$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9484/6FF0DDE01D9411E29DECB5F808B02CD2/FFC89DF8CECD11EEA4AA6D44C4F9AE02.roa File: FFC89DF8CECD11EEA4AA6D44C4F9AE02.roa (raw, json) Hash identifier: 7kZdk7o2F63JZpsCtE1ClVyEvXa2OTrsS/MgFVz/HuY= Subject key identifier: 11:4F:98:F6:68:39:15:79:6F:41:DF:24:74:57:7D:4A:8C:0C:48:6C Certificate issuer: /CN=A91C9484/serialNumber=F972E75E3D03E5CE1901930C43D16DC4A89C4792 Certificate serial: 34F0 Authority key identifier: F9:72:E7:5E:3D:03:E5:CE:19:01:93:0C:43:D1:6D:C4:A8:9C:47:92 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-XLnXj0D5c4ZAZMMQ9FtxKicR5I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C9484/6FF0DDE01D9411E29DECB5F808B02CD2/FFC89DF8CECD11EEA4AA6D44C4F9AE02.roa Signing time: Wed 10 Sep 2025 08:50:41 +0000 ROA not before: Wed 10 Sep 2025 08:50:41 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 4646 IP address blocks: 117.18.67.0/24 maxlen: 24 117.18.72.0/24 maxlen: 24 117.18.78.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C9484/6FF0DDE01D9411E29DECB5F808B02CD2/-XLnXj0D5c4ZAZMMQ9FtxKicR5I.crl rsync://rpki.apnic.net/member_repository/A91C9484/6FF0DDE01D9411E29DECB5F808B02CD2/-XLnXj0D5c4ZAZMMQ9FtxKicR5I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-XLnXj0D5c4ZAZMMQ9FtxKicR5I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 17 Sep 2025 08:50:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13552 (0x34f0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C9484, serialNumber=F972E75E3D03E5CE1901930C43D16DC4A89C4792 Validity Not Before: Sep 10 08:50:41 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=68c13be1-2eeb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:52:21:a6:f9:91:dd:d9:50:b5:1e:e8:93:e3: 6c:f1:1a:0a:9c:55:d8:66:8f:4c:f8:60:0a:b5:f0: 4b:5b:be:e4:39:da:94:92:26:f8:01:01:67:b5:a9: 01:db:da:33:22:7e:00:eb:37:c6:09:13:c2:4c:de: 71:9c:ab:f9:ab:ae:9c:af:ae:12:72:03:64:51:fb: 41:44:fd:14:c2:20:9d:88:d7:74:fc:e0:91:7c:77: 51:80:b0:79:62:47:c9:b2:3e:8f:6f:d6:69:04:6f: 0c:85:d2:13:5c:22:14:c7:92:a4:32:b3:1d:8c:95: 8c:42:a6:ca:90:2f:90:6f:37:b0:52:19:50:df:b4: a6:8f:40:ab:cc:60:85:90:cb:9e:e5:fb:24:fe:17: fe:7a:21:81:51:21:e7:f4:e5:d2:dc:e5:a8:7a:ce: cf:37:44:77:f2:d4:b7:e2:7f:99:b9:9e:e6:b6:6c: fd:bc:b4:9b:10:ba:be:3a:3d:49:82:0f:75:7a:e7: 8c:93:a1:55:44:62:45:30:d9:86:93:02:d5:0e:2f: 9f:40:36:29:77:c5:dc:45:fd:d1:4b:20:45:71:e2: 1d:c3:62:33:84:c1:7b:a6:50:cc:5c:6f:bc:0c:c1: c6:24:22:51:8a:2f:4d:4c:93:0a:5a:66:4c:8c:44: 01:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:4F:98:F6:68:39:15:79:6F:41:DF:24:74:57:7D:4A:8C:0C:48:6C X509v3 Authority Key Identifier: keyid:F9:72:E7:5E:3D:03:E5:CE:19:01:93:0C:43:D1:6D:C4:A8:9C:47:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C9484/6FF0DDE01D9411E29DECB5F808B02CD2/-XLnXj0D5c4ZAZMMQ9FtxKicR5I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-XLnXj0D5c4ZAZMMQ9FtxKicR5I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9484/6FF0DDE01D9411E29DECB5F808B02CD2/FFC89DF8CECD11EEA4AA6D44C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 117.18.67.0/24 117.18.72.0/24 117.18.78.0/24 Signature Algorithm: sha256WithRSAEncryption 74:5e:dc:42:87:30:67:1f:da:71:ec:d6:6a:c5:6b:d6:7b:3e: 12:32:0b:d3:d5:df:8a:30:ae:87:4f:b1:43:09:14:02:fb:9f: 28:e2:87:6d:99:8b:7a:b6:d5:29:cd:32:06:04:e8:1b:5c:4e: 12:d6:c1:58:98:72:19:f6:1a:78:b1:25:18:9c:99:f0:88:f7: 6f:f1:0c:d0:62:c3:79:27:cc:3b:dd:65:cc:72:16:24:0d:d0: 41:5f:5b:d5:36:f7:57:eb:39:e1:73:dc:4d:d5:c2:ff:3a:ca: 3a:6e:91:ef:6f:59:87:b6:ce:32:88:4a:dd:fa:7c:e7:c0:14: 56:e5:2f:07:b3:b8:88:13:11:19:c7:32:54:ed:be:01:33:e1: 3b:d1:f3:c9:9d:b5:80:de:c4:d3:cc:e2:87:d7:e4:ad:9e:e3: f1:ef:77:8c:90:94:eb:d2:8d:44:37:af:4a:27:fc:c9:b1:14: 6c:cc:06:02:83:1c:b1:6d:96:71:88:90:2b:c2:1c:54:7f:80: 42:5c:bd:c7:14:b7:7a:14:1a:4e:c1:ad:ee:64:77:a3:b3:b5: 29:fd:10:96:ac:61:e7:32:12:c5:0c:e0:5a:15:8b:71:b6:0c: e4:f4:81:1a:9c:94:64:e2:3b:c0:b6:07:bb:e4:b5:56:35:8f: d5:b0:e4:01 -----BEGIN CERTIFICATE----- MIIFfTCCBGWgAwIBAgICNPAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qzk0ODQxMTAvBgNVBAUTKEY5NzJFNzVFM0QwM0U1Q0UxOTAxOTMwQzQzRDE2REM0 QTg5QzQ3OTIwHhcNMjUwOTEwMDg1MDQxWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02OGMxM2JlMS0yZWViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArFIhpvmR3dlQtR7ok+Ns8RoKnFXYZo9M+GAKtfBLW77kOdqUkib4AQFntakB 29ozIn4A6zfGCRPCTN5xnKv5q66cr64ScgNkUftBRP0UwiCdiNd0/OCRfHdRgLB5 YkfJsj6Pb9ZpBG8MhdITXCIUx5KkMrMdjJWMQqbKkC+QbzewUhlQ37Smj0CrzGCF kMue5fsk/hf+eiGBUSHn9OXS3OWoes7PN0R38tS34n+ZuZ7mtmz9vLSbELq+Oj1J gg91eueMk6FVRGJFMNmGkwLVDi+fQDYpd8XcRf3RSyBFceIdw2IzhMF7plDMXG+8 DMHGJCJRii9NTJMKWmZMjEQBAQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFBFPmPZo ORV5b0HfJHRXfUqMDEhsMB8GA1UdIwQYMBaAFPly5149A+XOGQGTDEPRbcSonEeS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOTQ4NC82RkYwRERFMDFE OTQxMUUyOURFQ0I1RjgwOEIwMkNEMi8tWExuWGowRDVjNFpBWk1NUTlGdHhLaWNS NUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1YTG5YajBENWM0WkFaTU1ROUZ0eEtpY1I1SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Qzk0ODQvNkZGMERERTAxRDk0MTFFMjlERUNCNUY4MDhCMDJDRDIvRkZDODlERjhD RUNEMTFFRUE0QUE2RDQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E HDAaMBgEAgABMBIDBAB1EkMDBAB1EkgDBAB1Ek4wDQYJKoZIhvcNAQELBQADggEB AHRe3EKHMGcf2nHs1mrFa9Z7PhIyC9PV34owrodPsUMJFAL7nyjih22Zi3q21SnN MgYE6BtcThLWwViYchn2GnixJRicmfCI92/xDNBiw3knzDvdZcxyFiQN0EFfW9U2 91frOeFz3E3Vwv86yjpuke9vWYe2zjKISt36fOfAFFblLwezuIgTERnHMlTtvgEz 4TvR88mdtYDexNPM4ofX5K2e4/Hvd4yQlOvSjUQ3r0on/MmxFGzMBgKDHLFtlnGI kCvCHFR/gEJcvccUt3oUGk7Bre5kd6OztSn9EJasYecyEsUM4FoVi3G2DOT0gRqc lGTiO8C2B7vktVY1j9Ww5AE= -----END CERTIFICATE-----Generated at Wed Sep 10 14:20:46 2025 by rpki-client