$ rpki-client -vvf rpki.apnic.net/member_repository/A91BC847/ACF943529AF311E8AAB4D55DC4F9AE02/1DE5F30A87F211ECBEBC5339C4F9AE02.roa File: 1DE5F30A87F211ECBEBC5339C4F9AE02.roa (raw, json) Hash identifier: PEQx20rXW3wWd56B/SVjtbMpJcwzQ8D6MiDi0J0Jbek= Subject key identifier: E4:98:0C:20:57:08:E6:74:0B:61:94:66:2B:90:D5:C1:D2:86:15:CF Certificate issuer: /CN=A91BC847/serialNumber=79D66C64A6165A2E4CB37D49700E6C761841C39A Certificate serial: 1427 Authority key identifier: 79:D6:6C:64:A6:16:5A:2E:4C:B3:7D:49:70:0E:6C:76:18:41:C3:9A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/edZsZKYWWi5Ms31JcA5sdhhBw5o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BC847/ACF943529AF311E8AAB4D55DC4F9AE02/1DE5F30A87F211ECBEBC5339C4F9AE02.roa Signing time: Thu 18 Sep 2025 17:26:07 +0000 ROA not before: Thu 18 Sep 2025 17:26:07 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 17494 IP address blocks: 114.130.128.0/18 maxlen: 24 114.130.224.0/20 maxlen: 24 123.49.0.0/18 maxlen: 24 180.211.128.0/17 maxlen: 24 203.112.192.0/19 maxlen: 24 2407:5000::/32 maxlen: 40 2407:5000:88::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BC847/ACF943529AF311E8AAB4D55DC4F9AE02/edZsZKYWWi5Ms31JcA5sdhhBw5o.crl rsync://rpki.apnic.net/member_repository/A91BC847/ACF943529AF311E8AAB4D55DC4F9AE02/edZsZKYWWi5Ms31JcA5sdhhBw5o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/edZsZKYWWi5Ms31JcA5sdhhBw5o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 17:25:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5159 (0x1427) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BC847, serialNumber=79D66C64A6165A2E4CB37D49700E6C761841C39A Validity Not Before: Sep 18 17:26:07 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=68cc40af-7d6d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:d2:9a:f3:e3:6a:6b:2c:8f:fd:74:24:a9:dd: ca:46:62:49:90:64:32:bf:e1:70:f3:a7:79:24:45: ce:5e:ce:0d:f0:59:d3:11:66:5e:fc:40:d7:ed:0e: f8:d1:4a:21:c3:5a:7c:29:91:89:18:f5:79:78:10: cc:54:24:56:78:f2:0d:30:76:c1:1b:74:3b:05:5d: e0:66:25:4f:79:b5:9b:9b:67:89:ff:2e:d6:19:ea: 35:f6:89:1c:59:26:58:36:c2:f1:13:b4:ec:a2:c1: cf:c8:22:9f:35:f0:3a:52:6f:dc:31:98:05:16:a8: 71:79:76:9e:74:be:89:2b:ad:87:32:75:f4:86:e2: e4:8b:a4:df:08:98:04:58:39:60:c6:4f:c6:c4:16: 60:20:7c:8d:e9:25:cf:5c:b0:46:ad:7a:cc:48:72: b8:4d:42:e2:09:9a:cb:9a:da:5f:06:85:18:43:6e: b3:f5:e9:ca:3d:36:69:0a:d0:d3:35:9f:16:e5:fe: b1:e5:ad:fe:08:56:1e:ce:da:34:57:df:28:2d:1b: b5:56:71:20:15:cb:28:52:46:4c:e3:77:50:97:0d: b6:59:ab:fd:5a:e8:14:e5:e3:df:a9:0c:73:02:72: e8:aa:71:29:ea:4c:73:ec:08:2b:7a:66:93:10:96: 9c:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:98:0C:20:57:08:E6:74:0B:61:94:66:2B:90:D5:C1:D2:86:15:CF X509v3 Authority Key Identifier: