$ rpki-client -vvf rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/5FFA5548B5A311EEA95C5732C4F9AE02.roa File: 5FFA5548B5A311EEA95C5732C4F9AE02.roa (raw, json) Hash identifier: Qo8S4vnL8vk6lsjFg8E5pxu1jHSHJhkqcg0rzkOHusw= Subject key identifier: D0:45:E4:15:D2:7E:D1:21:57:36:D5:FE:16:E0:34:BC:7B:80:6B:3B Certificate issuer: /CN=A91BA5BA/serialNumber=02AA3A76C459497B1B45F26E9044ACC6F2E8044F Certificate serial: 0390 Authority key identifier: 02:AA:3A:76:C4:59:49:7B:1B:45:F2:6E:90:44:AC:C6:F2:E8:04:4F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Aqo6dsRZSXsbRfJukESsxvLoBE8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/5FFA5548B5A311EEA95C5732C4F9AE02.roa Signing time: Thu 17 Jul 2025 01:36:50 +0000 ROA not before: Thu 17 Jul 2025 01:36:50 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 131330 IP address blocks: 103.22.148.0/24 maxlen: 24 103.22.149.0/24 maxlen: 24 103.22.150.0/24 maxlen: 24 103.22.151.0/24 maxlen: 24 202.88.40.0/24 maxlen: 24 202.88.41.0/24 maxlen: 24 202.88.43.0/24 maxlen: 24 2400:1560::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/Aqo6dsRZSXsbRfJukESsxvLoBE8.crl rsync://rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/Aqo6dsRZSXsbRfJukESsxvLoBE8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Aqo6dsRZSXsbRfJukESsxvLoBE8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 01:06:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 912 (0x390) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BA5BA, serialNumber=02AA3A76C459497B1B45F26E9044ACC6F2E8044F Validity Not Before: Jul 17 01:36:50 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=687853b2-87f8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:a1:b0:7f:60:53:70:2d:4d:b4:1f:3f:f7:4d: cf:1d:56:48:7b:64:47:03:f1:41:f2:8c:e0:db:3d: 59:6b:38:88:d7:72:a1:f8:ac:ca:f3:9b:eb:a3:97: f9:93:aa:55:89:59:45:62:ab:cb:04:dc:c7:2e:c1: 15:80:4f:ef:d9:6f:d2:f1:29:6b:29:b0:ba:9b:d2: e5:0a:b3:df:ed:1b:4a:1f:5d:74:74:2b:a7:d2:c6: f8:2f:e5:eb:66:7a:b3:38:05:57:98:f1:dc:9e:2b: 4e:42:51:c4:9c:32:21:c2:2b:b8:a1:bd:81:2c:63: e0:08:6d:2e:b3:74:45:6f:58:3e:d2:59:9c:83:2c: cb:09:ef:0d:d4:eb:f4:84:a4:3c:3f:41:e9:1e:b4: ca:45:75:8f:9b:93:0a:aa:9d:3f:2a:c4:7c:64:fe: b9:22:05:32:df:c8:19:ef:68:5b:80:a0:77:ac:49: 36:14:b2:79:78:c8:06:bf:df:b9:25:85:46:cc:c2: 53:ff:e3:15:ac:68:8b:af:48:ee:e3:d9:12:a3:32: 63:9e:d6:31:e0:9d:98:ca:54:b9:9e:1d:97:45:80: ac:d7:50:82:fb:d6:f7:e7:fb:5e:27:19:5d:7d:05: 42:86:4f:07:4e:56:4a:86:d5:6f:1b:27:23:0b:45: 78:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:45:E4:15:D2:7E:D1:21:57:36:D5:FE:16:E0:34:BC:7B:80:6B:3B X509v3 Authority Key Identifier: