$ rpki-client -vvf rpki.apnic.net/member_repository/A91C941B/69F6B7DE1A8311EC8C922229C4F9AE02/B3883EE61A8C11ECBD6CCF18C4F9AE02.roa File: B3883EE61A8C11ECBD6CCF18C4F9AE02.roa (raw, json) Hash identifier: K6zEQIX3Xs70jZXyUBIkq7itCCV+/w4+T7TPTazGJDw= Subject key identifier: C7:A0:DB:62:B4:E5:95:AA:5A:A8:9F:AF:1F:08:C2:6D:78:C9:29:F7 Certificate issuer: /CN=A91C941B/serialNumber=08025B9B44EED8AE0B76F11E0372CE961877AD9F Certificate serial: 0523 Authority key identifier: 08:02:5B:9B:44:EE:D8:AE:0B:76:F1:1E:03:72:CE:96:18:77:AD:9F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CAJbm0Tu2K4LdvEeA3LOlhh3rZ8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C941B/69F6B7DE1A8311EC8C922229C4F9AE02/B3883EE61A8C11ECBD6CCF18C4F9AE02.roa Signing time: Wed 03 Sep 2025 00:15:26 +0000 ROA not before: Wed 03 Sep 2025 00:15:26 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 136204 IP address blocks: 123.100.228.0/24 maxlen: 24 123.100.229.0/24 maxlen: 24 123.100.230.0/24 maxlen: 24 123.100.231.0/24 maxlen: 24 202.157.178.0/24 maxlen: 24 203.142.9.0/24 maxlen: 24 2405:70c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C941B/69F6B7DE1A8311EC8C922229C4F9AE02/CAJbm0Tu2K4LdvEeA3LOlhh3rZ8.crl rsync://rpki.apnic.net/member_repository/A91C941B/69F6B7DE1A8311EC8C922229C4F9AE02/CAJbm0Tu2K4LdvEeA3LOlhh3rZ8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CAJbm0Tu2K4LdvEeA3LOlhh3rZ8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 01:16:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1315 (0x523) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C941B, serialNumber=08025B9B44EED8AE0B76F11E0372CE961877AD9F Validity Not Before: Sep 3 00:15:26 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=68b7889d-d903 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:55:6a:1d:7b:a0:82:31:8e:04:dc:35:fe:cd: c9:f0:11:64:f6:fd:74:48:83:38:ae:89:a1:13:97: 28:48:bd:1f:57:0d:89:de:1f:e0:ef:8c:62:d8:bc: a6:08:10:1d:d9:4b:94:22:3c:74:e5:40:7a:f7:3e: 51:e2:17:fb:d6:97:af:1c:21:47:24:24:b8:49:e0: 03:70:60:27:c3:aa:38:8d:3f:c7:03:8d:e2:88:e5: 7c:b0:1a:3c:44:65:26:fe:d0:10:6b:b8:7c:09:b3: 1c:b2:b5:52:c0:00:42:81:ef:04:88:9b:b6:9a:2f: a0:cb:af:6d:57:36:bb:48:b4:5c:ef:61:82:5a:26: 5f:17:f0:a7:59:f6:a5:f9:8c:56:31:92:b3:4d:7a: 82:6f:8f:73:02:24:45:73:e2:9f:87:c6:08:ad:10: 3b:b8:95:44:b1:1c:84:17:ea:db:2b:d9:50:95:20: bc:65:67:1a:d6:9b:c8:d0:06:bb:3f:6e:81:8c:ff: ac:ac:b4:64:98:70:c6:c4:69:0c:41:e8:d6:8a:c6: 08:34:9a:15:23:cb:8a:d1:ff:95:86:63:2b:ec:aa: 4f:e3:59:c5:f2:e4:00:f2:c5:0b:4a:b6:db:cf:23: 52:0a:f2:67:32:16:07:ca:bc:f3:9e:d2:b9:0b:71: 0e:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:A0:DB:62:B4:E5:95:AA:5A:A8:9F:AF:1F:08:C2:6D:78:C9:29:F7 X509v3 Authority Key Identifier: