$ rpki-client -vvf rpki.apnic.net/member_repository/A91F33A5/11870972D4D811ECA4245F10C4F9AE02/23D7B1B81EDD11ED83B7963BC4F9AE02.roa File: 23D7B1B81EDD11ED83B7963BC4F9AE02.roa (raw, json) Hash identifier: OIuIkx6LNP541+ogHj0tTuwVsOI11PX4TfWyw7GN2I0= Subject key identifier: 20:08:CD:E7:FF:0E:BD:E8:FF:E3:AD:E6:E1:A9:47:8F:17:E0:E6:B0 Certificate issuer: /CN=A91F33A5/serialNumber=4FF52847215C4A22E9F1149E6CBFEDF74D61CE8B Certificate serial: 038A Authority key identifier: 4F:F5:28:47:21:5C:4A:22:E9:F1:14:9E:6C:BF:ED:F7:4D:61:CE:8B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/T_UoRyFcSiLp8RSebL_t901hzos.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F33A5/11870972D4D811ECA4245F10C4F9AE02/23D7B1B81EDD11ED83B7963BC4F9AE02.roa Signing time: Fri 05 Sep 2025 01:37:54 +0000 ROA not before: Fri 05 Sep 2025 01:37:53 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 134111 IP address blocks: 146.118.0.0/16 maxlen: 24 192.65.130.0/24 maxlen: 24 192.102.250.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F33A5/11870972D4D811ECA4245F10C4F9AE02/T_UoRyFcSiLp8RSebL_t901hzos.crl rsync://rpki.apnic.net/member_repository/A91F33A5/11870972D4D811ECA4245F10C4F9AE02/T_UoRyFcSiLp8RSebL_t901hzos.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/T_UoRyFcSiLp8RSebL_t901hzos.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 16 Sep 2025 01:09:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 906 (0x38a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F33A5, serialNumber=4FF52847215C4A22E9F1149E6CBFEDF74D61CE8B Validity Not Before: Sep 5 01:37:53 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68ba3ef1-8b0c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:9d:40:41:42:ba:56:a2:95:c4:c0:16:3f:0f: 5a:69:3f:15:c3:b8:a2:c2:41:2e:64:d0:d3:33:3d: a6:f6:d9:73:f3:b6:1f:d5:de:f5:3f:40:0f:f3:a9: 3b:40:63:6a:64:08:bc:04:4a:bb:e1:5c:b6:07:b2: 14:8c:19:12:f4:2a:3e:c6:d5:49:40:9b:ce:e2:97: d8:67:28:6b:7a:95:de:01:44:18:7f:47:2b:09:05: 4d:5c:2a:3d:88:6b:b9:46:3d:ab:59:79:ff:f4:97: 85:44:53:11:e9:3d:90:4c:45:05:e2:a2:7f:c6:5f: cc:a5:bf:dc:aa:4f:e4:b9:39:4b:c3:fd:48:3b:72: 9a:d7:0f:a9:23:e4:f4:b6:5f:7d:cb:11:96:15:35: 41:2a:7e:2d:de:ba:1b:e8:09:c9:23:36:81:80:f5: c9:80:b8:99:e5:98:45:3e:ad:7a:c8:c4:55:d7:9e: d5:1c:83:fb:64:11:61:9e:c7:88:20:69:89:86:f8: c5:1f:1e:db:b9:15:c5:f6:37:af:a3:54:b7:1e:5b: f2:9f:0c:61:9e:ce:60:96:6f:a4:26:ec:6f:0e:aa: f2:8e:05:b2:8a:4b:d6:e1:5b:72:fe:9d:bb:99:2b: c4:41:e9:01:cd:ec:0a:73:ec:1c:ad:28:24:17:85: d3:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:08:CD:E7:FF:0E:BD:E8:FF:E3:AD:E6:E1:A9:47:8F:17:E0:E6:B0 X509v3 Authority Key Identifier: keyid:4F:F5:28:47:21:5C:4A:22:E9:F1:14:9E:6C:BF:ED:F7:4D:61:CE:8B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F33A5/11870972D4D811ECA4245F10C4F9AE02/T_UoRyFcSiLp8RSebL_t901hzos.