$ rpki-client -vvf rpki.apnic.net/member_repository/A91C55CE/451A823A8B7B11EF8290327FC4F9AE02/D83A0A7E1DAF11F0B2131B09C4F9AE02.roa File: D83A0A7E1DAF11F0B2131B09C4F9AE02.roa (raw, json) Hash identifier: odyeRSn+ecQUPk/XU8SqIqXsjh++sp4kLUV5M/g9Vic= Subject key identifier: EF:74:4B:09:F2:7D:A5:12:80:61:B6:59:4F:06:CB:FE:6B:8F:44:51 Certificate issuer: /CN=A91C55CE/serialNumber=828A47D3AC6E6B036011C23323170A9731BAD224 Certificate serial: CF Authority key identifier: 82:8A:47:D3:AC:6E:6B:03:60:11:C2:33:23:17:0A:97:31:BA:D2:24 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gopH06xuawNgEcIzIxcKlzG60iQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C55CE/451A823A8B7B11EF8290327FC4F9AE02/D83A0A7E1DAF11F0B2131B09C4F9AE02.roa Signing time: Wed 13 Aug 2025 07:17:16 +0000 ROA not before: Wed 13 Aug 2025 07:17:16 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 62610 IP address blocks: 45.121.212.0/24 maxlen: 24 45.121.213.0/24 maxlen: 24 45.121.214.0/24 maxlen: 24 103.62.52.0/24 maxlen: 24 103.62.53.0/24 maxlen: 24 103.62.54.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C55CE/451A823A8B7B11EF8290327FC4F9AE02/gopH06xuawNgEcIzIxcKlzG60iQ.crl rsync://rpki.apnic.net/member_repository/A91C55CE/451A823A8B7B11EF8290327FC4F9AE02/gopH06xuawNgEcIzIxcKlzG60iQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gopH06xuawNgEcIzIxcKlzG60iQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 06:29:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 207 (0xcf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C55CE, serialNumber=828A47D3AC6E6B036011C23323170A9731BAD224 Validity Not Before: Aug 13 07:17:16 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=689c3bfc-131a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:a7:4a:76:b4:15:44:8c:02:c7:14:f5:dd:dd: e1:1c:2a:a9:bd:77:05:07:bc:48:9a:07:50:d0:a7: 44:58:b0:08:ac:2f:28:5c:55:49:22:c6:c9:55:fb: 86:74:98:c9:43:9d:32:27:74:74:ca:a9:44:8e:4c: 11:71:99:f2:df:27:1b:f5:5f:e9:40:cf:a3:2f:74: e6:68:e2:0c:da:6a:6a:c8:df:34:e5:59:5b:5f:99: ef:1d:d3:b1:0f:c5:5d:63:44:7b:d7:a9:6a:9a:4c: 9d:45:90:c9:9a:23:aa:07:9d:87:68:4e:8b:7d:27: dc:3a:a1:92:fd:27:93:90:12:55:cf:5d:31:67:74: 14:8a:85:72:3a:5e:49:74:05:24:65:44:fd:fc:6b: 4d:d8:98:96:0f:ce:87:ad:4c:08:08:b1:0a:0c:13: bc:70:58:5f:82:89:81:90:ad:1c:11:52:55:d8:e6: 84:f8:a9:3f:76:46:5f:d1:38:a5:3b:55:41:b2:97: d1:ec:5f:99:54:6e:3b:b3:a4:3f:00:da:99:49:28: b0:a5:48:51:5f:ca:22:45:1b:31:55:1d:4c:06:3f: 37:a0:0c:52:00:74:3c:ae:21:10:f4:27:8d:8d:e5: 7f:67:bc:99:4e:c2:66:c8:0f:94:36:2b:6d:6c:0f: a6:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:74:4B:09:F2:7D:A5:12:80:61:B6:59:4F:06:CB:FE:6B:8F:44:51 X509v3 Authority Key Identifier: keyid:82:8A:47:D3:AC:6E:6B:03:60:11:C2:33:23:17:0A:97:31:BA:D2:24 