$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/A37BF67C6D5911F0BF752809C4F9AE02.roa File: A37BF67C6D5911F0BF752809C4F9AE02.roa (raw, json) Hash identifier: HHVGHXL/b1i3DFsKHMqfDILhhd13muxBXZpq7CnswlU= Subject key identifier: 12:B1:85:C9:15:0A:1B:75:82:CF:81:1D:DA:9C:14:DF:D9:0C:E6:D3 Certificate issuer: /CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12 Certificate serial: 06C8 Authority key identifier: 8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/A37BF67C6D5911F0BF752809C4F9AE02.roa Signing time: Thu 28 Aug 2025 14:52:07 +0000 ROA not before: Thu 28 Aug 2025 14:52:07 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 45899 IP address blocks: 157.66.13.0/24 maxlen: 24 160.19.78.0/23 maxlen: 23 160.22.2.0/23 maxlen: 24 160.25.74.0/23 maxlen: 24 160.30.54.0/23 maxlen: 24 160.191.52.0/23 maxlen: 24 161.248.30.0/23 maxlen: 24 165.99.58.0/24 maxlen: 24 165.99.59.0/24 maxlen: 24 165.101.234.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Sep 2025 14:33:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1736 (0x6c8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A560A, serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12 Validity Not Before: Aug 28 14:52:07 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=68b06d16-466f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:96:de:08:47:68:af:31:77:f9:06:65:0c:31: ea:22:c0:84:eb:ce:8a:ac:ce:1f:be:a0:3a:07:b5: ff:d5:d9:ca:40:6b:54:89:95:92:ba:c8:39:99:ff: 64:81:2e:ba:c8:e2:13:28:63:99:f9:a9:6d:08:8e: 13:0d:38:b5:49:49:1c:63:c6:2a:10:54:c3:ae:84: 05:82:ba:c7:3c:ac:cf:b9:96:24:9c:b2:94:5a:30: 13:85:27:23:32:eb:18:23:61:4a:7e:10:ca:2a:5d: dd:17:6f:e2:4c:17:e0:66:2c:4d:3e:14:36:95:80: 89:81:4d:d8:14:22:71:bb:81:2d:ee:6f:30:40:2d: 29:98:91:bf:e8:b7:bd:cb:6e:da:23:a4:c9:fb:12: aa:dc:6b:66:ce:72:12:f4:04:93:b3:1a:fa:6b:7a: 4a:3a:01:31:a9:d6:f1:0b:6e:92:0d:e8:95:3a:2f: 6b:c8:13:31:87:be:89:cc:7b:4d:da:20:af:fe:fd: e7:ad:76:e4:75:6a:42:c4:11:70:b0:b3:7c:a1:c6: ed:c0:f0:55:2f:69:5a:f9:1a:bd:38:6d:8b:eb:88: 9e:c3:16:d0:33:c8:a5:e8:ee:9a:4c:20:ac:96:24: e8:06:23:03:ff:78:c8:db:1f:e5:37:25:18:ef:5a: 5a:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:B1:85:C9:15:0A:1B:75:82:CF:81:1D:DA:9C:14:DF:D9:0C:E6:D3 X509v3 Authority Key Identifier: keyid:8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/A37BF67C6D5911F0BF752809C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 157.66.13.0/24 160.19.78.0/23 160.22.2.0/23 160.25.74.0/23 160.30.54.0/23 160.191.52.0/23 161.248.30.0/23 165.99.58.0/23 165.101.234.0/23 Signature Algorithm: