$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/4235F184DACE11EE8E67437CC4F9AE02.roa File: 4235F184DACE11EE8E67437CC4F9AE02.roa (raw, json) Hash identifier: jitp6QDqs4soQyXjrWN1sMEFrQiviP2/m2dOvXqXmao= Subject key identifier: 40:9F:F4:C0:08:59:D4:EF:C2:F3:18:A1:CA:93:46:58:9C:E8:50:87 Certificate issuer: /CN=A91E7561/serialNumber=25BC7D4DE77BD01B3D191587696E5AFDD8CECD04 Certificate serial: 064D Authority key identifier: 25:BC:7D:4D:E7:7B:D0:1B:3D:19:15:87:69:6E:5A:FD:D8:CE:CD:04 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/4235F184DACE11EE8E67437CC4F9AE02.roa Signing time: Wed 27 Aug 2025 00:04:53 +0000 ROA not before: Wed 27 Aug 2025 00:04:53 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 45629 IP address blocks: 14.207.0.0/16 maxlen: 17 27.130.0.0/16 maxlen: 17 43.245.144.0/22 maxlen: 23 49.48.0.0/15 maxlen: 17 103.16.204.0/22 maxlen: 23 110.164.0.0/16 maxlen: 17 110.164.11.0/24 maxlen: 24 110.164.14.0/24 maxlen: 24 110.164.17.0/24 maxlen: 24 110.164.21.0/24 maxlen: 24 110.164.28.0/24 maxlen: 24 171.4.0.0/14 maxlen: 17 180.183.0.0/16 maxlen: 17 183.88.0.0/15 maxlen: 17 223.204.0.0/14 maxlen: 17 2403:6200::/33 maxlen: 33 2403:6200:8000::/33 maxlen: 33 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.crl rsync://rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Sep 2025 23:47:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1613 (0x64d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E7561, serialNumber=25BC7D4DE77BD01B3D191587696E5AFDD8CECD04 Validity Not Before: Aug 27 00:04:53 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=68ae4ba4-0f8e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:49:f5:9c:4f:17:91:ee:43:d2:65:9a:08:e7: 0b:37:77:c0:56:fc:b0:1e:70:9b:69:02:61:d8:e1: f1:50:73:18:6d:ba:44:26:d6:1f:54:b5:89:e6:0f: 74:b5:c8:9b:1b:8d:2b:af:27:af:da:29:04:23:80: 93:46:ba:f4:65:86:da:16:46:f6:b7:3c:7e:e3:4a: 01:aa:6d:cd:83:ed:81:6b:63:ef:e2:b7:c4:71:2d: 61:e3:a9:38:d0:aa:4c:b9:aa:85:40:a7:11:c0:89: eb:20:a2:4c:20:8b:47:7f:af:6b:8d:d3:60:4a:7b: 43:29:f6:d1:71:99:93:62:3b:47:fb:33:95:1a:12: 28:9d:50:b5:08:e0:b6:98:e8:f0:fb:06:aa:e9:fe: 9b:ff:49:50:89:1c:ef:ee:85:8f:f0:e4:1d:8a:fc: cd:7f:99:b5:ff:68:b2:81:09:d0:44:4d:98:31:73: a6:28:bb:55:f4:cc:d9:6a:e0:6e:fe:37:82:5b:18: 60:b1:18:fc:42:e8:49:d8:82:70:3f:c5:1f:4f:d9: 49:85:c3:c5:51:f6:5f:99:36:da:97:8c:53:7f:0d: b1:32:72:58:a9:3e:71:a2:a3:9d:cd:c7:ad:53:ae: 5f:26:1d:72:1b:9e:ee:06:40:d6:f1:4a:09:df:66: 99:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:9F:F4:C0:08:59:D4:EF:C2:F3:18:A1:CA:93:46:58:9C:E8:50:87 X509v3 Authority Key Identifier: keyid:25:BC:7D:4D:E7:7B:D0:1B:3D:19:15:87:69:6E:5A:FD:D8:CE:CD:04 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/4235F184DACE11EE8E67437CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 