$ rpki-client -vvf rpki.apnic.net/member_repository/A91ADB98/D93E93DC492111EDABD59C53C4F9AE02/F84FF96A493911ED805EB686C4F9AE02.roa File: F84FF96A493911ED805EB686C4F9AE02.roa (raw, json) Hash identifier: Lj70ItgANJi9RJPk81TbBsVkkeLlGArDAr9zaonHm8o= Subject key identifier: 79:30:14:F3:03:DF:4F:1B:A2:B3:2F:C0:5B:5F:20:30:C2:C3:CE:AF Certificate issuer: /CN=A91ADB98/serialNumber=661C64E293B87F473AF61D89DE48FC4538570157 Certificate serial: 0269 Authority key identifier: 66:1C:64:E2:93:B8:7F:47:3A:F6:1D:89:DE:48:FC:45:38:57:01:57 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zhxk4pO4f0c69h2J3kj8RThXAVc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ADB98/D93E93DC492111EDABD59C53C4F9AE02/F84FF96A493911ED805EB686C4F9AE02.roa Signing time: Tue 01 Jul 2025 03:08:58 +0000 ROA not before: Tue 01 Jul 2025 03:08:58 +0000 ROA not after: Thu 30 Oct 2025 00:00:00 +0000 asID: 32787 IP address blocks: 140.168.240.0/24 maxlen: 24 140.168.241.0/24 maxlen: 24 140.168.243.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ADB98/D93E93DC492111EDABD59C53C4F9AE02/Zhxk4pO4f0c69h2J3kj8RThXAVc.crl rsync://rpki.apnic.net/member_repository/A91ADB98/D93E93DC492111EDABD59C53C4F9AE02/Zhxk4pO4f0c69h2J3kj8RThXAVc.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zhxk4pO4f0c69h2J3kj8RThXAVc.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 03:09:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 617 (0x269) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ADB98, serialNumber=661C64E293B87F473AF61D89DE48FC4538570157 Validity Not Before: Jul 1 03:08:58 2025 GMT Not After : Oct 30 00:00:00 2025 GMT Subject: CN=68635149-a4d1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:6b:2b:fe:bf:84:1a:8e:80:70:be:c9:52:24: c3:f0:c7:20:2b:9c:57:d6:a1:5e:b4:b5:26:32:7c: 4b:02:6b:e4:c4:5d:98:3e:ba:90:ab:d3:e4:84:f9: be:92:60:29:d2:9e:b2:3a:d5:33:2e:08:56:e4:65: 29:75:f7:f9:76:14:ed:63:18:e7:46:96:37:c8:d6: c5:ce:fc:26:28:27:73:6a:c2:41:61:33:b0:04:78: d4:9f:87:cc:15:71:17:13:b3:4a:17:b2:c4:56:bf: af:20:cb:6b:37:ea:9e:8f:c4:bc:8c:b9:dc:26:e4: 3e:ca:96:e5:9c:82:98:79:68:e7:ab:7c:f4:81:d2: 29:b1:a7:ab:01:1f:d0:03:2a:e0:72:04:18:36:e7: 88:9d:ac:c3:a0:e6:ef:27:9e:b5:15:bb:21:6b:18: 2f:8f:ea:fd:49:b3:9f:22:37:11:6a:0a:e3:c1:ec: dd:6a:d0:e9:5e:2a:7a:81:a2:62:c2:c1:34:45:30: 6c:52:60:6b:88:05:83:1a:c4:6b:70:8b:41:c6:93: a2:7b:e0:ed:ec:6a:16:55:7f:5a:37:2e:c6:12:74: 1d:82:1a:b3:23:34:ea:7c:02:f9:01:cc:7d:c2:72: d7:f5:34:eb:06:a9:61:a4:63:d7:b7:9f:2d:6c:64: 02:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:30:14:F3:03:DF:4F:1B:A2:B3:2F:C0:5B:5F:20:30:C2:C3:CE:AF X509v3 Authority Key Identifier: keyid:66:1C:64:E2:93:B8:7F:47:3A:F6:1D:89:DE:48:FC:45:38:57:01:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ADB98/D93E93DC492111EDABD59C53C4F9AE02/Zhxk4pO4f0c69h2J3kj8RThXAVc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zhxk4pO4f0c69h2J3kj8RThXAVc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ADB98/D93E93DC492111EDABD59C53C4F9AE02/F84FF96A493911ED805EB686C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 140.168.240.0/23 140.168.243.0/24 Signature Algorithm: sha256WithRSAEncryption c0:4a:5f:0b:56:bc:61:73:8c:79:49:2f:30:e4:e1:0c:48:e0: 48:25:a3:1e:12:b5:3c:92:15:c6:af:5d:88:0b:e0:11:2d:7c: f6:e0:29:d1:6c:48:d8:a6:53:9d:78:56:f5:0f:d1:f5:40:c3: c0:8c:9a:80:55:ef:dd:df:fd:f3:78:ff:96:ac:c1:0f:97:56: 0e:95:f0:b5:e3:86:ee:30:b8:41:06:76:74:df:c0:24:cf:a4: cd:b8:80:06:1d:e8:b3:c4:fe:a8:83:ce:7a:6e:91:7c:18:eb: 10:51:60:00:36:fe:a0:be:59:32:03:70:f5:5f:e9:61:96:6d: 73:04:65:a3:4d:46:92:a2:46:50:5d:4c:30:92:d1:07:69:80: ba:bd:89:1f:5f:6a:48:52:44:2c:c7:0b:c1:1f:f0:5f:2a:b6: cb:ee:03:fb:2e:5b:a2:86:92:37:0e:1b:d9:ef:14:1e:11:f4: c3:5d:bf:41:d9:fe:d9:de:54:a8:15:10:08:c5:32:2d:7d:50: 06:fc:82:53:f1:df:8d:c1:38:18:20:99:63:79:1d:09:f2:78: c2:7a:56:c7:50:3b:65:c4:cb:c3:63:80:0b:1b:1d:4c:17:c2: 86:f6:d4:ef:bb:f1:ad:29:d5:6e:6c:c5:f7:aa:b1:73:1b:26: 5d:a2:f8:b2 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICAmkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QURCOTgxMTAvBgNVBAUTKDY2MUM2NEUyOTNCODdGNDczQUY2MUQ4OURFNDhGQzQ1 Mzg1NzAxNTcwHhcNMjUwNzAxMDMwODU4WhcNMjUxMDMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODYzNTE0OS1hNGQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvmsr/r+EGo6AcL7JUiTD8McgK5xX1qFetLUmMnxLAmvkxF2YPrqQq9PkhPm+ kmAp0p6yOtUzLghW5GUpdff5dhTtYxjnRpY3yNbFzvwmKCdzasJBYTOwBHjUn4fM FXEXE7NKF7LEVr+vIMtrN+qej8S8jLncJuQ+ypblnIKYeWjnq3z0gdIpsaerAR/Q AyrgcgQYNueInazDoObvJ561Fbshaxgvj+r9SbOfIjcRagrjwezdatDpXip6gaJi wsE0RTBsUmBriAWDGsRrcItBxpOie+Dt7GoWVX9aNy7GEnQdghqzIzTqfAL5Acx9 wnLX9TTrBqlhpGPXt58tbGQC3QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFHkwFPMD 308borMvwFtfIDDCw86vMB8GA1UdIwQYMBaAFGYcZOKTuH9HOvYdid5I/EU4VwFX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBREI5OC9EOTNFOTNEQzQ5 MjExMUVEQUJENTlDNTNDNEY5QUUwMi9aaHhrNHBPNGYwYzY5aDJKM2tqOFJUaFhB VmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1poeGs0cE80ZjBjNjloMkoza2o4UlRoWEFWYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QURCOTgvRDkzRTkzREM0OTIxMTFFREFCRDU5QzUzQzRGOUFFMDIvRjg0RkY5NkE0 OTM5MTFFRDgwNUVCNjg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAGMqPADBACMqPMwDQYJKoZIhvcNAQELBQADggEBAMBKXwtW vGFzjHlJLzDk4QxI4Eglox4StTySFcavXYgL4BEtfPbgKdFsSNimU514VvUP0fVA w8CMmoBV793f/fN4/5aswQ+XVg6V8LXjhu4wuEEGdnTfwCTPpM24gAYd6LPE/qiD znpukXwY6xBRYAA2/qC+WTIDcPVf6WGWbXMEZaNNRpKiRlBdTDCS0QdpgLq9iR9f akhSRCzHC8Ef8F8qtsvuA/suW6KGkjcOG9nvFB4R9MNdv0HZ/tneVKgVEAjFMi19 UAb8glPx343BOBggmWN5HQnyeMJ6VsdQO2XEy8NjgAsbHUwXwob21O+78a0p1W5s xfeqsXMbJl2i+LI= -----END CERTIFICATE-----Generated at Tue Jul 1 14:27:22 2025 by rpki-client