$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/CF428AB8A87511EF9905FE0AC4F9AE02.roa File: CF428AB8A87511EF9905FE0AC4F9AE02.roa (raw, json) Hash identifier: EknRP0B0Gk8YhGKH0o+W1r0MMxKAjiKdT2ibwlY0hu8= Subject key identifier: AC:E8:70:B7:2D:7E:CC:96:67:B3:B3:40:B0:1E:58:43:F8:16:91:0D Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A Certificate serial: 4D79 Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/CF428AB8A87511EF9905FE0AC4F9AE02.roa Signing time: Thu 28 Aug 2025 14:55:07 +0000 ROA not before: Thu 28 Aug 2025 14:55:07 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 150820 IP address blocks: 36.50.174.0/23 maxlen: 23 103.70.114.0/23 maxlen: 23 203.175.96.0/23 maxlen: 23 2001:df3:f0c0::/48 maxlen: 48 2001:df3:f140::/48 maxlen: 48 2001:df4:35c0::/48 maxlen: 48 2001:df4:5040::/48 maxlen: 48 2001:df4:8d40::/48 maxlen: 48 2001:df4:9b40::/48 maxlen: 48 2001:df4:a640::/48 maxlen: 48 2001:df4:ee40::/48 maxlen: 48 2001:df5:82c0::/48 maxlen: 48 2401:4e20::/48 maxlen: 48 2401:9be0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 14 Sep 2025 16:20:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19833 (0x4d79) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A560A, serialNumber=167C3B221775FEC05039468150CE814756AC6F0A Validity Not Before: Aug 28 14:55:07 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=68b06dcb-c698 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:a0:5d:17:11:14:98:a5:80:9c:56:3b:6d:f1: 2a:c2:da:88:ca:ce:97:63:69:bf:c4:65:df:31:d2: 53:f9:11:b0:fd:f0:c5:30:35:08:11:39:43:00:69: 37:23:49:e4:8b:ae:a0:c6:b7:cd:ab:f4:68:09:e6: ac:d1:fa:06:62:90:3c:c6:9d:54:73:79:71:40:19: 48:74:c1:67:70:32:bc:93:a9:58:85:bc:8f:af:5c: 0c:06:06:7b:6d:ec:a6:0e:f9:67:4c:e1:6c:ac:12: ff:25:89:9e:68:8a:92:5c:bf:58:c2:36:52:8d:af: 72:40:ba:5e:64:6f:92:88:96:eb:9d:ac:34:10:74: 4d:a7:c1:6e:b8:7e:c6:4c:23:ef:ad:4f:0e:66:02: 97:16:0f:7e:30:a6:7e:15:7e:f3:2b:27:44:f6:63: bd:ca:ea:88:21:8d:69:7d:79:e9:65:eb:0b:d5:f1: 80:4a:a2:52:c7:04:84:55:af:a4:5e:62:58:4d:a7: c4:19:5d:58:3a:0e:e8:24:a3:af:e9:09:26:0a:e1: 7d:6f:7b:bf:6b:20:f1:e4:5a:c2:8c:8c:d5:02:3e: 77:ae:06:a5:8d:2a:a6:de:10:b1:0f:06:bb:89:1b: 63:3c:8c:85:9b:91:b5:26:68:f1:3b:9d:71:55:19: 4c:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:E8:70:B7:2D:7E:CC:96:67:B3:B3:40:B0:1E:58:43:F8:16:91:0D X509v3 Authority Key Identifier: keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/CF428AB8A87511EF9905FE0AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 36.50.174.0/23 103.70.114.0/23 