sha256WithRSAEncryption 67:35:c0:40:c0:8c:a5:64:7d:f8:b7:77:b4:7d:cc:8c:4e:e5: 29:78:7c:61:c1:a8:f3:46:1c:f3:08:7e:eb:96:40:9f:b7:43: 3b:70:67:de:74:24:8f:48:aa:21:3e:24:57:65:3a:08:d7:8f: 89:c8:bb:49:86:4b:68:8f:5f:bb:f2:53:1a:e2:4a:65:55:c9: 2a:97:07:c5:67:1d:ed:22:80:cc:ca:01:62:8d:7d:64:2e:23: 00:0a:21:07:e2:1f:96:d5:1d:16:2d:a0:16:47:18:65:9a:7f: fc:04:e2:6a:83:23:60:c2:42:8e:44:a5:ab:ea:29:d7:70:b6: 47:27:f6:84:67:50:4d:af:73:6f:9e:98:77:23:18:14:98:1e: 7a:4d:d9:b8:de:6b:83:9f:35:61:e7:c3:df:9a:76:22:9c:e0: b6:5e:b5:75:21:2e:c2:11:46:45:92:05:53:07:f1:3f:83:f9: 52:51:6b:64:51:7b:ac:91:a2:97:25:eb:e8:bf:af:ec:0d:51: 7a:7a:96:88:89:49:6c:14:94:e1:99:62:2f:cc:c1:bf:1e:3a: 2a:81:b1:ba:93:fe:23:4d:ba:bc:22:f3:64:85:7a:81:2b:20: 68:27:8b:7c:cc:f3:42:37:0d:7d:11:bc:e0:fb:56:64:3e:ef: b5:3d:da:77 -----BEGIN CERTIFICATE----- MIIFoTCCBImgAwIBAgICBsgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU2MEExMTAvBgNVBAUTKDhBQzcyMTI5OEY5MkUxMEEyRUUzMDUxQUZCQzkxMTQy ODRGODBFMTIwHhcNMjUwODI4MTQ1MjA3WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGIwNmQxNi00NjZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA15beCEdorzF3+QZlDDHqIsCE686KrM4fvqA6B7X/1dnKQGtUiZWSusg5mf9k gS66yOITKGOZ+altCI4TDTi1SUkcY8YqEFTDroQFgrrHPKzPuZYknLKUWjAThScj MusYI2FKfhDKKl3dF2/iTBfgZixNPhQ2lYCJgU3YFCJxu4Et7m8wQC0pmJG/6Le9 y27aI6TJ+xKq3GtmznIS9ASTsxr6a3pKOgExqdbxC26SDeiVOi9ryBMxh76JzHtN 2iCv/v3nrXbkdWpCxBFwsLN8ocbtwPBVL2la+Rq9OG2L64iewxbQM8il6O6aTCCs liToBiMD/3jI2x/lNyUY71payQIDAQABo4ICxTCCAsEwHQYDVR0OBBYEFBKxhckV Cht1gs+BHdqcFN/ZDObTMB8GA1UdIwQYMBaAFIrHISmPkuEKLuMFGvvJEUKE+A4S MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS8yMDk1ODYxOEE5 REYxMUVFQTM1NkE0M0VDNEY5QUUwMi9pc2NoS1ktUzRRb3U0d1VhLThrUlFvVDRE aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2lzY2hLWS1TNFFvdTR3VWEtOGtSUW9UNERoSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTU2MEEvMjA5NTg2MThBOURGMTFFRUEzNTZBNDNFQzRGOUFFMDIvQTM3QkY2N0M2 RDU5MTFGMEJGNzUyODA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTwYIKwYBBQUHAQcBAf8E QDA+MDwEAgABMDYDBACdQg0DBAGgE04DBAGgFgIDBAGgGUoDBAGgHjYDBAGgvzQD BAGh+B4DBAGlYzoDBAGlZeowDQYJKoZIhvcNAQELBQADggEBAGc1wEDAjKVkffi3 d7R9zIxO5Sl4fGHBqPNGHPMIfuuWQJ+3QztwZ950JI9IqiE+JFdlOgjXj4nIu0mG S2iPX7vyUxriSmVVySqXB8VnHe0igMzKAWKNfWQuIwAKIQfiH5bVHRYtoBZHGGWa f/wE4mqDI2DCQo5EpavqKddwtkcn9oRnUE2vc2+emHcjGBSYHnpN2bjea4OfNWHn w9+adiKc4LZetXUhLsIRRkWSBVMH8T+D+VJRa2RRe6yRopcl6+i/r+wNUXp6loiJ SWwUlOGZYi/Mwb8eOiqBsbqT/iNNurwi82SFeoErIGgni3zM80I3DX0RvOD7VmQ+ 77U92nc= -----END CERTIFICATE-----Generated at Sun Sep 7 00:33:17 2025 by rpki-client