$ rpki-client -vvf rpki.apnic.net/member_repository/A91366F8/A4243970BE4A11ECB279552AC4F9AE02/591A8C06BE4D11EC8DADB22CC4F9AE02.roa File: 591A8C06BE4D11EC8DADB22CC4F9AE02.roa (raw, json) Hash identifier: OdJBHfeW2Re+5Y2fi/VDd9mvhSQUJ11CYcf0wDjfUuA= Subject key identifier: 41:E6:D0:DC:73:2D:FE:CA:B3:AA:EA:E2:10:8C:A8:C3:F0:60:E6:ED Certificate issuer: /CN=A91366F8/serialNumber=73914D1410A1CD3F85AD1E1B0A50FF3F8BD60C10 Certificate serial: 037D Authority key identifier: 73:91:4D:14:10:A1:CD:3F:85:AD:1E:1B:0A:50:FF:3F:8B:D6:0C:10 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c5FNFBChzT-FrR4bClD_P4vWDBA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91366F8/A4243970BE4A11ECB279552AC4F9AE02/591A8C06BE4D11EC8DADB22CC4F9AE02.roa Signing time: Sat 13 Sep 2025 01:07:13 +0000 ROA not before: Sat 13 Sep 2025 01:07:13 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 8849 IP address blocks: 103.172.116.0/23 maxlen: 24 2407:d140::/32 maxlen: 32 2407:d140::/36 maxlen: 36 2407:d140:1000::/36 maxlen: 36 2407:d140:2000::/36 maxlen: 36 2407:d140:3000::/36 maxlen: 36 2407:d140:4000::/35 maxlen: 36 2407:d140:6000::/36 maxlen: 36 2407:d140:7000::/36 maxlen: 36 2407:d140:8000::/34 maxlen: 34 2407:d140:8000::/36 maxlen: 36 2407:d140:9000::/36 maxlen: 36 2407:d140:a000::/36 maxlen: 36 2407:d140:b000::/36 maxlen: 36 2407:d140:c000::/36 maxlen: 36 2407:d140:d000::/36 maxlen: 36 2407:d140:e000::/36 maxlen: 36 2407:d140:f000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91366F8/A4243970BE4A11ECB279552AC4F9AE02/c5FNFBChzT-FrR4bClD_P4vWDBA.crl rsync://rpki.apnic.net/member_repository/A91366F8/A4243970BE4A11ECB279552AC4F9AE02/c5FNFBChzT-FrR4bClD_P4vWDBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c5FNFBChzT-FrR4bClD_P4vWDBA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 26 Sep 2025 01:15:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 893 (0x37d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91366F8, serialNumber=73914D1410A1CD3F85AD1E1B0A50FF3F8BD60C10 Validity Not Before: Sep 13 01:07:13 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68c4c3c1-41af Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:de:ba:c9:cc:79:49:2d:1b:92:09:83:9c:37: e3:58:6f:e0:d7:c9:3c:ad:bd:3a:23:7b:d5:3e:aa: 84:30:43:94:bc:a2:e1:ac:f2:35:56:b6:58:c0:ee: 7b:65:1b:c1:d2:57:d3:41:6a:5e:1b:65:dc:1f:c5: 01:48:3c:a4:50:e0:eb:29:b9:bf:64:f0:11:a4:41: 19:b2:a3:08:51:5d:3e:0d:ce:a5:93:a7:57:62:e9: 47:ee:5d:c9:16:e3:d9:13:19:ee:1d:5c:40:99:97: eb:a5:89:d5:99:8b:86:d3:9a:67:c9:82:44:12:43: 31:e4:44:44:d4:97:a0:0e:62:05:8b:85:a1:bb:9b: 2f:c6:50:39:97:23:0c:bc:cf:e9:8b:c7:e0:4e:13: 8a:cd:f8:5c:b6:63:9d:fb:2a:64:b1:a5:2f:a1:05: e5:a4:69:95:77:90:bc:d5:e7:14:6f:d1:6e:3f:12: 3e:9f:3f:63:75:d0:1c:3c:f8:46:ce:1a:96:03:6b: a0:c1:89:80:be:17:3d:14:d8:17:54:cb:69:a1:3d: db:e4:84:a0:06:fa:58:8b:8f:d2:83:63:c3:4d:4b: f3:32:e2:fd:4d:fe:e9:c2:9f:3d:88:a6:36:b4:e1: 55:e0:4b:7b:44:cc:35:ff:4c:46:df:4e:1f:24:66: d1:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:E6:D0:DC:73:2D:FE:CA:B3:AA:EA:E2:10:8C:A8:C3:F0:60:E6:ED