$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/F9A864386AAB11EF8FEBE576C4F9AE02.roa File: F9A864386AAB11EF8FEBE576C4F9AE02.roa (raw, json) Hash identifier: VtJthTtz/+ABAcSwhrIYrg5dkmdk8ZYvZhD7Gwr5Rag= Subject key identifier: 09:A1:20:55:38:59:42:98:DF:19:F0:D3:EB:CF:80:B8:9D:01:3F:27 Certificate issuer: /CN=A91B6587/serialNumber=2D634077CC847B59D4048D43E04B3309698FE638 Certificate serial: 0359 Authority key identifier: 2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/F9A864386AAB11EF8FEBE576C4F9AE02.roa Signing time: Wed 03 Sep 2025 03:20:07 +0000 ROA not before: Wed 03 Sep 2025 03:20:07 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 133499 IP address blocks: 43.225.188.0/24 maxlen: 24 43.225.190.0/24 maxlen: 24 43.228.236.0/24 maxlen: 24 43.228.238.0/24 maxlen: 24 43.228.239.0/24 maxlen: 24 103.84.120.0/22 maxlen: 24 103.194.113.0/24 maxlen: 24 103.240.164.0/22 maxlen: 24 103.241.52.0/22 maxlen: 22 103.241.52.0/24 maxlen: 24 103.241.53.0/24 maxlen: 24 103.241.54.0/24 maxlen: 24 103.241.55.0/24 maxlen: 24 103.252.110.0/24 maxlen: 24 150.107.226.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.crl rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 14 Sep 2025 02:52:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 857 (0x359) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B6587, serialNumber=2D634077CC847B59D4048D43E04B3309698FE638 Validity Not Before: Sep 3 03:20:07 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=68b7b3e7-ffac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:cc:f4:04:6d:cd:1c:70:ba:7f:1b:bc:56:15: 31:bc:5d:ad:bc:ce:ae:ca:fb:53:3f:9e:cf:55:8f: 0d:3a:1f:dd:53:78:32:41:66:d4:c0:ae:9f:a3:b1: 11:1a:eb:83:e7:04:20:2e:c1:9a:e3:ab:d8:61:af: af:68:d9:e1:69:76:35:01:61:b0:e4:fa:d6:bc:76: b4:94:3f:fb:6f:e8:85:f5:0e:13:e8:eb:60:cc:2d: 46:d3:e8:f0:2d:76:60:00:a6:b9:08:b3:58:4b:ec: c8:78:ca:23:e0:f4:8c:26:59:32:b0:75:23:87:9e: 6e:d0:69:5c:17:93:ab:24:a3:1d:ec:28:b4:96:41: e0:e3:ff:dd:20:97:23:3a:77:6c:89:c6:10:dd:74: e2:d1:b6:29:08:07:82:03:19:b3:fd:78:b7:23:c2: 01:4f:6a:f4:ad:36:aa:ba:7d:c0:54:20:b9:31:3d: d7:52:d9:20:fe:9d:cc:de:a4:45:2c:12:ee:6d:8b: c5:7c:83:77:23:a7:6d:05:7c:48:ab:db:f3:a8:df: 5f:37:aa:35:17:c7:f1:a7:92:09:9c:5b:d1:58:84: c5:fe:27:e0:a1:b4:b9:da:c5:45:0f:9e:6c:d2:9d: 41:02:d9:52:c0:8c:63:be:d0:14:37:93:03:3f:dd: 9f:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:A1:20:55:38:59:42:98:DF:19:F0:D3:EB:CF:80:B8:9D:01:3F:27 X509v3 Authority Key Identifier: keyid:2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/F9A864386AAB11EF8FEBE576C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.225.188.0/24 43.225.190.0/24 43.228.236.0/24 43.228.238.0/23 