14.207.0.0/16 27.130.0.0/16 43.245.144.0/22 49.48.0.0/15 103.16.204.0/22 110.164.0.0/16 171.4.0.0/14 180.183.0.0/16 183.88.0.0/15 223.204.0.0/14 IPv6: 2403:6200::/32 Signature Algorithm: sha256WithRSAEncryption 17:63:32:94:c8:65:9a:10:63:ec:dd:2f:f7:21:16:dc:65:bf: 7e:1e:9d:aa:35:63:78:4b:e5:c6:68:27:a8:cd:5a:77:94:c9: 79:9a:88:c6:54:77:38:b5:2f:5c:9b:be:3f:34:68:ed:7f:76: 7d:79:54:72:5b:a6:fe:bb:5c:d8:0b:7b:c0:8f:6f:43:4e:74: 3c:de:71:74:c7:6e:a0:68:05:be:97:c7:85:e1:7a:e8:4d:a0: c7:1a:63:cb:e3:cf:78:3e:50:7f:5e:7e:4a:83:1a:13:b4:a5: fb:69:b2:75:62:49:5e:96:42:fa:59:c7:d2:ed:9b:c5:35:67: 7c:a5:8e:02:99:e9:ed:6b:6f:fe:e7:02:fb:95:fa:2a:7e:b3: 1b:fc:12:ea:17:5b:8e:ea:8a:53:88:32:7d:7e:57:56:37:c6: a9:fb:17:0a:88:68:10:50:a4:fd:89:85:dc:d3:db:d5:1b:00: 06:8b:3c:02:67:ed:be:60:b2:02:30:d1:b5:0f:57:cb:5f:1e: b2:16:00:39:ce:23:b1:97:30:52:3d:2c:87:c7:1c:ab:96:8e: bc:76:48:c7:20:cd:07:71:3b:2e:b1:73:a4:24:a2:79:b1:b2: 16:d3:27:84:9f:2a:b6:95:ab:7e:45:f8:e8:72:a0:24:02:70: 06:ae:c2:14 -----BEGIN CERTIFICATE----- MIIFrjCCBJagAwIBAgICBk0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTc1NjExMTAvBgNVBAUTKDI1QkM3RDRERTc3QkQwMUIzRDE5MTU4NzY5NkU1QUZE RDhDRUNEMDQwHhcNMjUwODI3MDAwNDUzWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGFlNGJhNC0wZjhlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6En1nE8Xke5D0mWaCOcLN3fAVvywHnCbaQJh2OHxUHMYbbpEJtYfVLWJ5g90 tcibG40rryev2ikEI4CTRrr0ZYbaFkb2tzx+40oBqm3Ng+2Ba2Pv4rfEcS1h46k4 0KpMuaqFQKcRwInrIKJMIItHf69rjdNgSntDKfbRcZmTYjtH+zOVGhIonVC1COC2 mOjw+waq6f6b/0lQiRzv7oWP8OQdivzNf5m1/2iygQnQRE2YMXOmKLtV9MzZauBu /jeCWxhgsRj8QuhJ2IJwP8UfT9lJhcPFUfZfmTbal4xTfw2xMnJYqT5xoqOdzcet U65fJh1yG57uBkDW8UoJ32aZrQIDAQABo4IC0jCCAs4wHQYDVR0OBBYEFECf9MAI WdTvwvMYocqTRlic6FCHMB8GA1UdIwQYMBaAFCW8fU3ne9AbPRkVh2luWv3Yzs0E MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNzU2MS9BMjZFMDZFMDA1 NEMxMUVDQkRCNEZFNDZDNEY5QUUwMi9KYng5VGVkNzBCczlHUldIYVc1YV9kak96 UVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0pieDlUZWQ3MEJzOUdSV0hhVzVhX2RqT3pRUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTc1NjEvQTI2RTA2RTAwNTRDMTFFQ0JEQjRGRTQ2QzRGOUFFMDIvNDIzNUYxODRE QUNFMTFFRThFNjc0MzdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXAYIKwYBBQUHAQcBAf8E TTBLMDoEAgABMDQDAwAOzwMDABuCAwQCK/WQAwMBMTADBAJnEMwDAwBupAMDAqsE AwMAtLcDAwG3WAMDAt/MMA0EAgACMAcDBQAkA2IAMA0GCSqGSIb3DQEBCwUAA4IB AQAXYzKUyGWaEGPs3S/3IRbcZb9+Hp2qNWN4S+XGaCeozVp3lMl5mojGVHc4tS9c m74/NGjtf3Z9eVRyW6b+u1zYC3vAj29DTnQ83nF0x26gaAW+l8eF4XroTaDHGmPL 4894PlB/Xn5KgxoTtKX7abJ1YklelkL6WcfS7ZvFNWd8pY4Cmenta2/+5wL7lfoq frMb/BLqF1uO6opTiDJ9fldWN8ap+xcKiGgQUKT9iYXc09vVGwAGizwCZ+2+YLIC MNG1D1fLXx6yFgA5ziOxlzBSPSyHxxyrlo68dkjHIM0HcTsusXOkJKJ5sbIW0yeE nyq2lat+RfjocqAkAnAGrsIU -----END CERTIFICATE-----Generated at Sun Sep 7 08:20:56 2025 by rpki-client