keyid:79:D6:6C:64:A6:16:5A:2E:4C:B3:7D:49:70:0E:6C:76:18:41:C3:9A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BC847/ACF943529AF311E8AAB4D55DC4F9AE02/edZsZKYWWi5Ms31JcA5sdhhBw5o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/edZsZKYWWi5Ms31JcA5sdhhBw5o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BC847/ACF943529AF311E8AAB4D55DC4F9AE02/1DE5F30A87F211ECBEBC5339C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 114.130.128.0/18 114.130.224.0/20 123.49.0.0/18 180.211.128.0/17 203.112.192.0/19 IPv6: 2407:5000::/32 Signature Algorithm: sha256WithRSAEncryption 6c:da:f5:0f:a8:e0:74:49:00:12:ef:54:84:6e:96:e0:24:32: 7e:6e:60:3f:98:8c:57:1d:94:9a:fb:c6:f6:91:6c:a9:6e:78: 3d:95:ca:24:3a:50:84:98:a1:ee:83:ce:dc:5b:41:aa:c9:32: a1:db:bf:8d:b4:21:54:5d:e8:ab:66:07:e3:b0:82:15:63:05: 88:f0:5b:67:5f:9b:86:22:a2:1c:1f:a1:7d:cd:f0:1f:f9:97: 34:f7:6a:7f:aa:d8:4d:75:5b:0f:29:eb:3a:7f:4e:21:e0:b2: 90:99:0b:85:6b:01:10:37:a7:13:c0:39:fd:56:0d:a3:e1:fb: 4c:fa:48:ae:6c:b3:94:3d:66:4e:1a:48:74:b6:4a:83:8d:60: 0c:2a:38:a9:88:50:92:2c:4f:4c:45:f6:f7:b3:24:8e:b2:32: f7:9e:7e:2e:9d:88:4d:9a:5d:5e:41:5f:10:a2:d1:14:9a:8a: 5a:bb:42:9d:83:09:5b:3a:9c:58:01:70:69:e5:43:15:f4:e5: 25:4a:68:76:11:74:f6:3e:d0:a6:5e:41:48:4d:58:b2:4c:63: 11:b9:dc:38:34:f4:4c:5f:c0:08:22:28:a2:b9:1d:94:24:3a: b2:c1:33:3d:8a:0c:49:25:31:4e:03:1e:78:6c:c6:da:f8:c1: 01:cd:0c:32 -----BEGIN CERTIFICATE----- MIIFmDCCBICgAwIBAgICFCcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkM4NDcxMTAvBgNVBAUTKDc5RDY2QzY0QTYxNjVBMkU0Q0IzN0Q0OTcwMEU2Qzc2 MTg0MUMzOUEwHhcNMjUwOTE4MTcyNjA3WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGNjNDBhZi03ZDZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvNKa8+NqayyP/XQkqd3KRmJJkGQyv+Fw86d5JEXOXs4N8FnTEWZe/EDX7Q74 0Uohw1p8KZGJGPV5eBDMVCRWePINMHbBG3Q7BV3gZiVPebWbm2eJ/y7WGeo19okc WSZYNsLxE7TsosHPyCKfNfA6Um/cMZgFFqhxeXaedL6JK62HMnX0huLki6TfCJgE WDlgxk/GxBZgIHyN6SXPXLBGrXrMSHK4TULiCZrLmtpfBoUYQ26z9enKPTZpCtDT NZ8W5f6x5a3+CFYezto0V98oLRu1VnEgFcsoUkZM43dQlw22Wav9WugU5ePfqQxz AnLoqnEp6kxz7AgremaTEJacwQIDAQABo4ICvDCCArgwHQYDVR0OBBYEFOSYDCBX COZ0C2GUZiuQ1cHShhXPMB8GA1UdIwQYMBaAFHnWbGSmFlouTLN9SXAObHYYQcOa MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQzg0Ny9BQ0Y5NDM1MjlB RjMxMUU4QUFCNEQ1NURDNEY5QUUwMi9lZFpzWktZV1dpNU1zMzFKY0E1c2RoaEJ3 NW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2VkWnNaS1lXV2k1TXMzMUpjQTVzZGhoQnc1by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkM4NDcvQUNGOTQzNTI5QUYzMTFFOEFBQjRENTVEQzRGOUFFMDIvMURFNUYzMEE4 N0YyMTFFQ0JFQkM1MzM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E NzA1MCQEAgABMB4DBAZygoADBARyguADBAZ7MQADBAe004ADBAXLcMAwDQQCAAIw BwMFACQHUAAwDQYJKoZIhvcNAQELBQADggEBAGza9Q+o4HRJABLvVIRuluAkMn5u YD+YjFcdlJr7xvaRbKlueD2VyiQ6UISYoe6DztxbQarJMqHbv420IVRd6KtmB+Ow ghVjBYjwW2dfm4YiohwfoX3N8B/5lzT3an+q2E11Ww8p6zp/TiHgspCZC4VrARA3 pxPAOf1WDaPh+0z6SK5ss5Q9Zk4aSHS2SoONYAwqOKmIUJIsT0xF9vezJI6yMvee fi6diE2aXV5BXxCi0RSailq7Qp2DCVs6nFgBcGnlQxX05SVKaHYRdPY+0KZeQUhN WLJMYxG53Dg09ExfwAgiKKK5HZQkOrLBMz2KDEklMU4DHnhsxtr4wQHNDDI= -----END CERTIFICATE-----Generated at Mon Oct 20 04:46:24 2025 by rpki-client