$ rpki-client -vvf rpki.apnic.net/member_repository/A91CF4FE/BA13124E1D8511E2A77999DC08B02CD2/10DAE05EB04811EABB4AEF61C4F9AE02.roa File: 10DAE05EB04811EABB4AEF61C4F9AE02.roa (raw, json) Hash identifier: bPtENJEcOoeg2k8xe2jWRrY5UKQvlUbjR5xndoVRe10= Subject key identifier: A1:22:05:41:02:58:A3:EA:7E:ED:2C:41:A2:87:41:72:8A:30:97:80 Certificate issuer: /CN=A91CF4FE/serialNumber=16B564B758DFCD52C5CE891192E31B715B1CBFE8 Certificate serial: 355C Authority key identifier: 16:B5:64:B7:58:DF:CD:52:C5:CE:89:11:92:E3:1B:71:5B:1C:BF:E8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FrVkt1jfzVLFzokRkuMbcVscv-g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CF4FE/BA13124E1D8511E2A77999DC08B02CD2/10DAE05EB04811EABB4AEF61C4F9AE02.roa Signing time: Tue 02 Sep 2025 14:30:37 +0000 ROA not before: Tue 02 Sep 2025 14:30:37 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 38040 IP address blocks: 45.64.77.0/24 maxlen: 24 103.21.24.0/24 maxlen: 24 103.21.25.0/24 maxlen: 24 103.21.26.0/24 maxlen: 24 103.21.27.0/24 maxlen: 24 180.180.248.0/24 maxlen: 24 180.180.249.0/24 maxlen: 24 180.180.251.0/24 maxlen: 24 180.180.252.0/24 maxlen: 24 180.180.253.0/24 maxlen: 24 180.180.254.0/24 maxlen: 24 180.180.255.0/24 maxlen: 24 203.113.63.0/24 maxlen: 24 203.190.250.0/24 maxlen: 24 203.190.251.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CF4FE/BA13124E1D8511E2A77999DC08B02CD2/FrVkt1jfzVLFzokRkuMbcVscv-g.crl rsync://rpki.apnic.net/member_repository/A91CF4FE/BA13124E1D8511E2A77999DC08B02CD2/FrVkt1jfzVLFzokRkuMbcVscv-g.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FrVkt1jfzVLFzokRkuMbcVscv-g.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 11 Sep 2025 14:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13660 (0x355c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CF4FE, serialNumber=16B564B758DFCD52C5CE891192E31B715B1CBFE8 Validity Not Before: Sep 2 14:30:37 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=68b6ff8d-7e5c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:a9:c0:43:a0:aa:6c:26:da:01:83:bd:4f:2b: 48:89:d6:db:47:30:c1:68:31:a0:02:61:1b:d6:b2: 9e:a2:24:ba:ea:9b:6c:91:70:65:1c:10:99:cc:15: 47:47:3e:63:51:55:e6:41:bc:0f:de:02:7f:33:bd: 0a:d4:80:63:aa:bd:62:23:15:70:49:91:d0:0a:bb: c3:44:5c:0d:60:24:0e:77:f5:97:46:f5:0a:13:e9: 4b:15:bd:c9:c4:4c:8e:c6:65:48:38:5f:83:e8:8e: 15:66:85:42:9e:42:1d:04:13:2d:28:60:22:9e:ad: 0e:42:d8:f6:1c:fc:14:8b:81:8e:f5:d9:75:1d:eb: 9a:8b:d0:f8:af:e2:ab:9a:4e:28:2f:01:52:eb:f5: 09:18:bc:a1:8c:d0:bd:44:2a:42:ce:42:4d:cd:20: 6e:30:b0:cc:85:75:bc:bb:35:2c:c3:aa:09:92:0f: 16:8f:ab:c1:5e:e3:2d:65:b3:d1:ff:c8:d9:3e:b1: fe:07:35:03:ad:fe:38:27:14:7e:f0:62:36:4c:61: 76:31:9f:7f:23:97:d2:c7:27:dd:5a:38:7b:ac:cd: 5d:31:bd:1a:eb:25:ce:72:b9:2a:a0:03:62:62:a5: bb:92:d4:03:45:b3:22:4f:95:9a:84:cc:a4:01:6c: 31:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:22:05:41:02:58:A3:EA:7E:ED:2C:41:A2:87:41:72:8A:30:97:80 X509v3 Authority Key Identifier: