$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/EFF618B85C7311EF9CC47281C4F9AE02.roa File: EFF618B85C7311EF9CC47281C4F9AE02.roa (raw, json) Hash identifier: lIANGK6Kn2MugRFq01BJgGhUwBHYhGPRL+AhDQBA5Do= Subject key identifier: 43:D3:88:4C:03:31:DA:E7:41:8F:39:05:D6:80:60:FA:89:36:C7:87 Certificate issuer: /CN=A91E8C90/serialNumber=58A196A7BF06F2E16E909D277141BA44911F1F4F Certificate serial: 3627 Authority key identifier: 58:A1:96:A7:BF:06:F2:E1:6E:90:9D:27:71:41:BA:44:91:1F:1F:4F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/EFF618B85C7311EF9CC47281C4F9AE02.roa Signing time: Tue 02 Sep 2025 15:01:21 +0000 ROA not before: Tue 02 Sep 2025 15:01:21 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 14618 IP address blocks: 117.121.247.0/24 maxlen: 24 182.54.239.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/WKGWp78G8uFukJ0ncUG6RJEfH08.crl rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/WKGWp78G8uFukJ0ncUG6RJEfH08.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Sep 2025 14:49:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13863 (0x3627) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E8C90, serialNumber=58A196A7BF06F2E16E909D277141BA44911F1F4F Validity Not Before: Sep 2 15:01:21 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68b706c1-5d62 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:c3:fb:51:eb:86:87:84:08:05:0a:f5:32:c4: 78:62:79:ae:cb:a2:d3:27:84:ea:b7:38:aa:a8:11: 37:8a:6c:85:f8:3b:f5:25:2c:cf:f7:c7:3c:30:ce: 69:07:58:28:ff:1e:74:f4:c8:b9:18:30:ae:63:32: 4c:10:e6:cd:bc:aa:39:08:05:d5:1a:40:c3:57:4a: c3:44:e8:1d:44:31:3b:a4:ae:42:b2:b2:6b:6d:48: 6c:e4:a4:1e:5a:4f:eb:62:59:7d:9b:e2:80:61:c4: 31:37:1e:eb:22:56:42:90:cf:76:ca:76:8a:f7:96: 05:d3:35:1e:74:cb:0e:d7:2a:f3:ec:70:58:61:61: 75:ae:27:9a:37:65:82:4d:3d:2c:4b:a5:90:e2:d0: 85:6b:ef:0a:0a:aa:52:b2:f0:a9:8f:aa:e5:b5:84: 8a:4f:3e:52:4a:22:f6:0e:29:bd:a2:53:c9:c2:79: e6:71:ad:d8:1a:94:96:71:1c:3c:29:34:37:5e:3e: f7:55:7c:c3:4a:92:7b:39:6f:2a:ed:7e:aa:39:ea: 05:82:22:e4:de:66:2c:a1:c8:c7:b0:69:05:22:af: b8:18:e7:b5:e8:13:84:05:c3:72:a4:11:08:bf:0b: 19:f4:10:83:af:84:6a:44:a5:5d:fc:05:76:3c:03: f9:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:D3:88:4C:03:31:DA:E7:41:8F:39:05:D6:80:60:FA:89:36:C7:87 X509v3 Authority Key Identifier: keyid:58:A1:96:A7:BF:06:F2:E1:6E:90:9D:27:71:41:BA:44:91:1F:1F:4F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/WKGWp78G8uFukJ0ncUG6RJEfH08.