$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/CF428AB8A87511EF9905FE0AC4F9AE02.roa File: CF428AB8A87511EF9905FE0AC4F9AE02.roa (raw, json) Hash identifier: FPGW4QiwngG7YZfJV48hI/r+HtVT2CqKyFBcohX/yPA= Subject key identifier: 33:EB:83:A0:56:36:EE:A9:B0:23:95:93:3A:BB:DA:CE:89:7F:9D:8D Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A Certificate serial: 4B65 Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/CF428AB8A87511EF9905FE0AC4F9AE02.roa Signing time: Thu 29 May 2025 08:48:54 +0000 ROA not before: Thu 29 May 2025 08:48:54 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 150820 IP address blocks: 36.50.174.0/23 maxlen: 23 103.70.114.0/23 maxlen: 23 203.175.96.0/23 maxlen: 23 2001:df3:f0c0::/48 maxlen: 48 2001:df3:f140::/48 maxlen: 48 2001:df4:35c0::/48 maxlen: 48 2001:df4:5040::/48 maxlen: 48 2001:df4:8d40::/48 maxlen: 48 2001:df4:9b40::/48 maxlen: 48 2001:df4:a640::/48 maxlen: 48 2001:df4:ee40::/48 maxlen: 48 2001:df5:82c0::/48 maxlen: 48 2401:4e20::/48 maxlen: 48 2401:9be0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 14:35:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19301 (0x4b65) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A560A, serialNumber=167C3B221775FEC05039468150CE814756AC6F0A Validity Not Before: May 29 08:48:54 2025 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=68381f76-8649 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:03:ad:34:2a:97:79:c1:6d:29:e4:9d:29:31: c4:4b:26:09:b3:86:97:e7:a3:eb:67:41:89:33:92: 2d:40:cb:70:8e:1f:ea:1d:a8:34:71:b5:2f:cb:e6: e4:8b:c7:59:eb:85:01:6c:4d:f2:2b:ca:a9:ad:bc: 98:ba:83:a9:17:10:eb:ec:e9:bf:5a:f1:39:d3:b5: 3d:f0:c0:df:46:c4:ff:1b:73:56:ae:37:61:c2:c1: 36:7a:9f:cd:10:3e:6a:23:c2:6e:ee:f5:7e:bc:5e: d0:fe:92:42:d4:31:de:45:a2:36:fa:ee:b1:44:ca: 4d:ad:0b:05:e4:4e:98:75:44:f6:0a:f5:ce:f0:45: ff:d8:9c:90:44:09:d7:65:c0:75:c5:b7:a6:db:b2: c3:a1:92:e7:9d:01:d9:f6:26:06:13:c8:64:a7:dd: 7e:2a:d8:9d:8c:f6:1c:f5:58:b1:24:b7:bf:8c:b5: c4:fd:37:b3:f7:4c:f5:c6:26:23:00:d4:5f:05:66: 3d:26:de:34:f4:f7:65:8b:fa:37:22:d8:1f:dc:1a: 2f:4b:9b:d5:ca:c3:35:d4:82:c8:da:da:e6:36:d5: ac:5c:28:5d:94:67:66:63:1e:af:e5:13:d4:03:b5: 5d:72:dc:be:8c:00:ef:c6:b6:97:14:aa:de:db:f6: 78:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:EB:83:A0:56:36:EE:A9:B0:23:95:93:3A:BB:DA:CE:89:7F:9D:8D X509v3 Authority Key Identifier: keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/CF428AB8A87511EF9905FE0AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 36.50.174.0/23 103.70.114.0/23 