$ rpki-client -vvf rpki.apnic.net/member_repository/A91E2A61/EDC08FE6960B11ECBBE4BE64C4F9AE02/457D2B5A28DC11ED839D6243C4F9AE02.roa File: 457D2B5A28DC11ED839D6243C4F9AE02.roa (raw, json) Hash identifier: LDUnyOdS9OamILyV+DlZlg+xzQGvjMOiRA/W3kxK9fM= Subject key identifier: 71:9E:1F:3D:93:4A:B4:DA:D8:42:63:57:64:BF:AB:29:4A:23:B9:22 Certificate issuer: /CN=A91E2A61/serialNumber=2B517C6B79E3CEB0389D41ABC5ECE2107FEC53FB Certificate serial: 0400 Authority key identifier: 2B:51:7C:6B:79:E3:CE:B0:38:9D:41:AB:C5:EC:E2:10:7F:EC:53:FB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K1F8a3njzrA4nUGrxeziEH_sU_s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E2A61/EDC08FE6960B11ECBBE4BE64C4F9AE02/457D2B5A28DC11ED839D6243C4F9AE02.roa Signing time: Wed 15 Oct 2025 02:56:13 +0000 ROA not before: Wed 15 Oct 2025 02:56:13 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 133861 IP address blocks: 43.255.28.0/24 maxlen: 24 43.255.29.0/24 maxlen: 24 43.255.30.0/24 maxlen: 24 43.255.31.0/24 maxlen: 24 103.74.192.0/24 maxlen: 24 103.74.193.0/24 maxlen: 24 103.74.194.0/24 maxlen: 24 103.74.195.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E2A61/EDC08FE6960B11ECBBE4BE64C4F9AE02/K1F8a3njzrA4nUGrxeziEH_sU_s.crl rsync://rpki.apnic.net/member_repository/A91E2A61/EDC08FE6960B11ECBBE4BE64C4F9AE02/K1F8a3njzrA4nUGrxeziEH_sU_s.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K1F8a3njzrA4nUGrxeziEH_sU_s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 02:26:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1024 (0x400) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E2A61, serialNumber=2B517C6B79E3CEB0389D41ABC5ECE2107FEC53FB Validity Not Before: Oct 15 02:56:13 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=68ef0d4d-32fd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:0b:6c:87:4f:ae:24:64:f3:b9:b2:46:a6:bb: 69:33:2f:47:cb:db:fd:63:44:6e:8b:63:b5:2c:e1: 9b:6f:d3:a3:a3:e6:c8:4e:93:dd:35:4d:93:c0:73: 05:ce:9b:34:fd:cd:c1:4d:93:87:c6:a0:31:28:b8: 6a:9b:25:a9:72:a0:df:cd:89:b2:27:01:b7:71:b9: 93:37:82:42:89:53:4e:ee:36:62:bc:3c:66:ae:2a: 58:ea:ff:7e:a8:ec:eb:c8:42:48:4a:56:59:50:f7: 72:a9:40:38:e1:60:00:9e:60:0c:95:25:d6:a6:44: 54:ce:82:78:3f:17:d8:03:28:82:dc:21:f7:50:80: 90:f7:88:7d:96:95:cb:8f:10:98:bf:42:94:a4:7b: eb:cc:b9:5f:19:c9:1c:d4:52:1a:c2:b1:20:9f:89: 1f:4c:4a:2a:4a:2e:28:39:1f:a3:4a:15:4c:4e:62: 28:e3:f6:06:51:16:0f:93:aa:35:5f:11:f4:2d:a9: 76:2a:27:6a:ff:f3:44:62:40:35:a3:2c:24:41:4d: ab:f8:0e:98:fd:51:05:cb:22:34:b9:04:7f:9b:e0: df:2d:af:fb:f5:9d:55:42:f8:0d:c7:8e:41:64:f2: 9b:1f:9f:2b:a1:09:16:a0:d0:10:03:fb:4f:13:a7: bd:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:9E:1F:3D:93:4A:B4:DA:D8:42:63:57:64:BF:AB:29:4A:23:B9:22 X509v3 Authority Key Identifier: keyid:2B:51:7C:6B:79:E3:CE:B0:38:9D:41:AB:C5:EC:E2:10:7F:EC:53:FB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E2A61/EDC08FE6960B11ECBBE4BE64C4F9AE02/K1F8a3njzrA4nUGrxeziEH_sU_s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K1F8a3njzrA4nUGrxeziEH_sU_s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E2A61/EDC08FE6960B11ECBBE4BE64C4F9AE02/457D2B5A28DC11ED839D6243C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.255.28.0/22 103.74.192.0/22 Signature Algorithm: sha256WithRSAEncryption 9f:5e:d5:ab:81:9b:20:58:e9:55:3a:ac:c0:c8:c3:9c:d9:0c: 52:16:1d:1f:5a:6a:ad:66:c8:71:17:2c:09:1d:47:cc:b4:95: 43:61:a7:0b:db:e7:bb:32:5b:a1:93:20:43:ad:c0:9b:a6:ab: 2d:49:a2:c8:70:ff:76:57:42:f8:31:af:77:43:08:d6:ad:24: 7e:51:c2:1f:9a:bb:df:33:63:eb:4d:75:fc:9e:07:73:05:14: ed:35:2f:61:12:24:73:b0:ad:db:b0:d6:53:22:58:a3:0c:b7: d2:dc:83:52:f1:72:df:d2:fb:e9:8f:07:5e:b3:6c:29:20:e0: 97:06:04:47:5d:f1:00:1e:17:99:8e:ea:22:71:d8:ac:36:3a: c3:d3:a8:f6:ba:56:6b:ea:4a:bf:32:02:af:fc:cd:02:d0:4a: 9b:b7:da:e6:ba:e3:cc:ee:51:6c:82:b2:f9:f5:67:e1:45:64: e9:7b:a9:1f:ef:01:d0:70:26:eb:5c:00:49:96:09:ee:3f:79: 1d:c4:e6:d7:4f:5c:c5:7b:9b:e9:5a:f4:80:53:a1:ce:9e:6f: 01:61:6f:7d:52:d3:ea:d7:df:78:ae:38:96:19:54:ec:1c:6f: cc:b5:e3:bc:2b:0e:e4:4b:2c:60:18:a3:5c:ae:48:53:ab:34: b2:02:3c:60 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICBAAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTJBNjExMTAvBgNVBAUTKDJCNTE3QzZCNzlFM0NFQjAzODlENDFBQkM1RUNFMjEw N0ZFQzUzRkIwHhcNMjUxMDE1MDI1NjEzWhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGVmMGQ0ZC0zMmZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAogtsh0+uJGTzubJGprtpMy9Hy9v9Y0Rui2O1LOGbb9Ojo+bITpPdNU2TwHMF zps0/c3BTZOHxqAxKLhqmyWpcqDfzYmyJwG3cbmTN4JCiVNO7jZivDxmripY6v9+ qOzryEJISlZZUPdyqUA44WAAnmAMlSXWpkRUzoJ4PxfYAyiC3CH3UICQ94h9lpXL jxCYv0KUpHvrzLlfGckc1FIawrEgn4kfTEoqSi4oOR+jShVMTmIo4/YGURYPk6o1 XxH0Lal2Kidq//NEYkA1oywkQU2r+A6Y/VEFyyI0uQR/m+DfLa/79Z1VQvgNx45B ZPKbH58roQkWoNAQA/tPE6e9JQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFHGeHz2T SrTa2EJjV2S/qylKI7kiMB8GA1UdIwQYMBaAFCtRfGt5486wOJ1Bq8Xs4hB/7FP7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMkE2MS9FREMwOEZFNjk2 MEIxMUVDQkJFNEJFNjRDNEY5QUUwMi9LMUY4YTNuanpyQTRuVUdyeGV6aUVIX3NV X3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0sxRjhhM25qenJBNG5VR3J4ZXppRUhfc1Vfcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTJBNjEvRURDMDhGRTY5NjBCMTFFQ0JCRTRCRTY0QzRGOUFFMDIvNDU3RDJCNUEy OERDMTFFRDgzOUQ2MjQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAIr/xwDBAJnSsAwDQYJKoZIhvcNAQELBQADggEBAJ9e1auB myBY6VU6rMDIw5zZDFIWHR9aaq1myHEXLAkdR8y0lUNhpwvb57syW6GTIEOtwJum qy1Joshw/3ZXQvgxr3dDCNatJH5Rwh+au98zY+tNdfyeB3MFFO01L2ESJHOwrduw 1lMiWKMMt9Lcg1Lxct/S++mPB16zbCkg4JcGBEdd8QAeF5mO6iJx2Kw2OsPTqPa6 VmvqSr8yAq/8zQLQSpu32ua648zuUWyCsvn1Z+FFZOl7qR/vAdBwJutcAEmWCe4/ eR3E5tdPXMV7m+la9IBToc6ebwFhb31S0+rX33iuOJYZVOwcb8y147wrDuRLLGAY o1yuSFOrNLICPGA= -----END CERTIFICATE-----Generated at Mon Oct 20 08:49:37 2025 by rpki-client