keyid:02:AA:3A:76:C4:59:49:7B:1B:45:F2:6E:90:44:AC:C6:F2:E8:04:4F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/Aqo6dsRZSXsbRfJukESsxvLoBE8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Aqo6dsRZSXsbRfJukESsxvLoBE8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/5FFA5548B5A311EEA95C5732C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.22.148.0/22 202.88.40.0/23 202.88.43.0/24 IPv6: 2400:1560::/32 Signature Algorithm: sha256WithRSAEncryption 32:f5:29:65:82:91:03:42:82:9d:be:13:39:f4:ea:7a:04:f8: 0a:1a:c0:5a:50:fa:5d:af:97:59:72:c7:a7:91:a2:db:4f:bc: 48:5d:81:42:b8:1e:d3:84:d7:13:2c:9a:72:29:03:4f:2a:57: 4e:bf:ad:6b:5c:cb:34:09:bd:51:94:17:8f:50:d2:aa:07:7d: 4b:e9:df:17:3d:2d:25:7b:14:00:7f:6b:c1:45:58:62:01:a8: 65:05:6e:30:90:9c:ea:c3:84:e0:a4:49:00:0c:ec:42:2c:2f: 01:01:c1:7b:a1:4a:98:bf:c0:ab:32:52:32:00:81:89:30:53: a8:8d:4c:25:dd:56:fe:9a:2f:2d:06:91:8f:94:e9:bd:de:24: d3:98:99:35:c1:7c:0b:d8:1d:d1:0a:3f:07:1a:af:9c:3f:98: 61:bf:9a:b8:4f:57:b9:6e:66:c0:da:ef:ec:b3:a5:c0:e8:ec: 15:48:0b:51:12:99:35:cc:27:b8:43:e1:ba:19:e9:ce:0f:3f: a7:62:20:ea:52:c8:1b:f7:1a:e0:93:1c:b4:da:67:38:2e:19: ac:58:71:f3:58:4b:9a:2b:cb:cc:71:9b:97:45:52:86:ea:f8: 1f:09:24:7e:fc:7c:66:fb:33:22:bd:ad:c8:f6:65:73:b1:f6: a6:42:68:cd -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICA5AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkE1QkExMTAvBgNVBAUTKDAyQUEzQTc2QzQ1OTQ5N0IxQjQ1RjI2RTkwNDRBQ0M2 RjJFODA0NEYwHhcNMjUwNzE3MDEzNjUwWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODc4NTNiMi04N2Y4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvqGwf2BTcC1NtB8/903PHVZIe2RHA/FB8ozg2z1ZaziI13Kh+KzK85vro5f5 k6pViVlFYqvLBNzHLsEVgE/v2W/S8SlrKbC6m9LlCrPf7RtKH110dCun0sb4L+Xr ZnqzOAVXmPHcnitOQlHEnDIhwiu4ob2BLGPgCG0us3RFb1g+0lmcgyzLCe8N1Ov0 hKQ8P0HpHrTKRXWPm5MKqp0/KsR8ZP65IgUy38gZ72hbgKB3rEk2FLJ5eMgGv9+5 JYVGzMJT/+MVrGiLr0ju49kSozJjntYx4J2YylS5nh2XRYCs11CC+9b35/teJxld fQVChk8HTlZKhtVvGycjC0V4IQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFNBF5BXS ftEhVzbV/hbgNLx7gGs7MB8GA1UdIwQYMBaAFAKqOnbEWUl7G0XybpBErMby6ARP MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQTVCQS80MzI2Q0JDMEI3 Q0QxMUVDQUY2ODEzMzVDNEY5QUUwMi9BcW82ZHNSWlNYc2JSZkp1a0VTc3h2TG9C RTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0FxbzZkc1JaU1hzYlJmSnVrRVNzeHZMb0JFOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkE1QkEvNDMyNkNCQzBCN0NEMTFFQ0FGNjgxMzM1QzRGOUFFMDIvNUZGQTU1NDhC NUEzMTFFRUE5NUM1NzMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAJnFpQDBAHKWCgDBADKWCswDQQCAAIwBwMFACQAFWAwDQYJ KoZIhvcNAQELBQADggEBADL1KWWCkQNCgp2+Ezn06noE+AoawFpQ+l2vl1lyx6eR ottPvEhdgUK4HtOE1xMsmnIpA08qV06/rWtcyzQJvVGUF49Q0qoHfUvp3xc9LSV7 FAB/a8FFWGIBqGUFbjCQnOrDhOCkSQAM7EIsLwEBwXuhSpi/wKsyUjIAgYkwU6iN TCXdVv6aLy0GkY+U6b3eJNOYmTXBfAvYHdEKPwcar5w/mGG/mrhPV7luZsDa7+yz pcDo7BVIC1ESmTXMJ7hD4boZ6c4PP6diIOpSyBv3GuCTHLTaZzguGaxYcfNYS5or y8xxm5dFUobq+B8JJH78fGb7MyK9rcj2ZXOx9qZCaM0= -----END CERTIFICATE-----Generated at Sun Aug 24 06:25:17 2025 by rpki-client