$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/BD3F9B2CB9F511EEA9136568C4F9AE02.roa File: BD3F9B2CB9F511EEA9136568C4F9AE02.roa (raw, json) Hash identifier: dvNmmck2JqS9J1IptDGprjozYE+qrsiKClRw90r+yPE= Subject key identifier: AD:E3:41:C8:6C:4D:8F:ED:2B:86:D6:3E:B5:C8:10:26:55:2C:C7:E9 Certificate issuer: /CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12 Certificate serial: 0672 Authority key identifier: 8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/BD3F9B2CB9F511EEA9136568C4F9AE02.roa Signing time: Thu 28 Aug 2025 14:50:53 +0000 ROA not before: Thu 28 Aug 2025 14:50:53 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 140815 IP address blocks: 157.10.170.0/23 maxlen: 24 157.10.196.0/23 maxlen: 24 157.10.202.0/23 maxlen: 24 157.20.224.0/23 maxlen: 24 157.66.162.0/23 maxlen: 24 157.66.194.0/23 maxlen: 24 157.66.196.0/23 maxlen: 24 160.22.158.0/23 maxlen: 24 160.25.82.0/23 maxlen: 24 160.25.84.0/23 maxlen: 24 160.25.206.0/23 maxlen: 24 160.30.48.0/23 maxlen: 24 160.191.34.0/23 maxlen: 24 160.191.112.0/23 maxlen: 24 160.250.62.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Sep 2025 14:33:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1650 (0x672) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A560A, serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12 Validity Not Before: Aug 28 14:50:53 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=68b06ccd-2f13 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:91:07:2c:30:92:c3:cd:eb:5b:36:19:7f:d3: f1:b2:df:7c:c3:3f:80:db:46:69:47:fa:f7:c0:22: 5d:62:4d:6c:cd:d8:47:98:95:8f:70:5c:1b:a3:2a: 66:17:ae:01:fc:99:01:9a:87:f8:0a:19:0e:d3:71: f7:76:cf:26:25:eb:73:91:38:ff:88:c0:ec:05:c4: b2:88:94:c5:1b:10:f8:0d:0a:fe:a4:1e:28:43:26: 6d:b4:8d:cd:98:e9:39:c4:6e:45:d5:e8:99:98:51: cb:83:06:ce:cb:31:78:3d:6f:0c:f8:5d:cf:ae:f4: cc:96:b0:e5:b3:c4:4f:54:63:0c:81:d7:e5:00:8d: 02:81:f7:14:4b:23:e3:31:b8:33:ca:2d:7f:0d:be: e0:1b:21:90:4a:4a:58:28:7f:6d:69:15:39:e7:3c: 70:66:47:a1:21:0c:ad:74:8e:40:e2:8c:90:02:ec: 90:f5:d1:bd:9e:2d:4b:0f:98:f0:f6:a5:98:13:9b: 5f:33:9c:8a:99:74:75:02:55:6c:73:aa:ee:0a:83: f1:19:b0:6a:37:33:40:2a:68:ea:6a:a6:dd:46:33: 85:8d:3c:2e:cf:11:6c:86:f5:8b:63:a9:f6:cd:e7: e7:ec:8b:60:4e:dc:01:50:ef:eb:1b:10:62:52:7c: 6c:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:E3:41:C8:6C:4D:8F:ED:2B:86:D6:3E:B5:C8:10:26:55:2C:C7:E9 X509v3 Authority Key Identifier: keyid:8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/BD3F9B2CB9F511EEA9136568C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 157.10.170.0/23 157.10.196.0/23 157.10.202.0/23 157.20.224.0/23 157.66.162.0/23 157.66.194.0-157.66.197.255 160.22.158.0/23 160.25.82.0-160.25.85.255 