$ rpki-client -vvf rpki.apnic.net/member_repository/A91E504E/4E3E367E960811ECA04A0086C4F9AE02/5F9FA12E0CA411ED96936D79C4F9AE02.roa File: 5F9FA12E0CA411ED96936D79C4F9AE02.roa (raw, json) Hash identifier: 1kY42j3eWLAd8yp1AvznjQwJBoHaBnQrkaPK6EtSCdQ= Subject key identifier: 04:4F:47:F8:5B:C5:64:CB:8C:82:22:F9:0A:AD:AA:F7:E0:59:B9:83 Certificate issuer: /CN=A91E504E/serialNumber=E477D38AAAC4A37CC6DF1665BF1C880AF99B7B4F Certificate serial: 03E2 Authority key identifier: E4:77:D3:8A:AA:C4:A3:7C:C6:DF:16:65:BF:1C:88:0A:F9:9B:7B:4F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5HfTiqrEo3zG3xZlvxyICvmbe08.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E504E/4E3E367E960811ECA04A0086C4F9AE02/5F9FA12E0CA411ED96936D79C4F9AE02.roa Signing time: Fri 01 Aug 2025 02:07:38 +0000 ROA not before: Fri 01 Aug 2025 02:07:38 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 133861 IP address blocks: 208.87.200.0/24 maxlen: 24 208.87.201.0/24 maxlen: 24 208.87.202.0/24 maxlen: 24 208.87.203.0/24 maxlen: 24 208.87.204.0/24 maxlen: 24 208.87.205.0/24 maxlen: 24 208.87.206.0/24 maxlen: 24 208.87.207.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E504E/4E3E367E960811ECA04A0086C4F9AE02/5HfTiqrEo3zG3xZlvxyICvmbe08.crl rsync://rpki.apnic.net/member_repository/A91E504E/4E3E367E960811ECA04A0086C4F9AE02/5HfTiqrEo3zG3xZlvxyICvmbe08.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5HfTiqrEo3zG3xZlvxyICvmbe08.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 02:26:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 994 (0x3e2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E504E, serialNumber=E477D38AAAC4A37CC6DF1665BF1C880AF99B7B4F Validity Not Before: Aug 1 02:07:38 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=688c216a-32e0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:18:f2:36:e9:e6:a5:2c:4f:e8:cf:36:7c:10: f8:24:bc:a2:a1:b8:e7:1c:c0:aa:b3:59:ba:af:58: 7e:92:16:be:6f:26:ff:26:54:18:45:be:b5:4e:3f: 16:4f:6c:89:43:da:30:1a:cb:b5:37:84:24:1e:5b: f8:5f:b7:de:35:34:0d:56:bc:4d:97:64:3d:db:0f: 41:ac:13:eb:44:0c:6a:4b:0b:e1:f2:b1:00:f2:30: a7:4c:6b:c0:38:bf:94:17:dd:7d:b1:e3:5b:92:36: 42:fb:4b:41:b9:0b:3b:4f:bb:82:72:8f:d8:4f:1c: aa:ea:1e:dd:5c:c3:c3:82:d9:d2:9d:56:72:d4:52: c9:41:48:67:ee:72:25:0f:c1:71:97:d2:32:ec:74: 8a:f0:1d:e5:b3:85:3f:b7:b9:3f:fa:0b:b8:32:34: 71:9d:71:1b:77:81:36:05:e2:68:c1:10:3f:5f:5e: 61:92:08:58:0c:4a:94:cc:8a:1c:0a:b7:ac:57:9e: 3a:63:12:13:41:b5:a1:58:fb:88:a8:62:34:ad:5d: 36:ce:56:82:ee:7d:b9:60:ed:cb:a3:af:87:b5:f9: c3:0e:5f:23:ba:49:0b:55:30:e8:59:d3:97:14:cc: af:4b:71:87:fb:11:93:ad:b5:8c:6e:91:1e:68:a6: 5d:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:4F:47:F8:5B:C5:64:CB:8C:82:22:F9:0A:AD:AA:F7:E0:59:B9:83 X509v3 Authority Key Identifier: keyid:E4:77:D3:8A:AA:C4:A3:7C:C6:DF:16:65:BF:1C:88:0A:F9:9B:7B:4F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E504E/4E3E367E960811ECA04A0086C4F9AE02/5HfTiqrEo3zG3xZlvxyICvmbe08.