203.175.96.0/23 IPv6: 2001:df3:f0c0::/48 2001:df3:f140::/48 2001:df4:35c0::/48 2001:df4:5040::/48 2001:df4:8d40::/48 2001:df4:9b40::/48 2001:df4:a640::/48 2001:df4:ee40::/48 2001:df5:82c0::/48 2401:4e20::/48 2401:9be0::/48 Signature Algorithm: sha256WithRSAEncryption 7a:8c:77:91:d9:d4:13:be:20:f9:6d:54:fc:4e:e9:59:c7:cd: 32:8e:6d:b1:e2:df:f2:45:3f:aa:d9:3e:4b:38:22:04:76:94: b6:56:9a:6e:e7:a1:58:08:6f:18:98:a9:52:9e:69:bc:68:7c: 08:d0:0c:08:59:05:91:bb:08:cd:b1:f6:ab:44:31:2b:da:a1: 4d:e3:2f:38:14:c4:00:a0:9b:2d:53:f6:57:11:52:c7:ce:bb: a6:c9:b8:7e:91:e1:85:c1:a3:d7:41:0e:5b:cb:8a:0a:12:3d: b2:3b:5f:69:bc:e1:d3:7a:56:73:d0:08:13:dd:bd:55:fd:92: 61:4c:61:32:99:57:de:af:44:61:2f:31:41:2f:5d:83:be:30: 4e:33:21:2a:fa:77:04:d5:ad:90:75:6b:b0:85:2f:bc:95:98: 22:aa:78:83:82:3f:bf:ef:87:01:74:d1:ff:19:06:30:24:5e: f2:2a:0b:11:0a:b5:e7:fb:64:f1:b0:86:9c:75:f9:b0:19:e1: 27:9d:db:af:9b:87:c8:b1:e3:c4:36:b5:75:26:e2:a7:ad:3a: 21:e8:2f:14:69:86:1a:99:13:6f:3c:04:88:c0:be:d7:54:31: 6b:50:29:8c:24:bc:28:69:23:19:9e:a5:36:de:ff:45:3a:b0: 9d:2d:39:5f -----BEGIN CERTIFICATE----- MIIF6zCCBNOgAwIBAgICS2UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3 NTZBQzZGMEEwHhcNMjUwNTI5MDg0ODU0WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODM4MWY3Ni04NjQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAowOtNCqXecFtKeSdKTHESyYJs4aX56PrZ0GJM5ItQMtwjh/qHag0cbUvy+bk i8dZ64UBbE3yK8qprbyYuoOpFxDr7Om/WvE507U98MDfRsT/G3NWrjdhwsE2ep/N ED5qI8Ju7vV+vF7Q/pJC1DHeRaI2+u6xRMpNrQsF5E6YdUT2CvXO8EX/2JyQRAnX ZcB1xbem27LDoZLnnQHZ9iYGE8hkp91+KtidjPYc9VixJLe/jLXE/Tez90z1xiYj ANRfBWY9Jt409Pdli/o3Itgf3BovS5vVysM11ILI2trmNtWsXChdlGdmYx6v5RPU A7Vdcty+jADvxraXFKre2/Z4UwIDAQABo4IDDzCCAwswHQYDVR0OBBYEFDPrg6BW Nu6psCOVkzq72s6Jf52NMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvQ0Y0MjhBQjhB ODc1MTFFRjk5MDVGRTBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZgGCCsGAQUFBwEHAQH/ BIGIMIGFMBgEAgABMBIDBAEkMq4DBAFnRnIDBAHLr2AwaQQCAAIwYwMHACABDfPw wAMHACABDfPxQAMHACABDfQ1wAMHACABDfRQQAMHACABDfSNQAMHACABDfSbQAMH ACABDfSmQAMHACABDfTuQAMHACABDfWCwAMHACQBTiAAAAMHACQBm+AAADANBgkq hkiG9w0BAQsFAAOCAQEAeox3kdnUE74g+W1U/E7pWcfNMo5tseLf8kU/qtk+Szgi BHaUtlaabuehWAhvGJipUp5pvGh8CNAMCFkFkbsIzbH2q0QxK9qhTeMvOBTEAKCb LVP2VxFSx867psm4fpHhhcGj10EOW8uKChI9sjtfabzh03pWc9AIE929Vf2SYUxh MplX3q9EYS8xQS9dg74wTjMhKvp3BNWtkHVrsIUvvJWYIqp4g4I/v++HAXTR/xkG MCRe8ioLEQq15/tk8bCGnHX5sBnhJ53br5uHyLHjxDa1dSbip606IegvFGmGGpkT bzwEiMC+11Qxa1ApjCS8KGkjGZ6lNt7/RTqwnS05Xw== -----END CERTIFICATE-----Generated at Tue Jun 3 23:44:37 2025 by rpki-client