$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/CE76D260A87511EF9905FE0AC4F9AE02.roa File: CE76D260A87511EF9905FE0AC4F9AE02.roa (raw, json) Hash identifier: NSefZ6P0w0MZbA9bpr5YhlK+A7OQBCwUhWmJ2njerUg= Subject key identifier: 21:F7:15:29:28:A2:D9:0F:B8:4A:B9:03:1C:AE:69:1D:9A:98:10:48 Certificate issuer: /CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12 Certificate serial: 067B Authority key identifier: 8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/CE76D260A87511EF9905FE0AC4F9AE02.roa Signing time: Thu 28 Aug 2025 14:51:00 +0000 ROA not before: Thu 28 Aug 2025 14:51:00 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 150820 IP address blocks: 157.15.38.0/23 maxlen: 23 157.20.62.0/23 maxlen: 23 157.66.252.0/23 maxlen: 23 160.22.172.0/23 maxlen: 23 160.22.174.0/23 maxlen: 23 160.30.190.0/23 maxlen: 23 160.187.120.0/23 maxlen: 23 160.191.176.0/23 maxlen: 23 160.191.240.0/23 maxlen: 23 160.250.46.0/23 maxlen: 23 161.248.208.0/23 maxlen: 23 165.99.14.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Sep 2025 14:33:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1659 (0x67b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A560A, serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12 Validity Not Before: Aug 28 14:51:00 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=68b06cd4-8767 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:f5:56:b2:98:5b:cb:eb:c1:7c:4f:0f:55:3d: 23:fc:15:57:81:14:c7:57:a5:2d:a1:db:b9:a8:82: 66:0a:b0:c3:c5:d5:6c:02:23:5f:37:28:f2:be:83: 7b:e4:ef:b7:7d:2f:c0:e2:68:6b:21:81:c3:b0:4b: df:6a:e9:6a:ed:9a:66:82:f9:50:f2:3d:b1:76:b9: eb:a8:23:5d:d5:56:5f:b2:fd:54:89:f0:e1:14:25: b2:21:d8:9f:2a:b6:3b:1c:b6:a4:6b:b8:86:f6:bf: 0e:6b:0c:98:62:71:7d:f9:d5:58:2c:d0:51:be:b1: ca:70:fe:fe:9e:cf:e0:4e:09:1f:4c:de:58:22:d0: ac:24:34:e0:30:f2:4c:7e:56:a8:86:ab:67:9c:d8: 77:0a:a5:ac:ef:62:02:bc:3e:3a:75:4e:d3:80:e5: b3:64:b1:0e:50:23:4f:ab:bd:bd:b4:52:8f:46:31: 9b:f8:19:4f:ef:8b:9c:41:27:10:2b:31:52:dc:53: ab:3e:6e:c7:a4:be:86:b2:fc:73:da:06:73:3d:d3: 36:e2:f3:40:25:6d:81:75:2e:57:8f:5b:33:e0:24: 92:10:fb:6d:96:43:be:f5:0b:3a:96:1b:30:9f:16: 51:35:ac:55:94:3d:23:0e:cc:fc:55:fb:d9:4f:c9: 97:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:F7:15:29:28:A2:D9:0F:B8:4A:B9:03:1C:AE:69:1D:9A:98:10:48 X509v3 Authority Key Identifier: keyid:8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/CE76D260A87511EF9905FE0AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 157.15.38.0/23 157.20.62.0/23 157.66.252.0/23 160.22.172.0/22 160.30.190.0/23 160.187.120.0/23 160.191.176.0/23 160.191.240.0/23 160.250.46.0/23 