$ rpki-client -vvf rpki.apnic.net/member_repository/A91509B3/7570014283AC11F0AD540D1BC4F9AE02/FD5873EC83BA11F089D8E166C4F9AE02.roa File: FD5873EC83BA11F089D8E166C4F9AE02.roa (raw, json) Hash identifier: SEj8pF/rFYWA53Iulhxw4eorqv5a1+iQ0fmivnQ/FrM= Subject key identifier: 58:5A:D7:ED:81:AC:17:84:88:47:62:22:AA:6D:28:4C:F3:74:7F:44 Certificate issuer: /CN=A91509B3/serialNumber=E57261FFC81071407934B6504A22BBA3C150E173 Certificate serial: 12 Authority key identifier: E5:72:61:FF:C8:10:71:40:79:34:B6:50:4A:22:BB:A3:C1:50:E1:73 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5XJh_8gQcUB5NLZQSiK7o8FQ4XM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91509B3/7570014283AC11F0AD540D1BC4F9AE02/FD5873EC83BA11F089D8E166C4F9AE02.roa Signing time: Thu 04 Sep 2025 12:01:55 +0000 ROA not before: Thu 04 Sep 2025 12:01:55 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 38263 IP address blocks: 203.1.208.0/24 maxlen: 24 203.1.209.0/24 maxlen: 24 203.1.210.0/24 maxlen: 24 203.1.211.0/24 maxlen: 24 203.1.212.0/24 maxlen: 24 203.1.213.0/24 maxlen: 24 203.1.214.0/24 maxlen: 24 203.1.215.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91509B3/7570014283AC11F0AD540D1BC4F9AE02/5XJh_8gQcUB5NLZQSiK7o8FQ4XM.crl rsync://rpki.apnic.net/member_repository/A91509B3/7570014283AC11F0AD540D1BC4F9AE02/5XJh_8gQcUB5NLZQSiK7o8FQ4XM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5XJh_8gQcUB5NLZQSiK7o8FQ4XM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Sep 2025 08:50:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18 (0x12) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509B3, serialNumber=E57261FFC81071407934B6504A22BBA3C150E173 Validity Not Before: Sep 4 12:01:55 2025 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=68b97fb3-df7f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:56:25:5e:e4:9a:f5:d7:c4:d6:85:96:8d:df: 38:43:4c:da:39:a6:47:4a:3c:92:e7:ae:32:b2:24: 79:02:a0:cd:8d:bb:80:9b:d9:a7:30:06:5c:6a:99: df:91:4b:95:17:ad:f1:20:22:ca:5c:b7:a8:fb:4f: 5c:81:0c:e1:d9:06:11:c7:8a:dd:62:e3:eb:48:9d: 85:5d:8f:10:2d:e3:2b:be:9a:8f:43:ba:a7:84:1f: 11:65:5b:a8:db:b4:29:5c:77:65:c0:54:6a:93:ab: 1d:ed:99:43:80:51:d3:08:83:a0:a9:ac:16:0e:6e: 01:43:ac:25:d5:4d:47:10:c4:a6:5b:0f:20:43:ac: ed:14:6f:71:d6:c3:c5:e8:47:5e:23:ab:80:ba:fb: b5:c7:e1:f6:20:17:4f:e7:75:cb:19:71:48:59:f5: bd:0e:da:68:ce:46:4b:52:f2:53:f5:16:e9:d6:2d: 15:42:15:73:ae:e5:03:26:8a:b1:40:8e:00:76:65: 05:12:56:34:4c:b6:d9:57:10:58:50:76:db:28:b2: 9f:8c:fc:73:e1:4c:80:54:22:30:15:01:2c:5f:5c: ac:89:e2:a8:95:76:16:66:3c:ef:7e:5a:81:a5:3d: 46:b8:e1:49:d2:26:9a:b6:d1:94:d6:72:95:41:60: 92:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:5A:D7:ED:81:AC:17:84:88:47:62:22:AA:6D:28:4C:F3:74:7F:44 X509v3 Authority Key Identifier: keyid:E5:72:61:FF:C8:10:71:40:79:34:B6:50:4A:22:BB:A3:C1:50:E1:73 