$ rpki-client -vvf rpki.apnic.net/member_repository/A91AC4FA/37CB87986C8B11ED87AFF571C4F9AE02/2A40C41C6EC511ED9672CB40C4F9AE02.roa File: 2A40C41C6EC511ED9672CB40C4F9AE02.roa (raw, json) Hash identifier: 2ABgaw5i7gtrVWQKQRB2kERFT6VG3t9JHA5FdKRAAjA= Subject key identifier: 34:8F:EA:88:91:0F:B0:19:53:97:C3:51:C6:7D:6F:5B:75:1D:64:19 Certificate issuer: /CN=A91AC4FA/serialNumber=8AF7D8B864FD90452FFD6DE93B51456C79EFB3C7 Certificate serial: 01F8 Authority key identifier: 8A:F7:D8:B8:64:FD:90:45:2F:FD:6D:E9:3B:51:45:6C:79:EF:B3:C7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ivfYuGT9kEUv_W3pO1FFbHnvs8c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AC4FA/37CB87986C8B11ED87AFF571C4F9AE02/2A40C41C6EC511ED9672CB40C4F9AE02.roa Signing time: Sat 05 Jul 2025 03:10:16 +0000 ROA not before: Sat 05 Jul 2025 03:10:16 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 17765 IP address blocks: 203.4.188.0/23 maxlen: 24 203.4.190.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AC4FA/37CB87986C8B11ED87AFF571C4F9AE02/ivfYuGT9kEUv_W3pO1FFbHnvs8c.crl rsync://rpki.apnic.net/member_repository/A91AC4FA/37CB87986C8B11ED87AFF571C4F9AE02/ivfYuGT9kEUv_W3pO1FFbHnvs8c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ivfYuGT9kEUv_W3pO1FFbHnvs8c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 504 (0x1f8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AC4FA, serialNumber=8AF7D8B864FD90452FFD6DE93B51456C79EFB3C7 Validity Not Before: Jul 5 03:10:16 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=68689797-3b09 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:c3:c5:fe:a6:10:a3:4d:9c:ec:28:7b:94:de: 89:23:52:ce:0a:6e:11:d4:15:ea:20:0a:a7:56:ce: 93:4a:43:be:61:3a:d4:94:68:49:ac:2c:58:5a:5b: a6:5e:7d:3a:f2:16:52:d3:cd:6b:e2:cc:9f:cb:3c: fa:c1:49:d3:3c:09:be:1a:e4:24:47:16:1f:29:6f: b2:9b:6d:00:29:8d:91:59:35:54:01:89:e8:1e:2c: fb:fe:55:4f:02:10:f5:5f:d5:68:e8:a6:57:1d:57: a3:dd:cc:00:86:19:ff:b5:21:ae:9c:41:00:57:32: a5:97:fb:67:57:6b:c9:06:63:c8:39:b0:e7:4b:f4: 82:54:53:71:92:ce:3a:59:f1:8b:d9:59:fe:eb:01: c0:85:b5:95:8d:f0:ff:88:4e:d0:50:81:8f:63:ad: 15:ba:7a:4b:a8:61:ea:1d:8f:94:62:c4:aa:14:9d: 75:f8:c1:3e:fb:13:a8:60:94:00:33:43:36:da:c7: 53:5f:67:98:bf:77:13:16:2c:85:40:2f:81:86:da: 8d:58:16:11:19:f7:7d:85:1c:d4:60:00:34:8e:de: b3:36:40:d6:df:fb:09:c6:91:3f:c2:6f:4d:d1:4c: bd:db:c8:04:f5:7a:b4:f3:a6:f0:1b:1b:5d:ed:e5: e2:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:8F:EA:88:91:0F:B0:19:53:97:C3:51:C6:7D:6F:5B:75:1D:64:19 X509v3 Authority Key Identifier: keyid:8A:F7:D8:B8:64:FD:90:45:2F:FD:6D:E9:3B:51:45:6C:79:EF:B3:C7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AC4FA/37CB87986C8B11ED87AFF571C4F9AE02/ivfYuGT9kEUv_W3pO1FFbHnvs8c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ivfYuGT9kEUv_W3pO1FFbHnvs8c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AC4FA/37CB87986C8B11ED87AFF571C4F9AE02/2A40C41C6EC511ED9672CB40C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.4.188.0/22 Signature Algorithm: sha256WithRSAEncryption f5:7d:2b:9c:03:a0:cb:6d:64:06:22:e0:f0:cc:e7:62:08:c0: 45:4f:d6:2c:4a:35:5e:7b:41:53:1a:ae:fd:76:72:73:17:28: fa:dc:49:4b:e2:61:89:41:a7:be:c5:17:03:5c:ce:2e:82:f3: f6:0a:22:c5:bd:a1:b4:69:dc:81:73:e8:13:e8:09:dd:17:05: 89:6a:07:c5:32:01:9a:5f:d9:89:c3:7c:ab:03:dd:10:b1:eb: 10:7a:a8:28:f4:a0:fc:e4:a0:53:47:03:e1:56:d5:02:70:c8: 0e:53:a4:2f:78:c3:f5:1e:a1:4b:47:af:a0:c0:29:b2:9a:3f: 67:ee:d8:33:15:3d:ce:65:3b:35:90:23:97:a5:1a:86:3c:76: 57:ac:e5:5d:52:be:46:d6:ac:a2:07:6c:e3:34:79:84:74:47: 3d:71:0f:9f:ca:d5:61:20:03:55:5e:d5:59:80:84:db:66:4c: 0b:39:9a:4b:4a:c2:42:22:eb:41:e7:ca:cf:ef:1d:e7:79:0f: 30:53:41:ff:fb:3f:76:ad:43:85:be:8c:a4:ca:bd:2b:01:57: d9:31:c3:0c:95:2a:c0:27:6f:a9:fa:db:c3:e2:04:4d:9b:70: f0:eb:ba:18:87:af:3d:fe:3e:d1:b4:ea:7a:66:0a:d4:8f:89: 02:32:fd:a1 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICAfgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUM0RkExMTAvBgNVBAUTKDhBRjdEOEI4NjRGRDkwNDUyRkZENkRFOTNCNTE0NTZD NzlFRkIzQzcwHhcNMjUwNzA1MDMxMDE2WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODY4OTc5Ny0zYjA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwsPF/qYQo02c7Ch7lN6JI1LOCm4R1BXqIAqnVs6TSkO+YTrUlGhJrCxYWlum Xn068hZS081r4syfyzz6wUnTPAm+GuQkRxYfKW+ym20AKY2RWTVUAYnoHiz7/lVP AhD1X9Vo6KZXHVej3cwAhhn/tSGunEEAVzKll/tnV2vJBmPIObDnS/SCVFNxks46 WfGL2Vn+6wHAhbWVjfD/iE7QUIGPY60VunpLqGHqHY+UYsSqFJ11+ME++xOoYJQA M0M22sdTX2eYv3cTFiyFQC+BhtqNWBYRGfd9hRzUYAA0jt6zNkDW3/sJxpE/wm9N 0Uy928gE9Xq086bwGxtd7eXi1wIDAQABo4IClTCCApEwHQYDVR0OBBYEFDSP6oiR D7AZU5fDUcZ9b1t1HWQZMB8GA1UdIwQYMBaAFIr32Lhk/ZBFL/1t6TtRRWx577PH MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQzRGQS8zN0NCODc5ODZD OEIxMUVEODdBRkY1NzFDNEY5QUUwMi9pdmZZdUdUOWtFVXZfVzNwTzFGRmJIbnZz OGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2l2Zll1R1Q5a0VVdl9XM3BPMUZGYkhudnM4Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUM0RkEvMzdDQjg3OTg2QzhCMTFFRDg3QUZGNTcxQzRGOUFFMDIvMkE0MEM0MUM2 RUM1MTFFRDk2NzJDQjQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBALLBLwwDQYJKoZIhvcNAQELBQADggEBAPV9K5wDoMttZAYi 4PDM52IIwEVP1ixKNV57QVMarv12cnMXKPrcSUviYYlBp77FFwNczi6C8/YKIsW9 obRp3IFz6BPoCd0XBYlqB8UyAZpf2YnDfKsD3RCx6xB6qCj0oPzkoFNHA+FW1QJw yA5TpC94w/UeoUtHr6DAKbKaP2fu2DMVPc5lOzWQI5elGoY8dles5V1SvkbWrKIH bOM0eYR0Rz1xD5/K1WEgA1Ve1VmAhNtmTAs5mktKwkIi60Hnys/vHed5DzBTQf/7 P3atQ4W+jKTKvSsBV9kxwwyVKsAnb6n628PiBE2bcPDruhiHrz3+PtG06npmCtSP iQIy/aE= -----END CERTIFICATE-----Generated at Sat Jul 5 22:08:22 2025 by rpki-client