$ rpki-client -vvf rpki.apnic.net/member_repository/A91D4A3A/1814F366ECB511EEA4650337C4F9AE02/8A5FC86AECB511EE8DC7B937C4F9AE02.roa File: 8A5FC86AECB511EE8DC7B937C4F9AE02.roa (raw, json) Hash identifier: Vp6oIV4Kwe3FgHjDClftctReHYiAIs5p4BPX7qetipE= Subject key identifier: 61:22:97:2C:BB:15:0A:8F:DB:65:59:2E:79:60:23:BF:06:65:86:69 Certificate issuer: /CN=A91D4A3A/serialNumber=83E4BCB763B8CED0365190E7280F0A6A34B35B51 Certificate serial: C8 Authority key identifier: 83:E4:BC:B7:63:B8:CE:D0:36:51:90:E7:28:0F:0A:6A:34:B3:5B:51 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g-S8t2O4ztA2UZDnKA8KajSzW1E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D4A3A/1814F366ECB511EEA4650337C4F9AE02/8A5FC86AECB511EE8DC7B937C4F9AE02.roa Signing time: Wed 09 Apr 2025 05:11:55 +0000 ROA not before: Wed 09 Apr 2025 05:11:55 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 152665 IP address blocks: 203.28.134.0/23 maxlen: 23 203.28.134.0/24 maxlen: 24 203.28.135.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D4A3A/1814F366ECB511EEA4650337C4F9AE02/g-S8t2O4ztA2UZDnKA8KajSzW1E.crl rsync://rpki.apnic.net/member_repository/A91D4A3A/1814F366ECB511EEA4650337C4F9AE02/g-S8t2O4ztA2UZDnKA8KajSzW1E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g-S8t2O4ztA2UZDnKA8KajSzW1E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 04:45:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 200 (0xc8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D4A3A, serialNumber=83E4BCB763B8CED0365190E7280F0A6A34B35B51 Validity Not Before: Apr 9 05:11:55 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=67f6019b-c3e0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:9e:57:4c:a1:36:95:6b:e8:3c:79:9c:18:ac: 6f:19:7c:37:32:a1:d6:29:9f:38:dc:a0:f3:09:8a: fc:d6:17:45:c9:c4:a6:32:b4:75:65:a0:28:81:1c: 96:99:08:cc:92:f2:31:0a:a7:12:2c:b6:9c:e9:8a: 66:cc:2e:19:3e:7f:93:6c:7b:33:e4:60:b7:59:32: d1:a6:23:cc:8e:16:69:30:e4:c1:fb:cb:ad:8a:e6: fe:e1:4d:bd:ac:7b:28:db:34:db:2c:99:9c:94:4e: 55:10:66:d2:27:f8:17:40:c8:b7:24:ec:50:53:ff: 42:c9:43:18:70:24:cd:d7:dd:14:b0:e1:6d:74:57: e8:2e:8b:94:d8:22:ff:68:17:f0:b8:de:e1:5a:2e: b9:a8:0b:1c:33:97:3e:66:25:a1:a3:50:fe:97:3a: 96:58:00:c8:94:d3:58:50:d2:c5:27:84:d9:0a:61: 2b:36:52:aa:3f:4e:d2:2b:4e:4c:09:ab:e9:33:62: a6:d4:5c:ec:79:0c:d0:ba:3d:16:13:cc:75:5e:02: c8:23:e3:9c:37:d1:0b:df:09:6c:66:7e:db:82:8c: ac:49:ac:e5:40:20:d9:4a:ac:e5:aa:4b:87:9f:f8: 44:6d:d5:3b:c1:e8:b9:a3:00:2e:45:e2:4e:75:aa: 3d:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:22:97:2C:BB:15:0A:8F:DB:65:59:2E:79:60:23:BF:06:65:86:69 X509v3 Authority Key Identifier: keyid:83:E4:BC:B7:63:B8:CE:D0:36:51:90:E7:28:0F:0A:6A:34:B3:5B:51 