:d7:93:97:f9:c0:b6:2a:3c:f1: a2:a5:0c:3e:a9:33:95:64:4e:f0:a7:88:ec:e0:ff: 15:c0:b9:d8:ed:ce:58:64:45:52:62:2b:21:a8:a4: 46:07:3d:ae:f7:19:d6:5c:92:e4:95:3c:de:a5:ce: 9c:3b:97:c6:cb:d7:68:fb:fb:d7:28:fa:9f:63:ac: fe:87:b3:1a:fc:73:be:c5:88:34:8c:e6:34:a9:ea: 69:75:87:49:ef:e8:5c:f8:cd:29:a9:c8:3e:09:4f: ce:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:E5:8C:9E:AB:9E:A4:DF:92:F6:86:77:74:8E:B9:70:CA:AC:A9:EB X509v3 Authority Key Identifier: keyid:5D:70:7B:0D:35:69:62:24:32:B4:BD:CB:FD:32:0F:9A:8B:6D:DC:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.sub.apnic.net/repository/A91DD5100000/0/5D707B0D3569622432B4BDCBFD320F9A8B6DDC7B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XXB7DTVpYiQytL3L_TIPmott3Hs.cer Subject Information Access: Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A91DD5100000/0/34332e3235322e32302e302f32342d3234203d3e203134363138.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.252.20.0/24 Signature Algorithm: sha256WithRSAEncryption 9b:3c:b8:e9:8c:70:df:ff:74:dc:d8:ab:e4:ac:81:bc:70:76: 74:14:e2:47:2c:ed:a5:d5:01:55:75:64:f2:db:75:b6:cc:e9: aa:dc:64:7a:5a:0c:7a:27:6f:51:f0:9f:4c:1a:93:4e:fc:36: ff:fc:af:3c:49:bf:dd:5b:1f:dd:ae:ef:e4:0f:96:bb:1e:f2: 95:f6:4d:17:bb:f7:a8:b9:05:82:83:7b:52:e6:d2:e9:cd:f6: af:ed:7d:28:b4:50:29:2a:25:ea:5d:e4:57:06:0e:7a:a4:9d: 17:d0:b3:d3:b9:4e:7e:0b:88:7f:45:bf:43:cb:e1:08:3b:d5: 1a:b8:08:66:dd:58:fe:35:89:7d:50:15:74:f2:87:8d:6a:e8: a3:45:52:07:3d:66:77:17:2c:79:24:1e:93:cd:4c:61:16:6e: 23:a6:08:2e:55:2d:bc:51:54:89:0a:71:7e:18:6f:7b:d4:09: 43:6c:ca:44:c8:ad:4d:35:6a:3f:5d:cc:dc:dc:31:b9:82:e5: 9b:ff:3e:40:7d:5b:24:84:59:2f:37:f1:09:78:a6:40:d7:e4: ad:d0:30:4c:b6:b9:97:42:8e:4b:14:fa:94:9f:4e:68:c2:16: 12:7f:3a:3a:ee:ce:7a:06:b5:86:93:e4:15:ef:fe:f4:ce:8d: 40:20:00:5c -----BEGIN CERTIFICATE----- MIIFHDCCBASgAwIBAgIUKRZR4Oz+EvWOWEAq1CzNmeX4+OgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxREQ1MTAwMDAwMTEwLwYDVQQFEyg1RDcwN0IwRDM1 Njk2MjI0MzJCNEJEQ0JGRDMyMEY5QThCNkREQzdCMB4XDTI1MDkwODA5MjAxNloX DTI2MDkwNzA5MjUxNlowMzExMC8GA1UEAxMoMTJFNThDOUVBQjlFQTRERjkyRjY4 Njc3NzQ4RUI5NzBDQUFDQTlFQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALaDYzGiSlth2x3T5zfEtRhCJOKeeSerFO30vdlAr7PeluUDOeesFfBpy32I XrX574kDBOHHy1RxPJVRa4Qjq5/lWSfRp3pFFFcMC1XHnv3dEQq3rp4WvCZdJXEr 0ZFq5aL+SjaMta9TPq70KX9TAijrUqrR/QZWn33AIzXKu1ZTPWaCoLG7w0XScCji uBg8xKXccbZaQM+RMtNL15OX+cC2KjzxoqUMPqkzlWRO8KeI7OD/FcC52O3OWGRF UmIrIaikRgc9rvcZ1lyS5JU83qXOnDuXxsvXaPv71yj6n2Os/oezGvxzvsWINIzm NKnqaXWHSe/oXPjNKanIPglPzsUCAwEAAaOCAg8wggILMB0GA1UdDgQWBBQS5Yye q56k35L2hnd0jrlwyqyp6zAfBgNVHSMEGDAWgBRdcHsNNWliJDK0vcv9Mg+ai23c ezAOBgNVHQ8BAf8EBAMCB4AwcgYDVR0fBGswaTBnoGWgY4ZhcnN5bmM6Ly9ycGtp LnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTFERDUxMDAwMDAvMC81RDcwN0Iw RDM1Njk2MjI0MzJCNEJEQ0JGRDMyMEY5QThCNkREQzdCLmNybDB+BggrBgEFBQcB AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np dG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9YWEI3RFRWcFlp UXl0TDNMX1RJUG1vdHQzSHMuY2VyMIGJBggrBgEFBQcBCwR9MHsweQYIKwYBBQUH MAuGbXJzeW5jOi8vcnBraS5zdWIuYXBuaWMubmV0L3JlcG9zaXRvcnkvQTkxREQ1 MTAwMDAwLzAvMzQzMzJlMzIzNTMyMmUzMjMwMmUzMDJmMzIzNDJkMzIzNDIwM2Qz ZTIwMzEzNDM2MzEzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggr BgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACv8FDANBgkqhkiG9w0BAQsFAAOCAQEA mzy46Yxw3/903Nir5KyBvHB2dBTiRyztpdUBVXVk8tt1tszpqtxkeloMeidvUfCf TBqTTvw2//yvPEm/3Vsf3a7v5A+Wux7ylfZNF7v3qLkFgoN7UubS6c32r+19KLRQ KSol6l3kVwYOeqSdF9Cz07lOfguIf0W/Q8vhCDvVGrgIZt1Y/jWJfVAVdPKHjWro o0VSBz1mdxcseSQek81MYRZuI6YILlUtvFFUiQpxfhhve9QJQ2zKRMitTTVqP13M 3NwxuYLlm/8+QH1bJIRZLzfxCXimQNfkrdAwTLa5l0KOSxT6lJ9OaMIWEn86Ou7O ega1hpPkFe/+9M6NQCAAXA== -----END CERTIFICATE-----Generated at Wed Oct 8 23:18:47 2025 by rpki-client