$ rpki-client -vvf rpki.apnic.net/member_repository/A91A0432/F5BF699CA4CA11ECAC4E5744C4F9AE02/4114509A597511EFA2B79A84C4F9AE02.roa File: 4114509A597511EFA2B79A84C4F9AE02.roa (raw, json) Hash identifier: 8U+UsiCXDKifnoegufsPJKGalX6CUXoFX96X70pYMYI= Subject key identifier: 56:09:83:41:4A:3F:59:7F:6D:86:3B:31:3C:8F:0E:CA:05:A9:CF:3F Certificate issuer: /CN=A91A0432/serialNumber=91F3DC59CD0FA1D241CB78757D1DAA92C2AC9F60 Certificate serial: 0395 Authority key identifier: 91:F3:DC:59:CD:0F:A1:D2:41:CB:78:75:7D:1D:AA:92:C2:AC:9F:60 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kfPcWc0PodJBy3h1fR2qksKsn2A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A0432/F5BF699CA4CA11ECAC4E5744C4F9AE02/4114509A597511EFA2B79A84C4F9AE02.roa Signing time: Sat 07 Jun 2025 01:09:16 +0000 ROA not before: Sat 07 Jun 2025 01:09:16 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 140599 IP address blocks: 45.115.224.0/22 maxlen: 22 45.115.224.0/24 maxlen: 24 45.115.225.0/24 maxlen: 24 45.115.226.0/24 maxlen: 24 45.115.227.0/24 maxlen: 24 103.56.4.0/22 maxlen: 24 103.150.220.0/24 maxlen: 24 103.150.221.0/24 maxlen: 24 2001:df3:8e80::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A0432/F5BF699CA4CA11ECAC4E5744C4F9AE02/kfPcWc0PodJBy3h1fR2qksKsn2A.crl rsync://rpki.apnic.net/member_repository/A91A0432/F5BF699CA4CA11ECAC4E5744C4F9AE02/kfPcWc0PodJBy3h1fR2qksKsn2A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kfPcWc0PodJBy3h1fR2qksKsn2A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 917 (0x395) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A0432, serialNumber=91F3DC59CD0FA1D241CB78757D1DAA92C2AC9F60 Validity Not Before: Jun 7 01:09:16 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=6843913b-48ba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:71:54:62:9a:98:cf:7e:0c:04:fe:03:14:e6: aa:7b:98:38:f1:a3:8d:c5:9b:f7:97:8e:38:19:28: 3c:ad:8f:8a:9f:69:6c:f2:99:16:dd:aa:aa:1c:d2: ee:29:48:b9:f8:d8:bb:4e:a7:7a:bb:27:73:7c:00: 2d:e9:f3:3f:7d:b4:19:30:7a:aa:89:23:1c:6d:c2: 1b:44:33:1c:8b:c9:7d:7a:db:64:1d:fe:a4:9e:f1: e3:60:e9:d3:29:b2:26:45:bf:d1:8c:96:b6:26:70: e1:41:d3:1c:fa:08:75:9f:9b:87:f2:bd:4f:b8:b1: c8:bf:fb:6b:80:89:de:3c:c1:aa:6d:71:a6:1f:ae: 26:d7:04:ec:49:05:8d:94:3e:aa:b5:96:54:fc:1e: 0a:59:6b:19:4a:50:1c:b8:d0:d7:90:20:3e:1e:7f: 4e:01:72:3e:18:3d:30:e0:10:95:cf:6f:79:32:21: e2:7f:15:21:00:52:a2:2c:a1:27:5a:4b:bc:3a:7d: 9c:27:dd:be:76:c8:ca:70:1c:f4:0c:3a:3b:fb:70: 0b:4e:bc:a1:42:8b:dc:71:1c:8f:65:a3:c9:3d:c7: 8e:74:e8:19:67:5d:78:78:a3:6d:a4:5c:d0:27:bb: 65:30:e5:4a:a1:b5:e5:0a:76:4b:1d:79:7c:ff:28: 93:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:09:83:41:4A:3F:59:7F:6D:86:3B:31:3C:8F:0E:CA:05:A9:CF:3F X509v3 Authority Key Identifier: keyid:91:F3:DC:59:CD:0F:A1:D2:41:CB:78:75:7D:1D:AA:92:C2:AC:9F:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A0432/F5BF699CA4CA11ECAC4E5744C4F9AE02/kfPcWc0PodJBy3h1fR2qksKsn2A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kfPcWc0PodJBy3h1fR2qksKsn2A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A0432/F5BF699CA4CA11ECAC4E5744C4F9AE02/4114509A597511EFA2B79A84C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.115.224.0/22 103.56.4.0/22 103.150.220.0/23 IPv6: 2001:df3:8e80::/48 Signature Algorithm: sha256WithRSAEncryption 09:1d:60:49:9e:47:1b:4b:30:62:b8:bc:2a:29:ca:0a:20:3b: 46:fb:38:4b:f2:e3:13:e2:71:1e:da:60:44:c7:c0:f2:4f:1f: 5e:ce:14:f5:31:d9:70:1f:ee:21:e2:cb:f4:79:93:d3:2e:b2: a4:d4:8f:22:c8:c3:36:b9:b5:33:8a:44:ea:7b:17:bd:45:92: 79:0d:e7:e1:62:8e:0a:7e:4a:1f:51:f0:ab:16:33:e8:5b:b3: a9:9c:8d:d9:e7:0f:1d:a7:17:b8:59:66:cd:ff:93:13:e8:fe: fc:5f:b8:b2:fa:05:20:ca:2f:fc:43:31:90:10:bb:15:21:82: 43:18:68:de:ef:13:fb:23:2f:ec:2f:e3:78:58:24:88:9d:a7: 16:a2:33:2d:af:3c:92:be:7b:a7:d0:43:47:e7:d1:9c:a2:b5: f7:2e:c8:e3:d5:f3:bf:8e:fd:83:55:01:85:7d:45:cc:91:0e: c3:43:f2:d0:78:f7:fa:f2:06:1e:34:19:c3:5a:e2:7d:69:43: 72:64:74:6b:f5:fa:be:77:07:81:d1:3f:f6:96:b8:a8:96:30: d3:88:43:d6:9b:d2:ac:47:93:bb:c1:5e:b0:a8:96:e2:4d:c2: 7f:97:34:91:20:44:42:26:b4:f7:05:c9:f3:86:66:9e:01:a9: dc:31:28:a2 -----BEGIN CERTIFICATE----- MIIFjjCCBHagAwIBAgICA5UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTA0MzIxMTAvBgNVBAUTKDkxRjNEQzU5Q0QwRkExRDI0MUNCNzg3NTdEMURBQTky QzJBQzlGNjAwHhcNMjUwNjA3MDEwOTE2WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODQzOTEzYi00OGJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuXFUYpqYz34MBP4DFOaqe5g48aONxZv3l444GSg8rY+Kn2ls8pkW3aqqHNLu KUi5+Ni7Tqd6uydzfAAt6fM/fbQZMHqqiSMcbcIbRDMci8l9ettkHf6knvHjYOnT KbImRb/RjJa2JnDhQdMc+gh1n5uH8r1PuLHIv/trgInePMGqbXGmH64m1wTsSQWN lD6qtZZU/B4KWWsZSlAcuNDXkCA+Hn9OAXI+GD0w4BCVz295MiHifxUhAFKiLKEn Wku8On2cJ92+dsjKcBz0DDo7+3ALTryhQovccRyPZaPJPceOdOgZZ114eKNtpFzQ J7tlMOVKobXlCnZLHXl8/yiT1QIDAQABo4ICsjCCAq4wHQYDVR0OBBYEFFYJg0FK P1l/bYY7MTyPDsoFqc8/MB8GA1UdIwQYMBaAFJHz3FnND6HSQct4dX0dqpLCrJ9g MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDQzMi9GNUJGNjk5Q0E0 Q0ExMUVDQUM0RTU3NDRDNEY5QUUwMi9rZlBjV2MwUG9kSkJ5M2gxZlIycWtzS3Nu MkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tmUGNXYzBQb2RKQnkzaDFmUjJxa3NLc24yQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTA0MzIvRjVCRjY5OUNBNENBMTFFQ0FDNEU1NzQ0QzRGOUFFMDIvNDExNDUwOUE1 OTc1MTFFRkEyQjc5QTg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPAYIKwYBBQUHAQcBAf8E LTArMBgEAgABMBIDBAItc+ADBAJnOAQDBAFnltwwDwQCAAIwCQMHACABDfOOgDAN BgkqhkiG9w0BAQsFAAOCAQEACR1gSZ5HG0swYri8KinKCiA7Rvs4S/LjE+JxHtpg RMfA8k8fXs4U9THZcB/uIeLL9HmT0y6ypNSPIsjDNrm1M4pE6nsXvUWSeQ3n4WKO Cn5KH1HwqxYz6FuzqZyN2ecPHacXuFlmzf+TE+j+/F+4svoFIMov/EMxkBC7FSGC Qxho3u8T+yMv7C/jeFgkiJ2nFqIzLa88kr57p9BDR+fRnKK19y7I49Xzv479g1UB hX1FzJEOw0Py0Hj3+vIGHjQZw1rifWlDcmR0a/X6vncHgdE/9pa4qJYw04hD1pvS rEeTu8FesKiW4k3Cf5c0kSBEQia09wXJ84ZmngGp3DEoog== -----END CERTIFICATE-----Generated at Sat Jul 5 14:56:30 2025 by rpki-client