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5HfTiqrEo3zG3xZlvxyICvmbe08.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E504E/4E3E367E960811ECA04A0086C4F9AE02/5F9FA12E0CA411ED96936D79C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 208.87.200.0/21 Signature Algorithm: sha256WithRSAEncryption 20:c6:bb:dc:53:2a:3d:0a:50:b1:72:90:bf:b5:64:5d:e5:d5: f2:6d:1a:d5:b5:15:c8:50:17:bc:2f:df:46:d8:69:11:7b:78: c8:a9:0c:21:80:e4:13:45:ec:18:b3:c2:ee:83:76:61:1c:ca: 8c:5f:39:e7:e6:35:7d:5a:a9:5d:a9:0d:b1:ab:5b:1a:1e:5f: 1e:12:8a:fc:93:5b:12:97:28:16:7f:1e:f9:38:d0:11:34:b0: 2d:93:d0:99:92:bd:d8:d4:70:f4:73:a5:85:ea:bd:ab:98:8d: ae:56:88:d6:c1:c8:89:24:a6:3e:3e:c5:ac:cd:a6:38:be:4a: 6a:d3:38:76:ef:34:93:77:ca:5c:e9:c4:36:92:83:48:d1:a3: db:17:46:75:de:6c:b7:9c:e5:1a:c2:87:43:f7:cc:0b:c1:de: 84:87:38:13:f6:91:6c:d7:09:77:fd:c2:04:04:dd:1c:de:5b: c5:eb:a8:d0:ec:0d:fb:34:c7:03:24:64:57:a7:1e:19:39:fe: 2c:0d:13:b8:cb:60:53:25:ea:5e:50:40:bb:73:e0:01:3b:b6: 61:ab:4e:e4:9e:3f:cf:23:bd:2a:d1:29:1e:31:a6:7d:cb:12: 47:3b:cb:7a:65:f0:f5:bd:8a:b2:4a:d2:f6:31:3f:87:2d:42: fe:ca:46:86 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICA+IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTUwNEUxMTAvBgNVBAUTKEU0NzdEMzhBQUFDNEEzN0NDNkRGMTY2NUJGMUM4ODBB Rjk5QjdCNEYwHhcNMjUwODAxMDIwNzM4WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODhjMjE2YS0zMmUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArhjyNunmpSxP6M82fBD4JLyiobjnHMCqs1m6r1h+kha+byb/JlQYRb61Tj8W T2yJQ9owGsu1N4QkHlv4X7feNTQNVrxNl2Q92w9BrBPrRAxqSwvh8rEA8jCnTGvA OL+UF919seNbkjZC+0tBuQs7T7uCco/YTxyq6h7dXMPDgtnSnVZy1FLJQUhn7nIl D8Fxl9Iy7HSK8B3ls4U/t7k/+gu4MjRxnXEbd4E2BeJowRA/X15hkghYDEqUzIoc CresV546YxITQbWhWPuIqGI0rV02zlaC7n25YO3Lo6+HtfnDDl8jukkLVTDoWdOX FMyvS3GH+xGTrbWMbpEeaKZdDwIDAQABo4IClTCCApEwHQYDVR0OBBYEFARPR/hb xWTLjIIi+QqtqvfgWbmDMB8GA1UdIwQYMBaAFOR304qqxKN8xt8WZb8ciAr5m3tP MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNTA0RS80RTNFMzY3RTk2 MDgxMUVDQTA0QTAwODZDNEY5QUUwMi81SGZUaXFyRW8zekczeFpsdnh5SUN2bWJl MDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzVIZlRpcXJFbzN6RzN4Wmx2eHlJQ3ZtYmUwOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTUwNEUvNEUzRTM2N0U5NjA4MTFFQ0EwNEEwMDg2QzRGOUFFMDIvNUY5RkExMkUw Q0E0MTFFRDk2OTM2RDc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAPQV8gwDQYJKoZIhvcNAQELBQADggEBACDGu9xTKj0KULFy kL+1ZF3l1fJtGtW1FchQF7wv30bYaRF7eMipDCGA5BNF7Bizwu6DdmEcyoxfOefm NX1aqV2pDbGrWxoeXx4SivyTWxKXKBZ/Hvk40BE0sC2T0JmSvdjUcPRzpYXqvauY ja5WiNbByIkkpj4+xazNpji+SmrTOHbvNJN3ylzpxDaSg0jRo9sXRnXebLec5RrC h0P3zAvB3oSHOBP2kWzXCXf9wgQE3RzeW8XrqNDsDfs0xwMkZFenHhk5/iwNE7jL YFMl6l5QQLtz4AE7tmGrTuSeP88jvSrRKR4xpn3LEkc7y3pl8PW9irJK0vYxP4ct Qv7KRoY= -----END CERTIFICATE-----Generated at Mon Oct 20 19:25:02 2025 by rpki-client