$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/4BD7A88C836411F0993AF30FC4F9AE02.roa File: 4BD7A88C836411F0993AF30FC4F9AE02.roa (raw, json) Hash identifier: rkjYmj1CDhTH/dZKBXcWLc9J86RAB4AbHCfuoU8kUe0= Subject key identifier: B8:1A:B9:D4:67:07:A5:47:0B:B2:B9:53:37:82:78:C7:7A:1B:E3:A8 Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A Certificate serial: 4DFA Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/4BD7A88C836411F0993AF30FC4F9AE02.roa Signing time: Thu 28 Aug 2025 14:56:52 +0000 ROA not before: Thu 28 Aug 2025 14:56:52 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 24086 IP address blocks: 27.64.0.0/12 maxlen: 24 103.84.76.0/22 maxlen: 24 115.72.0.0/13 maxlen: 24 116.96.0.0/12 maxlen: 24 117.0.0.0/13 maxlen: 24 125.212.128.0/17 maxlen: 24 125.214.0.0/18 maxlen: 24 125.234.0.0/17 maxlen: 24 125.234.128.0/19 maxlen: 24 125.234.176.0/20 maxlen: 24 125.234.192.0/18 maxlen: 24 125.235.0.0/16 maxlen: 24 171.224.0.0/11 maxlen: 24 203.113.128.0/19 maxlen: 24 203.113.160.0/19 maxlen: 24 203.190.160.0/20 maxlen: 24 220.231.64.0/18 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 14 Sep 2025 16:20:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19962 (0x4dfa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A560A, serialNumber=167C3B221775FEC05039468150CE814756AC6F0A Validity Not Before: Aug 28 14:56:52 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=68b06e33-c84a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:fd:4b:cb:62:59:33:73:c2:25:90:d4:64:b0: f7:03:20:20:df:79:17:c0:d4:73:26:e0:dc:2d:a7: 5b:bf:ee:ce:3f:99:ff:50:ff:61:cf:5b:b7:b2:48: 99:73:46:2d:a2:e3:0e:08:7a:d4:e6:36:07:7f:c3: 61:6b:02:c8:d9:7a:92:d8:6e:0e:55:49:37:81:e2: cc:fc:b9:d9:2c:1a:5a:2a:fe:8c:47:b9:fa:38:a5: 9c:64:57:8e:76:7d:ec:bc:3f:57:70:d7:ad:e3:8e: c9:ff:08:b3:6b:89:5f:40:b8:47:de:14:09:dc:92: 34:6b:71:1d:99:b4:20:52:dc:c5:d8:84:e2:4e:e4: 38:e1:68:56:ad:5b:b0:08:df:21:08:f8:e0:68:57: f7:2f:94:0e:3a:c3:68:67:28:85:b6:c3:bd:81:83: d7:ca:20:ef:00:28:71:92:96:59:e5:85:2d:1a:bd: 72:c4:c2:ff:08:e3:e9:ce:2a:36:5d:49:ce:04:bb: c8:69:41:77:08:45:d4:10:c8:2a:7d:12:79:a5:8e: 54:44:8c:58:2b:bf:2d:87:50:ca:28:b6:90:fc:6e: 3e:62:f8:3e:ba:d9:1c:e5:cf:c0:1c:d2:b1:a6:4a: df:09:c5:56:87:ed:f2:cb:c4:60:96:27:44:1d:d4: 90:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:1A:B9:D4:67:07:A5:47:0B:B2:B9:53:37:82:78:C7:7A:1B:E3:A8 X509v3 Authority Key Identifier: keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/4BD7A88C836411F0993AF30FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 