$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/FDC6A888AEB111EE9A78E132C4F9AE02.roa File: FDC6A888AEB111EE9A78E132C4F9AE02.roa (raw, json) Hash identifier: 1rlL8AOn2uXofYClrML3TckQyLLsgVx4YB81FAg0ITc= Subject key identifier: DE:1A:3A:8C:71:2A:20:B7:BE:75:F2:12:C3:2D:8B:9D:C6:31:B3:68 Certificate issuer: /CN=A91B6587/serialNumber=2D634077CC847B59D4048D43E04B3309698FE638 Certificate serial: 033E Authority key identifier: 2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/FDC6A888AEB111EE9A78E132C4F9AE02.roa Signing time: Mon 18 Aug 2025 08:39:51 +0000 ROA not before: Mon 18 Aug 2025 08:39:51 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 146943 IP address blocks: 103.101.58.0/24 maxlen: 24 103.101.59.0/24 maxlen: 24 103.205.142.0/24 maxlen: 24 103.205.143.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.crl rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 02:43:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 830 (0x33e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B6587, serialNumber=2D634077CC847B59D4048D43E04B3309698FE638 Validity Not Before: Aug 18 08:39:51 2025 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=68a2e6d7-acde Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:2a:4b:7d:ca:09:b6:e8:9f:b8:9f:18:d8:19: af:4b:88:0b:30:cf:39:bd:54:9b:52:ed:26:5e:56: f6:84:42:00:79:23:5e:8d:c9:f5:28:a5:e3:b5:82: aa:0d:0c:1a:68:14:ce:c4:9d:7e:5a:f7:0e:9f:bc: 20:ab:0b:8c:00:19:ce:c3:9d:d5:07:34:87:d8:4c: 19:e1:b5:98:9a:75:d3:ac:d4:9b:e6:87:dc:b2:f0: 9f:30:29:82:41:cc:ac:21:06:b7:d4:69:ad:88:30: de:fe:66:ba:9e:cf:b4:a6:b1:61:da:be:e3:98:11: 79:d7:ae:14:38:9c:e3:f9:b7:4d:79:37:41:e8:d2: 2e:32:af:da:35:4c:3d:15:ec:06:04:97:e3:58:77: ff:0d:7b:57:80:ee:ae:71:87:0b:ae:07:ee:20:21: e5:dd:0c:10:32:38:af:09:a4:14:52:ac:f9:43:03: b8:8f:6e:96:a4:fc:f0:eb:f0:81:8e:ad:e3:3b:01: a0:49:91:2a:01:ab:b0:ec:42:42:af:9a:5c:35:da: de:a0:a6:e1:c1:03:79:98:91:b2:7a:1b:07:d3:26: c4:57:d7:e4:cc:14:fb:1d:08:72:f9:cc:cd:7a:f2: 05:8e:0a:52:11:00:f3:2c:7e:e8:96:a3:34:03:0c: bb:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:1A:3A:8C:71:2A:20:B7:BE:75:F2:12:C3:2D:8B:9D:C6:31:B3:68 X509v3 Authority Key Identifier: keyid:2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/FDC6A888AEB111EE9A78E132C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.101.58.0/23 103.205.142.0/23 Signature Algorithm: sha256WithRSAEncryption 44:16:99:6a:e3:fb:40:17:f6:1f:e6:c8:af:f2:87:a6:0e:27: b3:75:9b:1a:31:d6:f6:da:81:62:fe:8a:23:0c:19:47:c8:86: be:b2:fb:45:14:e6:e0:9e:a4:75:ef:17:e3:09:c7:f7:67:91: ef:41:22:a2:f9:7a:cb:ca:53:07:5c:0d:cc:90:38:6b:3e:86: 7c:59:84:c3:b8:db:0d:42:b6:21:84:d9:38:a5:2f:11:f5:29: 4b:d3:a7:8d:e1:33:41:34:42:4d:6d:6f:2d:33:ce:b3:f8:c1: 7c:40:b6:14:82:a3:08:bd:c6:c3:2c:32:34:a8:27:22:81:08: 44:0a:66:4a:37:e5:6b:48:c7:70:65:d9:e1:5f:e8:ea:85:d4: 2c:e7:6e:07:b2:a3:0e:1b:0c:bd:d8:05:57:0d:fc:ef:1f:f4: c3:b2:93:a6:bb:2d:bd:51:c5:3f:d3:0d:26:c7:bd:3f:93:79: b9:35:90:50:eb:98:24:5b:d3:8f:32:03:fc:84:a4:9e:2a:6a: ba:3a:34:6e:25:77:fb:a1:ef:c5:5a:8d:a3:41:19:d3:31:bc: b6:12:cc:46:d6:83:e3:33:70:41:f7:22:a6:c0:e5:03:1f:91: 2b:99:3f:cb:e5:62:4e:08:3f:92:0e:f9:2a:7b:97:36:de:ce: 8b:12:67:fc -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICAz4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjY1ODcxMTAvBgNVBAUTKDJENjM0MDc3Q0M4NDdCNTlENDA0OEQ0M0UwNEIzMzA5 Njk4RkU2MzgwHhcNMjUwODE4MDgzOTUxWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGEyZTZkNy1hY2RlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7ipLfcoJtuifuJ8Y2BmvS4gLMM85vVSbUu0mXlb2hEIAeSNejcn1KKXjtYKq DQwaaBTOxJ1+WvcOn7wgqwuMABnOw53VBzSH2EwZ4bWYmnXTrNSb5ofcsvCfMCmC QcysIQa31GmtiDDe/ma6ns+0prFh2r7jmBF5164UOJzj+bdNeTdB6NIuMq/aNUw9 FewGBJfjWHf/DXtXgO6ucYcLrgfuICHl3QwQMjivCaQUUqz5QwO4j26WpPzw6/CB jq3jOwGgSZEqAauw7EJCr5pcNdreoKbhwQN5mJGyehsH0ybEV9fkzBT7HQhy+czN evIFjgpSEQDzLH7olqM0Awy7fQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFN4aOoxx KiC3vnXyEsMti53GMbNoMB8GA1UdIwQYMBaAFC1jQHfMhHtZ1ASNQ+BLMwlpj+Y4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjU4Ny80MTdENzFCNDkx ODYxMUVEQTg0QTEyNERDNEY5QUUwMi9MV05BZDh5RWUxblVCSTFENEVzekNXbVA1 amcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xXTkFkOHlFZTFuVUJJMUQ0RXN6Q1dtUDVqZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjY1ODcvNDE3RDcxQjQ5MTg2MTFFREE4NEExMjREQzRGOUFFMDIvRkRDNkE4ODhB RUIxMTFFRTlBNzhFMTMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAFnZToDBAFnzY4wDQYJKoZIhvcNAQELBQADggEBAEQWmWrj +0AX9h/myK/yh6YOJ7N1mxox1vbagWL+iiMMGUfIhr6y+0UU5uCepHXvF+MJx/dn ke9BIqL5esvKUwdcDcyQOGs+hnxZhMO42w1CtiGE2TilLxH1KUvTp43hM0E0Qk1t by0zzrP4wXxAthSCowi9xsMsMjSoJyKBCEQKZko35WtIx3Bl2eFf6OqF1Cznbgey ow4bDL3YBVcN/O8f9MOyk6a7Lb1RxT/TDSbHvT+Tebk1kFDrmCRb048yA/yEpJ4q aro6NG4ld/uh78VajaNBGdMxvLYSzEbWg+MzcEH3IqbA5QMfkSuZP8vlYk4IP5IO +Sp7lzbezosSZ/w= -----END CERTIFICATE-----Generated at Sun Aug 24 00:19:29 2025 by rpki-client