$ rpki-client -vvf rpki.apnic.net/member_repository/A91281E0/761A7EACE2A311E9AE8BB528C4F9AE02/72B84162E2A411E9A300492AC4F9AE02.roa File: 72B84162E2A411E9A300492AC4F9AE02.roa (raw, json) Hash identifier: hbFGbb4fXsbz6F3BPhzZvLmW3bUeWq5CqpJ6o7pIq8g= Subject key identifier: D7:30:EC:7C:99:F1:B5:72:0A:06:01:BD:ED:7A:44:35:51:9F:B3:3C Certificate issuer: /CN=A91281E0/serialNumber=8DE1D0B56130980B83900FB78FADA670DE2E0A65 Certificate serial: 0D2B Authority key identifier: 8D:E1:D0:B5:61:30:98:0B:83:90:0F:B7:8F:AD:A6:70:DE:2E:0A:65 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jeHQtWEwmAuDkA-3j62mcN4uCmU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91281E0/761A7EACE2A311E9AE8BB528C4F9AE02/72B84162E2A411E9A300492AC4F9AE02.roa Signing time: Tue 12 Aug 2025 18:28:38 +0000 ROA not before: Tue 12 Aug 2025 18:28:38 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 38200 IP address blocks: 45.64.164.0/24 maxlen: 24 45.64.165.0/24 maxlen: 24 45.64.166.0/24 maxlen: 24 45.64.167.0/24 maxlen: 24 103.234.24.0/24 maxlen: 24 103.234.25.0/24 maxlen: 24 103.234.26.0/24 maxlen: 24 103.234.27.0/24 maxlen: 24 103.234.164.0/22 maxlen: 22 103.234.164.0/24 maxlen: 24 103.234.165.0/24 maxlen: 24 103.234.166.0/24 maxlen: 24 103.234.167.0/24 maxlen: 24 220.247.160.0/24 maxlen: 24 220.247.161.0/24 maxlen: 24 220.247.162.0/24 maxlen: 24 220.247.163.0/24 maxlen: 24 220.247.164.0/24 maxlen: 24 220.247.165.0/24 maxlen: 24 220.247.166.0/24 maxlen: 24 220.247.167.0/24 maxlen: 24 2401:580::/32 maxlen: 32 2401:580:a::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91281E0/761A7EACE2A311E9AE8BB528C4F9AE02/jeHQtWEwmAuDkA-3j62mcN4uCmU.crl rsync://rpki.apnic.net/member_repository/A91281E0/761A7EACE2A311E9AE8BB528C4F9AE02/jeHQtWEwmAuDkA-3j62mcN4uCmU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jeHQtWEwmAuDkA-3j62mcN4uCmU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 18:09:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3371 (0xd2b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91281E0, serialNumber=8DE1D0B56130980B83900FB78FADA670DE2E0A65 Validity Not Before: Aug 12 18:28:38 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=689b87d6-0f75 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:db:82:0e:9a:c8:d4:9c:1f:6f:c6:8d:ce:6a: 11:ae:15:ac:34:db:ca:7e:f7:61:80:29:e7:20:58: c5:1b:ab:3b:f5:ec:1d:d3:18:40:d7:b6:1c:7e:d2: be:53:de:cf:c4:ff:56:02:98:82:7e:e3:6b:8c:5d: 24:ea:f1:c2:38:e6:13:ec:44:92:0f:39:c8:74:d0: 68:a2:00:2f:12:ff:8f:ab:7a:c7:76:0b:fc:3b:10: b3:78:07:64:ea:43:c6:ab:cd:8f:8e:b0:dc:fe:7c: b3:a6:a2:26:84:a5:86:a9:31:4c:d0:44:5b:66:b5: 5d:10:d6:dc:10:a2:51:4b:3e:3d:8a:74:e9:1d:5b: bd:3b:5c:ee:e7:cb:fc:a9:f9:55:38:2e:1f:8e:e2: d2:7f:2a:3c:72:cb:26:8e:d6:1f:f9:02:c7:72:89: 4a:65:00:e3:42:cb:ea:0f:53:ea:65:16:1e:9e:ee: f6:d0:28:a6:43:ee:3f:48:8f:67:4b:41:7b:da:34: 27:f7:08:91:a1:01:36:61:c6:4d:88:da:aa:f5:b9: d7:d3:06:79:3a:e9:0f:a5:0b:7a:41:da:5e:d7:5f: 7b:5a:fb:a5:6e:e7:9f:75:58:24:99:25:55:0c:f1: de:97:94:be:23:86:a9:9a:11:e1:ee:02:d2:3c:a5: 89:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:30:EC:7C:99:F1:B5:72:0A:06:01:BD:ED:7A:44:35:51:9F:B3:3C