$ rpki-client -vvf rpki.apnic.net/member_repository/A91302B0/6572BE94FF9411E4876B945DC4F9AE02/C1B929B4682B11E9AE87C117C4F9AE02.roa File: C1B929B4682B11E9AE87C117C4F9AE02.roa (raw, json) Hash identifier: i5fhQnu6bmgNPwIHRR7tap/ay2sUVMlNWD5eOeQV4OA= Subject key identifier: 92:98:C4:6E:11:0D:F2:37:03:BC:8D:41:AC:C6:EE:99:9F:20:1B:F9 Certificate issuer: /CN=A91302B0/serialNumber=C08EC70A5B79742FC55F910536CA065C6CFB7CB5 Certificate serial: 2672 Authority key identifier: C0:8E:C7:0A:5B:79:74:2F:C5:5F:91:05:36:CA:06:5C:6C:FB:7C:B5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wI7HClt5dC_FX5EFNsoGXGz7fLU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91302B0/6572BE94FF9411E4876B945DC4F9AE02/C1B929B4682B11E9AE87C117C4F9AE02.roa Signing time: Mon 06 Oct 2025 16:13:19 +0000 ROA not before: Mon 06 Oct 2025 16:13:19 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 23688 IP address blocks: 27.147.128.0/17 maxlen: 24 103.197.152.0/22 maxlen: 24 103.232.100.0/22 maxlen: 24 123.200.0.0/19 maxlen: 24 163.47.32.0/22 maxlen: 24 203.76.96.0/19 maxlen: 24 2400:ca00::/28 maxlen: 36 2400:ca00::/40 maxlen: 48 2400:ca00:100::/48 maxlen: 48 2400:ca00:1f1::/48 maxlen: 48 2400:ca00:1f2::/48 maxlen: 48 2400:ca00:1f3::/48 maxlen: 48 2400:ca00:1f3:2::/64 maxlen: 64 2400:ca00:1fb::/48 maxlen: 48 2400:ca00:1fb:fb01::/64 maxlen: 64 2400:ca00:1fb:fc01::/64 maxlen: 64 2400:ca00:1fb:fd01::/64 maxlen: 64 2400:ca00:1fb:fe01::/64 maxlen: 64 2400:ca00:1fb:ff01::/64 maxlen: 64 2400:ca00:1fc::/48 maxlen: 48 2400:ca00:1fd::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91302B0/6572BE94FF9411E4876B945DC4F9AE02/wI7HClt5dC_FX5EFNsoGXGz7fLU.crl rsync://rpki.apnic.net/member_repository/A91302B0/6572BE94FF9411E4876B945DC4F9AE02/wI7HClt5dC_FX5EFNsoGXGz7fLU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wI7HClt5dC_FX5EFNsoGXGz7fLU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 15:55:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9842 (0x2672) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91302B0, serialNumber=C08EC70A5B79742FC55F910536CA065C6CFB7CB5 Validity Not Before: Oct 6 16:13:19 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68e3ea9f-89a5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:cd:0e:58:65:a9:2d:da:ce:89:77:96:26:e3: 5c:a6:9f:a6:4a:ad:89:33:50:75:f8:58:d1:8d:b6: aa:8b:26:ce:13:d4:5d:d3:b4:ca:9d:35:16:32:4e: 19:1a:53:76:db:18:ba:9a:24:4d:17:94:96:6e:07: f3:c4:f0:40:b6:4d:fe:62:f5:c9:7c:20:47:00:30: 75:e5:d5:90:56:fb:82:78:64:40:22:12:95:e4:d7: 13:0a:4a:e1:87:d0:b9:3e:55:48:52:8f:f1:86:bc: 2b:97:c7:ed:d8:14:4b:ba:b6:29:6b:74:95:60:06: 8a:88:3e:ec:15:f5:22:f1:78:1d:83:9e:16:ec:d5: 71:40:1f:78:77:65:8a:a6:8e:b5:69:a9:5c:b9:da: 46:67:df:15:3a:d7:82:65:c9:95:5f:8d:3f:8b:4a: f6:4c:8e:82:40:aa:7d:8f:ac:07:f2:3a:5f:fd:9f: 50:b2:69:bd:25:0f:ce:5e:a8:7a:d8:1d:c3:c3:51: 40:80:06:72:dd:69:74:11:f7:61:ea:72:4e:63:f3: de:8d:c6:c0:1b:66:e6:eb:b9:5e:98:99:0f:49:e6: 03:83:19:ee:a2:49:37:4e:c4:29:d6:98:66:87:37: db:6d:38:af:a9:04:ff:92:08:b3:6f:8c:54:8b:c0: fb:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:98:C4:6E:11:0D:F2:37:03:BC:8D:41:AC:C6:EE:99:9F:20:1B:F9 X509v3 Authority Key Identifier: keyid:C0:8E:C7:0A:5B:79:74:2F:C5:5F:91:05:36:CA:06:5C:6C:FB:7C:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91302B0/6572BE94FF9411E4876B945DC4F9AE02/wI7HClt5dC_FX5EFNsoGXGz7fLU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wI7HClt5dC_FX5EFNsoGXGz7fLU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91302B0/6572BE94FF9411E4876B945DC4F9AE02/C1B929B4682B11E9AE87C117C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 27.147.128.0/17 103.197.152.0/22 103.232.100.0/22 123.200.0.0/19 163.47.32.0/22 203.76.96.0/19 IPv6: 2400:ca00::/28 Signature Algorithm: sha256WithRSAEncryption 22:27:c7:03:03:44:9d:ec:6c:54:6e:62:0f:8d:67:e5:b8:90: c6:3d:33:8e:c2:24:2a:73:6a:a3:88:b2:92:b2:26:e6:61:ee: 19:ca:27:ff:ec:a5:50:3b:cf:d7:bc:5a:93:6e:90:10:71:e8: b6:37:7e:3c:0b:bb:33:e0:84:0a:55:12:22:ec:5d:a2:33:7f: 11:53:b1:a4:6f:f3:75:ca:d0:74:2f:6c:5a:98:61:0f:e5:83: f7:f8:46:33:e6:61:53:70:b7:16:63:84:4d:fd:cd:a0:c8:c4: b0:ea:7e:08:65:ea:ee:6c:84:58:04:48:e2:78:4b:58:f6:00: 3d:45:65:2a:9f:ea:7f:30:06:02:92:d1:09:5b:99:a6:bb:9d: 46:64:98:68:6b:e0:23:de:f3:1c:07:aa:50:06:1a:0f:59:12: 0f:18:52:4a:41:1d:a0:3c:28:93:8b:d8:f9:80:aa:9b:f6:cd: 48:3b:e4:68:b9:69:23:d1:c3:48:fc:20:7c:fc:dc:28:79:e6: ac:b6:00:22:13:97:35:57:9e:20:0e:82:46:e6:42:21:58:fe: 59:85:7c:64:b9:84:7f:5f:57:65:81:8c:5a:41:28:11:98:4e: 71:3b:c6:76:9d:38:5e:3f:f1:a1:a5:5a:dd:8e:3c:a2:fe:1e: b0:c6:77:07 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgICJnIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzAyQjAxMTAvBgNVBAUTKEMwOEVDNzBBNUI3OTc0MkZDNTVGOTEwNTM2Q0EwNjVD NkNGQjdDQjUwHhcNMjUxMDA2MTYxMzE5WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGUzZWE5Zi04OWE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAps0OWGWpLdrOiXeWJuNcpp+mSq2JM1B1+FjRjbaqiybOE9Rd07TKnTUWMk4Z GlN22xi6miRNF5SWbgfzxPBAtk3+YvXJfCBHADB15dWQVvuCeGRAIhKV5NcTCkrh h9C5PlVIUo/xhrwrl8ft2BRLurYpa3SVYAaKiD7sFfUi8Xgdg54W7NVxQB94d2WK po61aalcudpGZ98VOteCZcmVX40/i0r2TI6CQKp9j6wH8jpf/Z9Qsmm9JQ/OXqh6 2B3Dw1FAgAZy3Wl0Efdh6nJOY/PejcbAG2bm67lemJkPSeYDgxnuokk3TsQp1phm hzfbbTivqQT/kgizb4xUi8D7sQIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFJKYxG4R DfI3A7yNQazG7pmfIBv5MB8GA1UdIwQYMBaAFMCOxwpbeXQvxV+RBTbKBlxs+3y1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMDJCMC82NTcyQkU5NEZG OTQxMUU0ODc2Qjk0NURDNEY5QUUwMi93STdIQ2x0NWRDX0ZYNUVGTnNvR1hHejdm TFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3dJN0hDbHQ1ZENfRlg1RUZOc29HWEd6N2ZMVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzAyQjAvNjU3MkJFOTRGRjk0MTFFNDg3NkI5NDVEQzRGOUFFMDIvQzFCOTI5QjQ2 ODJCMTFFOUFFODdDMTE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTAYIKwYBBQUHAQcBAf8E PTA7MCoEAgABMCQDBAcbk4ADBAJnxZgDBAJn6GQDBAV7yAADBAKjLyADBAXLTGAw DQQCAAIwBwMFBCQAygAwDQYJKoZIhvcNAQELBQADggEBACInxwMDRJ3sbFRuYg+N Z+W4kMY9M47CJCpzaqOIspKyJuZh7hnKJ//spVA7z9e8WpNukBBx6LY3fjwLuzPg hApVEiLsXaIzfxFTsaRv83XK0HQvbFqYYQ/lg/f4RjPmYVNwtxZjhE39zaDIxLDq fghl6u5shFgESOJ4S1j2AD1FZSqf6n8wBgKS0Qlbmaa7nUZkmGhr4CPe8xwHqlAG Gg9ZEg8YUkpBHaA8KJOL2PmAqpv2zUg75Gi5aSPRw0j8IHz83Ch55qy2ACITlzVX niAOgkbmQiFY/lmFfGS5hH9fV2WBjFpBKBGYTnE7xnadOF4/8aGlWt2OPKL+HrDG dwc= -----END CERTIFICATE-----Generated at Mon Oct 20 16:17:38 2025 by rpki-client