$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/430E4E387CC311F0A55B2081C4F9AE02.roa File: 430E4E387CC311F0A55B2081C4F9AE02.roa (raw, json) Hash identifier: gDHotda1hxuaNQN7h9M6AxxJGfzXAR/0C3RpbJSgmtE= Subject key identifier: 15:7B:D4:06:17:80:DE:C3:BE:F9:07:A9:6D:9B:98:AE:96:73:D2:CB Certificate issuer: /CN=A91B6587/serialNumber=2D634077CC847B59D4048D43E04B3309698FE638 Certificate serial: 035B Authority key identifier: 2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/430E4E387CC311F0A55B2081C4F9AE02.roa Signing time: Wed 03 Sep 2025 03:20:09 +0000 ROA not before: Wed 03 Sep 2025 03:20:09 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 136557 IP address blocks: 45.252.189.0/24 maxlen: 24 103.214.20.0/24 maxlen: 24 103.252.109.0/24 maxlen: 24 202.37.74.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.crl rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 04:41:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 859 (0x35b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B6587, serialNumber=2D634077CC847B59D4048D43E04B3309698FE638 Validity Not Before: Sep 3 03:20:09 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=68b7b3e9-c43f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:04:9b:1a:16:43:a2:70:9e:88:bd:76:79:61: 47:ff:ae:32:c0:12:88:6a:f1:8e:1e:29:13:90:cf: a1:b9:03:ae:ea:6e:40:8d:ae:04:29:f7:26:62:2f: c4:50:f3:d4:7b:0c:c2:8c:26:cd:00:aa:5e:9c:b7: 7d:14:63:49:cb:14:62:19:eb:a1:ea:56:03:9f:f6: 58:77:24:ce:a8:94:b3:74:29:ce:d1:7a:bc:f2:40: 27:65:e6:de:de:c0:f4:2e:a7:a6:43:4e:b9:52:87: 4a:29:ea:2f:92:22:59:ea:d2:9f:f7:27:0f:c0:88: 06:cb:ae:2c:60:d6:49:16:08:91:b5:a1:3d:bd:cb: b3:fd:b8:a9:55:06:2a:7a:49:2c:65:e1:81:89:61: 4d:f3:b4:b3:d9:52:4a:c8:61:9b:a8:c3:4b:80:62: e8:88:3b:77:0b:f3:90:12:65:dc:c9:5b:ff:5b:a8: 29:33:42:ce:91:80:d4:f3:51:1c:66:3a:b9:bf:4d: c1:b4:50:fc:ac:c1:b2:f7:a8:22:52:a3:d7:2b:a8: e3:cc:02:3e:ff:e1:86:6c:20:e2:99:f1:4c:f1:2c: 32:5c:ba:0a:53:99:d4:59:79:7a:34:5f:5f:b3:76: f8:4c:e9:0b:47:6f:41:0e:cb:6f:8d:3b:95:2f:d6: 0f:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:7B:D4:06:17:80:DE:C3:BE:F9:07:A9:6D:9B:98:AE:96:73:D2:CB X509v3 Authority Key Identifier: keyid:2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/430E4E387CC311F0A55B2081C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.252.189.0/24 103.214.20.0/24 103.252.109.0/24 202.37.74.0/24 Signature Algorithm: sha256WithRSAEncryption 32:aa:2b:ac:81:33:27:80:a0:12:1f:5e:9e:9a:09:1c:30:c8: 