X509v3 Authority Key Identifier: keyid:8D:E1:D0:B5:61:30:98:0B:83:90:0F:B7:8F:AD:A6:70:DE:2E:0A:65 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91281E0/761A7EACE2A311E9AE8BB528C4F9AE02/jeHQtWEwmAuDkA-3j62mcN4uCmU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jeHQtWEwmAuDkA-3j62mcN4uCmU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91281E0/761A7EACE2A311E9AE8BB528C4F9AE02/72B84162E2A411E9A300492AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.64.164.0/22 103.234.24.0/22 103.234.164.0/22 220.247.160.0/21 IPv6: 2401:580::/32 Signature Algorithm: sha256WithRSAEncryption 96:8d:24:9f:4e:cc:e8:0f:2c:8c:72:b2:34:b4:2a:a4:aa:b0: c6:4e:d3:5a:56:40:8f:7a:90:d2:1c:50:bc:f9:2a:76:4d:14: 76:98:0d:2d:f3:d2:61:a5:ff:19:e0:2b:07:b8:51:78:0e:a8: 6e:c8:7c:4c:54:7b:f9:f0:5a:7c:0f:1c:66:f5:e3:7d:4e:4d: 6d:ee:d4:7d:4d:d3:d6:ef:a4:d5:a8:24:9c:fe:b2:31:e2:03: ad:1d:aa:30:18:81:26:4b:03:54:ea:fb:b9:9c:7d:df:96:8e: 33:81:20:fa:10:22:10:fe:14:2d:b0:dd:61:02:14:fe:bf:7f: 9a:14:b7:fc:67:24:c3:1c:25:d6:c3:4b:36:5e:8a:24:f3:e6: a0:27:87:b2:3d:48:af:f6:83:a1:80:c2:14:a5:94:3d:5a:82: a4:2c:37:e4:eb:8f:06:81:c7:ae:57:96:fd:48:83:72:de:2f: 8d:8b:df:07:fd:d0:07:2c:3f:4b:19:27:68:f7:29:b3:4d:12: 29:f3:b5:cb:14:0d:39:01:3a:fe:90:0d:07:95:df:64:04:b7: ea:3d:5e:a2:72:fd:7f:22:70:4d:71:8e:27:d1:43:64:31:06: b1:04:29:7f:ea:d7:30:32:4b:1a:49:21:bf:e4:3c:03:1d:c0: 7e:af:7b:0e -----BEGIN CERTIFICATE----- MIIFkjCCBHqgAwIBAgICDSswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjgxRTAxMTAvBgNVBAUTKDhERTFEMEI1NjEzMDk4MEI4MzkwMEZCNzhGQURBNjcw REUyRTBBNjUwHhcNMjUwODEyMTgyODM4WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODliODdkNi0wZjc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7duCDprI1Jwfb8aNzmoRrhWsNNvKfvdhgCnnIFjFG6s79ewd0xhA17YcftK+ U97PxP9WApiCfuNrjF0k6vHCOOYT7ESSDznIdNBoogAvEv+Pq3rHdgv8OxCzeAdk 6kPGq82PjrDc/nyzpqImhKWGqTFM0ERbZrVdENbcEKJRSz49inTpHVu9O1zu58v8 qflVOC4fjuLSfyo8cssmjtYf+QLHcolKZQDjQsvqD1PqZRYenu720CimQ+4/SI9n S0F72jQn9wiRoQE2YcZNiNqq9bnX0wZ5OukPpQt6Qdpe1197WvulbuefdVgkmSVV DPHel5S+I4apmhHh7gLSPKWJ0wIDAQABo4ICtjCCArIwHQYDVR0OBBYEFNcw7HyZ 8bVyCgYBve16RDVRn7M8MB8GA1UdIwQYMBaAFI3h0LVhMJgLg5APt4+tpnDeLgpl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyODFFMC83NjFBN0VBQ0Uy QTMxMUU5QUU4QkI1MjhDNEY5QUUwMi9qZUhRdFdFd21BdURrQS0zajYybWNONHVD bVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2plSFF0V0V3bUF1RGtBLTNqNjJtY040dUNtVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MjgxRTAvNzYxQTdFQUNFMkEzMTFFOUFFOEJCNTI4QzRGOUFFMDIvNzJCODQxNjJF MkE0MTFFOUEzMDA0OTJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E MTAvMB4EAgABMBgDBAItQKQDBAJn6hgDBAJn6qQDBAPc96AwDQQCAAIwBwMFACQB BYAwDQYJKoZIhvcNAQELBQADggEBAJaNJJ9OzOgPLIxysjS0KqSqsMZO01pWQI96 kNIcULz5KnZNFHaYDS3z0mGl/xngKwe4UXgOqG7IfExUe/nwWnwPHGb1431OTW3u 1H1N09bvpNWoJJz+sjHiA60dqjAYgSZLA1Tq+7mcfd+WjjOBIPoQIhD+FC2w3WEC FP6/f5oUt/xnJMMcJdbDSzZeiiTz5qAnh7I9SK/2g6GAwhSllD1agqQsN+TrjwaB x65Xlv1Ig3LeL42L3wf90AcsP0sZJ2j3KbNNEinztcsUDTkBOv6QDQeV32QEt+o9 XqJy/X8icE1xjifRQ2QxBrEEKX/q1zAySxpJIb/kPAMdwH6vew4= -----END CERTIFICATE-----Generated at Sun Aug 24 02:40:30 2025 by rpki-client