$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/CF41132A1DE811EB9DE34963C4F9AE02.roa File: CF41132A1DE811EB9DE34963C4F9AE02.roa (raw, json) Hash identifier: xo4YbqiE7X/F67UsXOYb5uFnpLPpFvm6ZJLr7VXM8NU= Subject key identifier: 2D:16:D5:74:F5:6D:CF:D2:26:34:45:E6:83:0F:97:7F:0B:FD:79:90 Certificate issuer: /CN=A91AB20B/serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808 Certificate serial: 0817 Authority key identifier: 5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/CF41132A1DE811EB9DE34963C4F9AE02.roa Signing time: Tue 02 Sep 2025 21:42:08 +0000 ROA not before: Tue 02 Sep 2025 21:42:08 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 135407 IP address blocks: 110.93.223.0/24 maxlen: 24 110.93.226.0/24 maxlen: 24 110.93.227.0/24 maxlen: 24 110.93.228.0/24 maxlen: 24 110.93.230.0/24 maxlen: 24 110.93.236.0/24 maxlen: 24 110.93.237.0/24 maxlen: 24 110.93.240.0/24 maxlen: 24 110.93.244.0/24 maxlen: 24 110.93.245.0/24 maxlen: 24 110.93.246.0/24 maxlen: 24 110.93.247.0/24 maxlen: 24 117.20.29.0/24 maxlen: 24 119.63.139.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Sep 2025 19:50:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2071 (0x817) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AB20B, serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808 Validity Not Before: Sep 2 21:42:08 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=68b764b0-bdea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:1f:6a:d4:14:c4:e5:8a:24:e2:6d:e9:d3:c8: 84:31:8c:d4:83:49:66:d3:cf:75:04:13:31:10:f3: 7d:90:03:ee:09:94:4d:8e:bb:dc:2a:b4:c0:d0:24: ba:17:31:ed:4a:34:ca:4b:4b:1d:1c:ce:94:2b:a3: 22:ea:89:86:c4:4c:dc:1e:6f:92:f9:9c:fd:ee:da: 1f:fc:73:26:70:13:19:c4:59:fa:c0:ce:73:37:b1: de:3e:77:03:14:57:e5:9f:31:a8:9c:ef:eb:d9:57: 44:08:79:4c:f6:b1:d0:12:af:33:12:84:68:74:b6: 90:8a:2d:63:0d:e7:e8:dc:00:9d:a7:6f:34:61:a9: ab:bf:d7:c3:55:ef:5c:50:69:ca:a3:29:9b:69:1d: d8:55:85:c5:1e:6c:d0:86:1e:ef:be:a5:69:7b:6e: 5f:5f:a2:c7:e9:55:4e:f8:b8:93:e9:09:18:aa:df: a7:44:34:8b:cd:50:5a:6c:ce:3e:e5:5e:4d:e9:17: f4:57:28:83:76:93:63:48:23:66:5f:a9:7e:1e:17: 48:3e:b0:23:21:a1:da:f3:a7:04:04:b7:5a:24:e6: 2e:66:d4:b8:f6:00:02:cc:80:5e:9c:59:ec:93:ce: 44:22:94:c0:01:9a:de:87:4a:e5:84:d4:78:c1:80: 17:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:16:D5:74:F5:6D:CF:D2:26:34:45:E6:83:0F:97:7F:0B:FD:79:90 X509v3 Authority Key Identifier: keyid:5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/CF41132A1DE811EB9DE34963C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 110.93.223.0/24 110.93.226.0-110.93.228.255 110.93.230.0/24 110.93.236.0/23 110.93.240.0/24 