keyid:08:02:5B:9B:44:EE:D8:AE:0B:76:F1:1E:03:72:CE:96:18:77:AD:9F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C941B/69F6B7DE1A8311EC8C922229C4F9AE02/CAJbm0Tu2K4LdvEeA3LOlhh3rZ8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CAJbm0Tu2K4LdvEeA3LOlhh3rZ8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C941B/69F6B7DE1A8311EC8C922229C4F9AE02/B3883EE61A8C11ECBD6CCF18C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 123.100.228.0/22 202.157.178.0/24 203.142.9.0/24 IPv6: 2405:70c0::/32 Signature Algorithm: sha256WithRSAEncryption 64:fc:0c:dc:6e:0b:2a:a3:74:d2:dd:a2:bf:c2:9e:14:bb:d7: f3:f2:7f:56:0e:b1:f3:9a:ba:cf:ca:42:e3:5c:fc:1d:1c:df: 4c:86:0e:f2:38:09:94:7a:01:bf:36:fb:8f:97:44:5b:51:fe: a0:37:96:de:9b:a2:4e:0a:ea:e2:3e:e9:9c:d6:6b:8a:90:77: e2:43:42:20:f5:c5:7c:d9:11:bf:ae:44:a1:62:d9:ea:23:c0: 63:d1:22:3f:ac:cf:0e:95:c0:59:e2:01:84:ae:14:84:55:39: b4:72:60:12:f0:de:ab:43:e6:db:8f:9b:b5:37:11:97:6c:77: 1d:6a:77:ce:af:1e:3b:d8:87:69:bc:4f:33:04:57:3c:d5:9d: 54:19:f4:7d:c7:88:78:51:76:db:01:99:4a:83:58:28:cc:6b: c9:ca:15:16:be:97:b3:cb:76:d1:1d:02:be:74:52:df:f8:d4: de:b3:00:38:44:54:5a:8f:a4:a3:47:b7:6e:a0:67:bb:6e:68: 96:0d:fa:32:dc:88:42:1b:d5:f5:3e:5c:0b:fa:02:d3:c4:57: ca:a6:d6:21:b0:48:96:1d:dd:fc:e0:17:b9:a4:1b:1f:8f:94: 71:0d:b7:73:db:a4:0c:64:48:f9:e3:21:9f:7b:99:cf:91:4b: 7a:37:6a:cf -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICBSMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qzk0MUIxMTAvBgNVBAUTKDA4MDI1QjlCNDRFRUQ4QUUwQjc2RjExRTAzNzJDRTk2 MTg3N0FEOUYwHhcNMjUwOTAzMDAxNTI2WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGI3ODg5ZC1kOTAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw1VqHXuggjGOBNw1/s3J8BFk9v10SIM4romhE5coSL0fVw2J3h/g74xi2Lym CBAd2UuUIjx05UB69z5R4hf71pevHCFHJCS4SeADcGAnw6o4jT/HA43iiOV8sBo8 RGUm/tAQa7h8CbMcsrVSwABCge8EiJu2mi+gy69tVza7SLRc72GCWiZfF/CnWfal +YxWMZKzTXqCb49zAiRFc+Kfh8YIrRA7uJVEsRyEF+rbK9lQlSC8ZWca1pvI0Aa7 P26BjP+srLRkmHDGxGkMQejWisYINJoVI8uK0f+VhmMr7KpP41nF8uQA8sULSrbb zyNSCvJnMhYHyrzzntK5C3EOqQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFMeg22K0 5ZWqWqifrx8Iwm14ySn3MB8GA1UdIwQYMBaAFAgCW5tE7tiuC3bxHgNyzpYYd62f MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOTQxQi82OUY2QjdERTFB ODMxMUVDOEM5MjIyMjlDNEY5QUUwMi9DQUpibTBUdTJLNExkdkVlQTNMT2xoaDNy WjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NBSmJtMFR1Mks0TGR2RWVBM0xPbGhoM3JaOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Qzk0MUIvNjlGNkI3REUxQTgzMTFFQzhDOTIyMjI5QzRGOUFFMDIvQjM4ODNFRTYx QThDMTFFQ0JENkNDRjE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAJ7ZOQDBADKnbIDBADLjgkwDQQCAAIwBwMFACQFcMAwDQYJ KoZIhvcNAQELBQADggEBAGT8DNxuCyqjdNLdor/CnhS71/Pyf1YOsfOaus/KQuNc /B0c30yGDvI4CZR6Ab82+4+XRFtR/qA3lt6bok4K6uI+6ZzWa4qQd+JDQiD1xXzZ Eb+uRKFi2eojwGPRIj+szw6VwFniAYSuFIRVObRyYBLw3qtD5tuPm7U3EZdsdx1q d86vHjvYh2m8TzMEVzzVnVQZ9H3HiHhRdtsBmUqDWCjMa8nKFRa+l7PLdtEdAr50 Ut/41N6zADhEVFqPpKNHt26gZ7tuaJYN+jLciEIb1fU+XAv6AtPEV8qm1iGwSJYd 3fzgF7mkGx+PlHENt3PbpAxkSPnjIZ97mc+RS3o3as8= -----END CERTIFICATE-----Generated at Tue Oct 21 10:40:12 2025 by rpki-client