$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFA8E/61BAD8E0F87E11ED90D8445CC4F9AE02/61663178F88311EDB1DF555DC4F9AE02.roa File: 61663178F88311EDB1DF555DC4F9AE02.roa (raw, json) Hash identifier: k3HEJ9wvbu9ApcNN6SolNcyih9kgJ7eIKA9lpd9mU50= Subject key identifier: AD:B4:32:6E:32:95:F9:FB:F8:1D:FC:0B:AF:BB:07:33:1C:37:01:48 Certificate issuer: /CN=A91CFA8E/serialNumber=D880EF265B940E31DFED1C42AEF5144B64413717 Certificate serial: 01E2 Authority key identifier: D8:80:EF:26:5B:94:0E:31:DF:ED:1C:42:AE:F5:14:4B:64:41:37:17 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2IDvJluUDjHf7RxCrvUUS2RBNxc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFA8E/61BAD8E0F87E11ED90D8445CC4F9AE02/61663178F88311EDB1DF555DC4F9AE02.roa Signing time: Fri 05 Sep 2025 09:22:47 +0000 ROA not before: Fri 05 Sep 2025 09:22:47 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 56309 IP address blocks: 43.229.148.0/22 maxlen: 24 43.249.32.0/23 maxlen: 24 103.13.28.0/22 maxlen: 24 103.40.118.0/23 maxlen: 24 103.99.11.0/24 maxlen: 24 103.107.52.0/22 maxlen: 24 103.114.201.0/24 maxlen: 24 103.114.203.0/24 maxlen: 24 103.117.148.0/22 maxlen: 24 117.18.124.0/22 maxlen: 24 199.21.172.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFA8E/61BAD8E0F87E11ED90D8445CC4F9AE02/2IDvJluUDjHf7RxCrvUUS2RBNxc.crl rsync://rpki.apnic.net/member_repository/A91CFA8E/61BAD8E0F87E11ED90D8445CC4F9AE02/2IDvJluUDjHf7RxCrvUUS2RBNxc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2IDvJluUDjHf7RxCrvUUS2RBNxc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Sep 2025 09:38:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 482 (0x1e2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFA8E, serialNumber=D880EF265B940E31DFED1C42AEF5144B64413717 Validity Not Before: Sep 5 09:22:47 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=68baabe7-fa74 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:8c:f9:65:a9:e0:ad:6f:f9:19:cf:f9:b3:da: 7b:b8:53:76:1f:b1:f1:2d:48:95:8e:4c:e3:75:ce: 25:57:90:a0:6c:75:c8:5e:dd:dd:6c:ce:a6:7e:9e: e9:04:a8:ea:f1:c2:1f:f8:31:21:8c:b7:ba:c5:e4: 27:05:b0:00:42:db:65:06:42:1e:7d:3d:bf:70:74: 3d:90:33:58:ec:df:eb:fd:69:db:b4:9c:47:64:de: 67:f4:5e:80:1a:36:f0:a0:1c:17:d3:5f:ac:62:c7: 44:9b:f1:ee:92:a6:0c:4a:15:68:11:30:3a:83:52: 96:20:81:fb:89:61:86:b0:bd:a7:6e:0a:a6:de:34: 8b:3d:fc:bf:8b:f4:56:b2:73:2f:05:db:0f:ad:a5: 7d:a5:fa:8a:47:c1:31:04:d7:78:a1:3c:fa:50:d8: 87:32:b7:ed:82:b6:78:06:75:2d:5f:96:f6:08:b8: 49:a9:80:99:f6:c3:bf:46:ff:38:d7:35:9c:cd:1a: c1:a3:fe:8f:64:37:ce:fa:95:1e:04:ea:58:b4:0e: 50:30:9e:e2:93:54:ab:0b:81:1a:c1:6b:74:81:53: 84:4b:fc:1b:f2:9b:92:94:0e:19:9f:8a:69:0c:ef: ff:75:ce:16:8e:7b:88:a0:00:6a:e5:d0:70:3b:80: c5:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:B4:32:6E:32:95:F9:FB:F8:1D:FC:0B:AF:BB:07:33:1C:37:01:48 X509v3 Authority Key Identifier: keyid:D8:80:EF:26:5B:94:0E:31:DF:ED:1C:42:AE:F5:14:4B:64:41:37:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFA8E/61BAD8E0F87E11ED90D8445CC4F9AE02/2IDvJluUDjHf7RxCrvUUS2RBNxc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2IDvJluUDjHf7RxCrvUUS2RBNxc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFA8E/61BAD8E0F87E11ED90D8445CC4F9AE02/61663178F88311EDB1DF555DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.229.148.0/22 43.249.32.0/23 103.13.28.0/22 103.40.118.0/23 103.99.11.0/24 103.107.52.0/22 103.114.201.0/24 103.114.203.0/24 103.117.148.0/22 117.18.124.0/22 199.21.172.0/22 Signature Algorithm: sha256WithRSAEncryption 85:a1:d5:d0:ac:a5:5b:ef:59:76:03:6b:5f:58:4f:7f:cf:4b: d7:00:36:ec:21:df:45:36:99:7c:8a:e2:eb:6d:01:10:9b:e1: 4a:73:17:0e:10:27:77:c3:78:7a:4f:71:c1:85:bc:29:f6:12: 60:e0:25:37:bb:5d:75:8e:08:d0:fd:b3:08:7a:c6:32:20:38: ce:ca:f2:c7:5c:10:2e:8d:01:07:6e:bc:16:b1:02:28:0f:53: a6:04:b0:16:02:c1:34:8f:fc:f6:f3:f8:ad:73:1f:56:26:a2: a2:54:8a:10:16:87:e8:91:c2:68:44:b8:47:8f:bb:13:e1:ee: bf:27:4f:b7:0f:74:56:74:66:e8:24:61:ee:ae:b0:e9:56:6c: 50:db:a1:69:41:8f:46:e9:05:ed:e0:a1:c8:69:66:fc:87:6c: 59:22:7f:2c:33:1e:9e:dc:96:5f:92:de:e1:6f:7f:15:4f:ae: 44:d5:dd:9d:9a:90:8d:5b:82:f2:d0:99:3d:b4:f1:85:be:f0: 26:f6:60:62:61:05:d8:76:3e:46:3a:00:a4:16:cc:c9:7f:cc: 2e:f1:0e:01:b9:2d:12:5e:29:6a:68:a6:c9:e6:ee:df:2c:d4: e7:c9:b9:f4:67:43:0a:78:29:98:e1:b4:3b:31:96:46:28:c8: d2:b6:05:31 -----BEGIN CERTIFICATE----- MIIFrTCCBJWgAwIBAgICAeIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0ZBOEUxMTAvBgNVBAUTKEQ4ODBFRjI2NUI5NDBFMzFERkVEMUM0MkFFRjUxNDRC NjQ0MTM3MTcwHhcNMjUwOTA1MDkyMjQ3WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGJhYWJlNy1mYTc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz4z5ZangrW/5Gc/5s9p7uFN2H7HxLUiVjkzjdc4lV5CgbHXIXt3dbM6mfp7p BKjq8cIf+DEhjLe6xeQnBbAAQttlBkIefT2/cHQ9kDNY7N/r/WnbtJxHZN5n9F6A GjbwoBwX01+sYsdEm/HukqYMShVoETA6g1KWIIH7iWGGsL2nbgqm3jSLPfy/i/RW snMvBdsPraV9pfqKR8ExBNd4oTz6UNiHMrftgrZ4BnUtX5b2CLhJqYCZ9sO/Rv84 1zWczRrBo/6PZDfO+pUeBOpYtA5QMJ7ik1SrC4EawWt0gVOES/wb8puSlA4Zn4pp DO//dc4WjnuIoABq5dBwO4DF+QIDAQABo4IC0TCCAs0wHQYDVR0OBBYEFK20Mm4y lfn7+B38C6+7BzMcNwFIMB8GA1UdIwQYMBaAFNiA7yZblA4x3+0cQq71FEtkQTcX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkE4RS82MUJBRDhFMEY4 N0UxMUVEOTBEODQ0NUNDNEY5QUUwMi8ySUR2Smx1VURqSGY3UnhDcnZVVVMyUkJO eGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJJRHZKbHVVRGpIZjdSeENydlVVUzJSQk54Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0ZBOEUvNjFCQUQ4RTBGODdFMTFFRDkwRDg0NDVDQzRGOUFFMDIvNjE2NjMxNzhG ODgzMTFFREIxREY1NTVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWwYIKwYBBQUHAQcBAf8E TDBKMEgEAgABMEIDBAIr5ZQDBAEr+SADBAJnDRwDBAFnKHYDBABnYwsDBAJnazQD BABncskDBABncssDBAJndZQDBAJ1EnwDBALHFawwDQYJKoZIhvcNAQELBQADggEB AIWh1dCspVvvWXYDa19YT3/PS9cANuwh30U2mXyK4uttARCb4UpzFw4QJ3fDeHpP ccGFvCn2EmDgJTe7XXWOCND9swh6xjIgOM7K8sdcEC6NAQduvBaxAigPU6YEsBYC wTSP/Pbz+K1zH1YmoqJUihAWh+iRwmhEuEePuxPh7r8nT7cPdFZ0ZugkYe6usOlW bFDboWlBj0bpBe3gochpZvyHbFkifywzHp7cll+S3uFvfxVPrkTV3Z2akI1bgvLQ mT208YW+8Cb2YGJhBdh2PkY6AKQWzMl/zC7xDgG5LRJeKWpopsnm7t8s1OfJufRn Qwp4KZjhtDsxlkYoyNK2BTE= -----END CERTIFICATE-----Generated at Sat Sep 6 11:52:18 2025 by rpki-client