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C55CE/451A823A8B7B11EF8290327FC4F9AE02/gopH06xuawNgEcIzIxcKlzG60iQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gopH06xuawNgEcIzIxcKlzG60iQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C55CE/451A823A8B7B11EF8290327FC4F9AE02/D83A0A7E1DAF11F0B2131B09C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.121.212.0-45.121.214.255 103.62.52.0-103.62.54.255 Signature Algorithm: sha256WithRSAEncryption 47:0d:1a:eb:82:29:f4:41:e2:36:f9:6c:a8:79:ac:0a:96:2f: 10:af:20:06:87:8b:99:72:1d:bf:f3:f0:a2:76:55:4a:51:d7: 52:96:c3:a7:7a:c7:4a:bd:47:5f:29:d7:8a:35:84:22:34:9d: ab:17:4b:9b:83:66:08:f3:87:29:f7:18:b1:76:89:14:9e:0e: a5:cb:a2:b2:b1:65:b6:c1:c1:82:dd:37:61:35:a0:dc:44:40: 19:a5:bc:54:f0:b2:8c:ea:c0:33:b2:2b:4c:73:25:b4:dd:21: 73:32:5a:a0:a1:a8:90:53:cb:65:70:8e:ac:3d:25:49:50:05: 7e:86:0e:94:8f:36:c2:96:c6:4a:3b:6c:86:a9:01:0a:37:fa: 6d:b1:0e:29:68:45:e3:8f:28:2a:6f:7d:c6:30:ed:42:fb:04: 2d:55:c2:96:0d:a5:5d:1c:77:2c:55:82:72:dc:63:da:c0:3a: e6:ed:ca:8f:5d:90:e4:b6:8d:86:2e:b5:b0:6b:76:64:ba:7e: 94:1e:4e:12:10:aa:cb:fb:93:44:73:c0:a7:e7:bd:2f:2e:2b: 2b:8e:85:41:4d:50:10:a7:ef:ee:9b:59:9d:96:b6:53:e0:29: c9:44:62:79:2c:ae:c4:d8:5f:c4:18:65:87:53:94:be:c0:db: eb:ae:58:3f -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgICAM8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzU1Q0UxMTAvBgNVBAUTKDgyOEE0N0QzQUM2RTZCMDM2MDExQzIzMzIzMTcwQTk3 MzFCQUQyMjQwHhcNMjUwODEzMDcxNzE2WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODljM2JmYy0xMzFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4adKdrQVRIwCxxT13d3hHCqpvXcFB7xImgdQ0KdEWLAIrC8oXFVJIsbJVfuG dJjJQ50yJ3R0yqlEjkwRcZny3ycb9V/pQM+jL3TmaOIM2mpqyN805VlbX5nvHdOx D8VdY0R716lqmkydRZDJmiOqB52HaE6LfSfcOqGS/SeTkBJVz10xZ3QUioVyOl5J dAUkZUT9/GtN2JiWD86HrUwICLEKDBO8cFhfgomBkK0cEVJV2OaE+Kk/dkZf0Til O1VBspfR7F+ZVG47s6Q/ANqZSSiwpUhRX8oiRRsxVR1MBj83oAxSAHQ8riEQ9CeN jeV/Z7yZTsJmyA+UNittbA+mYQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFO90Swny faUSgGG2WU8Gy/5rj0RRMB8GA1UdIwQYMBaAFIKKR9OsbmsDYBHCMyMXCpcxutIk MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNTVDRS80NTFBODIzQThC N0IxMUVGODI5MDMyN0ZDNEY5QUUwMi9nb3BIMDZ4dWF3TmdFY0l6SXhjS2x6RzYw aVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2dvcEgwNnh1YXdOZ0VjSXpJeGNLbHpHNjBpUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzU1Q0UvNDUxQTgyM0E4QjdCMTFFRjgyOTAzMjdGQzRGOUFFMDIvRDgzQTBBN0Ux REFGMTFGMEIyMTMxQjA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNQYIKwYBBQUHAQcBAf8E JjAkMCIEAgABMBwwDAMEAi151AMEAC151jAMAwQCZz40AwQAZz42MA0GCSqGSIb3 DQEBCwUAA4IBAQBHDRrrgin0QeI2+WyoeawKli8QryAGh4uZch2/8/CidlVKUddS lsOnesdKvUdfKdeKNYQiNJ2rF0ubg2YI84cp9xixdokUng6ly6KysWW2wcGC3Tdh NaDcREAZpbxU8LKM6sAzsitMcyW03SFzMlqgoaiQU8tlcI6sPSVJUAV+hg6UjzbC lsZKO2yGqQEKN/ptsQ4paEXjjygqb33GMO1C+wQtVcKWDaVdHHcsVYJy3GPawDrm 7cqPXZDkto2GLrWwa3Zkun6UHk4SEKrL+5NEc8Cn570vLisrjoVBTVAQp+/um1md lrZT4CnJRGJ5LK7E2F/EGGWHU5S+wNvrrlg/ -----END CERTIFICATE-----Generated at Sat Aug 23 19:14:56 2025 by rpki-client