$ rpki-client -vvf rpki.apnic.net/member_repository/A91EB2B8/3583E586516511F0BC1CAF75C4F9AE02/87FB8F3E614711F0AA20F35DC4F9AE02.roa File: 87FB8F3E614711F0AA20F35DC4F9AE02.roa (raw, json) Hash identifier: yD4zj/FSGq2GLKWAdwcvJN5hsc4yiyL8iUPyrpIYCCY= Subject key identifier: 2A:E1:8A:D2:C8:1C:B7:9C:2D:6E:6F:82:39:B4:E2:8C:B1:7A:EB:EF Certificate issuer: /CN=A91EB2B8/serialNumber=A897AE8FF2141CB334EAA4B881CC3C5656D47436 Certificate serial: 2A Authority key identifier: A8:97:AE:8F:F2:14:1C:B3:34:EA:A4:B8:81:CC:3C:56:56:D4:74:36 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/qJeuj_IUHLM06qS4gcw8VlbUdDY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EB2B8/3583E586516511F0BC1CAF75C4F9AE02/87FB8F3E614711F0AA20F35DC4F9AE02.roa Signing time: Wed 27 Aug 2025 03:25:55 +0000 ROA not before: Wed 27 Aug 2025 03:25:55 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 139057 IP address blocks: 148.222.160.0/24 maxlen: 24 148.222.161.0/24 maxlen: 24 148.222.162.0/24 maxlen: 24 148.222.175.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EB2B8/3583E586516511F0BC1CAF75C4F9AE02/qJeuj_IUHLM06qS4gcw8VlbUdDY.crl rsync://rpki.apnic.net/member_repository/A91EB2B8/3583E586516511F0BC1CAF75C4F9AE02/qJeuj_IUHLM06qS4gcw8VlbUdDY.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/qJeuj_IUHLM06qS4gcw8VlbUdDY.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Sep 2025 02:09:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42 (0x2a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EB2B8, serialNumber=A897AE8FF2141CB334EAA4B881CC3C5656D47436 Validity Not Before: Aug 27 03:25:55 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=68ae7ac3-05b5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:ff:1b:ad:a7:43:a8:e2:fe:89:07:8a:be:28: 7a:46:38:15:0d:58:b0:e6:3b:04:4e:be:32:11:7c: e0:6a:5c:2c:d4:08:b2:bc:80:59:27:a9:94:34:32: 9d:0e:83:e7:fe:2d:af:0e:76:44:c4:2e:5d:bb:08: b5:9e:d1:8d:55:ef:38:40:42:aa:53:33:88:a9:4b: 72:1c:c6:ce:60:85:e0:84:c3:58:74:63:7d:8f:b6: 19:f3:0e:bd:be:d3:75:1c:55:03:92:22:47:e8:7c: cd:f3:73:0a:c1:f6:b7:2c:74:7c:1f:c7:94:f9:a6: 6f:0c:ee:21:8f:05:85:49:4f:83:87:95:80:13:34: cd:4b:54:6b:48:92:a5:54:6e:90:82:2b:21:d9:bd: 16:4b:26:b8:b0:1d:83:fa:7e:18:a3:83:05:96:6c: c1:30:7e:03:6f:2e:ec:34:0e:3f:82:6b:03:57:f7: d6:50:e6:18:77:8e:09:77:a6:20:18:45:c7:39:cc: 26:f3:fc:2f:21:5e:99:5c:2b:d3:25:3e:35:41:5d: a5:9e:91:e5:b5:84:42:2b:41:69:8f:86:cd:19:12: 6a:91:84:f9:fa:a5:91:e0:9e:d2:a5:0c:44:b0:05: e0:7c:c6:75:ab:f4:b6:55:5a:20:d3:5e:56:a8:4f: 44:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:E1:8A:D2:C8:1C:B7:9C:2D:6E:6F:82:39:B4:E2:8C:B1:7A:EB:EF X509v3 Authority Key Identifier: keyid:A8:97:AE:8F:F2:14:1C:B3:34:EA:A4:B8:81:CC:3C:56:56:D4:74:36 