103.84.120.0/22 103.194.113.0/24 103.240.164.0/22 103.241.52.0/22 103.252.110.0/24 150.107.226.0/24 Signature Algorithm: sha256WithRSAEncryption 18:82:49:4b:7f:5a:ae:3c:ba:ce:8b:bd:2e:ab:2a:a9:0d:d4: de:d7:05:6c:0b:13:18:a4:07:8b:c3:e7:58:e4:08:0e:92:89: 04:51:c5:9b:d2:b9:61:bc:6a:85:3b:0f:b5:6d:9d:0f:b0:94: 88:f2:6d:48:d9:9c:d5:5d:e3:65:08:0d:df:f4:92:2d:c5:22: 60:48:ff:bb:88:5b:76:a4:a2:73:92:31:a9:e0:b8:62:b6:cf: 03:46:b5:d7:6c:30:d9:7d:24:6b:84:15:0f:1c:a0:66:70:81: d9:41:cd:16:5d:c5:0f:67:f2:8e:b7:e0:c0:12:6d:b6:5a:1c: 40:5a:7a:05:b2:b1:75:16:50:fb:8e:b5:fc:1b:d1:7e:a8:d1: 71:8f:a4:fd:f0:1e:1b:f6:ab:c3:c1:32:47:66:91:f7:e8:f4: 11:0b:7b:1e:79:03:22:d6:e2:00:b5:dc:fc:01:17:7d:4d:4c: 3c:14:a9:ba:eb:50:61:a9:65:1e:cd:5d:d8:ae:27:ce:51:26: a0:1e:e3:09:c3:f0:f2:cc:b7:01:ff:67:f0:53:fd:43:79:ca: f0:ea:4b:da:1b:02:ce:f0:dd:53:a4:76:1f:e4:18:cb:e8:46: 2f:c2:2e:a4:fd:28:7a:4b:74:95:02:58:af:c6:5e:cb:97:80: 3b:8c:28:1a -----BEGIN CERTIFICATE----- MIIFpzCCBI+gAwIBAgICA1kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjY1ODcxMTAvBgNVBAUTKDJENjM0MDc3Q0M4NDdCNTlENDA0OEQ0M0UwNEIzMzA5 Njk4RkU2MzgwHhcNMjUwOTAzMDMyMDA3WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGI3YjNlNy1mZmFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqMz0BG3NHHC6fxu8VhUxvF2tvM6uyvtTP57PVY8NOh/dU3gyQWbUwK6fo7ER GuuD5wQgLsGa46vYYa+vaNnhaXY1AWGw5PrWvHa0lD/7b+iF9Q4T6OtgzC1G0+jw LXZgAKa5CLNYS+zIeMoj4PSMJlkysHUjh55u0GlcF5OrJKMd7Ci0lkHg4//dIJcj OndsicYQ3XTi0bYpCAeCAxmz/Xi3I8IBT2r0rTaqun3AVCC5MT3XUtkg/p3M3qRF LBLubYvFfIN3I6dtBXxIq9vzqN9fN6o1F8fxp5IJnFvRWITF/ifgobS52sVFD55s 0p1BAtlSwIxjvtAUN5MDP92fwQIDAQABo4ICyzCCAscwHQYDVR0OBBYEFAmhIFU4 WUKY3xnw0+vPgLidAT8nMB8GA1UdIwQYMBaAFC1jQHfMhHtZ1ASNQ+BLMwlpj+Y4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjU4Ny80MTdENzFCNDkx ODYxMUVEQTg0QTEyNERDNEY5QUUwMi9MV05BZDh5RWUxblVCSTFENEVzekNXbVA1 amcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xXTkFkOHlFZTFuVUJJMUQ0RXN6Q1dtUDVqZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjY1ODcvNDE3RDcxQjQ5MTg2MTFFREE4NEExMjREQzRGOUFFMDIvRjlBODY0Mzg2 QUFCMTFFRjhGRUJFNTc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVQYIKwYBBQUHAQcBAf8E RjBEMEIEAgABMDwDBAAr4bwDBAAr4b4DBAAr5OwDBAEr5O4DBAJnVHgDBABnwnED BAJn8KQDBAJn8TQDBABn/G4DBACWa+IwDQYJKoZIhvcNAQELBQADggEBABiCSUt/ Wq48us6LvS6rKqkN1N7XBWwLExikB4vD51jkCA6SiQRRxZvSuWG8aoU7D7VtnQ+w lIjybUjZnNVd42UIDd/0ki3FImBI/7uIW3akonOSManguGK2zwNGtddsMNl9JGuE FQ8coGZwgdlBzRZdxQ9n8o634MASbbZaHEBaegWysXUWUPuOtfwb0X6o0XGPpP3w Hhv2q8PBMkdmkffo9BELex55AyLW4gC13PwBF31NTDwUqbrrUGGpZR7NXdiuJ85R JqAe4wnD8PLMtwH/Z/BT/UN5yvDqS9obAs7w3VOkdh/kGMvoRi/CLqT9KHpLdJUC WK/GXsuXgDuMKBo= -----END CERTIFICATE-----Generated at Tue Sep 9 02:41:55 2025 by rpki-client