$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/0E43AECA3B5D11F0A26BC064C4F9AE02.roa File: 0E43AECA3B5D11F0A26BC064C4F9AE02.roa (raw, json) Hash identifier: jUTYcTyZ2+OJcqc4G97NloEn+TUwA0PZIcNSbqqjJjk= Subject key identifier: 17:90:51:5F:E1:FB:1B:9A:4C:77:58:03:7D:6A:D0:6B:79:8C:05:22 Certificate issuer: /CN=A91A4402/serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846 Certificate serial: 0C56 Authority key identifier: B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/0E43AECA3B5D11F0A26BC064C4F9AE02.roa Signing time: Thu 04 Sep 2025 08:41:52 +0000 ROA not before: Thu 04 Sep 2025 08:41:52 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 395793 IP address blocks: 43.230.54.0/24 maxlen: 24 43.230.55.0/24 maxlen: 24 43.231.188.0/24 maxlen: 24 43.231.190.0/24 maxlen: 24 43.231.191.0/24 maxlen: 24 43.246.128.0/24 maxlen: 24 43.246.130.0/24 maxlen: 24 43.246.196.0/24 maxlen: 24 43.246.197.0/24 maxlen: 24 45.115.32.0/24 maxlen: 24 45.115.34.0/24 maxlen: 24 103.12.52.0/24 maxlen: 24 103.24.163.0/24 maxlen: 24 103.248.148.0/24 maxlen: 24 103.248.149.0/24 maxlen: 24 160.20.46.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.crl rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 11 Sep 2025 19:19:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3158 (0xc56) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A4402, serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846 Validity Not Before: Sep 4 08:41:52 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=68b950d0-32f6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:73:cc:ab:88:70:2d:e6:8c:bf:6c:3d:fe:cf: 2c:84:2a:1b:f7:2e:3d:b5:9e:d4:3e:6a:2b:03:f3: ed:9d:57:84:f7:f5:4d:30:4f:1c:9f:ea:e2:b3:e7: 5b:42:86:7a:bc:03:26:e1:8b:35:27:d0:c6:8d:1b: 52:f9:dd:78:68:e7:ed:85:74:27:95:58:86:10:f6: 79:66:ec:47:30:3c:8a:22:e0:a8:8b:4f:92:dd:e1: 59:37:70:7f:da:4c:77:07:ac:61:6a:1d:d8:af:3d: 36:be:17:4b:48:dc:f0:b7:84:b8:ba:6f:bf:51:e5: 18:f6:c3:53:89:fa:bc:27:e8:e4:28:61:b5:89:e9: b4:78:5e:61:df:33:e7:0a:03:52:56:de:4e:21:93: 53:7e:37:03:37:fc:ff:aa:da:69:52:3d:53:3a:69: b0:f8:7d:e0:ab:2a:04:c5:79:bf:73:fc:41:7f:9b: bf:17:41:45:9b:46:66:2a:08:74:55:b7:96:69:b3: 49:12:61:4d:13:5d:68:f9:9b:2f:dd:e5:68:b6:2e: d2:ed:71:ae:77:d5:71:40:7d:2c:50:42:f5:a0:4f: a0:5a:02:d0:9b:c4:77:41:b8:56:06:f7:8e:b6:12: db:c6:e2:ab:b6:1e:3a:a9:a6:c3:d1:25:85:74:cd: 45:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:90:51:5F:E1:FB:1B:9A:4C:77:58:03:7D:6A:D0:6B:79:8C:05:22 X509v3 Authority Key Identifier: keyid:B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/0E43AECA3B5D11F0A26BC064C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.230.54.0/23 43.231.188.0/24 43.231.190.0/23 43.246.128.0/24 43.246.130.0/24 