$ rpki-client -vvf rpki.apnic.net/member_repository/A91570D9/2ECB2FFA7D8011F0A9785423C4F9AE02/AA3F24B67D8011F083953324C4F9AE02.roa File: AA3F24B67D8011F083953324C4F9AE02.roa (raw, json) Hash identifier: oUOKfGpowL+63AVr56ivCHHAJRNhENKlNPtv0dg5ub8= Subject key identifier: 2B:12:4A:6F:29:41:64:C7:38:F7:8C:F8:C4:12:44:78:FE:69:0B:A2 Certificate issuer: /CN=A91570D9/serialNumber=9EAC54E9F9F59E6838F4846042105633066D208E Certificate serial: 0A Authority key identifier: 9E:AC:54:E9:F9:F5:9E:68:38:F4:84:60:42:10:56:33:06:6D:20:8E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nqxU6fn1nmg49IRgQhBWMwZtII4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91570D9/2ECB2FFA7D8011F0A9785423C4F9AE02/AA3F24B67D8011F083953324C4F9AE02.roa Signing time: Wed 20 Aug 2025 04:50:37 +0000 ROA not before: Wed 20 Aug 2025 04:50:37 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 153757 IP address blocks: 163.227.214.0/23 maxlen: 23 163.227.214.0/24 maxlen: 24 163.227.215.0/24 maxlen: 24 2402:720::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91570D9/2ECB2FFA7D8011F0A9785423C4F9AE02/nqxU6fn1nmg49IRgQhBWMwZtII4.crl rsync://rpki.apnic.net/member_repository/A91570D9/2ECB2FFA7D8011F0A9785423C4F9AE02/nqxU6fn1nmg49IRgQhBWMwZtII4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nqxU6fn1nmg49IRgQhBWMwZtII4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 08:24:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10 (0xa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91570D9, serialNumber=9EAC54E9F9F59E6838F4846042105633066D208E Validity Not Before: Aug 20 04:50:37 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=68a5541d-1581 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:75:fa:12:d0:87:03:49:c3:64:e7:d9:28:b1: 44:20:10:b7:ee:4d:c9:56:12:b8:3f:7f:35:1e:61: bc:2c:bf:18:de:01:67:75:b0:83:e6:39:fd:87:4c: 37:66:41:a8:34:9a:73:31:87:46:5c:a4:e1:26:8e: 5f:9a:28:00:9b:2c:4e:bd:1d:4a:84:cd:b8:b5:01: 52:6a:e6:77:d7:74:22:af:ce:cb:3c:98:0b:f9:60: d6:50:dc:b4:46:b8:4c:68:98:d3:93:7c:37:1f:ef: 31:3b:e7:98:3c:9d:bf:ed:39:72:06:1f:75:0b:fe: 7a:15:5f:f9:e2:9f:dd:45:d7:ac:93:90:a8:88:48: a6:ab:9e:62:ff:d6:29:1a:26:cc:21:e1:12:e8:49: 26:01:83:01:28:1d:8e:36:69:f0:c1:c2:c2:8f:e0: b2:d5:85:ee:cf:f3:7c:36:34:45:fe:d3:7a:2f:0c: 75:7d:c3:73:09:97:ba:cd:ac:82:0a:87:23:57:dd: ac:f3:92:da:c5:6c:65:df:0e:78:96:8e:63:55:d4: cd:1a:eb:1d:bd:c3:a3:d6:33:07:66:c4:22:ac:b6: 84:51:4d:02:de:31:e9:20:c9:c2:58:c8:9f:52:a0: 15:af:a5:90:33:ba:39:bf:c4:3a:2b:c0:f2:23:5f: 42:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:12:4A:6F:29:41:64:C7:38:F7:8C:F8:C4:12:44:78:FE:69:0B:A2 X509v3 Authority Key Identifier: keyid:9E:AC:54:E9:F9:F5:9E:68:38:F4:84:60:42:10:56:33:06:6D:20:8E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91570D9/2ECB2FFA7D8011F0A9785423C4F9AE02/nqxU6fn1nmg49IRgQhBWMwZtII4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nqxU6fn1nmg49IRgQhBWMwZtII4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91570D9/2ECB2FFA7D8011F0A9785423C4F9AE02/AA3F24B67D8011F083953324C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 163.227.214.0/23 IPv6: 2402:720::/32 Signature Algorithm: sha256WithRSAEncryption 67:cc:bb:08:13:52:1f:0c:6b:43:65:54:9e:9a:9f:e2:a3:ff: 75:0b:cc:f2:70:68:42:49:44:b4:db:bc:44:bc:59:4a:5c:e5: de:16:16:cd:14:e7:ca:d3:ea:33:60:d8:d5:9e:ad:0d:12:a7: 66:20:4e:57:d9:d7:e2:39:f0:b4:a0:4f:77:87:c6:41:8d:1a: 59:7c:6c:4c:94:b1:86:2a:2d:7a:64:12:f6:3b:d7:73:f6:b5: 91:7c:bd:35:c2:22:12:e4:49:29:2f:1f:7d:86:35:cd:c8:cf: 13:ca:97:6e:7d:57:1e:80:cb:f3:4f:d3:21:34:2f:b7:aa:a9: 1c:b1:ec:6a:7b:76:2d:b8:d1:79:15:a2:06:cc:6e:af:e6:18: 33:05:3b:69:33:24:35:7e:e8:51:e4:55:57:45:fe:55:6e:82: 30:90:68:49:37:dd:88:9b:e3:a6:01:e0:30:5a:1d:6e:98:a9: f1:4a:0b:a8:c8:a3:86:90:cc:6d:e7:a2:78:aa:5e:76:41:9a: 46:5a:f6:5c:c0:a7:a8:ac:4e:7a:ed:e0:b7:ea:99:1e:b9:5e: 07:03:73:e6:6b:a0:e3:8d:18:2f:ba:49:4b:8e:2a:35:92:a2: 47:68:b4:23:59:26:5c:46:d3:ea:a9:f9:ea:55:eb:8f:e6:9b: 1e:87:15:c0 -----BEGIN CERTIFICATE----- MIIFfzCCBGegAwIBAgIBCjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1 NzBEOTExMC8GA1UEBRMoOUVBQzU0RTlGOUY1OUU2ODM4RjQ4NDYwNDIxMDU2MzMw NjZEMjA4RTAeFw0yNTA4MjAwNDUwMzdaFw0yNjA3MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY4YTU1NDFkLTE1ODEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDFdfoS0IcDScNk59kosUQgELfuTclWErg/fzUeYbwsvxjeAWd1sIPmOf2HTDdm Qag0mnMxh0ZcpOEmjl+aKACbLE69HUqEzbi1AVJq5nfXdCKvzss8mAv5YNZQ3LRG uExomNOTfDcf7zE755g8nb/tOXIGH3UL/noVX/nin91F16yTkKiISKarnmL/1ika Jswh4RLoSSYBgwEoHY42afDBwsKP4LLVhe7P83w2NEX+03ovDHV9w3MJl7rNrIIK hyNX3azzktrFbGXfDniWjmNV1M0a6x29w6PWMwdmxCKstoRRTQLeMekgycJYyJ9S oBWvpZAzujm/xDorwPIjX0KLAgMBAAGjggKkMIICoDAdBgNVHQ4EFgQUKxJKbylB ZMc494z4xBJEeP5pC6IwHwYDVR0jBBgwFoAUnqxU6fn1nmg49IRgQhBWMwZtII4w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU3MEQ5LzJFQ0IyRkZBN0Q4 MDExRjBBOTc4NTQyM0M0RjlBRTAyL25xeFU2Zm4xbm1nNDlJUmdRaEJXTXdadElJ NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvbnF4VTZmbjFubWc0OUlSZ1FoQldNd1p0SUk0LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 NzBEOS8yRUNCMkZGQTdEODAxMUYwQTk3ODU0MjNDNEY5QUUwMi9BQTNGMjRCNjdE ODAxMUYwODM5NTMzMjRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf MB0wDAQCAAEwBgMEAaPj1jANBAIAAjAHAwUAJAIHIDANBgkqhkiG9w0BAQsFAAOC AQEAZ8y7CBNSHwxrQ2VUnpqf4qP/dQvM8nBoQklEtNu8RLxZSlzl3hYWzRTnytPq M2DY1Z6tDRKnZiBOV9nX4jnwtKBPd4fGQY0aWXxsTJSxhiotemQS9jvXc/a1kXy9 NcIiEuRJKS8ffYY1zcjPE8qXbn1XHoDL80/TITQvt6qpHLHsant2LbjReRWiBsxu r+YYMwU7aTMkNX7oUeRVV0X+VW6CMJBoSTfdiJvjpgHgMFodbpip8UoLqMijhpDM beeieKpedkGaRlr2XMCnqKxOeu3gt+qZHrleBwNz5mug440YL7pJS44qNZKiR2i0 I1kmXEbT6qn56lXrj+abHocVwA== -----END CERTIFICATE-----Generated at Sun Aug 24 03:05:17 2025 by rpki-client