27.64.0.0/12 103.84.76.0/22 115.72.0.0/13 116.96.0.0/12 117.0.0.0/13 125.212.128.0/17 125.214.0.0/18 125.234.0.0-125.234.159.255 125.234.176.0-125.235.255.255 171.224.0.0/11 203.113.128.0/18 203.190.160.0/20 220.231.64.0/18 Signature Algorithm: sha256WithRSAEncryption 2a:a5:88:31:61:3f:40:f0:8f:41:50:ac:97:38:f4:95:8d:a6: 62:ba:d5:90:6b:ef:3f:b1:36:c8:b6:6a:5c:01:be:49:13:50: 59:f6:3f:42:f3:92:39:a2:38:ad:51:fb:4f:ea:34:b3:3d:e3: 6f:7a:0b:71:4e:77:66:71:46:8a:01:6d:8e:42:08:f0:54:45: b3:69:fb:05:a3:58:ab:86:fa:5f:71:82:69:59:55:8d:bf:1a: ad:fd:c1:7c:ec:bb:0c:e1:08:eb:49:5c:60:54:b1:3c:fd:56: 31:d6:22:cd:f7:27:a6:64:9f:c3:a8:a4:db:2a:e1:d4:6c:d5: 38:fc:c7:f0:36:03:4e:8c:64:5c:29:4d:d3:0b:3a:2a:5a:ff: fb:33:ba:4b:54:f2:ba:d2:80:a1:c9:68:f1:8c:7b:08:01:fe: 81:ec:27:9e:9c:5a:da:2f:e4:eb:24:74:2e:1a:c2:9c:f4:b0: a7:74:96:a5:7c:b9:6c:04:51:1e:3c:6a:75:5d:50:50:3b:5e: c2:9b:9d:9a:b4:82:6d:59:72:22:89:db:3f:b5:24:27:40:76: 00:4b:5f:5a:69:dc:65:b8:5f:4d:f8:4c:1f:ba:26:2a:cf:ff: 7b:88:5a:0f:1f:17:77:35:c7:80:29:08:e4:ba:ee:48:8a:9e: 49:bc:51:38 -----BEGIN CERTIFICATE----- MIIFwjCCBKqgAwIBAgICTfowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3 NTZBQzZGMEEwHhcNMjUwODI4MTQ1NjUyWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGIwNmUzMy1jODRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAm/1Ly2JZM3PCJZDUZLD3AyAg33kXwNRzJuDcLadbv+7OP5n/UP9hz1u3skiZ c0YtouMOCHrU5jYHf8NhawLI2XqS2G4OVUk3geLM/LnZLBpaKv6MR7n6OKWcZFeO dn3svD9XcNet447J/wiza4lfQLhH3hQJ3JI0a3EdmbQgUtzF2ITiTuQ44WhWrVuw CN8hCPjgaFf3L5QOOsNoZyiFtsO9gYPXyiDvAChxkpZZ5YUtGr1yxML/COPpzio2 XUnOBLvIaUF3CEXUEMgqfRJ5pY5URIxYK78th1DKKLaQ/G4+Yvg+utkc5c/AHNKx pkrfCcVWh+3yy8RglidEHdSQhQIDAQABo4IC5jCCAuIwHQYDVR0OBBYEFLgaudRn B6VHC7K5UzeCeMd6G+OoMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvNEJEN0E4OEM4 MzY0MTFGMDk5M0FGMzBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwcAYIKwYBBQUHAQcBAf8E YTBfMF0EAgABMFcDAwQbQAMEAmdUTAMDA3NIAwMEdGADAwN1AAMEB33UgAMEBn3W ADALAwMBfeoDBAV96oAwCwMEBH3qsAMDAn3oAwMFq+ADBAbLcYADBATLvqADBAbc 50AwDQYJKoZIhvcNAQELBQADggEBACqliDFhP0Dwj0FQrJc49JWNpmK61ZBr7z+x Nsi2alwBvkkTUFn2P0LzkjmiOK1R+0/qNLM94296C3FOd2ZxRooBbY5CCPBURbNp +wWjWKuG+l9xgmlZVY2/Gq39wXzsuwzhCOtJXGBUsTz9VjHWIs33J6Zkn8OopNsq 4dRs1Tj8x/A2A06MZFwpTdMLOipa//szuktU8rrSgKHJaPGMewgB/oHsJ56cWtov 5OskdC4awpz0sKd0lqV8uWwEUR48anVdUFA7XsKbnZq0gm1ZciKJ2z+1JCdAdgBL X1pp3GW4X034TB+6JirP/3uIWg8fF3c1x4ApCOS67kiKnkm8UTg= -----END CERTIFICATE-----Generated at Mon Sep 8 05:36:06 2025 by rpki-client