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/T_UoRyFcSiLp8RSebL_t901hzos.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F33A5/11870972D4D811ECA4245F10C4F9AE02/23D7B1B81EDD11ED83B7963BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 146.118.0.0/16 192.65.130.0/24 192.102.250.0/23 Signature Algorithm: sha256WithRSAEncryption 76:6b:a0:1a:10:c4:b6:42:4a:31:7c:02:72:e0:de:27:69:a2: 02:d3:2a:c7:92:b1:6e:4c:c6:80:a8:5e:e4:d8:c4:47:c3:a7: 8e:7b:a2:89:0e:b6:14:04:49:67:8e:f7:45:bb:21:6b:cc:14: 31:9d:de:e3:6e:66:1d:cc:58:10:d3:ac:19:11:fa:14:b5:b2: 00:3d:a5:22:9f:f8:9d:c4:da:8d:a3:87:6d:2b:ce:dd:17:43: c5:81:bb:be:0e:5c:f0:59:ce:2f:88:87:0a:57:7e:cd:a5:04: ab:79:52:10:74:d9:76:97:01:ae:9b:a7:9b:1a:a9:d6:9d:70: 93:e5:e6:ce:e3:a8:91:94:93:07:df:97:b1:7b:e0:ef:7f:53: b9:e9:a9:57:81:79:8f:33:46:14:28:11:42:3b:ad:be:99:9d: 2d:f6:4e:db:16:e3:49:44:8a:7e:6f:89:d6:fd:83:d4:3d:91: 5b:c9:3c:7d:5d:63:3d:ca:0d:65:03:cc:02:51:47:6e:38:63: ef:16:c1:08:0f:d2:fa:1e:05:90:c4:6d:9d:ed:8b:38:0b:68: 45:26:2f:c7:e0:4d:a4:45:d1:64:01:50:71:1f:73:5a:e4:28: 75:79:dc:b1:e8:e5:fc:68:a9:3e:d9:2f:6d:dd:0f:fc:12:6a: 43:6a:f0:65 -----BEGIN CERTIFICATE----- MIIFfDCCBGSgAwIBAgICA4owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjMzQTUxMTAvBgNVBAUTKDRGRjUyODQ3MjE1QzRBMjJFOUYxMTQ5RTZDQkZFREY3 NEQ2MUNFOEIwHhcNMjUwOTA1MDEzNzUzWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGJhM2VmMS04YjBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqZ1AQUK6VqKVxMAWPw9aaT8Vw7iiwkEuZNDTMz2m9tlz87Yf1d71P0AP86k7 QGNqZAi8BEq74Vy2B7IUjBkS9Co+xtVJQJvO4pfYZyhrepXeAUQYf0crCQVNXCo9 iGu5Rj2rWXn/9JeFRFMR6T2QTEUF4qJ/xl/Mpb/cqk/kuTlLw/1IO3Ka1w+pI+T0 tl99yxGWFTVBKn4t3rob6AnJIzaBgPXJgLiZ5ZhFPq16yMRV157VHIP7ZBFhnseI IGmJhvjFHx7buRXF9jevo1S3Hlvynwxhns5glm+kJuxvDqryjgWyikvW4Vty/p27 mSvEQekBzewKc+wcrSgkF4XT7QIDAQABo4ICoDCCApwwHQYDVR0OBBYEFCAIzef/ Dr3o/+Ot5uGpR48X4OawMB8GA1UdIwQYMBaAFE/1KEchXEoi6fEUnmy/7fdNYc6L MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMzNBNS8xMTg3MDk3MkQ0 RDgxMUVDQTQyNDVGMTBDNEY5QUUwMi9UX1VvUnlGY1NpTHA4UlNlYkxfdDkwMWh6 b3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1RfVW9SeUZjU2lMcDhSU2ViTF90OTAxaHpvcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjMzQTUvMTE4NzA5NzJENEQ4MTFFQ0E0MjQ1RjEwQzRGOUFFMDIvMjNEN0IxQjgx RUREMTFFRDgzQjc5NjNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKgYIKwYBBQUHAQcBAf8E GzAZMBcEAgABMBEDAwCSdgMEAMBBggMEAcBm+jANBgkqhkiG9w0BAQsFAAOCAQEA dmugGhDEtkJKMXwCcuDeJ2miAtMqx5KxbkzGgKhe5NjER8OnjnuiiQ62FARJZ473 Rbsha8wUMZ3e425mHcxYENOsGRH6FLWyAD2lIp/4ncTajaOHbSvO3RdDxYG7vg5c 8FnOL4iHCld+zaUEq3lSEHTZdpcBrpunmxqp1p1wk+XmzuOokZSTB9+XsXvg739T uempV4F5jzNGFCgRQjutvpmdLfZO2xbjSUSKfm+J1v2D1D2RW8k8fV1jPcoNZQPM AlFHbjhj7xbBCA/S+h4FkMRtne2LOAtoRSYvx+BNpEXRZAFQcR9zWuQodXncsejl /GipPtkvbd0P/BJqQ2rwZQ== -----END CERTIFICATE-----Generated at Wed Sep 10 01:10:40 2025 by rpki-client