24:2e:c2:01:cd:37:e8:32:bd:07:e7:c5:10:5e:71:14:3c:40: 31:e8:01:05:ea:1d:d2:b3:83:df:b1:10:97:36:7a:1e:13:bb: a5:87:86:58:75:6f:2f:81:24:cd:8b:02:b2:e5:f1:ee:75:11: f5:24:8d:50:96:72:1b:b3:35:5a:02:1f:3a:80:e4:33:d0:aa: aa:74:f1:22:c4:10:72:32:e7:7c:ce:25:e2:aa:8c:8e:4c:95: 60:b3:33:b9:07:1e:d9:d8:d8:4a:13:02:55:1c:0f:15:c3:2b: 3e:2f:d0:f6:c0:f4:01:35:d8:bb:ba:67:e8:76:66:26:db:68: 6a:f9:bb:3b:41:c7:4e:2b:9b:f8:87:40:42:b7:2f:c5:64:04: a3:f5:ac:5d:ab:bf:05:db:c8:f0:af:0c:63:e8:33:d0:6f:09: 7b:71:83:60:6c:f5:5b:ba:1c:16:8f:b0:7b:49:17:fb:c4:9e: fa:b4:ac:00:70:13:06:ce:79:df:73:f6:e8:05:69:a5:0f:a3: 35:8f:d7:a0:29:67:36:bd:66:70:a5:f2:21:b2:aa:99:42:8d: 2a:e9:a1:8f:af:45:cc:b8:2f:b2:93:d3:97:5c:36:3b:5f:d3: 41:c8:f8:4a -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgICA1swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjY1ODcxMTAvBgNVBAUTKDJENjM0MDc3Q0M4NDdCNTlENDA0OEQ0M0UwNEIzMzA5 Njk4RkU2MzgwHhcNMjUwOTAzMDMyMDA5WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGI3YjNlOS1jNDNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyASbGhZDonCeiL12eWFH/64ywBKIavGOHikTkM+huQOu6m5Aja4EKfcmYi/E UPPUewzCjCbNAKpenLd9FGNJyxRiGeuh6lYDn/ZYdyTOqJSzdCnO0Xq88kAnZebe 3sD0LqemQ065UodKKeovkiJZ6tKf9ycPwIgGy64sYNZJFgiRtaE9vcuz/bipVQYq ekksZeGBiWFN87Sz2VJKyGGbqMNLgGLoiDt3C/OQEmXcyVv/W6gpM0LOkYDU81Ec Zjq5v03BtFD8rMGy96giUqPXK6jjzAI+/+GGbCDimfFM8SwyXLoKU5nUWXl6NF9f s3b4TOkLR29BDstvjTuVL9YP7QIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFBV71AYX gN7DvvkHqW2bmK6Wc9LLMB8GA1UdIwQYMBaAFC1jQHfMhHtZ1ASNQ+BLMwlpj+Y4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjU4Ny80MTdENzFCNDkx ODYxMUVEQTg0QTEyNERDNEY5QUUwMi9MV05BZDh5RWUxblVCSTFENEVzekNXbVA1 amcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xXTkFkOHlFZTFuVUJJMUQ0RXN6Q1dtUDVqZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjY1ODcvNDE3RDcxQjQ5MTg2MTFFREE4NEExMjREQzRGOUFFMDIvNDMwRTRFMzg3 Q0MzMTFGMEE1NUIyMDgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E IjAgMB4EAgABMBgDBAAt/L0DBABn1hQDBABn/G0DBADKJUowDQYJKoZIhvcNAQEL BQADggEBADKqK6yBMyeAoBIfXp6aCRwwyCQuwgHNN+gyvQfnxRBecRQ8QDHoAQXq HdKzg9+xEJc2eh4Tu6WHhlh1by+BJM2LArLl8e51EfUkjVCWchuzNVoCHzqA5DPQ qqp08SLEEHIy53zOJeKqjI5MlWCzM7kHHtnY2EoTAlUcDxXDKz4v0PbA9AE12Lu6 Z+h2ZibbaGr5uztBx04rm/iHQEK3L8VkBKP1rF2rvwXbyPCvDGPoM9BvCXtxg2Bs 9Vu6HBaPsHtJF/vEnvq0rABwEwbOed9z9ugFaaUPozWP16ApZza9ZnCl8iGyqplC jSrpoY+vRcy4L7KT05dcNjtf00HI+Eo= -----END CERTIFICATE-----Generated at Mon Oct 20 09:34:47 2025 by rpki-client