$ rpki-client -vvf rpki.apnic.net/member_repository/A91D09A2/1FEB5A208C6A11EB98DEDD68C4F9AE02/59AD29B88C6B11EBA286C569C4F9AE02.roa File: 59AD29B88C6B11EBA286C569C4F9AE02.roa (raw, json) Hash identifier: 7mKCoY5AEtshNQV8l9pmhY0mvA9jDUflCVQDRZpIa2M= Subject key identifier: 15:F7:31:C6:46:3B:47:31:0B:AA:99:C1:FB:16:3A:62:E8:F6:04:C8 Certificate issuer: /CN=A91D09A2/serialNumber=EFC582B2A3CB2C10E8A31656E78F04BCD5BC5310 Certificate serial: 0667 Authority key identifier: EF:C5:82:B2:A3:CB:2C:10:E8:A3:16:56:E7:8F:04:BC:D5:BC:53:10 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/78WCsqPLLBDooxZW548EvNW8UxA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D09A2/1FEB5A208C6A11EB98DEDD68C4F9AE02/59AD29B88C6B11EBA286C569C4F9AE02.roa Signing time: Wed 02 Jul 2025 23:02:49 +0000 ROA not before: Wed 02 Jul 2025 23:02:49 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 134788 IP address blocks: 103.62.152.0/22 maxlen: 22 103.62.152.0/24 maxlen: 24 103.62.153.0/24 maxlen: 24 103.62.154.0/24 maxlen: 24 103.62.155.0/24 maxlen: 24 2400:f2c0::/32 maxlen: 32 2400:f2c0::/36 maxlen: 36 2400:f2c0:1000::/36 maxlen: 36 2400:f2c0:2000::/36 maxlen: 36 2400:f2c0:3000::/36 maxlen: 36 2400:f2c0:4000::/36 maxlen: 36 2400:f2c0:5000::/36 maxlen: 36 2400:f2c0:6000::/36 maxlen: 36 2400:f2c0:7000::/36 maxlen: 36 2400:f2c0:8000::/36 maxlen: 36 2400:f2c0:9000::/36 maxlen: 36 2400:f2c0:a000::/36 maxlen: 36 2400:f2c0:b000::/36 maxlen: 36 2400:f2c0:c000::/36 maxlen: 36 2400:f2c0:d000::/36 maxlen: 36 2400:f2c0:e000::/36 maxlen: 36 2400:f2c0:f000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D09A2/1FEB5A208C6A11EB98DEDD68C4F9AE02/78WCsqPLLBDooxZW548EvNW8UxA.crl rsync://rpki.apnic.net/member_repository/A91D09A2/1FEB5A208C6A11EB98DEDD68C4F9AE02/78WCsqPLLBDooxZW548EvNW8UxA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/78WCsqPLLBDooxZW548EvNW8UxA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 23:51:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1639 (0x667) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D09A2, serialNumber=EFC582B2A3CB2C10E8A31656E78F04BCD5BC5310 Validity Not Before: Jul 2 23:02:49 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=6865ba99-fa85 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:41:11:70:4e:b9:8f:f1:94:c4:c8:83:79:7c: bb:2a:ca:53:3d:dc:28:df:cb:6f:a6:ac:6b:de:b2: 9e:b5:e6:f3:53:c3:90:f9:74:e5:cf:a1:1e:d9:b6: 2f:b2:72:03:fd:c3:ce:b1:50:08:6b:ef:0f:07:92: bf:54:e1:cc:a9:34:fe:58:33:ce:e4:65:b1:97:27: 03:be:cc:5e:ad:8d:1e:5b:78:96:7c:9d:ba:fd:93: 85:88:49:7b:d7:4b:73:3b:58:95:b3:97:55:7b:a6: b8:c2:e4:1c:14:89:b0:5f:c2:03:6a:f8:22:68:da: 55:cd:0c:bd:ac:ec:09:bb:37:ee:81:13:60:f1:21: a5:2a:aa:0f:6a:8c:07:ba:47:18:fc:28:e7:da:72: 98:de:26:9c:7b:b0:69:f2:2e:44:b7:51:e4:b0:1a: d0:66:c2:b3:61:b1:c7:73:b7:97:cc:51:3f:3c:43: 68:3e:b6:a4:92:b9:70:4b:fc:0b:e0:10:01:fb:cb: b7:67:5c:fe:59:4a:8b:e3:6c:2a:11:87:64:0b:4b: a9:62:7d:3d:81:dc:ab:85:26:a7:5e:25:57:6d:ee: 39:47:bf:91:4b:19:3e:56:4b:32:28:1b:bf:8e:f7: cb:07:ff:e0:39:be:84:42:bf:d3:95:7a:1f:a2:1a: df:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:F7:31:C6:46:3B:47:31:0B:AA:99:C1:FB:16:3A:62:E8:F6:04:C8 