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/EFF618B85C7311EF9CC47281C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 117.121.247.0/24 182.54.239.0/24 Signature Algorithm: sha256WithRSAEncryption 92:92:35:87:60:48:9d:a3:6d:1e:cd:94:2b:e4:2e:8e:36:4c: ef:f3:c5:67:28:6b:2b:9e:08:c5:37:a3:67:eb:85:2d:fd:bb: 3a:ca:eb:3d:ec:56:74:ca:a7:b2:fc:9f:10:97:45:39:37:4d: cb:2b:cc:7c:b7:74:dc:b6:3e:e9:bf:0e:47:80:14:d6:88:c4: ab:34:af:d6:6b:89:ec:b2:95:fb:03:50:ab:bd:6b:9c:b4:da: e1:aa:51:2b:7f:e4:df:54:c7:87:32:fe:59:89:c7:51:55:a8: ad:76:b7:c1:33:c8:cd:1c:7c:d2:98:49:2a:ea:d5:bc:26:87: 5d:fa:b5:bc:a9:a1:c8:37:ae:47:72:a8:6f:14:23:e9:63:53: 9d:11:76:19:a7:4a:2f:78:ee:7d:ab:a2:18:35:66:10:b3:31: 46:06:d2:f0:cf:da:d3:67:08:20:f1:e3:94:e7:c2:d2:ef:bd: 30:2c:e3:9f:d4:4c:32:a6:12:f4:72:66:bd:1c:13:05:89:17: 05:45:f4:f1:2d:41:d3:a4:88:b7:6a:e5:c2:5d:f3:52:59:19: a6:0d:43:4a:fa:3c:4b:0e:1c:e0:98:9f:f7:be:77:c0:5f:da: 33:7c:21:eb:13:28:d7:f4:a8:a0:b2:bc:26:df:eb:a9:5d:c6: d7:3d:68:43 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICNicwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RThDOTAxMTAvBgNVBAUTKDU4QTE5NkE3QkYwNkYyRTE2RTkwOUQyNzcxNDFCQTQ0 OTExRjFGNEYwHhcNMjUwOTAyMTUwMTIxWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGI3MDZjMS01ZDYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAscP7UeuGh4QIBQr1MsR4Ynmuy6LTJ4TqtziqqBE3imyF+Dv1JSzP98c8MM5p B1go/x509Mi5GDCuYzJMEObNvKo5CAXVGkDDV0rDROgdRDE7pK5CsrJrbUhs5KQe Wk/rYll9m+KAYcQxNx7rIlZCkM92ynaK95YF0zUedMsO1yrz7HBYYWF1rieaN2WC TT0sS6WQ4tCFa+8KCqpSsvCpj6rltYSKTz5SSiL2Dim9olPJwnnmca3YGpSWcRw8 KTQ3Xj73VXzDSpJ7OW8q7X6qOeoFgiLk3mYsocjHsGkFIq+4GOe16BOEBcNypBEI vwsZ9BCDr4RqRKVd/AV2PAP5dwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFEPTiEwD MdrnQY85BdaAYPqJNseHMB8GA1UdIwQYMBaAFFihlqe/BvLhbpCdJ3FBukSRHx9P MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEM5MC8yRDFCRUJFNDFE OTUxMUUyODhFNkIzRkEwOEIwMkNEMi9XS0dXcDc4Rzh1RnVrSjBuY1VHNlJKRWZI MDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1dLR1dwNzhHOHVGdWtKMG5jVUc2UkpFZkgwOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RThDOTAvMkQxQkVCRTQxRDk1MTFFMjg4RTZCM0ZBMDhCMDJDRDIvRUZGNjE4Qjg1 QzczMTFFRjlDQzQ3MjgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAB1efcDBAC2Nu8wDQYJKoZIhvcNAQELBQADggEBAJKSNYdg SJ2jbR7NlCvkLo42TO/zxWcoayueCMU3o2frhS39uzrK6z3sVnTKp7L8nxCXRTk3 TcsrzHy3dNy2Pum/DkeAFNaIxKs0r9ZrieyylfsDUKu9a5y02uGqUSt/5N9Ux4cy /lmJx1FVqK12t8EzyM0cfNKYSSrq1bwmh136tbypocg3rkdyqG8UI+ljU50Rdhmn Si947n2rohg1ZhCzMUYG0vDP2tNnCCDx45TnwtLvvTAs45/UTDKmEvRyZr0cEwWJ FwVF9PEtQdOkiLdq5cJd81JZGaYNQ0r6PEsOHOCYn/e+d8Bf2jN8IesTKNf0qKCy vCbf66ldxtc9aEM= -----END CERTIFICATE-----Generated at Sun Sep 7 16:19:08 2025 by rpki-client