keyid:16:B5:64:B7:58:DF:CD:52:C5:CE:89:11:92:E3:1B:71:5B:1C:BF:E8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CF4FE/BA13124E1D8511E2A77999DC08B02CD2/FrVkt1jfzVLFzokRkuMbcVscv-g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FrVkt1jfzVLFzokRkuMbcVscv-g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CF4FE/BA13124E1D8511E2A77999DC08B02CD2/10DAE05EB04811EABB4AEF61C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.64.77.0/24 103.21.24.0/22 180.180.248.0/23 180.180.251.0-180.180.255.255 203.113.63.0/24 203.190.250.0/23 Signature Algorithm: sha256WithRSAEncryption 28:e9:80:ab:58:ac:3c:13:bb:0b:bf:2d:0e:71:f5:b3:31:fe: 44:4f:5d:5d:98:15:84:3c:0b:b3:72:bc:78:f8:ec:e1:c6:f7: ca:a6:54:00:6f:4f:9a:3e:80:74:a4:d4:98:56:01:e0:97:12: a7:81:4d:68:1c:8e:ba:fe:fb:56:2d:e2:13:c2:e0:b3:8d:a7: e0:50:e6:20:8a:42:fa:e4:fd:36:c6:7b:cb:af:50:1d:7f:3f: 6c:75:2c:2d:fc:14:90:30:68:06:45:d1:24:5e:52:69:40:f4: b3:e4:27:28:bb:ab:e9:95:e8:45:06:13:71:5a:96:c7:78:d2: a3:50:d8:2f:14:a7:ff:77:06:da:40:a5:e5:d9:b0:3e:31:2b: 50:a4:77:e9:72:02:6a:af:19:1b:dc:bf:23:1b:8c:46:35:fa: 08:d0:ab:16:1b:81:c6:ac:33:2d:7f:bf:00:9d:6c:95:93:76: b7:4b:99:ae:6f:43:ea:8d:58:51:35:96:f1:f0:58:b7:54:25: 36:5c:0f:1f:a6:c9:ef:41:d0:30:63:bb:79:c7:ed:65:a2:a5: 8e:78:7d:bd:3c:96:e3:cc:bd:7b:04:1e:8e:f0:52:60:80:ef: c3:89:31:d4:f5:e4:72:d5:a5:91:03:70:7c:9d:04:ee:0b:6b: ba:aa:4a:ac -----BEGIN CERTIFICATE----- MIIFljCCBH6gAwIBAgICNVwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0Y0RkUxMTAvBgNVBAUTKDE2QjU2NEI3NThERkNENTJDNUNFODkxMTkyRTMxQjcx NUIxQ0JGRTgwHhcNMjUwOTAyMTQzMDM3WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGI2ZmY4ZC03ZTVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyqnAQ6CqbCbaAYO9TytIidbbRzDBaDGgAmEb1rKeoiS66ptskXBlHBCZzBVH Rz5jUVXmQbwP3gJ/M70K1IBjqr1iIxVwSZHQCrvDRFwNYCQOd/WXRvUKE+lLFb3J xEyOxmVIOF+D6I4VZoVCnkIdBBMtKGAinq0OQtj2HPwUi4GO9dl1Heuai9D4r+Kr mk4oLwFS6/UJGLyhjNC9RCpCzkJNzSBuMLDMhXW8uzUsw6oJkg8Wj6vBXuMtZbPR /8jZPrH+BzUDrf44JxR+8GI2TGF2MZ9/I5fSxyfdWjh7rM1dMb0a6yXOcrkqoANi YqW7ktQDRbMiT5WahMykAWwxmwIDAQABo4ICujCCArYwHQYDVR0OBBYEFKEiBUEC WKPqfu0sQaKHQXKKMJeAMB8GA1UdIwQYMBaAFBa1ZLdY381Sxc6JEZLjG3FbHL/o MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRjRGRS9CQTEzMTI0RTFE ODUxMUUyQTc3OTk5REMwOEIwMkNEMi9GclZrdDFqZnpWTEZ6b2tSa3VNYmNWc2N2 LWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZyVmt0MWpmelZMRnpva1JrdU1iY1ZzY3YtZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0Y0RkUvQkExMzEyNEUxRDg1MTFFMkE3Nzk5OURDMDhCMDJDRDIvMTBEQUUwNUVC MDQ4MTFFQUJCNEFFRjYxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRAYIKwYBBQUHAQcBAf8E NTAzMDEEAgABMCsDBAAtQE0DBAJnFRgDBAG0tPgwCwMEALS0+wMDALS0AwQAy3E/ AwQBy776MA0GCSqGSIb3DQEBCwUAA4IBAQAo6YCrWKw8E7sLvy0OcfWzMf5ET11d mBWEPAuzcrx4+OzhxvfKplQAb0+aPoB0pNSYVgHglxKngU1oHI66/vtWLeITwuCz jafgUOYgikL65P02xnvLr1Adfz9sdSwt/BSQMGgGRdEkXlJpQPSz5Ccou6vplehF BhNxWpbHeNKjUNgvFKf/dwbaQKXl2bA+MStQpHfpcgJqrxkb3L8jG4xGNfoI0KsW G4HGrDMtf78AnWyVk3a3S5mub0PqjVhRNZbx8Fi3VCU2XA8fpsnvQdAwY7t5x+1l oqWOeH29PJbjzL17BB6O8FJggO/DiTHU9eRy1aWRA3B8nQTuC2u6qkqs -----END CERTIFICATE-----Generated at Sat Sep 6 10:05:40 2025 by rpki-client