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EB2B8/3583E586516511F0BC1CAF75C4F9AE02/qJeuj_IUHLM06qS4gcw8VlbUdDY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/qJeuj_IUHLM06qS4gcw8VlbUdDY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EB2B8/3583E586516511F0BC1CAF75C4F9AE02/87FB8F3E614711F0AA20F35DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 148.222.160.0-148.222.162.255 148.222.175.0/24 Signature Algorithm: sha256WithRSAEncryption 10:22:7e:55:25:cc:40:68:fc:49:ed:f5:10:81:4c:51:0c:f2: 20:3e:36:52:51:a1:c9:4e:4c:62:3d:3c:5b:41:9b:f6:1f:93: 3f:1c:ed:0e:82:86:c3:c9:ad:a7:68:e5:4e:74:e3:c8:9c:3f: 41:f3:e5:8f:8b:29:67:1d:91:10:c5:68:9e:62:4d:c0:26:3c: 9c:5c:9c:d6:9e:b0:22:a7:6e:d4:0d:f2:b1:98:ca:6b:cf:7a: c4:87:f8:8b:fa:65:c7:54:56:62:74:97:88:18:6f:92:96:b4: 5b:bf:37:b3:19:3e:71:7f:be:73:53:81:e1:31:0b:fb:82:f6: 72:03:1e:d5:4e:29:07:af:53:04:d9:f7:87:f4:d8:99:66:3a: 6c:67:b4:44:f3:2e:87:f2:6c:d0:73:f6:df:ba:9d:e1:c6:89: 78:0c:f6:b0:03:9d:4e:4b:9d:a2:51:85:c5:a9:4b:5a:1c:77: 7d:65:38:0f:4b:f7:93:b6:99:30:90:94:c6:aa:c1:9a:14:08: 20:0b:61:19:7e:c2:aa:b9:69:16:57:df:ef:15:6b:70:e6:24: f7:24:ae:47:29:2d:19:1e:6c:c1:57:9a:7b:a0:dd:f3:3a:4c: 7f:80:1f:bc:88:16:58:90:28:a9:62:c2:1c:11:1c:05:43:91: 0c:3d:38:a3 -----BEGIN CERTIFICATE----- MIIFfjCCBGagAwIBAgIBKjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF QjJCODExMC8GA1UEBRMoQTg5N0FFOEZGMjE0MUNCMzM0RUFBNEI4ODFDQzNDNTY1 NkQ0NzQzNjAeFw0yNTA4MjcwMzI1NTVaFw0yNjA4MzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4YWU3YWMzLTA1YjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCx/xutp0Oo4v6JB4q+KHpGOBUNWLDmOwROvjIRfOBqXCzUCLK8gFknqZQ0Mp0O g+f+La8OdkTELl27CLWe0Y1V7zhAQqpTM4ipS3Icxs5gheCEw1h0Y32PthnzDr2+ 03UcVQOSIkfofM3zcwrB9rcsdHwfx5T5pm8M7iGPBYVJT4OHlYATNM1LVGtIkqVU bpCCKyHZvRZLJriwHYP6fhijgwWWbMEwfgNvLuw0Dj+CawNX99ZQ5hh3jgl3piAY Rcc5zCbz/C8hXplcK9MlPjVBXaWekeW1hEIrQWmPhs0ZEmqRhPn6pZHgntKlDESw BeB8xnWr9LZVWiDTXlaoT0QdAgMBAAGjggKjMIICnzAdBgNVHQ4EFgQUKuGK0sgc t5wtbm+CObTijLF66+8wHwYDVR0jBBgwFoAUqJeuj/IUHLM06qS4gcw8VlbUdDYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVCMkI4LzM1ODNFNTg2NTE2 NTExRjBCQzFDQUY3NUM0RjlBRTAyL3FKZXVqX0lVSExNMDZxUzRnY3c4VmxiVWRE WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvcUpldWpfSVVITE0wNnFTNGdjdzhWbGJVZERZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QjJCOC8zNTgzRTU4NjUxNjUxMUYwQkMxQ0FGNzVDNEY5QUUwMi84N0ZCOEYzRTYx NDcxMUYwQUEyMEYzNURDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAtBggrBgEFBQcBBwEB/wQe MBwwGgQCAAEwFDAMAwQFlN6gAwQAlN6iAwQAlN6vMA0GCSqGSIb3DQEBCwUAA4IB AQAQIn5VJcxAaPxJ7fUQgUxRDPIgPjZSUaHJTkxiPTxbQZv2H5M/HO0OgobDya2n aOVOdOPInD9B8+WPiylnHZEQxWieYk3AJjycXJzWnrAip27UDfKxmMprz3rEh/iL +mXHVFZidJeIGG+SlrRbvzezGT5xf75zU4HhMQv7gvZyAx7VTikHr1ME2feH9NiZ ZjpsZ7RE8y6H8mzQc/bfup3hxol4DPawA51OS52iUYXFqUtaHHd9ZTgPS/eTtpkw kJTGqsGaFAggC2EZfsKquWkWV9/vFWtw5iT3JK5HKS0ZHmzBV5p7oN3zOkx/gB+8 iBZYkCipYsIcERwFQ5EMPTij -----END CERTIFICATE-----Generated at Fri Sep 5 08:28:35 2025 by rpki-client