$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/430E4E387CC311F0A55B2081C4F9AE02.roa File: 430E4E387CC311F0A55B2081C4F9AE02.roa (raw, json) Hash identifier: +O7nAJMuarvCDGn3hLW94zNyulK0005NKttXFTFasLE= Subject key identifier: 3E:9B:C6:91:FB:E8:CD:55:A0:23:54:AF:A8:3F:50:DD:CC:18:51:BF Certificate issuer: /CN=A91B6587/serialNumber=2D634077CC847B59D4048D43E04B3309698FE638 Certificate serial: 0342 Authority key identifier: 2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/430E4E387CC311F0A55B2081C4F9AE02.roa Signing time: Tue 19 Aug 2025 06:10:53 +0000 ROA not before: Tue 19 Aug 2025 06:10:53 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 136557 IP address blocks: 45.252.189.0/24 maxlen: 24 103.214.20.0/24 maxlen: 24 103.252.109.0/24 maxlen: 24 202.37.74.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.crl rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 02:43:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 834 (0x342) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B6587, serialNumber=2D634077CC847B59D4048D43E04B3309698FE638 Validity Not Before: Aug 19 06:10:53 2025 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=68a4156d-0605 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:67:f4:65:36:f0:94:ac:01:42:36:1c:dd:d2: 39:74:09:1a:5f:cb:c2:c5:ec:80:42:aa:c7:9e:10: 1f:c6:c0:06:44:a4:dc:e3:f4:55:c3:65:6f:a2:22: 9c:5e:23:3b:80:63:3c:c6:f2:38:b7:a2:d7:9d:27: 49:63:09:7c:8a:47:bd:36:40:bf:26:40:71:f1:2e: 49:ea:6d:1b:d9:ca:9a:48:2a:e6:70:df:70:ab:b7: c1:f3:96:3a:e2:7f:e3:05:ef:08:7a:08:71:fd:78: 83:40:bf:05:70:f6:a7:ba:74:0f:06:02:4c:dd:6e: 62:9c:3c:bf:4e:c6:67:4e:08:67:d5:65:d9:2f:7b: 7d:1d:33:51:07:8c:da:1a:c9:d1:75:ed:4b:83:34: d1:17:c5:7c:fd:e8:21:c3:5b:1c:3a:6c:d6:90:2a: 36:fc:7e:e7:9c:d1:2b:11:27:15:85:10:75:49:b4: 08:22:0a:22:23:c2:51:27:63:70:24:dd:9c:5a:45: 10:44:c7:79:2f:e9:b3:80:a9:99:95:bb:ca:86:c4: f6:86:b5:62:4e:22:b8:db:80:7f:3f:d0:98:1f:5f: 10:dd:c7:0d:80:6a:d5:23:9d:a6:6d:3d:fd:83:66: af:b3:ac:45:6e:8a:0e:4a:e5:86:68:6b:8f:88:bf: 36:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:9B:C6:91:FB:E8:CD:55:A0:23:54:AF:A8:3F:50:DD:CC:18:51:BF X509v3 Authority Key Identifier: keyid:2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/430E4E387CC311F0A55B2081C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.252.189.0/24 103.214.20.0/24 103.252.109.0/24 202.37.74.0/24 Signature Algorithm: sha256WithRSAEncryption 2b:92:f2:18:b7:d5:59:2c:46:97:59:16:f2:73:bf:a2:6c:31: 