161.248.208.0/23 165.99.14.0/23 Signature Algorithm: sha256WithRSAEncryption 93:2d:d4:d9:cf:a0:0d:97:42:ed:71:65:81:6a:c7:47:67:7e: 21:f5:71:30:10:c6:e3:3a:da:f2:01:54:8b:96:70:af:32:5f: df:c5:8a:76:47:0e:c8:dd:48:1f:f0:8e:20:ee:04:99:31:aa: 02:0e:95:55:8e:95:db:dc:cc:b4:ef:bc:3b:41:dd:3e:73:23: 36:f6:d0:d8:76:cf:fc:c7:a7:2b:c3:09:29:d6:0b:61:13:3a: d7:83:5b:18:2f:b0:ae:f1:b6:f7:8e:55:9d:3e:5a:a2:3e:6c: 08:59:8f:d3:05:d6:35:da:eb:cf:fd:70:53:5c:40:29:7a:08: 7d:6b:1e:11:24:20:d4:96:30:5e:6b:72:34:b5:29:e9:86:86: 5c:a4:40:52:15:aa:2e:57:57:37:4b:59:3a:6f:a8:47:09:87: 1c:5d:eb:cd:a9:c9:3e:86:ee:f9:2c:82:d4:f5:f1:c1:f3:8a: 7a:81:68:da:43:3e:93:07:c1:82:4c:52:4a:de:9e:97:4e:4d: 06:09:08:89:9c:9f:88:54:d5:23:a7:7d:38:75:ba:1a:2b:ef: bc:5e:68:a1:5a:07:a5:a3:f9:fb:df:c9:77:fc:43:9a:09:77: ec:9c:72:26:e4:eb:3f:0e:2c:47:55:b7:b6:96:c2:99:f8:f6: 15:36:ef:e3 -----BEGIN CERTIFICATE----- MIIFrTCCBJWgAwIBAgICBnswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU2MEExMTAvBgNVBAUTKDhBQzcyMTI5OEY5MkUxMEEyRUUzMDUxQUZCQzkxMTQy ODRGODBFMTIwHhcNMjUwODI4MTQ1MTAwWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGIwNmNkNC04NzY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApPVWsphby+vBfE8PVT0j/BVXgRTHV6Utodu5qIJmCrDDxdVsAiNfNyjyvoN7 5O+3fS/A4mhrIYHDsEvfaulq7ZpmgvlQ8j2xdrnrqCNd1VZfsv1UifDhFCWyIdif KrY7HLaka7iG9r8OawyYYnF9+dVYLNBRvrHKcP7+ns/gTgkfTN5YItCsJDTgMPJM flaohqtnnNh3CqWs72ICvD46dU7TgOWzZLEOUCNPq729tFKPRjGb+BlP74ucQScQ KzFS3FOrPm7HpL6Gsvxz2gZzPdM24vNAJW2BdS5Xj1sz4CSSEPttlkO+9Qs6lhsw nxZRNaxVlD0jDsz8VfvZT8mXKwIDAQABo4IC0TCCAs0wHQYDVR0OBBYEFCH3FSko otkPuEq5AxyuaR2amBBIMB8GA1UdIwQYMBaAFIrHISmPkuEKLuMFGvvJEUKE+A4S MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS8yMDk1ODYxOEE5 REYxMUVFQTM1NkE0M0VDNEY5QUUwMi9pc2NoS1ktUzRRb3U0d1VhLThrUlFvVDRE aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2lzY2hLWS1TNFFvdTR3VWEtOGtSUW9UNERoSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTU2MEEvMjA5NTg2MThBOURGMTFFRUEzNTZBNDNFQzRGOUFFMDIvQ0U3NkQyNjBB ODc1MTFFRjk5MDVGRTBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWwYIKwYBBQUHAQcBAf8E TDBKMEgEAgABMEIDBAGdDyYDBAGdFD4DBAGdQvwDBAKgFqwDBAGgHr4DBAGgu3gD BAGgv7ADBAGgv/ADBAGg+i4DBAGh+NADBAGlYw4wDQYJKoZIhvcNAQELBQADggEB AJMt1NnPoA2XQu1xZYFqx0dnfiH1cTAQxuM62vIBVIuWcK8yX9/FinZHDsjdSB/w jiDuBJkxqgIOlVWOldvczLTvvDtB3T5zIzb20Nh2z/zHpyvDCSnWC2ETOteDWxgv sK7xtveOVZ0+WqI+bAhZj9MF1jXa68/9cFNcQCl6CH1rHhEkINSWMF5rcjS1KemG hlykQFIVqi5XVzdLWTpvqEcJhxxd682pyT6G7vksgtT18cHzinqBaNpDPpMHwYJM UkrenpdOTQYJCImcn4hU1SOnfTh1uhor77xeaKFaB6Wj+fvfyXf8Q5oJd+yccibk 6z8OLEdVt7aWwpn49hU27+M= -----END CERTIFICATE-----Generated at Sun Sep 7 00:30:33 2025 by rpki-client