$ rpki-client -vvf rpki.apnic.net/member_repository/A91F7DCD/84428B0E73D111EA9CDEC534C4F9AE02/855AECF29B3A11EB9B73EB7BC4F9AE02.roa File: 855AECF29B3A11EB9B73EB7BC4F9AE02.roa (raw, json) Hash identifier: NLByGRv6anI6tIVcb5p+1Xch3v2zcxtkN/xSf48UIQU= Subject key identifier: D2:8C:A3:1B:94:51:0C:60:87:A8:D3:E5:A8:46:39:84:63:A3:51:3E Certificate issuer: /CN=A91F7DCD/serialNumber=3BD302FA7A2E866A679B1B6096DB67453A03AB86 Certificate serial: 0A63 Authority key identifier: 3B:D3:02:FA:7A:2E:86:6A:67:9B:1B:60:96:DB:67:45:3A:03:AB:86 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O9MC-nouhmpnmxtglttnRToDq4Y.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F7DCD/84428B0E73D111EA9CDEC534C4F9AE02/855AECF29B3A11EB9B73EB7BC4F9AE02.roa Signing time: Thu 04 Sep 2025 20:00:28 +0000 ROA not before: Thu 04 Sep 2025 20:00:28 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 141768 IP address blocks: 39.109.92.0/22 maxlen: 22 39.109.92.0/24 maxlen: 24 39.109.93.0/24 maxlen: 24 39.109.94.0/24 maxlen: 24 39.109.95.0/24 maxlen: 24 103.120.228.0/23 maxlen: 23 103.120.228.0/24 maxlen: 24 103.120.229.0/24 maxlen: 24 103.227.128.0/24 maxlen: 24 103.227.129.0/24 maxlen: 24 103.227.131.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F7DCD/84428B0E73D111EA9CDEC534C4F9AE02/O9MC-nouhmpnmxtglttnRToDq4Y.crl rsync://rpki.apnic.net/member_repository/A91F7DCD/84428B0E73D111EA9CDEC534C4F9AE02/O9MC-nouhmpnmxtglttnRToDq4Y.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O9MC-nouhmpnmxtglttnRToDq4Y.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 15 Sep 2025 19:44:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2659 (0xa63) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F7DCD, serialNumber=3BD302FA7A2E866A679B1B6096DB67453A03AB86 Validity Not Before: Sep 4 20:00:28 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68b9efdc-4237 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:b1:74:de:f5:e6:40:b5:94:b4:89:08:95:2a: 15:c0:9d:b1:66:21:c8:d9:a4:10:d4:02:7b:8e:33: 8a:b1:47:d1:ab:32:f1:07:ae:05:8c:9f:f3:e4:ee: 0a:17:b8:4d:98:6f:bd:ed:e0:40:2b:3a:c1:82:f6: 0d:88:ff:ac:1f:03:5c:df:a3:87:4a:2a:f6:15:d2: a8:28:39:46:4e:2b:c9:64:17:0d:a5:11:27:29:d0: 27:ce:27:14:e8:8e:0b:de:5e:3f:e7:38:d3:3c:f8: 72:2d:a4:86:48:17:e9:9c:75:e9:ee:b0:1b:9e:15: 89:65:b0:56:82:bd:be:02:8a:1a:b0:22:d2:99:e1: f9:b9:97:9e:ef:96:13:32:26:8e:68:2b:7f:8b:fc: aa:a5:9f:14:3b:a7:e0:61:34:53:b8:3a:81:41:31: 6f:71:2b:16:00:33:48:e6:66:c6:bc:28:e3:24:8e: 28:0a:fd:56:df:39:e3:7a:e8:2f:7d:80:e6:31:90: 92:cd:e7:51:f0:03:af:18:7e:2c:fa:b3:8f:0f:3c: d1:f2:ab:99:83:b2:7d:6b:0e:08:c2:1d:9b:f3:74: 9f:6e:64:49:be:87:74:29:b9:af:55:37:7f:82:a5: 04:ec:d1:77:56:43:55:cb:bc:df:7f:95:32:38:ad: 26:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:8C:A3:1B:94:51:0C:60:87:A8:D3:E5:A8:46:39:84:63:A3:51:3E X509v3 Authority Key Identifier: keyid:3B:D3:02:FA:7A:2E:86:6A:67:9B:1B:60:96:DB:67:45:3A:03:AB:86 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F7DCD/84428B0E73D111EA9CDEC534C4F9AE02/O9MC-nouhmpnmxtglttnRToDq4Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O9MC-nouhmpnmxtglttnRToDq4Y.