$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9484/6FF0DDE01D9411E29DECB5F808B02CD2/FFC89DF8CECD11EEA4AA6D44C4F9AE02.roa File: FFC89DF8CECD11EEA4AA6D44C4F9AE02.roa (raw, json) Hash identifier: Ia/j0/zm2+DZmW6lBQa66nn1YakkPhVuWJjGJSOQHIU= Subject key identifier: 3F:A7:41:54:B3:93:00:30:93:B1:D2:24:2D:32:DC:FA:00:29:89:6A Certificate issuer: /CN=A91C9484/serialNumber=F972E75E3D03E5CE1901930C43D16DC4A89C4792 Certificate serial: 34F4 Authority key identifier: F9:72:E7:5E:3D:03:E5:CE:19:01:93:0C:43:D1:6D:C4:A8:9C:47:92 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-XLnXj0D5c4ZAZMMQ9FtxKicR5I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C9484/6FF0DDE01D9411E29DECB5F808B02CD2/FFC89DF8CECD11EEA4AA6D44C4F9AE02.roa Signing time: Thu 11 Sep 2025 03:53:01 +0000 ROA not before: Thu 11 Sep 2025 03:53:01 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 4646 IP address blocks: 117.18.67.0/24 maxlen: 24 117.18.72.0/24 maxlen: 24 117.18.78.0/24 maxlen: 24 124.248.207.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C9484/6FF0DDE01D9411E29DECB5F808B02CD2/-XLnXj0D5c4ZAZMMQ9FtxKicR5I.crl rsync://rpki.apnic.net/member_repository/A91C9484/6FF0DDE01D9411E29DECB5F808B02CD2/-XLnXj0D5c4ZAZMMQ9FtxKicR5I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-XLnXj0D5c4ZAZMMQ9FtxKicR5I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 14:52:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13556 (0x34f4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C9484, serialNumber=F972E75E3D03E5CE1901930C43D16DC4A89C4792 Validity Not Before: Sep 11 03:53:01 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=68c2479d-b46b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:3e:9c:66:9b:ee:c0:00:ed:db:de:3e:25:52: 4c:e7:fb:bb:82:ce:b6:1b:59:2f:20:94:84:cc:21: 33:f8:5c:4b:a1:8c:4c:96:8a:04:97:af:e9:a8:88: b3:f6:ad:ed:49:71:80:fa:c1:4a:d0:bb:3d:40:6b: 44:39:d9:d7:71:7d:5d:02:6d:1f:38:d8:6e:19:c4: 16:1a:23:f1:75:d4:73:e9:1b:fc:46:af:06:92:d1: c3:42:1c:8c:2f:84:b3:61:e0:a7:de:3f:f4:24:be: bd:b8:97:12:4e:8f:74:f7:76:fc:c6:64:ed:d1:8f: 43:2f:48:71:69:7b:83:f3:90:6d:f8:57:1d:50:67: 73:11:49:96:c1:a7:66:8d:69:fe:72:62:08:d7:42: ee:59:b2:5c:b1:2b:1c:42:ee:58:bc:c9:8e:0f:1b: ce:db:b3:d5:4b:7e:da:7f:b4:53:ce:e4:df:22:c2: 54:0b:6d:f7:06:e4:ce:60:64:d6:83:5c:40:75:2e: 6e:36:0d:44:cc:91:f8:97:ad:4f:42:48:d0:28:a8: 41:70:bc:f1:26:d6:2e:1c:5d:6e:7d:cb:16:37:6f: cd:84:22:2d:ff:49:1e:80:15:c3:a5:2d:0b:b3:89: 6b:9d:d2:bb:d8:52:33:ca:d7:95:84:06:0d:54:08: 92:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:A7:41:54:B3:93:00:30:93:B1:D2:24:2D:32:DC:FA:00:29:89:6A X509v3 Authority Key Identifier: keyid:F9:72:E7:5E:3D:03:E5:CE:19:01:93:0C:43:D1:6D:C4:A8:9C:47:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C9484/6FF0DDE01D9411E29DECB5F808B02CD2/-XLnXj0D5c4ZAZMMQ9FtxKicR5I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-XLnXj0D5c4ZAZMMQ9FtxKicR5I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9484/6FF0DDE01D9411E29DECB5F808B02CD2/FFC89DF8CECD11EEA4AA6D44C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 117.18.67.0/24 117.18.72.0/24 117.18.78.0/24 124.248.207.0/24 Signature Algorithm: sha256WithRSAEncryption 8f:69:ab:8e:b4:22:e9:45:b3:73:51:f6:a0:56:62:4c:13:6b: 58:cf:b6:e7:09:db:ba:a3:67:09:0e:5a:b7:2f:2e:f5:37:1a: 9f:80:ce:c9:5a:a2:c2:7c:f6:25:ab:b6:fb:5a:f7:7a:b4:5a: e5:1d:17:7e:54:75:e9:f4:8d:e6:5f:f4:87:cc:27:3b:14:e0: ea:9b:65:b5:a0:17:ac:16:28:6f:4b:62:c3:06:b5:a2:da:7a: 42:3d:6a:81:a3:b0:3a:19:a2:3f:70:57:a5:9e:a7:5f:9c:08: 96:2e:4d:54:bb:d0:e9:ea:f4:43:b5:a9:46:1e:07:19:48:28: a2:84:61:a3:61:ad:c3:83:c0:b0:20:44:ed:49:59:9c:9d:66: 96:73:53:81:f3:fe:5a:d1:37:13:e4:57:f7:fd:ed:73:79:d7: 14:1d:61:28:9e:0f:f5:b6:32:e4:52:bb:dd:24:32:22:49:19: 39:cd:43:e4:b5:1a:ae:5a:71:47:e9:bf:7a:73:5a:4a:fd:3d: 36:c2:a2:a1:b1:b1:79:76:ae:b4:5b:f9:f0:2a:ac:96:4b:b6: 60:a9:8d:6b:e3:77:fc:c3:7e:e7:69:be:5f:cc:15:11:e6:33: 98:aa:cc:dd:76:4c:84:d1:4c:18:47:76:5b:93:34:a3:2d:0c: 03:8a:3d:0a -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgICNPQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qzk0ODQxMTAvBgNVBAUTKEY5NzJFNzVFM0QwM0U1Q0UxOTAxOTMwQzQzRDE2REM0 QTg5QzQ3OTIwHhcNMjUwOTExMDM1MzAxWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02OGMyNDc5ZC1iNDZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuj6cZpvuwADt294+JVJM5/u7gs62G1kvIJSEzCEz+FxLoYxMlooEl6/pqIiz 9q3tSXGA+sFK0Ls9QGtEOdnXcX1dAm0fONhuGcQWGiPxddRz6Rv8Rq8GktHDQhyM L4SzYeCn3j/0JL69uJcSTo9093b8xmTt0Y9DL0hxaXuD85Bt+FcdUGdzEUmWwadm jWn+cmII10LuWbJcsSscQu5YvMmODxvO27PVS37af7RTzuTfIsJUC233BuTOYGTW g1xAdS5uNg1EzJH4l61PQkjQKKhBcLzxJtYuHF1ufcsWN2/NhCIt/0kegBXDpS0L s4lrndK72FIzyteVhAYNVAiSkwIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFD+nQVSz kwAwk7HSJC0y3PoAKYlqMB8GA1UdIwQYMBaAFPly5149A+XOGQGTDEPRbcSonEeS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOTQ4NC82RkYwRERFMDFE OTQxMUUyOURFQ0I1RjgwOEIwMkNEMi8tWExuWGowRDVjNFpBWk1NUTlGdHhLaWNS NUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1YTG5YajBENWM0WkFaTU1ROUZ0eEtpY1I1SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Qzk0ODQvNkZGMERERTAxRDk0MTFFMjlERUNCNUY4MDhCMDJDRDIvRkZDODlERjhD RUNEMTFFRUE0QUE2RDQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E IjAgMB4EAgABMBgDBAB1EkMDBAB1EkgDBAB1Ek4DBAB8+M8wDQYJKoZIhvcNAQEL BQADggEBAI9pq460IulFs3NR9qBWYkwTa1jPtucJ27qjZwkOWrcvLvU3Gp+Azsla osJ89iWrtvta93q0WuUdF35Uden0jeZf9IfMJzsU4OqbZbWgF6wWKG9LYsMGtaLa ekI9aoGjsDoZoj9wV6Wep1+cCJYuTVS70Onq9EO1qUYeBxlIKKKEYaNhrcODwLAg RO1JWZydZpZzU4Hz/lrRNxPkV/f97XN51xQdYSieD/W2MuRSu90kMiJJGTnNQ+S1 Gq5acUfpv3pzWkr9PTbCoqGxsXl2rrRb+fAqrJZLtmCpjWvjd/zDfudpvl/MFRHm M5iqzN12TITRTBhHdluTNKMtDAOKPQo= -----END CERTIFICATE-----Generated at Mon Oct 20 04:41:01 2025 by rpki-client