X509v3 Authority Key Identifier: keyid:EF:C5:82:B2:A3:CB:2C:10:E8:A3:16:56:E7:8F:04:BC:D5:BC:53:10 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D09A2/1FEB5A208C6A11EB98DEDD68C4F9AE02/78WCsqPLLBDooxZW548EvNW8UxA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/78WCsqPLLBDooxZW548EvNW8UxA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D09A2/1FEB5A208C6A11EB98DEDD68C4F9AE02/59AD29B88C6B11EBA286C569C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.62.152.0/22 IPv6: 2400:f2c0::/32 Signature Algorithm: sha256WithRSAEncryption 3c:27:8d:7d:44:70:c7:09:70:f0:83:04:5c:fb:8d:63:a9:2a: 54:f2:41:2c:29:f3:9d:ee:d0:d7:2d:7c:cf:61:22:b9:17:cc: 7f:de:45:ab:d0:e2:98:e5:5d:dd:fe:13:ee:76:8d:48:d6:2f: ed:55:81:cb:a5:2a:b3:c4:fe:6e:43:b6:e7:da:27:11:cd:a1: 3c:26:a7:dd:e0:46:89:12:0e:36:ab:38:b1:57:f6:21:5f:ca: d0:d3:15:f1:b1:d7:51:22:5f:8f:3a:62:a4:81:f6:71:71:a1: 60:82:70:90:49:b5:df:e1:74:34:14:9a:87:e8:cd:74:7d:c4: e6:79:1c:9f:47:33:c6:3a:ff:e6:78:9d:2c:2e:47:b6:b8:f9: 74:fe:ee:02:ec:8d:9f:58:a1:70:ea:ba:53:b6:84:93:29:66: 4c:ac:c1:95:a5:a3:b6:84:14:67:85:d9:50:6f:53:39:4f:46: 78:52:51:bc:06:67:d4:ef:a0:a8:8a:db:4d:db:ab:57:7f:80: 13:29:b9:01:d6:21:f8:16:51:d5:2a:70:0f:41:6b:93:96:7b: 44:b6:24:3b:73:58:cc:73:25:d5:ff:a4:78:1d:b8:c9:ab:7d: e1:0d:d0:63:03:d8:f2:7a:5b:0f:ab:96:9f:45:9d:22:65:d6: 7f:0b:df:8c -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICBmcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDA5QTIxMTAvBgNVBAUTKEVGQzU4MkIyQTNDQjJDMTBFOEEzMTY1NkU3OEYwNEJD RDVCQzUzMTAwHhcNMjUwNzAyMjMwMjQ5WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODY1YmE5OS1mYTg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsUERcE65j/GUxMiDeXy7KspTPdwo38tvpqxr3rKetebzU8OQ+XTlz6Ee2bYv snID/cPOsVAIa+8PB5K/VOHMqTT+WDPO5GWxlycDvsxerY0eW3iWfJ26/ZOFiEl7 10tzO1iVs5dVe6a4wuQcFImwX8IDavgiaNpVzQy9rOwJuzfugRNg8SGlKqoPaowH ukcY/Cjn2nKY3iace7Bp8i5Et1HksBrQZsKzYbHHc7eXzFE/PENoPrakkrlwS/wL 4BAB+8u3Z1z+WUqL42wqEYdkC0upYn09gdyrhSanXiVXbe45R7+RSxk+VksyKBu/ jvfLB//gOb6EQr/TlXofohrfzwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFBX3McZG O0cxC6qZwfsWOmLo9gTIMB8GA1UdIwQYMBaAFO/FgrKjyywQ6KMWVuePBLzVvFMQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMDlBMi8xRkVCNUEyMDhD NkExMUVCOThERURENjhDNEY5QUUwMi83OFdDc3FQTExCRG9veFpXNTQ4RXZOVzhV eEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzc4V0NzcVBMTEJEb294Wlc1NDhFdk5XOFV4QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDA5QTIvMUZFQjVBMjA4QzZBMTFFQjk4REVERDY4QzRGOUFFMDIvNTlBRDI5Qjg4 QzZCMTFFQkEyODZDNTY5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAJnPpgwDQQCAAIwBwMFACQA8sAwDQYJKoZIhvcNAQELBQAD ggEBADwnjX1EcMcJcPCDBFz7jWOpKlTyQSwp853u0NctfM9hIrkXzH/eRavQ4pjl Xd3+E+52jUjWL+1VgculKrPE/m5DtufaJxHNoTwmp93gRokSDjarOLFX9iFfytDT FfGx11EiX486YqSB9nFxoWCCcJBJtd/hdDQUmofozXR9xOZ5HJ9HM8Y6/+Z4nSwu R7a4+XT+7gLsjZ9YoXDqulO2hJMpZkyswZWlo7aEFGeF2VBvUzlPRnhSUbwGZ9Tv oKiK203bq1d/gBMpuQHWIfgWUdUqcA9Ba5OWe0S2JDtzWMxzJdX/pHgduMmrfeEN 0GMD2PJ6Ww+rlp9FnSJl1n8L34w= -----END CERTIFICATE-----Generated at Mon Oct 20 20:32:12 2025 by rpki-client