6c:e9:c2:79:e8:46:6d:41:5b:91:6a:f2:d3:1d:31:18:53:35: 54:bd:e2:c9:77:9f:4c:ae:79:84:0f:af:13:35:ea:83:b2:01: b0:c0:86:d8:f1:4d:de:fd:21:98:bd:c6:7a:2f:d7:74:10:09: 0d:a4:28:9a:7c:5d:61:58:67:b7:c4:4b:57:55:47:ae:5f:15: 1a:27:4c:eb:b5:5b:62:3c:db:34:d1:65:1f:19:d5:5f:fe:6f: 33:2f:ca:8b:1c:46:4b:18:3b:dc:ed:2c:e0:84:e9:41:b3:d9: 2e:55:a8:36:db:5a:3e:b1:bc:28:18:e1:22:0f:e6:ce:24:5f: 3b:bb:3c:f5:c2:75:1e:f3:6c:c0:53:2c:91:34:a7:0d:8a:44: c6:06:1c:06:69:0d:4e:bf:98:b7:0c:f8:d5:90:00:1f:21:db: 09:4a:18:28:4d:a9:e1:fb:8b:a6:de:92:6b:e6:4b:c2:58:35: 6b:c8:b6:73:c0:cb:53:1a:80:bf:16:5b:26:77:27:7d:8e:5c: 84:27:65:d2:75:08:ff:5d:37:51:3d:99:62:95:05:20:1a:ef: e2:ea:5c:46:de:c6:0f:33:50:e6:7b:cf:ad:e5:06:70:c1:23: 52:9d:30:01 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgICA0IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjY1ODcxMTAvBgNVBAUTKDJENjM0MDc3Q0M4NDdCNTlENDA0OEQ0M0UwNEIzMzA5 Njk4RkU2MzgwHhcNMjUwODE5MDYxMDUzWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGE0MTU2ZC0wNjA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2mf0ZTbwlKwBQjYc3dI5dAkaX8vCxeyAQqrHnhAfxsAGRKTc4/RVw2VvoiKc XiM7gGM8xvI4t6LXnSdJYwl8ike9NkC/JkBx8S5J6m0b2cqaSCrmcN9wq7fB85Y6 4n/jBe8Ieghx/XiDQL8FcPanunQPBgJM3W5inDy/TsZnTghn1WXZL3t9HTNRB4za GsnRde1LgzTRF8V8/eghw1scOmzWkCo2/H7nnNErEScVhRB1SbQIIgoiI8JRJ2Nw JN2cWkUQRMd5L+mzgKmZlbvKhsT2hrViTiK424B/P9CYH18Q3ccNgGrVI52mbT39 g2avs6xFbooOSuWGaGuPiL82iwIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFD6bxpH7 6M1VoCNUr6g/UN3MGFG/MB8GA1UdIwQYMBaAFC1jQHfMhHtZ1ASNQ+BLMwlpj+Y4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjU4Ny80MTdENzFCNDkx ODYxMUVEQTg0QTEyNERDNEY5QUUwMi9MV05BZDh5RWUxblVCSTFENEVzekNXbVA1 amcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xXTkFkOHlFZTFuVUJJMUQ0RXN6Q1dtUDVqZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjY1ODcvNDE3RDcxQjQ5MTg2MTFFREE4NEExMjREQzRGOUFFMDIvNDMwRTRFMzg3 Q0MzMTFGMEE1NUIyMDgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E IjAgMB4EAgABMBgDBAAt/L0DBABn1hQDBABn/G0DBADKJUowDQYJKoZIhvcNAQEL BQADggEBACuS8hi31VksRpdZFvJzv6JsMWzpwnnoRm1BW5Fq8tMdMRhTNVS94sl3 n0yueYQPrxM16oOyAbDAhtjxTd79IZi9xnov13QQCQ2kKJp8XWFYZ7fES1dVR65f FRonTOu1W2I82zTRZR8Z1V/+bzMvyoscRksYO9ztLOCE6UGz2S5VqDbbWj6xvCgY 4SIP5s4kXzu7PPXCdR7zbMBTLJE0pw2KRMYGHAZpDU6/mLcM+NWQAB8h2wlKGChN qeH7i6bekmvmS8JYNWvItnPAy1MagL8WWyZ3J32OXIQnZdJ1CP9dN1E9mWKVBSAa 7+LqXEbexg8zUOZ7z63lBnDBI1KdMAE= -----END CERTIFICATE-----Generated at Sat Aug 23 19:39:07 2025 by rpki-client