$ rpki-client -vvf rpki.apnic.net/member_repository/A91B67D1/6CBC9B40611D11E9B012DB37C4F9AE02/5B3CBC209BEA11EFBCB36227C4F9AE02.roa File: 5B3CBC209BEA11EFBCB36227C4F9AE02.roa (raw, json) Hash identifier: eOv7pTte1ye/67eHb4Pi9oh8uZ/8IpesFY1S9J5aGIE= Subject key identifier: 81:59:67:BB:0C:BF:9B:E0:6F:6B:A6:21:4B:84:40:44:8E:7E:5E:52 Certificate issuer: /CN=A91B67D1/serialNumber=767872BDD0EF826A6495D8126A139FC40493800F Certificate serial: 0FE2 Authority key identifier: 76:78:72:BD:D0:EF:82:6A:64:95:D8:12:6A:13:9F:C4:04:93:80:0F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dnhyvdDvgmpkldgSahOfxASTgA8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B67D1/6CBC9B40611D11E9B012DB37C4F9AE02/5B3CBC209BEA11EFBCB36227C4F9AE02.roa Signing time: Tue 02 Sep 2025 18:07:32 +0000 ROA not before: Tue 02 Sep 2025 18:07:32 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 132168 IP address blocks: 45.114.236.0/22 maxlen: 24 103.71.24.0/24 maxlen: 24 2401:d640::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B67D1/6CBC9B40611D11E9B012DB37C4F9AE02/dnhyvdDvgmpkldgSahOfxASTgA8.crl rsync://rpki.apnic.net/member_repository/A91B67D1/6CBC9B40611D11E9B012DB37C4F9AE02/dnhyvdDvgmpkldgSahOfxASTgA8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dnhyvdDvgmpkldgSahOfxASTgA8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 15 Sep 2025 17:32:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4066 (0xfe2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B67D1, serialNumber=767872BDD0EF826A6495D8126A139FC40493800F Validity Not Before: Sep 2 18:07:32 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68b73264-8680 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:a3:b5:1c:17:6e:5e:a5:4f:9a:bc:c4:eb:8a: 8f:7d:60:10:a9:af:24:d9:c0:8d:65:ed:0c:bb:5b: 6a:94:d3:dc:81:57:63:43:4e:85:d0:b7:d0:52:d7: e2:6c:6a:0d:a7:95:f0:e3:22:2f:6d:44:b8:37:eb: c6:ed:59:82:d2:52:0c:35:fd:96:e3:59:e9:fb:14: e7:67:42:90:2b:33:b5:2a:54:ca:d2:7e:d9:9d:bf: a1:e6:e1:d0:0a:2c:c7:c0:5c:0e:d7:e0:9e:8f:fc: bb:61:76:74:67:c1:89:d6:f3:41:10:2c:85:59:ae: b0:0a:63:49:eb:35:8d:a9:a9:7c:56:f1:6f:ec:30: fb:00:e3:53:d8:ed:7a:4d:2b:df:6f:86:a6:92:f2: 80:5a:85:e4:f8:94:e4:da:90:5f:f2:40:17:c7:ba: ff:23:9b:52:00:e0:07:52:6a:21:5b:db:8b:6d:7c: 9e:f2:59:42:33:e0:b9:3f:d3:f1:3c:8a:43:50:09: e3:9e:d6:86:f9:40:37:b8:7a:5d:1e:e3:83:12:31: 43:97:7a:b0:e1:13:17:41:52:e4:31:01:2f:9a:de: 89:f2:45:05:df:80:70:d9:3f:43:5e:66:74:d5:41: 16:4d:2e:c1:70:15:50:71:48:5d:53:2a:6b:d9:0e: ac:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:59:67:BB:0C:BF:9B:E0:6F:6B:A6:21:4B:84:40:44:8E:7E:5E:52 X509v3 Authority Key Identifier: keyid:76:78:72:BD:D0:EF:82:6A:64:95:D8:12:6A:13:9F:C4:04:93:80:0F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B67D1/6CBC9B40611D11E9B012DB37C4F9AE02/dnhyvdDvgmpkldgSahOfxASTgA8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dnhyvdDvgmpkldgSahOfxASTgA8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B67D1/6CBC9B40611D11E9B012DB37C4F9AE02/5B3CBC209BEA11EFBCB36227C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.114.236.0/22 103.71.24.0/24 IPv6: 2401:d640::/32 Signature Algorithm: sha256WithRSAEncryption 3e:02:05:46:3b:88:29:b9:d8:d3:cf:2e:54:b6:d4:87:89:22: fa:3c:c8:be:cc:7c:dc:84:e2:ae:b9:5d:c6:28:a7:cb:12:23: ce:87:09:be:f9:93:4d:c8:33:cc:0b:e4:a9:8e:02:20:92:cf: 26:e9:fb:b7:fa:ac:50:3f:d1:51:a9:a3:45:2a:88:82:27:8d: 45:a9:17:7f:41:e8:14:2f:58:2c:51:a6:44:b4:ec:f8:bf:05: f2:7f:26:ed:de:27:18:50:46:01:3e:f1:07:e8:d1:06:ed:03: e9:80:1a:d2:95:29:9d:ac:e8:7d:ca:23:af:49:66:b0:5d:0a: a6:49:89:09:e0:62:23:c7:5a:d6:f5:d7:81:ef:12:38:04:af: 14:09:54:70:e3:d1:a1:dc:29:1d:0f:f2:98:48:93:d4:bf:bf: 26:e0:08:ad:a3:bb:00:08:52:b4:b8:e6:35:8a:18:f1:76:87: e5:61:0f:b3:a8:44:c7:ca:fb:56:52:46:ac:30:c5:eb:16:94: 1e:c3:e3:b7:c8:5a:ef:d9:68:c1:e9:b1:20:1f:33:4f:ea:a5: d8:32:78:f8:20:95:9c:74:0f:96:f1:64:d5:54:cd:74:08:b6: 28:4b:c2:9f:93:9c:59:92:db:8b:2f:97:e4:89:89:96:57:07: 0e:bc:1e:69 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICD+IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjY3RDExMTAvBgNVBAUTKDc2Nzg3MkJERDBFRjgyNkE2NDk1RDgxMjZBMTM5RkM0 MDQ5MzgwMEYwHhcNMjUwOTAyMTgwNzMyWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGI3MzI2NC04NjgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw6O1HBduXqVPmrzE64qPfWAQqa8k2cCNZe0Mu1tqlNPcgVdjQ06F0LfQUtfi bGoNp5Xw4yIvbUS4N+vG7VmC0lIMNf2W41np+xTnZ0KQKzO1KlTK0n7Znb+h5uHQ CizHwFwO1+Cej/y7YXZ0Z8GJ1vNBECyFWa6wCmNJ6zWNqal8VvFv7DD7AONT2O16 TSvfb4amkvKAWoXk+JTk2pBf8kAXx7r/I5tSAOAHUmohW9uLbXye8llCM+C5P9Px PIpDUAnjntaG+UA3uHpdHuODEjFDl3qw4RMXQVLkMQEvmt6J8kUF34Bw2T9DXmZ0 1UEWTS7BcBVQcUhdUypr2Q6sKwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFIFZZ7sM v5vgb2umIUuEQESOfl5SMB8GA1UdIwQYMBaAFHZ4cr3Q74JqZJXYEmoTn8QEk4AP MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjdEMS82Q0JDOUI0MDYx MUQxMUU5QjAxMkRCMzdDNEY5QUUwMi9kbmh5dmREdmdtcGtsZGdTYWhPZnhBU1Rn QTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2RuaHl2ZER2Z21wa2xkZ1NhaE9meEFTVGdBOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjY3RDEvNkNCQzlCNDA2MTFEMTFFOUIwMTJEQjM3QzRGOUFFMDIvNUIzQ0JDMjA5 QkVBMTFFRkJDQjM2MjI3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAItcuwDBABnRxgwDQQCAAIwBwMFACQB1kAwDQYJKoZIhvcN AQELBQADggEBAD4CBUY7iCm52NPPLlS21IeJIvo8yL7MfNyE4q65XcYop8sSI86H Cb75k03IM8wL5KmOAiCSzybp+7f6rFA/0VGpo0UqiIInjUWpF39B6BQvWCxRpkS0 7Pi/BfJ/Ju3eJxhQRgE+8Qfo0QbtA+mAGtKVKZ2s6H3KI69JZrBdCqZJiQngYiPH Wtb114HvEjgErxQJVHDj0aHcKR0P8phIk9S/vybgCK2juwAIUrS45jWKGPF2h+Vh D7OoRMfK+1ZSRqwwxesWlB7D47fIWu/ZaMHpsSAfM0/qpdgyePgglZx0D5bxZNVU zXQItihLwp+TnFmS24svl+SJiZZXBw68Hmk= -----END CERTIFICATE-----Generated at Tue Sep 9 10:14:58 2025 by rpki-client