$ rpki-client -vvf rpki.apnic.net/member_repository/A91B67D1/6CBC9B40611D11E9B012DB37C4F9AE02/5CCDCD7C9BEA11EFBCB36227C4F9AE02.roa File: 5CCDCD7C9BEA11EFBCB36227C4F9AE02.roa (raw, json) Hash identifier: ms+qR7zeYqI6JEXHK3rNQAxzRQXIEiuzImbKZbjKLOE= Subject key identifier: 31:85:68:45:9C:D6:B9:D6:24:4B:06:BC:3C:6A:CC:13:F7:EC:DD:CE Certificate issuer: /CN=A91B67D1/serialNumber=767872BDD0EF826A6495D8126A139FC40493800F Certificate serial: 0FE4 Authority key identifier: 76:78:72:BD:D0:EF:82:6A:64:95:D8:12:6A:13:9F:C4:04:93:80:0F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dnhyvdDvgmpkldgSahOfxASTgA8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B67D1/6CBC9B40611D11E9B012DB37C4F9AE02/5CCDCD7C9BEA11EFBCB36227C4F9AE02.roa Signing time: Tue 02 Sep 2025 18:07:34 +0000 ROA not before: Tue 02 Sep 2025 18:07:34 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 63689 IP address blocks: 45.114.236.0/22 maxlen: 24 103.71.24.0/24 maxlen: 24 2401:d640::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B67D1/6CBC9B40611D11E9B012DB37C4F9AE02/dnhyvdDvgmpkldgSahOfxASTgA8.crl rsync://rpki.apnic.net/member_repository/A91B67D1/6CBC9B40611D11E9B012DB37C4F9AE02/dnhyvdDvgmpkldgSahOfxASTgA8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dnhyvdDvgmpkldgSahOfxASTgA8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 15 Sep 2025 17:32:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4068 (0xfe4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B67D1, serialNumber=767872BDD0EF826A6495D8126A139FC40493800F Validity Not Before: Sep 2 18:07:34 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68b73265-7a71 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:6b:8e:a4:42:60:2e:5d:e1:8c:01:d4:c4:41: f4:ba:d4:62:81:20:6b:85:54:44:18:85:ed:02:c3: 64:4d:27:07:f2:89:41:4a:06:e1:ee:ed:c3:1c:58: 06:51:97:ef:c2:17:28:35:52:ab:1c:09:f2:ff:5d: 94:2c:32:b6:9c:e2:b3:a3:19:04:8e:a5:1d:ad:3c: 1c:f8:19:5b:07:94:08:61:a3:4b:c5:a9:a8:e8:dd: 10:19:40:34:bc:4e:f4:c5:50:e6:3f:4d:75:b4:64: bf:8f:e9:8c:e9:58:07:9f:41:92:d7:eb:44:a0:b3: a9:44:1b:05:d1:5c:05:9b:a6:c8:9b:05:6a:8c:d0: 7f:35:14:80:b4:45:00:c6:a1:4f:84:6b:10:ea:44: c7:2a:cf:13:96:bc:eb:6c:88:31:e1:03:50:2c:6f: c5:1c:7b:f5:8f:a0:e9:58:c6:12:49:e8:b9:52:ba: 60:84:70:14:e1:31:dd:f7:14:25:e3:75:c5:0c:3a: d8:79:f1:f1:0e:90:39:39:69:99:b5:66:83:bf:b6: 17:f5:8b:bb:59:51:47:48:ad:90:50:3f:42:8b:fb: d2:c4:e2:50:f4:ad:a7:a4:21:6f:b6:03:84:34:b7: 3b:4e:ea:79:22:7b:4a:42:52:1d:11:c3:cb:18:27: 5f:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:85:68:45:9C:D6:B9:D6:24:4B:06:BC:3C:6A:CC:13:F7:EC:DD:CE X509v3 Authority Key Identifier: keyid:76:78:72:BD:D0:EF:82:6A:64:95:D8:12:6A:13:9F:C4:04:93:80:0F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B67D1/6CBC9B40611D11E9B012DB37C4F9AE02/dnhyvdDvgmpkldgSahOfxASTgA8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dnhyvdDvgmpkldgSahOfxASTgA8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B67D1/6CBC9B40611D11E9B012DB37C4F9AE02/5CCDCD7C9BEA11EFBCB36227C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.114.236.0/22 103.71.24.0/24 IPv6: 2401:d640::/32 Signature Algorithm: sha256WithRSAEncryption 25:a8:ee:2e:48:d6:18:d0:91:52:2e:59:df:17:4a:a2:34:81: 7c:02:17:0d:a8:83:a1:7f:49:7f:9e:3a:2d:e2:c8:d5:5a:21: 88:58:ad:dd:b8:09:5b:f4:dc:93:2d:e5:a8:20:4c:ce:8b:40: 0a:a1:22:fb:79:93:d5:d0:36:42:f8:0a:6f:47:e9:9e:d3:3a: 78:4a:a1:e7:7c:14:0b:cb:67:d8:03:5b:cf:7c:8f:82:7d:e3: e5:75:99:92:5d:05:f3:f8:3b:c6:c3:9a:e0:c3:2f:84:2a:d6: 56:76:4d:a7:26:a0:2e:ef:76:f9:7a:68:25:f7:5f:52:dc:78: c8:1b:9a:fc:a2:5c:d0:68:40:32:9c:9e:c1:d5:df:14:27:de: 9f:b0:82:32:73:3d:52:fb:29:6b:3d:55:6a:c8:e0:50:5b:3d: 42:ca:06:74:86:c8:53:91:d3:c4:19:09:35:85:74:1a:76:12: 49:c4:23:e5:e7:b6:ea:de:ff:8d:11:a0:9c:c7:04:c0:84:9a: cf:1d:26:19:d1:3a:5d:dc:67:37:c1:16:82:3a:2e:4b:5b:97: f0:99:8d:10:e8:6d:c6:15:db:ef:b3:c7:a0:16:cd:89:28:28: dc:93:67:30:3e:f2:54:8d:48:39:c6:70:aa:02:67:3e:b4:a4: 33:e9:fe:1a -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICD+QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjY3RDExMTAvBgNVBAUTKDc2Nzg3MkJERDBFRjgyNkE2NDk1RDgxMjZBMTM5RkM0 MDQ5MzgwMEYwHhcNMjUwOTAyMTgwNzM0WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGI3MzI2NS03YTcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoWuOpEJgLl3hjAHUxEH0utRigSBrhVREGIXtAsNkTScH8olBSgbh7u3DHFgG UZfvwhcoNVKrHAny/12ULDK2nOKzoxkEjqUdrTwc+BlbB5QIYaNLxamo6N0QGUA0 vE70xVDmP011tGS/j+mM6VgHn0GS1+tEoLOpRBsF0VwFm6bImwVqjNB/NRSAtEUA xqFPhGsQ6kTHKs8TlrzrbIgx4QNQLG/FHHv1j6DpWMYSSei5UrpghHAU4THd9xQl 43XFDDrYefHxDpA5OWmZtWaDv7YX9Yu7WVFHSK2QUD9Ci/vSxOJQ9K2npCFvtgOE NLc7Tup5IntKQlIdEcPLGCdfyQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFDGFaEWc 1rnWJEsGvDxqzBP37N3OMB8GA1UdIwQYMBaAFHZ4cr3Q74JqZJXYEmoTn8QEk4AP MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjdEMS82Q0JDOUI0MDYx MUQxMUU5QjAxMkRCMzdDNEY5QUUwMi9kbmh5dmREdmdtcGtsZGdTYWhPZnhBU1Rn QTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2RuaHl2ZER2Z21wa2xkZ1NhaE9meEFTVGdBOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjY3RDEvNkNCQzlCNDA2MTFEMTFFOUIwMTJEQjM3QzRGOUFFMDIvNUNDRENEN0M5 QkVBMTFFRkJDQjM2MjI3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAItcuwDBABnRxgwDQQCAAIwBwMFACQB1kAwDQYJKoZIhvcN AQELBQADggEBACWo7i5I1hjQkVIuWd8XSqI0gXwCFw2og6F/SX+eOi3iyNVaIYhY rd24CVv03JMt5aggTM6LQAqhIvt5k9XQNkL4Cm9H6Z7TOnhKoed8FAvLZ9gDW898 j4J94+V1mZJdBfP4O8bDmuDDL4Qq1lZ2TacmoC7vdvl6aCX3X1LceMgbmvyiXNBo QDKcnsHV3xQn3p+wgjJzPVL7KWs9VWrI4FBbPULKBnSGyFOR08QZCTWFdBp2EknE I+Xnture/40RoJzHBMCEms8dJhnROl3cZzfBFoI6Lktbl/CZjRDobcYV2++zx6AW zYkoKNyTZzA+8lSNSDnGcKoCZz60pDPp/ho= -----END CERTIFICATE-----Generated at Tue Sep 9 10:12:36 2025 by rpki-client