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F7DCD/84428B0E73D111EA9CDEC534C4F9AE02/855AECF29B3A11EB9B73EB7BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 39.109.92.0/22 103.120.228.0/23 103.227.128.0/23 103.227.131.0/24 Signature Algorithm: sha256WithRSAEncryption ba:80:c3:99:55:38:d8:34:23:b4:35:61:7d:ed:2c:ff:bd:06: 16:b0:40:0b:69:5e:47:5c:b2:28:1b:cc:bf:b5:67:9e:29:2d: f6:c6:bf:71:74:df:2e:5e:72:46:79:c3:a9:f5:85:a0:9e:f1: ed:b0:81:1d:89:49:3a:8f:e0:25:3b:a3:81:55:10:db:96:89: 57:12:52:c8:68:b4:ee:1f:00:30:c1:dd:f8:a5:6f:f8:31:6e: 72:ab:d7:a7:57:95:8a:1f:42:4c:f4:ed:c9:39:e4:d8:8b:b4: da:fe:ce:a3:aa:4d:97:60:bb:f3:df:7f:38:3c:5d:75:5e:91: ad:c2:6b:00:97:19:91:d3:07:94:01:7d:3b:e4:8d:99:65:d6: 2d:7a:93:cb:17:6e:e7:f3:22:d8:34:c4:c4:d1:6c:50:29:c2: f9:b7:9d:e9:c2:d9:56:5f:df:10:06:b3:b8:00:60:e3:24:15: 12:3d:22:12:95:ae:17:ca:c5:2a:6c:73:62:8c:c6:78:06:6e: 7d:d9:31:af:61:51:0e:6e:5e:d8:14:17:57:c3:bf:11:e3:4f: 19:fa:72:32:02:14:44:cf:13:0d:06:9b:c0:a4:49:b7:26:79: 9a:67:2a:22:a9:8f:e7:da:af:45:42:1c:c7:ec:b8:35:d8:6a: 94:1f:21:91 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgICCmMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjdEQ0QxMTAvBgNVBAUTKDNCRDMwMkZBN0EyRTg2NkE2NzlCMUI2MDk2REI2NzQ1 M0EwM0FCODYwHhcNMjUwOTA0MjAwMDI4WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGI5ZWZkYy00MjM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt7F03vXmQLWUtIkIlSoVwJ2xZiHI2aQQ1AJ7jjOKsUfRqzLxB64FjJ/z5O4K F7hNmG+97eBAKzrBgvYNiP+sHwNc36OHSir2FdKoKDlGTivJZBcNpREnKdAnzicU 6I4L3l4/5zjTPPhyLaSGSBfpnHXp7rAbnhWJZbBWgr2+AooasCLSmeH5uZee75YT MiaOaCt/i/yqpZ8UO6fgYTRTuDqBQTFvcSsWADNI5mbGvCjjJI4oCv1W3znjeugv fYDmMZCSzedR8AOvGH4s+rOPDzzR8quZg7J9aw4Iwh2b83SfbmRJvod0KbmvVTd/ gqUE7NF3VkNVy7zff5UyOK0muQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFNKMoxuU UQxgh6jT5ahGOYRjo1E+MB8GA1UdIwQYMBaAFDvTAvp6LoZqZ5sbYJbbZ0U6A6uG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGN0RDRC84NDQyOEIwRTcz RDExMUVBOUNERUM1MzRDNEY5QUUwMi9POU1DLW5vdWhtcG5teHRnbHR0blJUb0Rx NFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL085TUMtbm91aG1wbm14dGdsdHRuUlRvRHE0WS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjdEQ0QvODQ0MjhCMEU3M0QxMTFFQTlDREVDNTM0QzRGOUFFMDIvODU1QUVDRjI5 QjNBMTFFQjlCNzNFQjdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E IjAgMB4EAgABMBgDBAInbVwDBAFneOQDBAFn44ADBABn44MwDQYJKoZIhvcNAQEL BQADggEBALqAw5lVONg0I7Q1YX3tLP+9BhawQAtpXkdcsigbzL+1Z54pLfbGv3F0 3y5eckZ5w6n1haCe8e2wgR2JSTqP4CU7o4FVENuWiVcSUshotO4fADDB3filb/gx bnKr16dXlYofQkz07ck55NiLtNr+zqOqTZdgu/Pffzg8XXVeka3CawCXGZHTB5QB fTvkjZll1i16k8sXbufzItg0xMTRbFApwvm3nenC2VZf3xAGs7gAYOMkFRI9IhKV rhfKxSpsc2KMxngGbn3ZMa9hUQ5uXtgUF1fDvxHjTxn6cjICFETPEw0Gm8CkSbcm eZpnKiKpj+far0VCHMfsuDXYapQfIZE= -----END CERTIFICATE-----Generated at Tue Sep 9 09:17:50 2025 by rpki-client