160.25.206.0/23 160.30.48.0/23 160.191.34.0/23 160.191.112.0/23 160.250.62.0/23 Signature Algorithm: sha256WithRSAEncryption ad:56:21:dc:94:dd:7d:72:99:ca:0b:e4:c4:92:18:28:92:c9: 02:bd:26:06:71:33:09:88:1f:b5:59:5f:56:6f:d1:2a:5b:ee: fc:a4:4e:20:9c:3e:ac:e9:c9:fc:87:20:f0:b2:de:35:07:d3: e9:27:f7:7c:e2:25:7d:f3:04:a5:de:27:50:67:0b:2d:66:aa: d1:9f:84:9e:e1:47:b2:e1:51:ef:33:6f:d6:99:d9:05:08:c7: 13:88:7d:be:6b:15:42:b0:c9:2b:74:7b:99:85:33:ab:99:2f: 22:fa:13:ee:21:c5:e2:d3:ed:5b:01:f3:7d:70:bb:92:b6:c1: 15:08:77:4e:13:c8:50:94:1a:46:19:0a:b4:89:56:5d:0b:e8: d9:a6:83:71:dc:19:9b:1b:d8:10:70:1f:61:db:ad:11:90:ad: ed:75:1a:18:24:4b:ee:24:3a:39:ed:ac:77:5b:1e:3b:d7:bc: 9b:f1:39:ab:65:bd:92:09:e1:7b:96:85:23:d5:de:95:c3:aa: 6e:6a:32:7f:66:1c:26:32:95:34:94:7e:c2:76:a0:02:e0:78: de:c0:4a:b8:02:d3:cf:c1:72:a0:50:05:75:54:9d:67:a2:a8: 19:ab:4b:6e:e8:1b:d3:d4:af:01:01:8f:ac:1e:2a:26:92:2d: d9:3f:8e:f0 -----BEGIN CERTIFICATE----- MIIFyTCCBLGgAwIBAgICBnIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU2MEExMTAvBgNVBAUTKDhBQzcyMTI5OEY5MkUxMEEyRUUzMDUxQUZCQzkxMTQy ODRGODBFMTIwHhcNMjUwODI4MTQ1MDUzWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGIwNmNjZC0yZjEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwZEHLDCSw83rWzYZf9Pxst98wz+A20ZpR/r3wCJdYk1szdhHmJWPcFwboypm F64B/JkBmof4ChkO03H3ds8mJetzkTj/iMDsBcSyiJTFGxD4DQr+pB4oQyZttI3N mOk5xG5F1eiZmFHLgwbOyzF4PW8M+F3PrvTMlrDls8RPVGMMgdflAI0CgfcUSyPj Mbgzyi1/Db7gGyGQSkpYKH9taRU55zxwZkehIQytdI5A4oyQAuyQ9dG9ni1LD5jw 9qWYE5tfM5yKmXR1AlVsc6ruCoPxGbBqNzNAKmjqaqbdRjOFjTwuzxFshvWLY6n2 zefn7ItgTtwBUO/rGxBiUnxspQIDAQABo4IC7TCCAukwHQYDVR0OBBYEFK3jQchs TY/tK4bWPrXIECZVLMfpMB8GA1UdIwQYMBaAFIrHISmPkuEKLuMFGvvJEUKE+A4S MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS8yMDk1ODYxOEE5 REYxMUVFQTM1NkE0M0VDNEY5QUUwMi9pc2NoS1ktUzRRb3U0d1VhLThrUlFvVDRE aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2lzY2hLWS1TNFFvdTR3VWEtOGtSUW9UNERoSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTU2MEEvMjA5NTg2MThBOURGMTFFRUEzNTZBNDNFQzRGOUFFMDIvQkQzRjlCMkNC OUY1MTFFRUE5MTM2NTY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwdwYIKwYBBQUHAQcBAf8E aDBmMGQEAgABMF4DBAGdCqoDBAGdCsQDBAGdCsoDBAGdFOADBAGdQqIwDAMEAZ1C wgMEAZ1CxAMEAaAWnjAMAwQBoBlSAwQBoBlUAwQBoBnOAwQBoB4wAwQBoL8iAwQB oL9wAwQBoPo+MA0GCSqGSIb3DQEBCwUAA4IBAQCtViHclN19cpnKC+TEkhgokskC vSYGcTMJiB+1WV9Wb9EqW+78pE4gnD6s6cn8hyDwst41B9PpJ/d84iV98wSl3idQ ZwstZqrRn4Se4Uey4VHvM2/WmdkFCMcTiH2+axVCsMkrdHuZhTOrmS8i+hPuIcXi 0+1bAfN9cLuStsEVCHdOE8hQlBpGGQq0iVZdC+jZpoNx3BmbG9gQcB9h260RkK3t dRoYJEvuJDo57ax3Wx4717yb8TmrZb2SCeF7loUj1d6Vw6puajJ/ZhwmMpU0lH7C dqAC4HjewEq4AtPPwXKgUAV1VJ1noqgZq0tu6BvT1K8BAY+sHiomki3ZP47w -----END CERTIFICATE-----Generated at Sun Sep 7 00:30:31 2025 by rpki-client