$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/3DE1DBC4D81011EC892E8A79C4F9AE02.roa File: 3DE1DBC4D81011EC892E8A79C4F9AE02.roa (raw, json) Hash identifier: bW1tXZTK5POt+zZDGbG4YDsox5kPeg50QnLxOuLANNg= Subject key identifier: 16:9A:E0:F8:5E:4D:D7:61:8B:7E:E5:88:94:27:91:F7:72:D8:E2:85 Certificate issuer: /CN=A91ACD4D/serialNumber=3A46FB0F40F69D5E1DB75D2851F040C19F66F22C Certificate serial: 1665 Authority key identifier: 3A:46:FB:0F:40:F6:9D:5E:1D:B7:5D:28:51:F0:40:C1:9F:66:F2:2C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Okb7D0D2nV4dt10oUfBAwZ9m8iw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/3DE1DBC4D81011EC892E8A79C4F9AE02.roa Signing time: Tue 02 Sep 2025 17:05:51 +0000 ROA not before: Tue 02 Sep 2025 17:05:51 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 1299 IP address blocks: 115.187.88.0/24 maxlen: 24 115.187.89.0/24 maxlen: 24 115.187.90.0/24 maxlen: 24 115.187.91.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/Okb7D0D2nV4dt10oUfBAwZ9m8iw.crl rsync://rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/Okb7D0D2nV4dt10oUfBAwZ9m8iw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Okb7D0D2nV4dt10oUfBAwZ9m8iw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 11 Sep 2025 16:49:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5733 (0x1665) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ACD4D, serialNumber=3A46FB0F40F69D5E1DB75D2851F040C19F66F22C Validity Not Before: Sep 2 17:05:51 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=68b723ef-b280 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:5d:8f:a1:3e:2f:ff:de:5d:e9:15:3d:32:6b: 7c:8d:7d:9b:c8:c0:86:cb:94:79:1b:67:58:6a:46: 98:f7:c3:77:49:d0:15:bc:a8:9b:d4:47:df:f8:0f: 0a:99:47:d8:9f:7c:9f:d1:4d:40:03:41:98:aa:e3: c6:2f:ca:25:77:5b:fb:13:fe:8c:76:1a:5f:92:bb: 1f:a4:b3:90:4d:6a:05:c1:2c:45:2d:90:68:90:95: 8f:45:43:68:f4:46:ef:fc:1c:83:87:53:2e:ee:e6: 21:b9:8e:8c:f5:42:4a:93:f1:53:6c:0a:7a:81:5b: 72:e7:26:80:10:33:ce:0d:97:62:21:d3:4a:7c:bd: a6:b7:0d:7b:c9:54:df:03:e4:5e:d6:07:10:29:d3: d4:0a:0c:b1:24:23:53:6c:20:2d:3b:84:21:40:e4: 6e:93:00:e6:d6:b4:af:22:0a:89:33:64:bd:6b:f6: 31:91:fd:82:40:7a:10:50:16:22:c4:23:5d:fa:32: 7a:69:e5:70:eb:35:2a:f9:8d:b0:83:92:84:f4:b0: 5e:ad:a4:a4:26:51:04:53:27:cd:95:b9:73:26:e3: 86:f6:d7:03:e2:ef:64:60:8b:25:1c:1e:d6:9e:52: 1f:c1:b8:c3:f6:17:5b:9f:80:ee:13:46:c5:ef:19: 14:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:9A:E0:F8:5E:4D:D7:61:8B:7E:E5:88:94:27:91:F7:72:D8:E2:85 X509v3 Authority Key Identifier: keyid:3A:46:FB:0F:40:F6:9D:5E:1D:B7:5D:28:51:F0:40:C1:9F:66:F2:2C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/Okb7D0D2nV4dt10oUfBAwZ9m8iw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Okb7D0D2nV4dt10oUfBAwZ9m8iw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/3DE1DBC4D81011EC892E8A79C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 115.187.88.0/22 Signature Algorithm: sha256WithRSAEncryption 01:0a:a3:7a:d5:82:7f:34:e1:86:e4:04:66:01:d9:7a:26:64: b4:e4:c3:32:d8:69:3a:de:36:46:3d:6b:38:7b:f5:53:64:46: e6:da:c9:3a:de:5a:0e:16:c0:5f:c3:ff:78:0b:78:75:b0:01: 29:2c:e0:01:34:90:a9:f5:a1:01:81:b9:18:e8:67:e1:d6:ab: 5a:01:9b:69:e8:54:cc:89:13:e7:0e:4e:a3:5c:d0:7e:7a:28: 1e:5d:b7:20:57:22:6a:f8:7a:14:d3:9b:d1:22:a9:6f:67:25: 29:78:91:6b:ec:52:6c:6e:24:41:eb:04:4c:42:da:58:e6:8c: 74:eb:cc:47:5b:b4:3f:8a:e7:7b:38:ee:be:eb:32:68:cf:1e: 7d:cd:66:91:01:67:8b:51:dd:10:77:fd:71:85:7e:38:26:bc: 64:27:b0:56:02:c2:76:ec:11:ab:21:ce:27:bd:a0:f8:8a:8e: 4a:f6:b9:4d:fe:3b:85:59:bf:09:73:70:87:cb:a9:18:9c:81: a2:1f:89:78:38:2e:7b:a9:ef:c8:7c:9b:4c:b1:64:16:43:63: bb:7b:92:b2:76:77:84:3a:63:59:9c:80:fa:a5:5b:d2:ed:95: 77:0d:ed:b1:69:1d:10:c4:64:39:71:14:2f:59:02:11:68:47: 9e:2c:e6:41 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICFmUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUNENEQxMTAvBgNVBAUTKDNBNDZGQjBGNDBGNjlENUUxREI3NUQyODUxRjA0MEMx OUY2NkYyMkMwHhcNMjUwOTAyMTcwNTUxWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGI3MjNlZi1iMjgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwF2PoT4v/95d6RU9Mmt8jX2byMCGy5R5G2dYakaY98N3SdAVvKib1Eff+A8K mUfYn3yf0U1AA0GYquPGL8old1v7E/6MdhpfkrsfpLOQTWoFwSxFLZBokJWPRUNo 9Ebv/ByDh1Mu7uYhuY6M9UJKk/FTbAp6gVty5yaAEDPODZdiIdNKfL2mtw17yVTf A+Re1gcQKdPUCgyxJCNTbCAtO4QhQORukwDm1rSvIgqJM2S9a/Yxkf2CQHoQUBYi xCNd+jJ6aeVw6zUq+Y2wg5KE9LBeraSkJlEEUyfNlblzJuOG9tcD4u9kYIslHB7W nlIfwbjD9hdbn4DuE0bF7xkU8QIDAQABo4IClTCCApEwHQYDVR0OBBYEFBaa4Phe Tddhi37liJQnkfdy2OKFMB8GA1UdIwQYMBaAFDpG+w9A9p1eHbddKFHwQMGfZvIs MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0Q0RC8xMzdEMDBENDE2 MEUxMUU4ODUyQzQzN0VDNEY5QUUwMi9Pa2I3RDBEMm5WNGR0MTBvVWZCQXdaOW04 aXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09rYjdEMEQyblY0ZHQxMG9VZkJBd1o5bThpdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUNENEQvMTM3RDAwRDQxNjBFMTFFODg1MkM0MzdFQzRGOUFFMDIvM0RFMURCQzRE ODEwMTFFQzg5MkU4QTc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAJzu1gwDQYJKoZIhvcNAQELBQADggEBAAEKo3rVgn804Ybk BGYB2XomZLTkwzLYaTreNkY9azh79VNkRubayTreWg4WwF/D/3gLeHWwASks4AE0 kKn1oQGBuRjoZ+HWq1oBm2noVMyJE+cOTqNc0H56KB5dtyBXImr4ehTTm9EiqW9n JSl4kWvsUmxuJEHrBExC2ljmjHTrzEdbtD+K53s47r7rMmjPHn3NZpEBZ4tR3RB3 /XGFfjgmvGQnsFYCwnbsEashzie9oPiKjkr2uU3+O4VZvwlzcIfLqRicgaIfiXg4 Lnup78h8m0yxZBZDY7t7krJ2d4Q6Y1mcgPqlW9LtlXcN7bFpHRDEZDlxFC9ZAhFo R54s5kE= -----END CERTIFICATE-----Generated at Sat Sep 6 14:26:10 2025 by rpki-client