203.175.96.0/23 IPv6: 2001:df3:f0c0::/48 2001:df3:f140::/48 2001:df4:35c0::/48 2001:df4:5040::/48 2001:df4:8d40::/48 2001:df4:9b40::/48 2001:df4:a640::/48 2001:df4:ee40::/48 2001:df5:82c0::/48 2401:4e20::/48 2401:9be0::/48 Signature Algorithm: sha256WithRSAEncryption a0:68:4d:08:2c:01:7e:b8:f7:bb:99:88:a7:03:c4:a2:c1:7e: a6:85:4e:19:88:60:bf:b8:43:ce:ec:68:e2:3d:c5:02:d9:77: 47:c5:77:0d:03:92:6d:f2:d3:7e:da:04:24:f4:7a:2f:1b:57: 90:62:27:d8:93:25:db:25:82:a2:a5:0b:b4:41:b8:44:08:22: 33:d2:3c:2b:aa:b5:d6:cf:75:42:34:10:66:26:65:c5:ae:ff: 79:92:43:87:f7:fd:b3:b8:a1:51:7d:52:5e:cd:7c:57:bb:2f: b5:f3:99:ff:c7:7f:d5:65:9a:ce:0e:75:5b:d0:b4:2c:5b:8b: 4f:7e:3d:0a:5d:1c:97:d1:63:40:30:49:f9:cd:61:84:f1:11: 87:24:c6:9a:e9:ff:c9:98:62:6a:8a:5c:84:e2:78:ca:48:10: 24:9c:95:39:91:7f:5e:77:88:85:cd:9d:10:20:58:80:e1:aa: ea:9c:df:15:59:0a:48:e8:31:1e:78:46:95:92:cf:6c:27:be: 16:97:9e:5c:64:24:09:48:3f:c3:bf:8e:1a:b8:d4:c7:f1:03: 4c:96:fb:91:e5:b2:67:f8:cb:d7:6e:91:99:65:d2:a6:d5:14: a6:07:d3:45:ab:cb:b7:79:ae:e3:e0:25:9d:b9:88:13:9e:c0: 8f:e5:6a:ef -----BEGIN CERTIFICATE----- MIIF6zCCBNOgAwIBAgICTXkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3 NTZBQzZGMEEwHhcNMjUwODI4MTQ1NTA3WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGIwNmRjYi1jNjk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2qBdFxEUmKWAnFY7bfEqwtqIys6XY2m/xGXfMdJT+RGw/fDFMDUIETlDAGk3 I0nki66gxrfNq/RoCeas0foGYpA8xp1Uc3lxQBlIdMFncDK8k6lYhbyPr1wMBgZ7 beymDvlnTOFsrBL/JYmeaIqSXL9YwjZSja9yQLpeZG+SiJbrnaw0EHRNp8FuuH7G TCPvrU8OZgKXFg9+MKZ+FX7zKydE9mO9yuqIIY1pfXnpZesL1fGASqJSxwSEVa+k XmJYTafEGV1YOg7oJKOv6QkmCuF9b3u/ayDx5FrCjIzVAj53rgaljSqm3hCxDwa7 iRtjPIyFm5G1JmjxO51xVRlMMwIDAQABo4IDDzCCAwswHQYDVR0OBBYEFKzocLct fsyWZ7OzQLAeWEP4FpENMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvQ0Y0MjhBQjhB ODc1MTFFRjk5MDVGRTBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZgGCCsGAQUFBwEHAQH/ BIGIMIGFMBgEAgABMBIDBAEkMq4DBAFnRnIDBAHLr2AwaQQCAAIwYwMHACABDfPw wAMHACABDfPxQAMHACABDfQ1wAMHACABDfRQQAMHACABDfSNQAMHACABDfSbQAMH ACABDfSmQAMHACABDfTuQAMHACABDfWCwAMHACQBTiAAAAMHACQBm+AAADANBgkq hkiG9w0BAQsFAAOCAQEAoGhNCCwBfrj3u5mIpwPEosF+poVOGYhgv7hDzuxo4j3F Atl3R8V3DQOSbfLTftoEJPR6LxtXkGIn2JMl2yWCoqULtEG4RAgiM9I8K6q11s91 QjQQZiZlxa7/eZJDh/f9s7ihUX1SXs18V7svtfOZ/8d/1WWazg51W9C0LFuLT349 Cl0cl9FjQDBJ+c1hhPERhyTGmun/yZhiaopchOJ4ykgQJJyVOZF/XneIhc2dECBY gOGq6pzfFVkKSOgxHnhGlZLPbCe+FpeeXGQkCUg/w7+OGrjUx/EDTJb7keWyZ/jL 126RmWXSptUUpgfTRavLt3mu4+AlnbmIE57Aj+Vq7w== -----END CERTIFICATE-----Generated at Mon Sep 8 05:36:00 2025 by rpki-client