110.93.244.0/22 117.20.29.0/24 119.63.139.0/24 Signature Algorithm: sha256WithRSAEncryption 51:26:ec:30:c9:11:cf:71:69:96:8f:95:54:4b:98:67:32:ea: 4b:9a:42:be:3a:02:c4:f2:c9:2a:4c:35:1e:d6:17:ad:d9:1e: aa:c4:d5:92:fc:fa:76:67:1d:6c:58:ee:1c:d3:d4:22:39:b7: cd:93:10:28:ff:0b:bb:00:33:69:c2:e2:d8:5f:f9:f3:a4:9b: 4e:3b:09:1a:3d:fc:33:18:2a:af:f8:33:45:92:99:2a:40:5a: f1:16:a1:ff:34:88:29:94:05:b1:da:3e:ab:06:50:a2:f7:10: 9b:65:a3:18:04:9e:72:7c:3e:66:bc:42:c9:59:31:3e:08:1e: 5c:d3:65:54:f0:7f:ad:72:77:88:ea:25:7b:fd:03:48:1e:1c: 0f:18:25:73:12:c0:f9:57:aa:91:26:83:1b:88:1b:d2:57:9d: e6:d0:17:69:1e:97:d4:d5:fa:01:c6:f8:bc:3e:30:3a:99:59: c4:be:54:89:05:a0:98:16:8b:fe:a0:f4:ec:4e:1a:6b:18:7d: 0b:7c:3f:1d:a1:6b:45:eb:bd:09:46:e1:e1:ed:f5:e7:62:f7: f3:90:3d:73:bf:4a:22:be:7c:74:d1:e2:22:0b:e2:bb:80:a7: ce:ac:81:a3:6a:5d:1e:28:98:e6:9d:f4:18:14:a0:d9:51:cb: b9:44:b8:ab -----BEGIN CERTIFICATE----- MIIFozCCBIugAwIBAgICCBcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUIyMEIxMTAvBgNVBAUTKDVFQzFBNkFENzZBM0FCRkRDMUUxMzI5RUIyNjM3QzAx ODY0QjQ4MDgwHhcNMjUwOTAyMjE0MjA4WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGI3NjRiMC1iZGVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuh9q1BTE5Yok4m3p08iEMYzUg0lm0891BBMxEPN9kAPuCZRNjrvcKrTA0CS6 FzHtSjTKS0sdHM6UK6Mi6omGxEzcHm+S+Zz97tof/HMmcBMZxFn6wM5zN7HePncD FFflnzGonO/r2VdECHlM9rHQEq8zEoRodLaQii1jDefo3ACdp280Yamrv9fDVe9c UGnKoymbaR3YVYXFHmzQhh7vvqVpe25fX6LH6VVO+LiT6QkYqt+nRDSLzVBabM4+ 5V5N6Rf0VyiDdpNjSCNmX6l+HhdIPrAjIaHa86cEBLdaJOYuZtS49gACzIBenFns k85EIpTAAZreh0rlhNR4wYAXAwIDAQABo4ICxzCCAsMwHQYDVR0OBBYEFC0W1XT1 bc/SJjRF5oMPl38L/XmQMB8GA1UdIwQYMBaAFF7Bpq12o6v9weEynrJjfAGGS0gI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjIwQi9CQTcxQjY0ODEy MDMxMUVCQkFBMTk0MTRDNEY5QUUwMi9Yc0dtclhhanFfM0I0VEtlc21OOEFZWkxT QWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hzR21yWGFqcV8zQjRUS2VzbU44QVlaTFNBZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUIyMEIvQkE3MUI2NDgxMjAzMTFFQkJBQTE5NDE0QzRGOUFFMDIvQ0Y0MTEzMkEx REU4MTFFQjlERTM0OTYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUQYIKwYBBQUHAQcBAf8E QjBAMD4EAgABMDgDBABuXd8wDAMEAW5d4gMEAG5d5AMEAG5d5gMEAW5d7AMEAG5d 8AMEAm5d9AMEAHUUHQMEAHc/izANBgkqhkiG9w0BAQsFAAOCAQEAUSbsMMkRz3Fp lo+VVEuYZzLqS5pCvjoCxPLJKkw1HtYXrdkeqsTVkvz6dmcdbFjuHNPUIjm3zZMQ KP8LuwAzacLi2F/586SbTjsJGj38Mxgqr/gzRZKZKkBa8Rah/zSIKZQFsdo+qwZQ ovcQm2WjGASecnw+ZrxCyVkxPggeXNNlVPB/rXJ3iOole/0DSB4cDxglcxLA+Veq kSaDG4gb0led5tAXaR6X1NX6Acb4vD4wOplZxL5UiQWgmBaL/qD07E4aaxh9C3w/ HaFrReu9CUbh4e3152L385A9c79KIr58dNHiIgviu4CnzqyBo2pdHiiY5p30GBSg 2VHLuUS4qw== -----END CERTIFICATE-----Generated at Sat Sep 6 23:08:37 2025 by rpki-client