X509v3 Authority Key Identifier: keyid:73:91:4D:14:10:A1:CD:3F:85:AD:1E:1B:0A:50:FF:3F:8B:D6:0C:10 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91366F8/A4243970BE4A11ECB279552AC4F9AE02/c5FNFBChzT-FrR4bClD_P4vWDBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c5FNFBChzT-FrR4bClD_P4vWDBA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91366F8/A4243970BE4A11ECB279552AC4F9AE02/591A8C06BE4D11EC8DADB22CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.172.116.0/23 IPv6: 2407:d140::/32 Signature Algorithm: sha256WithRSAEncryption 6f:34:fb:6c:01:e4:62:39:b5:c5:a1:11:18:37:42:94:e3:88: ce:45:74:2f:ff:b9:c4:0c:05:40:1b:26:99:57:50:f9:43:b9: 66:67:17:0e:75:9d:86:32:6b:00:d9:bf:07:f0:78:d3:bb:bd: 79:a7:e8:f2:cd:c5:90:a2:e1:94:e6:4c:f3:a8:bb:e9:ad:67: 0e:16:7c:f6:64:7c:aa:67:f0:38:f8:d4:ec:9d:d6:c4:c7:ce: dd:7c:91:5a:c7:49:8e:28:1e:93:b3:fe:97:1e:98:58:e4:da: 62:b0:20:f6:f4:97:7b:2c:02:57:2b:cf:b5:4e:5b:18:41:c2: d0:45:eb:bb:7a:a1:72:4a:67:ca:1c:79:c3:57:6a:e7:76:08: 68:d7:bb:74:f4:8b:19:10:bf:7f:c6:75:c9:56:39:af:27:c8: 2b:11:18:ba:4b:d5:2e:fd:4a:40:83:11:21:b8:21:f0:05:b3: 5f:03:68:86:56:75:46:bd:75:04:de:4a:99:cb:be:5d:7f:86: 5f:68:d5:95:15:0e:2d:a5:cd:a1:02:65:ed:52:c3:5f:47:ab: ac:6c:6c:e2:54:bb:0f:ec:01:32:af:c1:46:eb:ed:3e:6b:7c: 61:57:7d:f3:06:20:a7:68:4c:4b:18:ee:ce:d9:b4:92:76:56: c8:8e:51:d5 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICA30wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzY2RjgxMTAvBgNVBAUTKDczOTE0RDE0MTBBMUNEM0Y4NUFEMUUxQjBBNTBGRjNG OEJENjBDMTAwHhcNMjUwOTEzMDEwNzEzWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGM0YzNjMS00MWFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsd66ycx5SS0bkgmDnDfjWG/g18k8rb06I3vVPqqEMEOUvKLhrPI1VrZYwO57 ZRvB0lfTQWpeG2XcH8UBSDykUODrKbm/ZPARpEEZsqMIUV0+Dc6lk6dXYulH7l3J FuPZExnuHVxAmZfrpYnVmYuG05pnyYJEEkMx5ERE1JegDmIFi4Whu5svxlA5lyMM vM/pi8fgThOKzfhctmOd+ypksaUvoQXlpGmVd5C81ecUb9FuPxI+nz9jddAcPPhG zhqWA2ugwYmAvhc9FNgXVMtpoT3b5ISgBvpYi4/Sg2PDTUvzMuL9Tf7pwp89iKY2 tOFV4Et7RMw1/0xG304fJGbRNwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFEHm0Nxz Lf7Ks6rq4hCMqMPwYObtMB8GA1UdIwQYMBaAFHORTRQQoc0/ha0eGwpQ/z+L1gwQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNjZGOC9BNDI0Mzk3MEJF NEExMUVDQjI3OTU1MkFDNEY5QUUwMi9jNUZORkJDaHpULUZyUjRiQ2xEX1A0dldE QkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2M1Rk5GQkNoelQtRnJSNGJDbERfUDR2V0RCQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzY2RjgvQTQyNDM5NzBCRTRBMTFFQ0IyNzk1NTJBQzRGOUFFMDIvNTkxQThDMDZC RTREMTFFQzhEQURCMjJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAFnrHQwDQQCAAIwBwMFACQH0UAwDQYJKoZIhvcNAQELBQAD ggEBAG80+2wB5GI5tcWhERg3QpTjiM5FdC//ucQMBUAbJplXUPlDuWZnFw51nYYy awDZvwfweNO7vXmn6PLNxZCi4ZTmTPOou+mtZw4WfPZkfKpn8Dj41Oyd1sTHzt18 kVrHSY4oHpOz/pcemFjk2mKwIPb0l3ssAlcrz7VOWxhBwtBF67t6oXJKZ8ocecNX aud2CGjXu3T0ixkQv3/GdclWOa8nyCsRGLpL1S79SkCDESG4IfAFs18DaIZWdUa9 dQTeSpnLvl1/hl9o1ZUVDi2lzaECZe1Sw19Hq6xsbOJUuw/sATKvwUbr7T5rfGFX ffMGIKdoTEsY7s7ZtJJ2VsiOUdU= -----END CERTIFICATE-----Generated at Fri Sep 19 14:22:11 2025 by rpki-client