43.246.196.0/23 45.115.32.0/24 45.115.34.0/24 103.12.52.0/24 103.24.163.0/24 103.248.148.0/23 160.20.46.0/24 Signature Algorithm: sha256WithRSAEncryption 82:85:81:9d:93:19:5c:46:97:a2:f7:e3:fc:80:9e:4b:55:bf: 4e:bb:d6:e8:e0:46:18:37:b1:32:8c:cc:5e:47:a7:bc:c9:af: 10:f5:8a:35:33:b1:16:0b:41:37:74:7a:8a:49:58:f6:c5:2f: 4c:e2:ea:b3:2a:4b:65:ae:6d:15:b8:35:13:77:a4:df:bb:f0: d5:4c:86:5e:63:6b:79:6f:1a:42:b3:a1:e1:4f:4b:e0:45:c3: fb:87:7c:ef:30:84:c6:5b:93:2c:21:6e:0e:40:6c:d2:09:16: 06:9e:6a:26:ff:17:15:6b:bd:9c:81:b6:7b:cb:20:9f:53:9f: 9f:62:60:a2:c8:cb:bc:76:9d:21:77:85:6c:99:7a:c2:96:72: d0:de:84:20:d2:bc:cc:3b:59:e0:da:b6:20:7a:1b:6d:97:02: de:db:82:f0:ad:ee:50:1c:ed:50:b4:a5:16:35:e4:41:06:41: 7f:37:c9:f1:3a:34:49:f0:c2:e3:27:ce:72:70:b4:e0:61:60: 1e:f2:2b:ff:06:41:be:5c:40:77:ed:39:c3:f6:19:4f:ab:31: e8:84:06:85:43:c1:fc:e9:8a:f8:fa:16:a2:14:35:42:32:fb: d2:3c:ae:cf:91:f0:8d:60:e4:f6:ce:a1:90:63:41:3d:17:49: 6d:e8:2b:ee -----BEGIN CERTIFICATE----- MIIFszCCBJugAwIBAgICDFYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTQ0MDIxMTAvBgNVBAUTKEI0MTE2QThFNkRBOTkxRkRDRjcxNjI2RTdCRUExMUZG NjlDQkE4NDYwHhcNMjUwOTA0MDg0MTUyWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02OGI5NTBkMC0zMmY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4nPMq4hwLeaMv2w9/s8shCob9y49tZ7UPmorA/PtnVeE9/VNME8cn+ris+db QoZ6vAMm4Ys1J9DGjRtS+d14aOfthXQnlViGEPZ5ZuxHMDyKIuCoi0+S3eFZN3B/ 2kx3B6xhah3Yrz02vhdLSNzwt4S4um+/UeUY9sNTifq8J+jkKGG1iem0eF5h3zPn CgNSVt5OIZNTfjcDN/z/qtppUj1TOmmw+H3gqyoExXm/c/xBf5u/F0FFm0ZmKgh0 VbeWabNJEmFNE11o+Zsv3eVoti7S7XGud9VxQH0sUEL1oE+gWgLQm8R3QbhWBveO thLbxuKrth46qabD0SWFdM1FnQIDAQABo4IC1zCCAtMwHQYDVR0OBBYEFBeQUV/h +xuaTHdYA31q0Gt5jAUiMB8GA1UdIwQYMBaAFLQRao5tqZH9z3FibnvqEf9py6hG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDQwMi9GREJGRDAyMDNE OTYxMUVBOEVBMDcwMkZDNEY5QUUwMi90QkZxam0ycGtmM1BjV0p1ZS1vUl8ybkxx RVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3RCRnFqbTJwa2YzUGNXSnVlLW9SXzJuTHFFWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTQ0MDIvRkRCRkQwMjAzRDk2MTFFQThFQTA3MDJGQzRGOUFFMDIvMEU0M0FFQ0Ez QjVEMTFGMEEyNkJDMDY0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYQYIKwYBBQUHAQcBAf8E UjBQME4EAgABMEgDBAEr5jYDBAAr57wDBAEr574DBAAr9oADBAAr9oIDBAEr9sQD BAAtcyADBAAtcyIDBABnDDQDBABnGKMDBAFn+JQDBACgFC4wDQYJKoZIhvcNAQEL BQADggEBAIKFgZ2TGVxGl6L34/yAnktVv0671ujgRhg3sTKMzF5Hp7zJrxD1ijUz sRYLQTd0eopJWPbFL0zi6rMqS2WubRW4NRN3pN+78NVMhl5ja3lvGkKzoeFPS+BF w/uHfO8whMZbkywhbg5AbNIJFgaeaib/FxVrvZyBtnvLIJ9Tn59iYKLIy7x2nSF3 hWyZesKWctDehCDSvMw7WeDatiB6G22XAt7bgvCt7lAc7VC0pRY15EEGQX83yfE6 NEnwwuMnznJwtOBhYB7yK/8GQb5cQHftOcP2GU+rMeiEBoVDwfzpivj6FqIUNUIy +9I8rs+R8I1g5PbOoZBjQT0XSW3oK+4= -----END CERTIFICATE-----Generated at Fri Sep 5 08:55:09 2025 by rpki-client