$ rpki-client -vvf rpki.apnic.net/member_repository/A91E28C1/F8AFA14099E011EA96652F32C4F9AE02/91FD24BA23C511EDA6D7F073C4F9AE02.roa File: 91FD24BA23C511EDA6D7F073C4F9AE02.roa (raw, json) Hash identifier: UDel8k9RgGctC+s9ZLuCO5lpL1soQPWhGXE8LLODT5Y= Subject key identifier: CB:55:72:BF:DD:47:9E:98:74:B2:3D:79:6D:9B:7F:3E:01:09:5E:4E Certificate issuer: /CN=A91E28C1/serialNumber=25841FA77C05716585FE7BDB0600B9864E3406D2 Certificate serial: 0972 Authority key identifier: 25:84:1F:A7:7C:05:71:65:85:FE:7B:DB:06:00:B9:86:4E:34:06:D2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JYQfp3wFcWWF_nvbBgC5hk40BtI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E28C1/F8AFA14099E011EA96652F32C4F9AE02/91FD24BA23C511EDA6D7F073C4F9AE02.roa Signing time: Thu 26 Jun 2025 20:06:22 +0000 ROA not before: Thu 26 Jun 2025 20:06:22 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 58629 IP address blocks: 103.138.122.0/24 maxlen: 24 103.138.123.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E28C1/F8AFA14099E011EA96652F32C4F9AE02/JYQfp3wFcWWF_nvbBgC5hk40BtI.crl rsync://rpki.apnic.net/member_repository/A91E28C1/F8AFA14099E011EA96652F32C4F9AE02/JYQfp3wFcWWF_nvbBgC5hk40BtI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JYQfp3wFcWWF_nvbBgC5hk40BtI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 20:26:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2418 (0x972) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E28C1, serialNumber=25841FA77C05716585FE7BDB0600B9864E3406D2 Validity Not Before: Jun 26 20:06:22 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=685da83d-aae5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fe:cb:c5:bb:66:8a:50:2a:39:53:7e:cd:0d:30: c3:83:a8:61:a1:f5:ca:6f:bf:67:4a:98:a0:54:0d: ca:22:61:28:29:d6:73:fb:a2:ef:db:87:d4:a2:1b: c1:5f:b2:93:b7:52:fa:3a:69:6a:14:ba:44:6d:a5: 65:b9:8e:b0:9f:e9:32:bc:96:21:94:29:a8:c1:e6: e0:c7:0e:5a:3c:a0:b3:3d:18:13:9f:be:08:60:ce: 79:13:f2:cc:6f:3f:27:f0:25:6c:0a:96:86:53:84: 62:bd:70:7f:72:f0:58:6d:cf:3c:27:df:83:72:9e: 07:56:36:0d:b3:40:f7:29:2d:34:47:ff:06:46:d7: 5d:95:c2:7d:ac:5d:11:60:08:b4:d1:7e:7c:82:53: d1:8e:e4:86:22:25:e2:ec:f3:9c:37:79:79:8c:00: ec:42:d5:d2:66:76:d3:46:c9:2a:86:57:97:fd:76: 10:fc:80:d0:f3:90:20:6d:55:ec:0a:29:ae:44:63: 7a:17:e8:18:79:ec:5b:45:9b:6e:23:cf:09:68:dc: 6f:99:31:ad:da:ab:2b:22:7f:ff:90:d8:c0:15:4a: 1e:7d:86:af:af:f0:df:d9:3e:d3:ec:75:b0:1f:af: fb:53:69:bf:50:94:7b:09:43:06:14:84:50:cb:8a: 10:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:55:72:BF:DD:47:9E:98:74:B2:3D:79:6D:9B:7F:3E:01:09:5E:4E X509v3 Authority Key Identifier: keyid:25:84:1F:A7:7C:05:71:65:85:FE:7B:DB:06:00:B9:86:4E:34:06:D2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E28C1/F8AFA14099E011EA96652F32C4F9AE02/JYQfp3wFcWWF_nvbBgC5hk40BtI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JYQfp3wFcWWF_nvbBgC5hk40BtI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E28C1/F8AFA14099E011EA96652F32C4F9AE02/91FD24BA23C511EDA6D7F073C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.138.122.0/23 Signature Algorithm: sha256WithRSAEncryption 8f:3d:c5:e3:9a:ae:5a:ad:c2:34:1e:5e:5e:39:b7:6f:57:ab: 58:38:e9:89:29:7b:fb:93:0e:7b:df:eb:a9:a6:86:b7:e1:9a: cf:1e:c1:d9:11:83:23:d2:0a:69:5e:a3:fd:e0:51:79:6c:b9: 8e:7e:e2:b2:b9:a8:bf:68:ea:42:ea:12:ec:f7:e5:06:a7:29: 54:9f:85:27:5d:43:15:23:8b:de:85:6c:4f:a0:05:c7:f6:73: ca:97:9a:99:2f:8e:68:c5:85:b6:9e:54:85:50:e9:1c:3d:44: a8:e3:1e:f4:d1:4d:f1:fa:1f:73:07:77:be:7b:35:da:b9:40: 4d:24:8a:a4:dc:13:35:84:81:2c:06:ce:2a:fa:71:b7:a4:f8: 7d:eb:db:b7:40:d2:3b:e5:a2:37:42:9d:b7:2a:49:05:93:32: 1e:6b:20:b5:9e:4c:af:22:8c:90:68:94:0b:01:81:54:a4:70: d9:28:0b:ac:41:1a:1c:91:7d:77:36:00:42:a8:6f:3d:2b:f4: bf:eb:59:9e:6c:4a:6d:9a:7b:fb:a8:4f:ec:f5:0b:04:10:79: 4e:d2:60:ae:01:56:aa:b1:10:3a:d5:e4:04:f5:86:61:91:ca: 44:c0:56:e3:01:ae:40:32:f3:85:e6:c7:0a:44:4e:a4:b9:31: 92:70:a6:20 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICCXIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTI4QzExMTAvBgNVBAUTKDI1ODQxRkE3N0MwNTcxNjU4NUZFN0JEQjA2MDBCOTg2 NEUzNDA2RDIwHhcNMjUwNjI2MjAwNjIyWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODVkYTgzZC1hYWU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA/svFu2aKUCo5U37NDTDDg6hhofXKb79nSpigVA3KImEoKdZz+6Lv24fUohvB X7KTt1L6OmlqFLpEbaVluY6wn+kyvJYhlCmowebgxw5aPKCzPRgTn74IYM55E/LM bz8n8CVsCpaGU4RivXB/cvBYbc88J9+Dcp4HVjYNs0D3KS00R/8GRtddlcJ9rF0R YAi00X58glPRjuSGIiXi7POcN3l5jADsQtXSZnbTRskqhleX/XYQ/IDQ85AgbVXs CimuRGN6F+gYeexbRZtuI88JaNxvmTGt2qsrIn//kNjAFUoefYavr/Df2T7T7HWw H6/7U2m/UJR7CUMGFIRQy4oQ7QIDAQABo4IClTCCApEwHQYDVR0OBBYEFMtVcr/d R56YdLI9eW2bfz4BCV5OMB8GA1UdIwQYMBaAFCWEH6d8BXFlhf572wYAuYZONAbS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMjhDMS9GOEFGQTE0MDk5 RTAxMUVBOTY2NTJGMzJDNEY5QUUwMi9KWVFmcDN3RmNXV0ZfbnZiQmdDNWhrNDBC dEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0pZUWZwM3dGY1dXRl9udmJCZ0M1aGs0MEJ0SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTI4QzEvRjhBRkExNDA5OUUwMTFFQTk2NjUyRjMyQzRGOUFFMDIvOTFGRDI0QkEy M0M1MTFFREE2RDdGMDczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAFninowDQYJKoZIhvcNAQELBQADggEBAI89xeOarlqtwjQe Xl45t29Xq1g46Ykpe/uTDnvf66mmhrfhms8ewdkRgyPSCmleo/3gUXlsuY5+4rK5 qL9o6kLqEuz35QanKVSfhSddQxUji96FbE+gBcf2c8qXmpkvjmjFhbaeVIVQ6Rw9 RKjjHvTRTfH6H3MHd757Ndq5QE0kiqTcEzWEgSwGzir6cbek+H3r27dA0jvlojdC nbcqSQWTMh5rILWeTK8ijJBolAsBgVSkcNkoC6xBGhyRfXc2AEKobz0r9L/rWZ5s Sm2ae/uoT+z1CwQQeU7SYK4BVqqxEDrV5AT1hmGRykTAVuMBrkAy84XmxwpETqS5 MZJwpiA= -----END CERTIFICATE-----Generated at Thu Jul 3 23:35:51 2025 by rpki-client