$ rpki-client -vvf rpki.apnic.net/member_repository/A91BAA44/9CC00A9CC7FF11EC9BDBFE4BC4F9AE02/1054539CC80411ECBA7BB174C4F9AE02.roa File: 1054539CC80411ECBA7BB174C4F9AE02.roa (raw, json) Hash identifier: ltQE1ACHFxJalS/0k3q+Ig8nBgWVEoOtVPpdjQ0C1JE= Subject key identifier: 57:99:F0:B2:7F:89:16:8A:3B:89:15:EA:86:96:29:24:91:34:41:6E Certificate issuer: /CN=A91BAA44/serialNumber=2CC33FBCB864084020894A72DD088505AF9BB66D Certificate serial: 0335 Authority key identifier: 2C:C3:3F:BC:B8:64:08:40:20:89:4A:72:DD:08:85:05:AF:9B:B6:6D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LMM_vLhkCEAgiUpy3QiFBa-btm0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BAA44/9CC00A9CC7FF11EC9BDBFE4BC4F9AE02/1054539CC80411ECBA7BB174C4F9AE02.roa Signing time: Mon 05 May 2025 01:06:53 +0000 ROA not before: Mon 05 May 2025 01:06:53 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 38001 IP address blocks: 45.114.117.0/24 maxlen: 24 103.53.197.0/24 maxlen: 24 103.53.198.0/24 maxlen: 24 103.53.199.0/24 maxlen: 24 2402:2f80:1::/48 maxlen: 48 2402:2f80:8::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BAA44/9CC00A9CC7FF11EC9BDBFE4BC4F9AE02/LMM_vLhkCEAgiUpy3QiFBa-btm0.crl rsync://rpki.apnic.net/member_repository/A91BAA44/9CC00A9CC7FF11EC9BDBFE4BC4F9AE02/LMM_vLhkCEAgiUpy3QiFBa-btm0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LMM_vLhkCEAgiUpy3QiFBa-btm0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 00:38:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 821 (0x335) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BAA44, serialNumber=2CC33FBCB864084020894A72DD088505AF9BB66D Validity Not Before: May 5 01:06:53 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=68180f2d-5f0f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:30:bd:95:73:dd:59:20:69:17:19:da:53:77: 61:31:bf:fe:b1:b4:f1:18:50:c5:0a:03:52:2a:cb: e3:5e:81:c1:0c:30:b0:5c:a7:fc:0e:e6:0f:36:10: d7:2d:a3:a4:08:ec:49:a7:39:39:6f:6d:41:93:47: c2:62:6b:68:15:0d:3d:c8:12:68:44:b8:29:45:67: f9:bb:0c:65:6f:7e:c9:90:18:d8:ee:8a:56:67:93: aa:fb:e7:c1:af:d3:8a:f4:2e:7f:2f:7a:5e:76:15: 3f:25:26:4c:67:3b:aa:ed:56:be:47:fd:2f:9b:95: 28:24:83:19:ef:d9:34:92:9a:3b:58:cb:7a:ee:ca: 8b:ac:cd:00:3a:82:76:96:b9:31:72:57:cd:a6:af: d6:69:94:99:4f:61:19:2f:e4:ae:b7:c7:4c:6f:28: 53:4c:5e:34:dd:4f:8b:32:a1:09:b2:04:5c:25:52: 55:60:e7:e9:12:ef:c3:18:15:26:16:2e:ab:5e:3c: 03:97:03:6b:89:49:3c:a6:9d:ff:59:78:ba:cc:ea: a6:59:e2:a8:96:92:81:ec:90:4f:05:3c:56:a8:4d: c6:4a:3d:ff:57:b9:19:c7:df:6a:58:db:69:58:9f: 66:dd:d3:a6:28:f7:db:ee:4e:c9:86:57:fb:ab:4e: d7:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:99:F0:B2:7F:89:16:8A:3B:89:15:EA:86:96:29:24:91:34:41:6E X509v3 Authority Key Identifier: keyid:2C:C3:3F:BC:B8:64:08:40:20:89:4A:72:DD:08:85:05:AF:9B:B6:6D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BAA44/9CC00A9CC7FF11EC9BDBFE4BC4F9AE02/LMM_vLhkCEAgiUpy3QiFBa-btm0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LMM_vLhkCEAgiUpy3QiFBa-btm0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BAA44/9CC00A9CC7FF11EC9BDBFE4BC4F9AE02/1054539CC80411ECBA7BB174C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.114.117.0/24 103.53.197.0-103.53.199.255 IPv6: 2402:2f80:1::/48 2402:2f80:8::/48 Signature Algorithm: sha256WithRSAEncryption 6d:15:6f:59:99:ce:68:02:1f:e9:86:3a:82:33:a1:31:5e:a3: 0c:ff:77:fc:bf:52:23:59:80:99:e2:18:22:a9:06:dc:83:3f: d5:a1:7b:df:c6:99:b9:d0:68:8b:15:1a:d5:9e:bc:4b:58:18: 19:5b:14:7c:2d:b0:c9:af:0c:81:62:2f:2c:3a:30:60:85:a4: 59:93:89:7d:94:7d:a6:56:09:c7:60:ff:15:ca:6e:1c:ca:28: c2:34:31:ae:02:fc:c0:f2:aa:f7:55:8e:86:73:78:69:7d:c7: 9d:63:1b:1a:fc:f3:78:a6:29:69:73:8d:12:8f:85:2b:23:32: 8f:29:71:19:19:a9:72:e6:db:87:10:3b:1a:c2:e9:8c:d4:b8: 06:43:91:d0:bd:59:5e:82:6a:20:67:f4:67:40:a4:7e:a8:ab: c7:e6:5a:2c:fb:33:a0:2c:8a:f2:28:76:cb:0f:3c:96:6b:92: df:72:fb:8d:76:3a:c9:89:3d:28:99:2f:df:25:12:91:09:95: 96:e9:e8:55:f5:88:18:f9:e1:f2:dc:92:ef:af:04:fa:75:53: 8b:28:d1:8e:08:fc:e5:9a:82:95:65:ad:1e:6d:ea:a5:30:a1: 98:18:96:7c:18:bf:f4:83:a3:63:fc:b5:bc:ac:5d:c3:ce:58: 46:1e:1b:20 -----BEGIN CERTIFICATE----- MIIFmTCCBIGgAwIBAgICAzUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkFBNDQxMTAvBgNVBAUTKDJDQzMzRkJDQjg2NDA4NDAyMDg5NEE3MkREMDg4NTA1 QUY5QkI2NkQwHhcNMjUwNTA1MDEwNjUzWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODE4MGYyZC01ZjBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4jC9lXPdWSBpFxnaU3dhMb/+sbTxGFDFCgNSKsvjXoHBDDCwXKf8DuYPNhDX LaOkCOxJpzk5b21Bk0fCYmtoFQ09yBJoRLgpRWf5uwxlb37JkBjY7opWZ5Oq++fB r9OK9C5/L3pedhU/JSZMZzuq7Va+R/0vm5UoJIMZ79k0kpo7WMt67sqLrM0AOoJ2 lrkxclfNpq/WaZSZT2EZL+Sut8dMbyhTTF403U+LMqEJsgRcJVJVYOfpEu/DGBUm Fi6rXjwDlwNriUk8pp3/WXi6zOqmWeKolpKB7JBPBTxWqE3GSj3/V7kZx99qWNtp WJ9m3dOmKPfb7k7Jhlf7q07XUQIDAQABo4ICvTCCArkwHQYDVR0OBBYEFFeZ8LJ/ iRaKO4kV6oaWKSSRNEFuMB8GA1UdIwQYMBaAFCzDP7y4ZAhAIIlKct0IhQWvm7Zt MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQUE0NC85Q0MwMEE5Q0M3 RkYxMUVDOUJEQkZFNEJDNEY5QUUwMi9MTU1fdkxoa0NFQWdpVXB5M1FpRkJhLWJ0 bTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xNTV92TGhrQ0VBZ2lVcHkzUWlGQmEtYnRtMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkFBNDQvOUNDMDBBOUNDN0ZGMTFFQzlCREJGRTRCQzRGOUFFMDIvMTA1NDUzOUND ODA0MTFFQ0JBN0JCMTc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRwYIKwYBBQUHAQcBAf8E ODA2MBoEAgABMBQDBAAtcnUwDAMEAGc1xQMEA2c1wDAYBAIAAjASAwcAJAIvgAAB AwcAJAIvgAAIMA0GCSqGSIb3DQEBCwUAA4IBAQBtFW9Zmc5oAh/phjqCM6ExXqMM /3f8v1IjWYCZ4hgiqQbcgz/VoXvfxpm50GiLFRrVnrxLWBgZWxR8LbDJrwyBYi8s OjBghaRZk4l9lH2mVgnHYP8Vym4cyijCNDGuAvzA8qr3VY6Gc3hpfcedYxsa/PN4 pilpc40Sj4UrIzKPKXEZGaly5tuHEDsawumM1LgGQ5HQvVlegmogZ/RnQKR+qKvH 5los+zOgLIryKHbLDzyWa5LfcvuNdjrJiT0omS/fJRKRCZWW6ehV9YgY+eHy3JLv rwT6dVOLKNGOCPzlmoKVZa0ebeqlMKGYGJZ8GL/0g6Nj/LW8rF3DzlhGHhsg -----END CERTIFICATE-----Generated at Thu Oct 30 17:57:40 2025 by rpki-client