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91509B3/7570014283AC11F0AD540D1BC4F9AE02/5XJh_8gQcUB5NLZQSiK7o8FQ4XM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5XJh_8gQcUB5NLZQSiK7o8FQ4XM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91509B3/7570014283AC11F0AD540D1BC4F9AE02/FD5873EC83BA11F089D8E166C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.1.208.0/21 Signature Algorithm: sha256WithRSAEncryption 33:a8:bc:a3:ad:d1:32:17:c4:aa:15:28:d6:de:25:a2:33:4f: b9:97:d3:14:58:1f:1e:aa:dd:da:e1:ae:d8:b0:3c:6c:c1:b9: 30:79:b6:d9:aa:e1:1e:7d:0a:d9:b7:c7:b0:0d:e1:e9:dc:ab: 57:61:fb:50:43:ca:37:11:56:a0:89:29:0d:b3:3a:39:e1:12: 43:82:bd:cc:3e:c9:d6:99:a6:50:ab:45:db:c3:8b:9c:00:fd: 2b:4d:7a:6e:47:4a:0c:8d:d9:68:1f:35:7b:2b:29:03:28:59: c5:10:2f:bf:fc:02:26:1a:89:34:b5:6f:3f:63:d3:73:4c:0a: 90:90:03:f7:f1:10:06:18:45:b7:b4:31:53:70:1e:13:98:e2: 97:68:ef:ec:a0:d8:b4:90:c8:da:26:19:fb:92:26:b5:fd:bb: 8c:bb:ac:61:c1:ea:72:c9:4e:29:1a:0f:4b:4c:af:d0:ad:ef: 3f:dc:30:ec:4e:ea:91:37:fd:5e:ea:46:01:b2:d4:43:19:01: d9:69:f5:53:5f:80:1d:42:d1:13:b9:e5:64:df:38:c5:5b:0c: 5c:42:4b:56:89:64:24:13:62:ec:64:8c:46:73:f4:5e:04:f8: ee:05:f2:36:ba:f3:7e:3d:27:61:63:50:3b:d5:7c:d5:fc:c7: 9f:4b:9d:d4 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBEjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1 MDlCMzExMC8GA1UEBRMoRTU3MjYxRkZDODEwNzE0MDc5MzRCNjUwNEEyMkJCQTND MTUwRTE3MzAeFw0yNTA5MDQxMjAxNTVaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4Yjk3ZmIzLWRmN2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDQViVe5Jr118TWhZaN3zhDTNo5pkdKPJLnrjKyJHkCoM2Nu4Cb2acwBlxqmd+R S5UXrfEgIspct6j7T1yBDOHZBhHHit1i4+tInYVdjxAt4yu+mo9DuqeEHxFlW6jb tClcd2XAVGqTqx3tmUOAUdMIg6CprBYObgFDrCXVTUcQxKZbDyBDrO0Ub3HWw8Xo R14jq4C6+7XH4fYgF0/ndcsZcUhZ9b0O2mjORktS8lP1FunWLRVCFXOu5QMmirFA jgB2ZQUSVjRMttlXEFhQdtsosp+M/HPhTIBUIjAVASxfXKyJ4qiVdhZmPO9+WoGl PUa44UnSJpq20ZTWcpVBYJJpAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUWFrX7YGs F4SIR2Iiqm0oTPN0f0QwHwYDVR0jBBgwFoAU5XJh/8gQcUB5NLZQSiK7o8FQ4XMw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTUwOUIzLzc1NzAwMTQyODNB QzExRjBBRDU0MEQxQkM0RjlBRTAyLzVYSmhfOGdRY1VCNU5MWlFTaUs3bzhGUTRY TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvNVhKaF84Z1FjVUI1TkxaUVNpSzdvOEZRNFhNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 MDlCMy83NTcwMDE0MjgzQUMxMUYwQUQ1NDBEMUJDNEY5QUUwMi9GRDU4NzNFQzgz QkExMUYwODlEOEUxNjZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEA8sB0DANBgkqhkiG9w0BAQsFAAOCAQEAM6i8o63RMhfEqhUo 1t4lojNPuZfTFFgfHqrd2uGu2LA8bMG5MHm22arhHn0K2bfHsA3h6dyrV2H7UEPK NxFWoIkpDbM6OeESQ4K9zD7J1pmmUKtF28OLnAD9K016bkdKDI3ZaB81eyspAyhZ xRAvv/wCJhqJNLVvP2PTc0wKkJAD9/EQBhhFt7QxU3AeE5jil2jv7KDYtJDI2iYZ +5Imtf27jLusYcHqcslOKRoPS0yv0K3vP9ww7E7qkTf9XupGAbLUQxkB2Wn1U1+A HULRE7nlZN84xVsMXEJLVolkJBNi7GSMRnP0XgT47gXyNrrzfj0nYWNQO9V81fzH n0ud1A== -----END CERTIFICATE-----Generated at Fri Sep 19 05:30:06 2025 by rpki-client