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D4A3A/1814F366ECB511EEA4650337C4F9AE02/g-S8t2O4ztA2UZDnKA8KajSzW1E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g-S8t2O4ztA2UZDnKA8KajSzW1E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D4A3A/1814F366ECB511EEA4650337C4F9AE02/8A5FC86AECB511EE8DC7B937C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.28.134.0/23 Signature Algorithm: sha256WithRSAEncryption 7f:04:8d:7a:b1:d1:49:84:fb:a9:62:2a:63:fb:19:71:22:50: 13:f6:eb:b2:7c:5f:34:81:03:db:bf:64:96:db:f0:5e:d1:36: 8d:97:c9:89:ae:41:0a:ee:ce:8e:43:90:bd:49:93:92:71:ab: 70:5b:f7:58:66:78:b1:c0:eb:81:86:73:d6:5a:50:f2:5b:ee: fc:69:b6:f4:dc:1f:44:fd:ea:62:0a:b0:d7:11:aa:3e:a8:88: 63:fa:9e:dd:c1:c2:e4:90:13:ce:9f:74:f3:37:3f:bd:59:e4: 12:e2:05:c6:ae:35:b8:46:08:1e:ca:7d:0c:d1:56:92:c4:65: 67:49:2b:90:1f:4d:fe:f0:43:30:83:3f:3d:ae:db:59:da:c0: 3f:bb:5b:28:cd:f0:c9:4a:8b:a2:6c:58:33:b9:74:9c:ff:c7: 3d:bd:ed:13:4a:a0:ab:a0:84:a6:c2:8f:e7:b4:5c:18:92:c4: 85:8e:d3:28:1b:9a:28:ef:27:d7:18:07:68:8c:ca:e8:de:84: 1f:ab:5b:69:e0:ff:ac:47:77:52:16:d8:b4:87:e3:68:75:1b: 66:14:b5:c5:4b:c4:35:b1:57:09:1f:e4:c8:73:3e:f8:ac:ec: 73:b9:72:07:95:da:b7:82:ba:f1:d5:d5:00:c8:ad:5c:f9:6f: c5:c0:ea:a3 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICAMgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDRBM0ExMTAvBgNVBAUTKDgzRTRCQ0I3NjNCOENFRDAzNjUxOTBFNzI4MEYwQTZB MzRCMzVCNTEwHhcNMjUwNDA5MDUxMTU1WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2Y2MDE5Yi1jM2UwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzJ5XTKE2lWvoPHmcGKxvGXw3MqHWKZ843KDzCYr81hdFycSmMrR1ZaAogRyW mQjMkvIxCqcSLLac6YpmzC4ZPn+TbHsz5GC3WTLRpiPMjhZpMOTB+8utiub+4U29 rHso2zTbLJmclE5VEGbSJ/gXQMi3JOxQU/9CyUMYcCTN190UsOFtdFfoLouU2CL/ aBfwuN7hWi65qAscM5c+ZiWho1D+lzqWWADIlNNYUNLFJ4TZCmErNlKqP07SK05M CavpM2Km1FzseQzQuj0WE8x1XgLII+OcN9EL3wlsZn7bgoysSazlQCDZSqzlqkuH n/hEbdU7wei5owAuReJOdao9rwIDAQABo4IClTCCApEwHQYDVR0OBBYEFGEilyy7 FQqP22VZLnlgI78GZYZpMB8GA1UdIwQYMBaAFIPkvLdjuM7QNlGQ5ygPCmo0s1tR MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENEEzQS8xODE0RjM2NkVD QjUxMUVFQTQ2NTAzMzdDNEY5QUUwMi9nLVM4dDJPNHp0QTJVWkRuS0E4S2FqU3pX MUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ctUzh0Mk80enRBMlVaRG5LQThLYWpTelcxRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDRBM0EvMTgxNEYzNjZFQ0I1MTFFRUE0NjUwMzM3QzRGOUFFMDIvOEE1RkM4NkFF Q0I1MTFFRThEQzdCOTM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAHLHIYwDQYJKoZIhvcNAQELBQADggEBAH8EjXqx0UmE+6li KmP7GXEiUBP267J8XzSBA9u/ZJbb8F7RNo2XyYmuQQruzo5DkL1Jk5Jxq3Bb91hm eLHA64GGc9ZaUPJb7vxptvTcH0T96mIKsNcRqj6oiGP6nt3BwuSQE86fdPM3P71Z 5BLiBcauNbhGCB7KfQzRVpLEZWdJK5AfTf7wQzCDPz2u21nawD+7WyjN8MlKi6Js WDO5dJz/xz297RNKoKughKbCj+e0XBiSxIWO0ygbmijvJ9cYB2iMyujehB+rW2ng /6xHd1IW2LSH42h1G2YUtcVLxDWxVwkf5MhzPvis7HO5cgeV2reCuvHV1QDIrVz5 b8XA6qM= -----END CERTIFICATE-----Generated at Wed Nov 5 22:44:55 2025 by rpki-client