$ rpki-client -vvf rpki.apnic.net/member_repository/A91709BC/892897302E9011E99177960FC4F9AE02/53DFF8EC2E9111E999636910C4F9AE02.roa File: 53DFF8EC2E9111E999636910C4F9AE02.roa (raw, json) Hash identifier: 6mj2ePigEKlPzc3f7+eTQsUuSCZHP+3UsHzZtRH/e3g= Subject key identifier: DE:A5:11:A7:F2:A2:A2:B0:E6:AC:81:51:D8:2D:C8:D3:C1:4A:53:A1 Certificate issuer: /CN=A91709BC/serialNumber=36EE8A401305EB38E28D86A5DB7F7628AAB7E24F Certificate serial: 1106 Authority key identifier: 36:EE:8A:40:13:05:EB:38:E2:8D:86:A5:DB:7F:76:28:AA:B7:E2:4F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nu6KQBMF6zjijYal2392KKq34k8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91709BC/892897302E9011E99177960FC4F9AE02/53DFF8EC2E9111E999636910C4F9AE02.roa Signing time: Sat 24 May 2025 17:49:49 +0000 ROA not before: Sat 24 May 2025 17:49:49 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 9771 IP address blocks: 121.97.8.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91709BC/892897302E9011E99177960FC4F9AE02/Nu6KQBMF6zjijYal2392KKq34k8.crl rsync://rpki.apnic.net/member_repository/A91709BC/892897302E9011E99177960FC4F9AE02/Nu6KQBMF6zjijYal2392KKq34k8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nu6KQBMF6zjijYal2392KKq34k8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 15 Jun 2025 17:13:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4358 (0x1106) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91709BC, serialNumber=36EE8A401305EB38E28D86A5DB7F7628AAB7E24F Validity Not Before: May 24 17:49:49 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=683206bd-d301 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:a8:de:6d:fa:92:03:e6:ca:bc:90:4e:ee:47: 29:05:b4:01:17:bf:f2:d3:51:a6:7a:75:c5:75:8d: c3:cf:11:a6:ce:58:24:d3:6c:e2:fc:9f:aa:22:fb: 17:d5:f8:e5:aa:aa:3a:96:38:2a:25:04:46:80:95: 04:af:cf:35:14:d9:a6:18:53:61:d9:e0:b3:8d:bf: f4:62:c7:8d:8a:d0:6b:b5:3b:3a:9e:37:db:9e:ca: 0c:86:9e:dd:15:63:fa:c1:5b:52:d8:74:c2:5b:f7: 72:4d:c4:89:f6:8f:43:c0:30:d1:0f:f7:fc:5e:2e: 74:ac:a7:5d:78:0e:4b:41:9d:24:f3:4c:7f:9e:03: 7d:63:50:d8:f6:55:b3:cf:df:40:c0:38:d5:31:fc: 8b:92:cd:68:31:d6:bf:7b:5d:c0:57:7a:01:95:86: 14:bb:8a:e6:6d:bc:79:57:6e:bc:b1:bd:b1:95:07: f2:f7:dc:7d:39:4c:64:61:15:63:2c:6c:f2:d8:a4: 98:99:55:e5:31:61:4f:00:42:97:bd:aa:36:d3:7a: 3d:59:69:8d:16:ea:aa:41:cd:eb:74:32:19:37:07: c3:9e:8f:87:d5:a7:7a:c4:55:05:38:ee:a2:89:20: 96:7a:6b:e0:aa:42:cc:86:d7:4b:89:79:c6:60:0a: 89:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:A5:11:A7:F2:A2:A2:B0:E6:AC:81:51:D8:2D:C8:D3:C1:4A:53:A1 X509v3 Authority Key Identifier: keyid:36:EE:8A:40:13:05:EB:38:E2:8D:86:A5:DB:7F:76:28:AA:B7:E2:4F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91709BC/892897302E9011E99177960FC4F9AE02/Nu6KQBMF6zjijYal2392KKq34k8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nu6KQBMF6zjijYal2392KKq34k8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91709BC/892897302E9011E99177960FC4F9AE02/53DFF8EC2E9111E999636910C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 121.97.8.0/24 Signature Algorithm: sha256WithRSAEncryption 1f:86:b6:57:27:06:c5:2f:88:40:ba:f4:ca:fa:f8:ad:0f:66: 05:31:82:5d:e9:d0:a8:09:7d:51:b6:eb:4d:a3:df:f2:d6:71: 4e:f0:46:bc:f6:84:5c:93:2a:4d:18:64:9a:04:03:f2:14:e0: 12:8f:32:5e:a4:c4:22:e1:67:72:9d:a7:1c:67:f7:cd:90:2a: 79:da:e2:5f:3a:17:35:d2:bc:59:fc:a2:92:64:24:74:61:d8: e5:98:cd:72:b0:a6:e3:99:cf:64:1a:02:35:f6:50:aa:0a:fb: 1a:61:64:99:97:98:7c:a3:99:50:e3:05:08:04:61:83:57:2e: 65:83:cb:1e:42:53:cf:77:57:55:58:8d:9f:af:1e:6f:f5:15: ec:22:5c:79:c7:ee:e6:b1:ee:71:09:12:79:8d:10:6d:df:c1: 77:f1:1b:d5:21:c8:cc:44:e1:b8:1c:85:ea:2a:6a:43:e4:20: 25:13:f0:8f:00:5f:24:e3:7f:c5:a8:2d:2b:2e:00:88:60:4f: b5:99:a9:bb:46:5e:42:34:2f:09:40:5c:53:84:ff:32:ef:d3: ee:0e:dd:0a:49:d8:f1:9f:59:b6:80:58:6e:fd:77:be:d7:96: 0a:5c:2f:40:ea:6d:34:0b:af:b0:01:b0:9d:9a:24:49:9d:b5: ec:98:5e:92 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICEQYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzA5QkMxMTAvBgNVBAUTKDM2RUU4QTQwMTMwNUVCMzhFMjhEODZBNURCN0Y3NjI4 QUFCN0UyNEYwHhcNMjUwNTI0MTc0OTQ5WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODMyMDZiZC1kMzAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz6jebfqSA+bKvJBO7kcpBbQBF7/y01GmenXFdY3DzxGmzlgk02zi/J+qIvsX 1fjlqqo6ljgqJQRGgJUEr881FNmmGFNh2eCzjb/0YseNitBrtTs6njfbnsoMhp7d FWP6wVtS2HTCW/dyTcSJ9o9DwDDRD/f8Xi50rKddeA5LQZ0k80x/ngN9Y1DY9lWz z99AwDjVMfyLks1oMda/e13AV3oBlYYUu4rmbbx5V268sb2xlQfy99x9OUxkYRVj LGzy2KSYmVXlMWFPAEKXvao203o9WWmNFuqqQc3rdDIZNwfDno+H1ad6xFUFOO6i iSCWemvgqkLMhtdLiXnGYAqJawIDAQABo4IClTCCApEwHQYDVR0OBBYEFN6lEafy oqKw5qyBUdgtyNPBSlOhMB8GA1UdIwQYMBaAFDbuikATBes44o2Gpdt/diiqt+JP MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MDlCQy84OTI4OTczMDJF OTAxMUU5OTE3Nzk2MEZDNEY5QUUwMi9OdTZLUUJNRjZ6amlqWWFsMjM5MktLcTM0 azguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL051NktRQk1GNnpqaWpZYWwyMzkyS0txMzRrOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzA5QkMvODkyODk3MzAyRTkwMTFFOTkxNzc5NjBGQzRGOUFFMDIvNTNERkY4RUMy RTkxMTFFOTk5NjM2OTEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAB5YQgwDQYJKoZIhvcNAQELBQADggEBAB+GtlcnBsUviEC6 9Mr6+K0PZgUxgl3p0KgJfVG2602j3/LWcU7wRrz2hFyTKk0YZJoEA/IU4BKPMl6k xCLhZ3Kdpxxn982QKnna4l86FzXSvFn8opJkJHRh2OWYzXKwpuOZz2QaAjX2UKoK +xphZJmXmHyjmVDjBQgEYYNXLmWDyx5CU893V1VYjZ+vHm/1FewiXHnH7uax7nEJ EnmNEG3fwXfxG9UhyMxE4bgcheoqakPkICUT8I8AXyTjf8WoLSsuAIhgT7WZqbtG XkI0LwlAXFOE/zLv0+4O3QpJ2PGfWbaAWG79d77XlgpcL0DqbTQLr7ABsJ2aJEmd teyYXpI= -----END CERTIFICATE-----Generated at Tue Jun 10 02:45:21 2025 by rpki-client